OWASP D4N155

Project About

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: N/A
Purpose: N/A
License: N/A
who	is working on this project?
Project Leader(s): Julio Lira
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Key Contacts
Contact Julio Lira to contribute to this project Contact Julio Lira to review or sponsor this project

current release

pending
last reviewed release
pending

other releases

OWASP Tool Project D4N155

The project use OSINT for dynamic and smart attack of brute force, until recently, using a complex password based on common things of your day was somewhat advisable, the project somehow creates this possibility of attack but mostly defense

Description

D4N155 Logo

On the abstract we can presume that this isn’t just another pentest tool this is a truly powerful tool, that integrate various key features of another projects and ideas of the developers and aggregate then in a same place.

KEY FEATURES

Search vulnerable url’s
Anonymous feature
Make a smart wordlist based on page content
Totally CLI (BASH + PYTHON)
FREE SOFTWARE IN LICENSE(GPL V3) AND IN ESSENCE
Automatic Report Feature with two options:
- PDF
- HTML Where it generate a dynamic graphic for quick visualization

People with bad intentions dedicate a long part of their time to read profiles,posts analyzing then, observing reactions with in order to obtain the maximum information about their targets in order to make their list(of passwords) and the door for attack. Even if you do not have specific knowledge, so you may be using this tool will help you get a sense of how vulnerable you are and consequently take action and prevent a possible attack.

Besides this it’s a friendly tool for a pentester with the features of automatics reports the professional can save time, writing extensive reports with pages of print screens, technician reports and transcription of procedures this tool can make a half of a job for him.

Operations

The process of password speculation is performed using various functions, all using recursive ones, as the equation shows.

λ→(η) = Op.

Combinatorial Analysis

The code follows combinatorial analysis in order to speculate passwords and we’ll explain next.

Combinatorial Enumerative

Enumerative combinatorial is more classical area of combinatorics and concentrates on counting the number of combinatorial objects

Tree

Analytic combinatorics

Analytic combinatorics concerns the enumeration of combinatorial structures using tools from complex analysis and probability theory. In contrast with enumerative combinatorics, which uses explicit combinatorial formulae and generating functions to describe the results, analytic combinatorics aims at obtaining asymptotic formulae.

This is the most important thing for code.

Licensing

GNU GPL v3 License (allows commercial use, but requires that modifications to your code stay open source, thus prohibiting proprietary forks of your project)

Roadmap

As of November, 2013, the highest priorities for the next 6 months are:

Complete the first draft of the Tool Project Template

Get other people to review the Tool Project Template and provide feedback

Incorporate feedback into changes in the Tool Project Template

Finalize the Tool Project template and have it reviewed to be promoted from an Incubator Project to a Lab Project

Subsequent Releases will add

Internationalization Support

Additional Unit Tests

Automated Regression tests

Getting Involved

Involvement in the development and promotion of Tool Project Template is actively encouraged! You do not have to be a security expert or a programmer to contribute. Some of the ways you can help are as follows: