- thc-ipv6 - Attack toolkit for testing IPv6 and ICMPv6 protocol weaknesses.
A mass Cisco scanning tool.
# cisco-ocs [Start IP] [Stop IP]
Perl script which scans cisco routers for common vulnerabilities.
# CAT -h 192.168.99.230 -p 23 -a /usr/share/wordlists/nmap.lst
Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool.
# Show all available Attacks
# cge.pl -h
# Attack
# cge.pl [Target IP] [Attack ID]
Cisco device vulnerability scanner
# cisco-torch -A [Target IP]
Cisco copy-router-config
Copies configuration files from Cisco devices running SNMP.
# copy-router-config.pl [Router IP] [TFTP Server IP] [Community String]
- SeeYouCM-Thief - Simple tool to automatically download and parse configuration files from Cisco phone systems searching for SSH credentials. Will also optionally enumerate active directory users from the UDS API.
- sipvicious - SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems. Specifically, it allows you to find SIP servers, enumerate SIP extensions and finally, crack their password.
- protos-sip - The purpose of this test-suite is to evaluate implementation level security and robustness of Session Initiation Protocol (SIP) implementations.
- iaxflood - Voip flooding tool
- ohrwurm - ohrwurm is a small and simple RTP fuzzer that has been successfully tested on a small number of SIP phones.
- siparmyknife - SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.
- sipp - SIPp is a free Open Source test tool / traffic generator for the SIP protocol.
- sipsak - sipsak is a small command line tool for developers and administrators of Session Initiation Protocol (SIP) applications. It can be used for some simple tests on SIP applications and devices.
- https://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Endler.pdf
- https://downloads.avaya.com/elmodocs2/mm_r2_0/cd_frontend/a_mss_mas/se_pbxsec.htm
- Penetration Testing on VoIP Asterisk Server
- lyncsmash - A collection of tools to enumerate and attack self-hosted Skype for Business and Microsoft Lync installations
- LyncSniper - LyncSniper is a tool for penetration testing Lync and Skype for Business deployments hosted either on premise or in Office 365.
- https://www.mdsec.co.uk/2017/04/penetration-testing-skype-for-business-exploiting-the-missing-lync/
- https://www.netspi.com/blog/technical/thick-application-penetration-testing/introduction-to-hacking-thick-clients-part-1-the-gui/
- https://resources.infosecinstitute.com/topic/practical-thick-client-application-penetration-testing-using-damn-vulnerable-thick-client-app-part-1/
- https://github.com/secvulture/dvta - Damn Vulnerable Thick Client App
- Thick Client Penetration Testing: Information Gathering
- Thick Client Pentest Lab Setup: DVTA (Part 2)
- Thick Client Penetration Testing on DVTA
- Thick Client Penetration Testing: Traffic Analysis
- Thick Client Pentest Lab Setup: DVTA
- https://akenofu.gitbook.io/hackallthethings/mobile-applications/android
- https://owasp.org/www-project-mobile-security-testing-guide/
- OWASP Mobile Security Testing Guide - Bernhard Mueller et al.
- Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
- quark-engine - Quark-Engine is a full-featured Android analysis framework written in Python for hunting threat intelligence inside the APK, DEX files.
- Hacking: The next generation - Abusing mobile devices: Targeting your mobile workforce, pg. 149
- RouterHunterBR - Unauthenticated Remote DNS change/ users & passwords.
- routersploit - an open-source exploitation framework dedicated to embedded devices
{% embed url="https://youtu.be/wyjM_P7Axa8" %}