SPARTA 1.0 BETA released

imagensecforcepost.png

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his/her toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results.

SPARTA tries to simplify the way you run tools and centralises their outputs, displaying them in a meaningful way:

Apart from running tools across several hosts with a single click, you can also define automated tasks for services (ie: run Nikto on every HTTP service as soon as it is found) and have SPARTA do all the work for you:

Features

For more information and to download SPARTA, go to:

https://github.com/SECFORCE/sparta

You may also be interested in...

imagensecforcepost.png
March 13, 2018

OpenSSH <=6.6 SFTP misconfiguration universal exploit

Recently our team ran into an interesting SFTP misconfiguration which allows for a reliable RCE on affected systems. The original discovery by Jann Horn can be found here http://seclists.org/fulldisclosure/2014/Oct/35. Although the affected OpenSSH version is a bit dated, it can still be found...

See more
Progress-MOVEit-Transfer.png
Dec. 17, 2020

Progress MOVEit Transfer < 2020.1 Stored XSS (CVE-2020-28647)

During a recent web application test engagement one of the applications in scope was a MOVEit Transfer 2020 web application. While performing the assessment a Stored Cross-Site Scripting (XSS) vulnerability was identified.

See more