GFI LanGuard 2012 One Solution For vulnerability Scanning, Patch Management, Network & Software Audit

GFI LanGuard 2012 One Solution For Vulnerability Scanning, Patch Management, Network & Software Auditing 

Earlier we have talked about GFI LanGuard, but while looking at the rising cyber threats, security researcher  continue to identify new, sophisticated malware threats, vulnerability and patch management are more critical than ever as a key component of a layered security approach. To get rid of all those security challenges, GFI Software announced the availability of GFI LanGuard 2012, in which the manufacturer claimed to provide network and system administrators with the ability to manage 100 percent of their patching needs through a single, intuitive and easy-to-use interface, without the need for other update tools. So lets take a roam of this fine product of GFI Software-

Enhanced Features of GFI LanGuard 2012 include:

• Comprehensive Patch Management – Administrators can now manage 100 percent of their patching needs – both security and non-security updates – from a centralized console. No other update tools are necessary.
• Strong Vulnerability Assessment for Network Devices – Network devices such as printers, routers and switches from manufacturers such as HP and Cisco, can now be detected and scanned for vulnerabilities. GFI LanGuard 2012 performs over 50,000 checks against operating systems, installed applications and device firmware for security flaws and misconfigurations. It also runs network audits that now detect mobile devices running iOS and Android operating systems.
• Improved Scan and Remediation Performance – New Relay Agents receive patches and definition files directly from the GFI LanGuard server and distribute as appropriate – helping IT resources save time, manage network bandwidth and increase the number of devices that can be accommodated. This is particularly effective in multi-site and large networks.

GFI LanGuard 2012 combines vulnerability scanning, patch management, and network and software auditing into one solution that enables IT professionals to scan, detect, assess and correct potential security risks on their networks with minimal administrative effort. GFI LanGuard also enables administrators to inventory devices attached to their networks; receive change alerts, such as notification when a new application is installed; ensure antivirus applications are current and enabled; and strengthen compliance with industry regulations through automated patch management that defends against potential network vulnerabilities. With GFI LanGuard, IT administrators can manage more than 2,500 machines from a single console, it integrates with more than 1,500 security applications and includes keyword search functionality.

After going through the above brief description, many of you must be excited about this new product. For the kind information of our readers, yes indeed GFI LanGuard 2012 is one of the finest tool ever released in this domain. Detailed information LanGuard 2012 can be found here. Also a 30 day trail pack of GFI LanGuard 2012 has been made available for download. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">GFI LanGuard 2012 One Solution For vulnerability Scanning, Patch Management, Network & Software Audit"https://www.voiceofgreyhat.com/2013/05/GFI-LanGuard-2012-released-for-download.html?m=0</a>

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 

• parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
• alive6: an effective alive scanng, which will detect all systems listening to this address
• dnsdict6: parallized dns ipv6 dictionary bruteforcer
• fake_router6: announce yourself as a router on the network, with the highest priority
• redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
• toobig6: mtu decreaser with the same intelligence as redir6
• detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
• dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
• trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
• flood_router6: flood a target with random router advertisements
• flood_advertise6: flood a target with random neighbor advertisements
• exploit6: known ipv6 vulnerabilities to test against a target
• denial6: a collection of denial-of-service tests againsts a target
• fuzz_ip6: fuzzer for ipv6
• implementation6: performs various implementation checks on ipv6
• implementation6d: listen daemon for implementation6 to check behind a fw
• fake_mld6: announce yourself in a multicast group of your choice on the net
• fake_mld26: same but for MLDv2
• fake_mldrouter6: fake MLD router messages
• fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
• fake_advertiser6: announce yourself on the network
• smurf6: local smurfer
• rsmurf6: remote smurfer, known to work only against linux at the moment
• sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
• thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]

For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6"https://www.voiceofgreyhat.com/2012/10/THC-IPv6-Attack-Toolkit.html?m=0</a>

Fbpwn Version 2.0 Released (Java Based Facebook Social Engineering Framework) Twitter pwn added

Fbpwn Version 2.0 Released (A cross-platform Java based Facebook social engineering framework) Twitter pwn added

Earlier we have discussed about Fbpwn. Now the time has come to update the version as the author - Hussein El Motayam has going to release version 2.0 of Fbpwn -A cross-platform Java based Facebook social engineering framework developed by Team Motayam. The most notable thing of this version is that the author has added 'Twitter pwn' that means you can now also extract Twitter information using Fbpwn Version 2.0. 

