NePaLi (Nessus Parser Light)
NePaLi is a lightweight nessus parser, primarily designed to easily digest massive nessus compliance and vulnerability output files and check for scan errors. Getting to the Nepali coast (it’s namesake) is also a great way to burn frequent flier miles.
For more details, see the post here: nepali, A Lightweight Nessus Parser
spotPlight
spotPlight automates the process of reading data indexed by Spotlight from a locked macOS device. The tool was created to exploit (at the time), a relatively quiet data leakage that appeared to at first be fixed, and then vulnerable in subsequent macOS versions. It was a fun exercise relying heavily on the Linux USB mass storage gadget, automating loopback filesystems and ramdisks.
For more information on the issue spotPlight exploits, see the post here: macOS Spotlight Data Leakage
Cross Site Scripting Anonymous Browser (XAB)
Cross Site Scripting Anonymous Browser (XAB) leverages sites vulnerable to XSS and client browsers to build a network of drones. It does not replace the current anonymous browsing proxies, but provides an alternative that does not require willing participants. XAB is released as a proof of concept and as a jumping point for further research in the area of Cross Site Scripting.
The tool and the concept behind it was presented at Blackhat and DEF CON in 2009 by Jeff Yestrumskas and Matt Flick
GuestStealer
GuestStealer allows for the stealing of VMware guests from vulnerable hosts based on the Directory Traversal Vulnerability detailed in CVE-2009-3373 and VMSA-2009-0015. GuestStealer was released at ShmooCon during Tony Flick’s ‘Stealing Guests…The VMware Way’ presentation.
Requirements
- Perl
- LWP::Simple Perl module
- XML::Simple Perl module
- Data::Dumper Perl module
- Crypt::SSLeay Perl module
Instructions
$ perl gueststealer-v1.1.pl -h <host> -p <web access UI port> -s <ssl web access UI> -t <server type> -o <output directory> -h = the target host (IP address or host name) -p = port for the web access UI (defaults: ESX/ESXi = 80|443, server = 8222|8333) -s = is the web access UI utilizing SSL (yes|no) -t = target type (server/esx/esxi) -o = output directory
Example Usage:
$ perl gueststealer-v1.1.pl -h 192.168.1.2 -p 8333 -s yes -t server -o /tmp
Nessus PBE
NessusPBE simplifies the process of understanding Nessus output by transforming the data into an actionable format. Specifically, NessusPBE reads in .nbe formatted Nessus reports and creates spreadsheets that can be opened by most office suites, including Microsoft Excel and OpenOffice Spreadsheet. NessusPBE creates three spreadsheets: a list of services identified by Nessus, a list of open ports whose service was not identified by Nessus, and a list of Nessus’ findings.
iNERGY
iNERGy profiles a person’s energy usage by analyzing the energy usage tweets posted to their Twitter account. The tool predicts when the person is home, sleeping, and away from home in order to show how a burglar or stalker could use energy usage information maliciously. iNERGy was released at DEF CON 18 during Tony Flick’s Getting Social with the Smart Grid presentation.