Browser Rider v20090204 released

In: Browser Rider , Configurations checks , Framework , Fuzzers , Penetration testing & Ethical Hacking

19 February 2010

Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit.

Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmainted, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.

Features:

Easily create powerful payloads and plugins
Manage payloads automatically with plugins
All data can be saved in a database
Obfuscation
Polymorphisme
Control more than one zombie at a time
Simple administration panel

Technical requirements

PHP 5, with json installed
Mysql
Apache with url_rewrite on (optional since 25/01/09)
Targets must have Javascript turned on

Online demo

To test the framework, first open this page in a new window and do not close it. You can then go on the administration panel and you should see your ip in the zombie list.

Documentation

More information: here

Post scriptum

Download Browser Rider v20090204

Compliance Mandates

Penetration testing & Ethical Hacking :
PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

Browser Rider	19 February 2010 : Browser Rider v20090204 released 8 January 2009 : Browser Rider v20081124 : Framework for hacking browsers
Configurations checks	10 May 2010 : WebTest 1.2.1 - Testing Web Application with Python 1 May 2010 : Lansweeper v4.0 released 1 May 2010 : Sysinternal AccessChk v5.0 released 1 May 2010 : Spiceworks v4.7 build 50667 released 28 April 2010 : NSIA (Network System Integrity Analysis) v0.8.99 released
Framework	12 April 2010 : Windows Autopwn (winAUTOPWN) v2.2 released 31 March 2010 : W3AF v1.0-rc3 released 29 March 2010 : Vicnum v1.4 released 28 March 2010 : Zenamics released BinCrowd the First collaborative reverse engineering tool 27 March 2010 : OWASP Broken Web Applications v0.91rc1 available
Fuzzers	29 April 2010 : Fuzzdb v1.07 released 25 April 2010 : Fuzzdb updated to v1.06 19 April 2010 : fuzzdb v1.05 - Attack and Discovery Pattern Database 13 April 2010 : JBroFuzz v2.1 released 10 April 2010 : Peach Fuzzer Framework v2.3.4 released
Penetration testing & Ethical Hacking	10 May 2010 : SQLNinja v0.2.5 released! 1 May 2010 : DAVTest v1.0 - WebDAV Application 25 April 2010 : (Paper) Pentesting Adobe Flex Applications (introducing new tool Blazentoo) 25 April 2010 : SIP Inspector v1.10 released 15 April 2010 : Ubuntu Pentest Edition v2.03 released