Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
Home  Ask the Team  Mailing Lists  Advertising Info  Advisories  About SecuriTeam  Blogs Brought to you by: Suppliers of: Website Testing Tools Network Testing Tools Software Testing Tools SecuriTeam in Your Inbox New vulnerability? New tool? Tell us (Our PGP key). Confidence 2013 5% Off any SANS course Use Code: SecuriTeam_5 Hack In Paris La Nuit du Hack Subjects of Interest: Vulnerability Management SQL Injection Buffer Overflows Active Network Scanning Fuzzing Fuzzer Report Network Security Network Scanner Pen Testing Security Scanner	The Cookie Tools 10 Dec. 2007     Credit: The information has been provided by michele dallachiesa. To keep updated with the tool visit the project's homepage at: http://xenion.antifork.org/cookietools/index.html Free Website Security Scan Free Fuzzer Report Vulnerability Assessment Detect web app vulnerabilities University study comparing the top Accurate and automated scanning Get guidance from professionals. 6 commercially availble fuzzers. for networks of any size.    Details Protect your website! Free Trial, Nothing to install. No interruption of visitors. www.beyondsecurity.com/vulnerability-scanner The cookie tool project includes two tools:  * cookiesniffer is a simple and powerful cookie sniffer that recognizes (through heuristics) and reconstructs (through libnids) new and existing HTTP connections, parsing any valid or partially valid HTTP message. The output is a set of files containing the gathered information with time-stamps in a format that can be trivially searched and parsed with standard UNIX tools such as grep, awk, cut and sed. It supports wireless (AP_DLT_IEEE802_11) networks.  * cookieserver lets you to impersonate the cookies of someone else in your browser using the logs of cookiesniffer (in few seconds). This attack is also called "side-jacking", "cookie replay attack" and "HTTP session hijacking" but probably I'm missing other fancy names. This is something known from ten years but that is still (too much) effective.  Comments: blog comments powered by Disqus	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles 'Apache mod_rewrite Vulnerability PoC' 'netsniff-ng - A Linux Network Analyzer and Networking Toolkit' 'Simple Local File Inclusion Exploiter' 'NiX A Linux Brute Forcer' 'Nchop - A TCP Session Splicing Tool Used to Rvade Intrusion Detection Systems' 'Netifera - Modular Open Source Platform for Security Tools' 'WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems' 'Webshag - Web Server Audit Tool' 'Browser Fuzzer' 'FSpy - Linux Filesystem Activity Monitoring' 'telnetrecon - Telnet Recon' 'Zerowine Sandbox' 'JPEG Fuzzer' 'VNC Server Fuzzer' 'RSH Fuzzer' 'Exomind' 'Browser Rider' 'MP3 TAG Fuzzer' 'PDFuzzer - PDF File Standard Fuzzer' 'Miranda - UPNP Administration and Audit Tool'  Featured Articles 'MP3 TAG Fuzzer' 'ArpON - ARP Management System' 'PktAnon - Packet Trace Anonymization Tool' 'The Cookie Tools' 'SWFIntruder - Analyzing and Testing Security of Flash' 'SSHatter - SSH Password Brute Forcer' 'FireMaster - Firefox Master Password Recovery' 'BackTrack - a Linux Live Distribution Focused on Penetration Testing' 'MD5CRACK - MD5 Bruteforce Tool' 'Technika - Attack Scripting Environment' 'Windows Live Messenger v8 Password Finder' 'XSS Shell' 'ASP Auditor - Identify Vulnerable ASP.NET Servers' 'SWAAT Web Application Analysis' 'John The Ripper MPI Patch' 'loggy - Advanced Log Cleaner' 'GZIP_Encoding - Tools for Simple Manipulation of Gzip Encoding HTTP Transfers' 'objdump2shellcode - Convert Objdump Into Shell Code' 'r57-pid-check' 'ARP Tools - Collection of ARP Utilities'
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®