Inguma released

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes :

  • Fixed bugs in the SMTP, POP3 and IMAP brute forcers.
  • Module "isnated" enhanced (Thanks you Sp0oKeR!).
  • Added module "dnsspoof".
  • Added module "fakearp", a fake ARP server.
  • Added various changes to make Inguma Debian friendly.
  • Added module "dtspc" to gather information from dtspcd.
  • Many changes and enhancements to PyShellCodeLib.
  • Added libdisassemble from Immunity Sec to the toolkit.
  • Added a JavaScript object’s fuzzer. Connect with your browser to the spawned web server and follow the instructions.
  • Help command now shows output summarized by category (discover, gather etc...).
  • Upgraded Scapy to version to avoid problems with IKE.
  • Added module "ikescan", a tool like the well know ike-scan.
  • Added module "unicornscan", a wrapper for the popular tool. Thanks you Hugo!.
  • Added to the public version of Inguma various DOS exploits for recently fixed vulnerabilities in Oracle TimesTen, Oracle Internet Directory and Sun Java Web Proxy Server.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Penetration testing & Ethical Hacking :

    PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Penetration testing & Ethical Hacking
Vulnerability Scanner