inguma Pentest kit version 0.0.6 released

by

In: Application Scanner , Framework , Inguma , Vulnerability Scanner

26 November 2007

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

New 5 exploits for Oracle Databases have been added and the module
"sidguess" have been enhanced to retrieve the SID of the database
instance from the Enterprise Manager/Database Control banner when
possible.

The new modules added to the discover, gather and brute sections are the
following:

  • brutehttp: A brute forcer for HTTP servers.
  • extip : A tool to known your external IP address. Very usefull to check anonymous proxies, i.e.
  • nmbstat : A tool to gather NetBIOS information.
  • ipscan : A tool to make IP protocol scans. The tool check what IP protocols are enabled in the target.
  • arppoison: A tool to poison target’s ARP cache

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Framework
Inguma
Vulnerability Scanner