Monday, 13 June 2011

Welcome to Inguma version 0.3

The Inguma team is very proud to release version 0.3 of their pentesting and vulnerability research framework. The new release increases stability (mainly the GUI) thanks to lots of bugs fixed, offers a smoother experience and, of course, includes some awesome features:
  • Together with the new release we would like to introduce our project's new pet, Ingumito. He will keep all our users informed of the project news through his twitter account: @ingumito
  • A new module has been added to map the IP addresses using the GeoIP library from MaxMind:
  • By Ctrl + right clicking over a target a new menu entry will allow to remove the target and all its nodes from the map and the KB:
  • Additional information regarding a vulnerability can be obtained by right clicking over a vulnerability node:
  • The Add Target dialog must be improved to allow multiple IP addresses and other inputs but, meanwhile, the import dialog now supports a comma-separated CSV file to be used as multiple IP input.
  • The exploits download and load process has been simplified; download the exploits at the Preferences dialog and use the Search button to load the exploits. Once loaded, this button will search through the exploits DB.
  • The most important change of this new release is the complete rewrite of the RCE interface and core. OpenDis has been removed, and so the objdump dependency, and a new interface has been added that uses Pyew as backend:

This new interface offers most of the Pyew features in a easy-to-use GUI.  Analyzing almost any kind of file or web site is now easier with this new release!  This GUI for RCE is a new subproject of Inguma called Bokken and will be released soon in our website as an independent tool.  Stay tuned!

The RCE interface will analyze PE, ELF, PDF and web sites, and will open any other file in the hex editor. An image is worth a thousand words, so here you have two thousand of them:

Some minor features added are:
  • An icon has been added to graph nodes to show the OS of the target when available.
  • New autosave feature that will save the KB after every module execution to prevent data loss in case of GUI crash. This autosaved KB will be loaded at startup if the user wants.
  • Single host report option added to the node menu.
  • Improved performance of ping and scan modules.
  • More modules have been ported to the GUI, like "identify"; wich has also been added to the list of modules launched on adding a target.
  • We are now closer to full Windows compatibility as this screenshot demonstrate :-)

We hope you enjoy using this new release as much as we enjoyed making it!  Stay tuned of the project news with the Twitter account or the mailing lists. For more information, documentation, reporting bugs and, of course, download the release, visit the project's web site.

This release is dedicated to the hundreds of thousands of Spaniards that gathered on May 15th first in Madrid, then everywhere, to protest against political parties in the now-called #15M movement.