PIRANA, the SMTP fuzzing and bruteforce tool
PIRANA is an exploitation framework that tests the security of a SMTP content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform. PIRANA’s goal is to test whether or not any vulnerability exists on the content filtering platform.
The tool is a PERL program, which builds email and attaches malicious payloads generated by various exploitation codes, then sends it to the target. Several techniques were developed to improve reliability and add discretion. The tool is modular and it is possible to add support for new vulnerabilities that could emerge in the future.
PIRANA’s author, Jean-Sébastien Guay-Leroux wrote a paper (PDF en | fr ) that explains what are the vulnerabilities of a SMTP content filter. It also presents what techniques were used in PIRANA to improve reliability and stealthness.
The tool is GPL licensed and you can download the latest version pirana-0.3.3.tar.gz .
If you enjoyed this post, make sure you subscribe to my RSS feed!
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Thursday, July 5th, 2007 and is filed under Framework, Brute Force, Tools.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Large-Scale Network Monitoring Using Aggregated Flows »
Next Post: Finally a GUI for Evolution Intelligence Tool »
Read More
Related Reading:- Free alternative to ArcSight ESM ? Hardly..
- Privacy Dilemma: How to Protect Yourself Online
- Solera Networks Deep-Packet Capture Review
- WordPress Exploit Scanner
- Phishing Exposed, Brands Secured
- Scanners: New Nessus Release; New eEye Web Scanner
- Good News from ArcSight and Imperva
- CCTV Security Camera and Surveillance Equipment
- OpenDNS Offers Free Web Content Filtering
- Can I Evade ScanSafe Anywhere+ ?
