Inguma 0.1.1 released

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes

  • Added library libinformix. Supports connection establishment and command execution. Pure python code.
  • Added a brute force module for Informix databases (bruteifx).
  • Fixed bugs in the Sybase’s brute force module.
  • Added an Informix SQLEXEC protocol fuzzer.
  • Added liboracleinternals.py. Currently it just work for creating oracle password files (from version 8 to 11).
  • Added module db2discover to discover IBM DB2 database servers.
  • Added an information gather module for Informix database servers.
  • Very (basic) initial support for RDP protocol format.
  • Added support for fuzzing based on PCAP packets.
  • Added a POC for the Sun Java Web Proxy Server heap overflow (fixed).
  • Distributed Nikto database updated.
  • Added basic support for Bluetooth and Wifi (Hugo).
  • Added a frontend for Nmap (Hugo).
  • Added libhexdump (Hugo).
  • Added modules tcpproxy, hexdump and simple web server (Hugo).
  • Changed format of OpenDis databases to SQLite format (use -sdb=file.sqlite).
  • Added OpenDis Binary Navigator.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Penetration testing & Ethical Hacking :

    PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Framework
Inguma
Penetration testing & Ethical Hacking
Vulnerability Scanner