Site Map           Contact

Resources

In this section, you will find all the documentation helping you to efficiently use VulnIT.

Versions

The version history of VulnIT is presented on this table, and the minor changes of each version on this page.

Tools

The VulnIT software relies on a selection of open-source tools described below. Their automation and the development progress of VulnIT (in orange) are showed on this diagram.
If you encounter problems viewing this diagram, you can see its last version in pdf format.

  • dhcping

    - is a DHCP and BOOTP scanner.
    Integrated in version 4.3
    Edwin Groothuis
    www.mavetju.org/unix

  • nbtscan

    - includes the same features as windows 'nbtstat' command (listing all open Netbios services).
    Integrated in version 1.0
    Stephen Friedl
    unixwiz.net/tools/nbtscan.html

  • dig

    - provided within the dnsutils package

    - allows to request a DNS server to get the list of the nameservers by DNS zone transfer.
    Integrated in version 1.0
    Internet Systems Consortium, Inc (ISC)
    manpages.ubuntu.com/manpages/karmic/en/man1/dig.1.html

  • nmap

    - is the famous port scanner used to detect running services on targets.
    Integrated in version 4.3
    Gordon Lyon
    nmap.org

  • OpenVAS

    - integrates thousands of tests upon patch management: OS, applications, DBMS, etc.
    Integrated in version 2.0
    OpenVAS team
    www.openvas.org

  • Aircrack

    - is a set of tools allowing to analyse the security of wifi access points.
    Integrated in version 2.0
    Thomas d'Otreppe
    www.aircrack-ng.org

  • smbclient

    - is an equivalent to 'net use' from Windows and allows to get informations on Windows sharing.
    Integrated in version 1.0
    Samba team
    www.samba.org

  • SMBAT

    - SMBAT (SaMBa Auditing Tools) includes smbdumpusers tool allowing to list the users of Windows NT/2000.
    Integrated in version 1.0
    Patrik Karlsson
    www.cqure.net/wp/smbat

  • Medusa

    - allows to test authentication on a few services (FTP, SSH, SNMP, SMTP...).
    Integrated in version 1.0
    JoMo-Kun
    www.foofus.net/jmk/medusa/medusa.html

  • snmpwalk

    - provided within the net-snmp package allows to browse information provided by SNMP protocol.
    Integrated in version 1.0
    Net-SNMP
    net-snmp.sourceforge.net

  • netcat

    - allows to establish network connexions and adds a lot of useful features to telnet.
    Integrated in version 1.0
    Giovanni Giacobbi
    netcat.sourceforge.net

  • rpcclient

    - allows to access "named pipes" and execute MS RPC commands. It is part of the Samba suite.
    Integrated in version 1.0
    Samba team
    linuxcommand.org/man_pages/rpcclient1.html

  • sslscan

    - determines which cryptographic algorithm is in use on a SSL server (basically in the case of an https web application).
    Integrated in version 1.0
    Ian Ventura-Whiting
    titania.co.uk

  • tnscmd10g

    - allows to list the instances of an Oracle database (including 10g and 11g versions).
    Integrated in version 1.0
    James W. Abendschan et Saez Scheihing
    pentester.fr/resources/tools/techno/Oracle/tnscmd

  • SIDguesser

    - allows to discover Oracle instances when they are transmitted by listener (attack using a dictionary).
    Integrated in version 1.0
    Patrik Karlsson
    www.cqure.net/wp/sidguesser

  • opwg

    - (part of the Oracle Auditing Tools suite) attacks an Oracle database using a dictionary.
    Integrated in version 1.0
    Patrik Karlsson
    cqure.net/wp/test

  • MSSQLScan

    - allows to get some informations on Microsoft SQL Server database.
    Integrated in version 1.0
    Patrik Karlsson
    cqure.net/wp/mssqlscan

  • db2getprofile

    - (part of the db2utils suite) gets the access profile to DB2 database and particularly lists the instances and databases.
    Integrated in version 1.0
    Patrik Karlsson
    cqure.net/wp/db2utils

  • flasm

    - disassembles SWF menus in order to extract the links redirecting to other webpages.
    Integrated in version 3.0
    Ben Schleimer
    nowrap.de/flasm

  • sqlmap

    - is an open source penetration testing tool that automates the process of detecting SQL injection flaws.
    Integrated in version 3.0
    Bernardo Damele
    sqlmap.sourceforge.net

  • wdiff

    - is a front end to diff for comparing files on a word per word basis.
    Integrated in version 3.0
    Denver Gingerich
    gnu.org/software/wdiff

  • WhatWeb

    - identifies content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more.
    Integrated in version 3.0
    Andrew Horton
    morningstarsecurity.com/research/whatweb