[X] The "/2009 Vixta Aero 3D/VixtaAero3D.EN.Cd.Mobile7.iso" file could not be found or is not available. Please select another file.

Share

More
A free penetration testing toolkit Icon

A free penetration testing toolkit

alpha

by joseanpiti


Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.


http://inguma.sourceforge.net





Separate each tag with a space.

Release Date:

2008-12-29

Topics:

License:

Ratings and Reviews

  • Thumbs up:

    0
  • Thumbs down:

    1
0% of 1 user recommends this project

Be the first to post a text review of A free penetration testing toolkit. Rate and review a project by clicking thumbs up or thumbs down in the right column.

View all reviews

Project Feed

  • Tracker artifact added

    oxdef created the Incorrect DSN in sid guess artifact

    posted by oxdef 164 days ago

  • Tracker comment added

    posted by oxdef 171 days ago

  • Tracker artifact added

    Anonymous created the Not full data recieved in response of TNS command artifact

    posted by nobody 172 days ago

  • inguma Inguma 0.1.0 (R1) file released: inguma-0.1.1.tar.gz

    CURRENT_RELEASE Joxean Koret - Version 0.1.0 * Added library libinformix. Supports connection establishment and command execution. Pure python code. * Added a brute force module for Informix databases (bruteifx). * Fixed bugs in the Sybase's brute force module. * Added an Informix SQLEXEC protocol fuzzer. * Added liboracleinternals.py. Currently it just work for creating oracle password files (from version 8 to 11). * Added module db2discover to discover IBM DB2 database servers. * Added an information gather module for Informix database servers. * Very (basic) initial support for RDP protocol format. * Added support for fuzzing based on PCAP packets. * Added a POC for the Sun Java Web Proxy Server heap overflow (fixed). * Distributed Nikto database updated. * Added basic support for Bluetooth and Wifi (Hugo). * Added a frontend for Nmap (Hugo). * Added libhexdump (Hugo). * Added modules tcpproxy, hexdump and simple web server (Hugo). * Changed format of OpenDis databases to SQLite format (use -sdb=file.sqlite). * Added OpenDis Binary Navigator. (...a lot of silence...) 2008-0811 Joxean Koret - Version 0.0.8 * Fixed bugs in the SMTP, POP3 and IMAP brute forcers. * Module "isnated" enhanced (Thanks you Sp0oKeR!). * Added module "dnsspoof". * Added module "fakearp", a fake ARP server. * Added various changes to make Inguma Debian friendly. * Added module "dtspc" to gather information from dtspcd. * Many changes and enhancements to PyShellCodeLib. * Added libdisassemble from Immunity Sec to the toolkit. * Added a JavaScript object's fuzzer. Connect with your browser to the spawned web server and follow the instructions that appears. * Help command now shows output summarized by category (discover, gather, etc...). * Upgraded Scapy to version 1.2.0.2 to avoid problems with IKE. * Added module "ikescan", a tool like the well know ike-scan. * Added module "unicornscan", a wrapper for the popular tool. Thanks you Hugo!. 2008-03-12 Joxean Koret - Version 0.0.7 * Fixed bugs in allmost all modules. * Added support for command line history and autocompletion (whenever readline is available). * Fixed various oracle module's documentation. * Added the first version of "anticrypt", a tool to detect the encryption algorithm used for a password hash. It saves a lot of time when auditing a (weak) encryption algorithm. * Added a Nikto plugin (Thanks you Sullo!). * Added module "archanix". Usefull to check old Unix boxes. * Many changes to PyShellcodelib (Thanks erg0t!). * Added a brute forcer for SMTP servers. * First release of the documentation by Andrew Brooks. Check the wiki available at http://inguma.wiki.sourceforge.net/ (Many thanks Andrew!). * Added 4 new Oracle exploit modules for CPUJAN2008. * Added a skr1pT k1|>i3 like module for the Oracle PL/SQL gateway flaw. Give a target & port and use "oragateway". The module will automagically guess the correct DAD and bypass technique. After it an SQL terminal will be opened. 2007-11-26 Joxean Koret - Version 0.0.6 * Enhanced the module "sidguess". It now extracts the SID from Enterprise Manager banner. Thanks to Alexander Kornbrust! * Added more services to the identify module. * Added a brute force module for HTTP servers. * Renamed the directory "aux" to "auxi" to avoid problems in Win32. * Added a tool to known your external ip address. Util to check how anonymous an anonymous proxy server is ;) For more information navigate to http://inguma.wiki.sourceforge.net/externip. * Added various Oracle 8i, 9i and 10g SQL injection modules. A total of 5 new modules. * Oracle payloads changed to use, when possible, the cursor injection technique. * Fixed bugs in whois module. * Added module nmbstat to gather NetBIOS information. * Enhanced the module firetest to make ICMP probes as well as TCP/IP probes. The probes are executed with an small MTU and with a common MTU (by default 16000). * Initial version of the Website (http://inguma.sourceforge.net). * Initial version of the Wiki (http://inguma.wiki.sourceforge.net). * Added a protocol scanner. Check what IP protocols enabled has a target. Take a look to the module "protoscan". * Initial version of PyShellCodeLib. A GPL'ed library similar to the well known InlineEgg. * Module SIDVault uses now PyShellCodeLib instead of InlineEgg. * Addedd module getmac to get the MAC address and the vendor name from a given IP address. * Added a module to poison ARP target's cache. * Fixed security paranoia bugs. * Added examples of the OpenDis framework. A tool called asmdiff.py has been added to do binary diffs as a well as other example that prints an OpenDis format database. See $INGUMA_DIR/dis/README for details. 2007-10-20 Joxean Koret - Version 0.0.5 * Fixed too many bugs in the text and QT versions. * Fixed too many bugs in the modules section. * Added support to identify LDAP, RDP enabled servers and also some very old Unix services. * Added module "firetest" to test firewall configurations. * Added module "brutessh" to brute force SSH servers. * Removed many (stupids) sys.path.append (Thanks PH!). * Added module "bruteora" to brute force Oracle servers. It will check for every (commonly) possible user or for an specified user. * Removed scapereal from distribution. You can use it, of course, but you need to download it yourself. * Added a tool to crack MD5 hashes using freely available rainbow tables. * Added module "sidguess" to guess the SID of an Oracle Database instance. * Added module's option "help". Type "info <command>" to get the correspondient help. * _*Initial*_ shellcode support. See the SIDVault remote root exploit and $INGUMA_DIR/lib/libexploit.py for details. x86 support with InlineEgg. Thanks you Gera! * Added one exploit for the vulnerability in SYS.LT.FINDRICSET (CPU Oct. 2007). * Added a password cracker for Oracle11g. * Added a password cracker for MS SQL Server 7 and 2000. * Enhanced the Oracle PL/SQL fuzzer. 2007-10-03 Joxean Koret - Version 0.0.4 * Added one module to check for the most common Oracle Appplications Server vulnerable urls. * Added "smbgold" module, to search in SMB/CIFS shares for interesting files (*.mdb, passwords.txt, ...). * Added "scapereal" to distribution. Run "sniffer", sniff a packet list and type "ethereal". You will see an ethereal like GTK Window showing all the sniffed packets in a graphical fashion. * First version of the GUI using pyqt. * Added a module to gather information from an Oracle TimesTen server. 2007-09-06 Joxean Koret - Version 0.0.3 * Added a, non integrated, disassembler (you will need objdump). See dis/README for details. * Added a, non integrated, general purpose token based fuzzer. See krash/README for details. * Enhaced the Oracle PL/SQL fuzzer. * Added a TNS fuzzer. Use the tnscmd's option "fuzz". * Minor changes to the TNS Listener tool "tnscmd". * Support to "autoscan" a complete network (i.e., 192.168.1.0/24). * Now, it can "automagically" brute force username and passwords. * Added "libfuzz", a library to make easier the task of writing new fuzzers. * The module "identify" now can identify rmi, ocfs2, web servers, ftp servers, ssh servers, TNS listeners, CIFS/SMB compatible servers, LPD servers, Jet Direct printers, SMTP servers and MySQL servers. Sufficient for now (at least for me ;]). * Better support for Win32. * Basic plain text report support. * Better support for kb (knowledge base) files. * Better support for brute force modules. * Added the "interactive" option to launch in interactive or batch mode. * Autoscan can ignore specified hosts. * Autoscan is "SMB/CIFS" aware and can automagically brute force username and passwords. * Module "portscan" have been enhanced. * Rpcdump and samrdump can use username and passwords (brute forced or guessed). * Module "tcpscan" have been enhanced. * Minor fixes for various discover modules. * Added "libslp", a library (dissector?) for the Service Location Protocol. * The FTP fuzzer have been integrated. 2007-04-06 Joxean Koret - Version 0.0.2 * Added knowledge base support (DANGEROUS!). * Added "whois" and "netcraft" discover modules. * Added brute force modules for FTP, IMAP, POP3 and SMB. * Added support for "autobrute". * Support to generate reports of the command "autoscan". * Many fixes mainly focused in Win32 support. 2007-02-16 Joxean Koret - Version 0.0.1 * First public version. PRE-ALPHA