Bug Fix in Beta - 2.0

• Fixed all Login issues
• Added a new module: Dictionary builder
• Added a new module: Close friends finder
• Added an option to group dumped information by victim's ID
• Use FBPwn through proxy

Fbpwn 2.0 is Capable of:

• Dump friend list
• Add all victim friends
• Dump all users album pictures
• Dump profile information
• Dump photos
• Check friends request
• Dump victim wall
• Clone the profiles

FBPwn modules are:

AddVictimFriends: Request to add some or all friends of bob to increase the chance of bob accepting any future requests, after he finds that you have common friends.

ProfileCloner: A list of all bob's friends is displayed, you choose one of them (we'll call him andy). FBPwn will change mallory's display picture, and basic info to match andy's. This will generate more chance that bob accepts requests from mallory as he thinks he is accepting from andy. Eventually bob will realize this is not andy's account, but probably it would be too late as all his info are already saved for offline checking by mallory.

CheckFriendRequest: Check if mallory is already friend of bob, then just end execution. If not, the module tries to add bob as as a friend and poll waiting for him to accept. The module will not stop executing until the friend request is accepted.

DumpFriends: Accessable friends of bob is saved for offline viewing. The output of the module depends on other modues, if mallory is not a friend of bob yet, the data might not be accessable and nothing will be dumped.

DumpImages: Accessable images (tagged and albums) are saved for offline viewing including comments under each image and album names. Same limitations of dump friends applies.

DumpInfo: Accessable basic info are saved for offline viewing. Same limitations of dump friends applies.

DumpWall: Dumps wall posts for offline viewing. Same limitations of dump friends applies.

DictionaryBuilder: Builds a dictionary using words from comments under photos and wall posts.

CloseFriendsFinder: Finds the victim's close circle of friends by counting number of comments,likes and tags under photos and wall posts with the ability to change the weights of the ranking criteria.

To Download Fbpwn Version 2.0 Click Here (Disclaimer- Use this tool at your own risk)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Fbpwn Version 2.0 Released (Java Based Facebook Social Engineering Framework) Twitter pwn added"https://www.voiceofgreyhat.com/2012/09/Fbpwn-Version-2.0-Released-Twitter-pwn-added.html?m=0</a>

OllyDbg 2.01 Beta 2 Released! (x86 Debugger For Microsoft Windows)

OllyDbg 2.01 Beta 2 Released! (x86 Debugger For Microsoft Windows)

The author, Oleh Yuschuk (also known as Olly), of widely used assembler level debugger 'OllyDbg' has released the Beta 2 version of OllyDbg 2.01. As you all know OllyDbg itself is hardly changed, only minor improvements (like correct reaction on MOV SS,anything; PUSHF or disassembling of JE vs. JZ  etc. depending on the preceding comparison). More important, the developer have removed the nasty crashes that happened on some computers while invoking menu, or pressing ALT, or on similar harmless actions. Last year August got the Alpha 4 of OllyDbg 2.01 since then we have not seen nay upgrades or improvements, so after one year this release includes some of major upgrades and fixes several bugs. Plugin interface is slightly extended. Plugin API includes more than 500 functions, structures and variables. Of these, I have described less than 100, so you will frequently encounter 404 while browsing the help data. But all APIs used by Bookmarks plugin are fully documented. I would also like to describe briefly for those who are not familiar with debugger- OllyDbg is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries. In many cases reverse engineers preferred OllyDbg, even this tool is widely used by underground communities for making crack of popular software & games. 

To Download OllyDbg 2.01 beta 2 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">OllyDbg 2.01 Beta 2 Released! (x86 Debugger For Microsoft Windows)"https://www.voiceofgreyhat.com/2012/08/OllyDbg-2.01-Beta2-Released.html?m=0</a>