Tools

McGrew Security RAM Dumper

msramdmp is a small SysLinux plugin for dumping the contents of RAM to a USB drive, for forensic/information-gathering/crypto-breaking purposes.

Web Search Scan

This is a Metasploit module for performing search engine queries for each IP address and/or hostname on a network. If there are hits on the search engine for a host, the module will display the number of hits, and URLs to view the results. This is very useful during the information-gathering phase of a penetration test, and can yield very interesting results.

Man-in-the-Middle DNS Server

This is a modification of Metasploit’s fakedns.rb that passes requests through to a real DNS server, and modifies the answers if they match a set of regular expressions.

NBNSpoof

NBNSpoof is a tool for automatically crafting responses to NetBIOS Name Service (NBNS) name queries.

Travesty

A small ncurses app for penetration testers that would like to manipulate hardware addresses on boot with a quick and easy interface.

GooSweep/YaSweep

A penetration testing and network forensics tool for discovering information about networks and hosts from search engines. The web search scan Metasploit module that I have written includes the functionality of this tool, and is much nicer in many ways. I’m keeping the GooSweep/YaSweep material on here, but I recommend that you use the Metasploit module.