Posts Tagged “python”

The goofile Backtrack menu item ( Backtrack > Information Gathering > Web Application Analysis > Open Source Analysis ) is a great little Python script that provides easy access and results from one of Google’s Advanced Searches. During the information gathering phase of a penetration test it provides a great method to collect data about your target by searching a domain for specific file types. Below we describe goofile in more detail and provide an example of how goofile works.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments No Comments »

When attempting to launch creepy via the Backtrack menu (Backtrack > Information Gathering > Network Analysis > OSINT Analysis > creepy) the starting creepy window will show in the taskbar however it simply disappears after a couple seconds without any action. If you investigate the menu item you will see that the menu item executes creepymap and when you attempt to execute creepymap you will see some Python errors. Below the error is described in more detail along with instructions on how to get creepy working properly.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , ,

Comments No Comments »

Need a quick way to generate a PHP backdoor for a compromised server you want to come back to later, then weevely is your application. I was pleasantly surprised when I started playing around with weevely in more detail as it provides a ton of built in functionality and does a lot more than I initially though that weevely did. The weevely application is built using Python and its current version on Backtrack 5 R3 is weevely v0.7. The weevley.py Python script is located in the /pentest/backdoors/web/weevely directory and some of its uses are described in more detail below.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , , , , , , , ,

Comments No Comments »

The pdfid script in Backtrack Linux is a PDF forensics tool that will quickly provide you an overview of a PDF files potential threats and pdfid provides a way to disarm those threats. PDFid is written in Python and is located in /pentest/forensics/pdfid/. The current version of pdfid is 0.0.11 and was released April 28th, 2010. Below we describe the basic functionality of pdfid and also explain some of the PDF terminology that will help those not as familiar with a PDF files structure the ability to find value with the pdfid.py Python script.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments No Comments »

I take a lot of notes when working no matter if it is learning new stuff or working on projects for my job I have found that great note taking can save you lots of time down the road. The note taking application installed with Backtrack Linux is called KeepNote and provides the all of the functionality that I typically need when taking notes such as folders for organization, easy way(s) to backup notes, tabs, and all the other basics. One thing that does not work out of the box for KeepNote on Backtrack 5 R3 is Spellcheck which I use regularly to make sure my slang has not found itself into the notes I am sharing with others. Below we outline a quick way to enable spellcheck in KeepNote 0.7.7 on Backtrack 5 release 3.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , ,

Comments No Comments »