    posted 316 days ago

  • Screenshot Added

    posted by joseanpiti 316 days ago

  • Screenshot Added

    posted by joseanpiti 316 days ago

  • File released: /inguma/Inguma 0.1.0 (R1)/inguma-0.1.1.tar.gz

    posted 316 days ago

  • Screenshot Added

    posted by joseanpiti 316 days ago

  • Project Information Updated

    posted by joseanpiti 334 days ago

  • inguma Inguma - 0.0.9 file released: inguma-0.0.9.1.tar.gz

    CURRENT_RELEASE Joxean Koret - Version 0.0.8 * Fixed bugs in the SMTP, POP3 and IMAP brute forcers. * Module "isnated" enhanced (Thanks you Sp0oKeR!). * Added module "dnsspoof". * Added module "fakearp", a fake ARP server. * Added various changes to make Inguma Debian friendly. * Added module "dtspc" to gather information from dtspcd. * Many changes and enhancements to PyShellCodeLib. * Added libdisassemble from Immunity Sec to the toolkit. * Added a JavaScript object's fuzzer. Connect with your browser to the spawned web server and follow the instructions. * Help command now shows output summarized by category (discover, gather, etc...). * Upgraded Scapy to version 1.2.0.2 to avoid problems with IKE. * Added module "ikescan", a tool like the well know ike-scan. * Added module "unicornscan", a wrapper for the popular tool. Thanks you Hugo!. * Added to the public version of Inguma various DOS exploits for recently fixed vulnerabilities in Oracle TimesTen, Oracle Internet Directory and Sun Java Web Proxy Server.

    posted 456 days ago

Rate and Review

Would you recommend this project?






<

Related Projects

A free penetration testing toolkit Actions

Thanks for your rating!

Would you also like to write a review?





Skip Review