Inguma, an Open Source pen-testing framework

I'm pleased to announce the first public version of Inguma, an open source penetration testing framework which is written completely in Python.

Currently there is no too many work made, remember that is only a pre-alpha version, but you have modules to perform the following actions:

- Communicate with a TNS Listener
- Exploits for Oracle Database (prior to CPU Oct 2006)
- Gather information from an Oracle E-Business Suite 11i instance
- A module to test nids's rules (with an snort plugin)
- 2 Portscanners: a simple TCP scan and a SYN, ACK, Fin, XMAS port scanner.
- A module to dump the SAM database
- A module to dump the RCP endpoints
- A samba client
- An sniffer
- A fuzzer for OSI layers 2,3 and 4 (ARP, TCP and IP, at the moment)
- Fuzzers for Oracle, SQL Server/Sybase, Informix and PostgreSQL
- A brute forcer for Sybase
- Python native libraries to communicate with a TNS Listener or a Sybase/SQL Server server.

There are many dependencies you need to meet in order to fully test the project:

- Impacket libraries
- pysnmp (if you will use SNMP)
- Pcapy

In future releases you can expect more Oracle exploits and many other kind of modules but, at the moment, that's what is implemented.

Posted by Joxean Koret 2007-02-16

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks