Monday, February 4, 2013

Pentbox installation & use:-


PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems.Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works.

Main Features:-
- Cryptography tools
  • Base64 Encoder & Decoder
  • Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
  • Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
  • Secure Password Generator


- Network tools
  • Net DoS Tester
  • TCP port scanner
  • Honeypot
  • Fuzzer
  • DNS and host gathering
  • MAC address geolocation (samy.pl)


- Web
  • HTTP directory bruteforce
  • HTTP common files bruteforce


How to install pentbox?

As mention earlier this framework is compatible in any system where ruby works.
So you have to install ruby in your system to use this tool.

svn co https://pentbox.svn.sourceforge.net/svnroot/pentbox/trunk/ pentbox

cd pentbox

svn update

./pentbox.rb


pentbox-1

Cryptography tool:-
web application penetration tests we often discover encoded Base64 strings. Such strings can contain important information that’s why we need to have a decoder in our tool repository.

If in some situation we obtain password in hash form , then pentbox has inbuilt module that can crack hash into plain text , it can also encrypt plain text in hash form. Supported hash are MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160.

pentbox-2

Network tools:-
Available modules are Net DoS Tester TCP port scanner ,Honeypot,Fuzzer,DNS and host gathering,MAC address geolocation . For tcp port scan you should use NMAP , because it `s best tool for port scanning.
I like DNS and host gathering modules. It `s very fast & responsive.

pentbox-3

Web tools:-
This section contain two tools for information gathering.
HTTP directory brute-force (You can find directory of website)
HTTP common files brute-force .

No comments:

Post a Comment