Tuesday, January 22, 2013

OWASP Mantra Security Toolkit 0.92 beta - Janus

Team Mantra is proud to announce the release of OWASP Mantra Security Toolkit 0.92 beta code named "Janus".

OWASP Mantra Janus
OWASP Mantra Janus running on Windows

Janus is built on Firefox 18 and is available for Windows, Linux 32 bit, Linux 64 bit and Macintosh operating systems. We also introduce a new installer for all platforms and all these packages support 9 languages - Arabic, English  Chinese - Simplified, Chinese - Traditional, French, Portuguese, Russian, Spanish and Turkish.

Get your Mantra from our download page.

New Features:

Firefox 18
        Janus is built on Firefox 18 bringing in more improvements and stability.

DownThemAll extension
A completely functional and easy to use download manager right in the package.

A brand new installer
               We have introduced a new installer for OWASP Mantra. During that installation process you can choose your preferred language for the final product.

Known issues:

Error messages:
        During start-up of Mantra in Linux, authentication errors are displayed in the shell, however, the application runs smooth without any issues.

Janus and Firefox not running together :
        A temporary fix is available and can be seen here.

No upgrading option:
        We strongly recommend you to use a fresh build of Mantra Janus and not to upgrade Firefox from previous versions. Many of the extensions available today are not compatible with latest versions of Firefox. Apart from that, using them as it is will result in a very cluttered menus since they make their entries into toolbar, context menus and status bar. We have applied some minor changes to those extensions to fix these issues. Upgrading those extensions automatically might break some functionality. So we strongly recommend you to keep automatic updates turned off.

Error message on Macintosh:
Portuguese, Russian, Spanish and Turkish will show an error message upon running. A possible fix is to move Mantra from normal Applications folder to any of the user folders ( Documents, Downloads, Pictures, Music or Users>Applications folders will do).

Thursday, November 29, 2012

How to become a hero in penetration testing?

It's always nice to see when your favorite tool is being discussed in a printed media and the amount of joy doubles when it is on a published book. We just came to know that, Mantra has been mentioned in Lee Allen's new book: Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide published by Packt Publishing.

Front cover of Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide (Paperback)

Table of contents of Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide. Highlighted the line which indicates the coverage of Mantra

If you wanted to learn advanced penetration testing in an easy and efficient manner, starting from setting up your own lab environment to making effective penetration testing reports, this book is a perfect choice for you.

You can find this book on:
Google Books

It has around 400 pages and costs $60 on Amazon as the time of writing. It has also got great reviews and responses from all over the world. We wish Lee Allen all the success for this book and for his future endeavors.

Hope to see more coverage for Mantra in coming days, let us know if you come across any.

Tuesday, November 20, 2012

They are just behind you

From social networking sites to your favorite search engine or your friend's blog, They are tracking you. It's true that these tracking helps us in some way, but what if it goes to the extreme level that it results in invasion of privacy or bubbling?

Collusion -  It provides a quick visualization of those big brothers watching across the web. Click on each node to see the depth of these tracking and bubbling going to take you.

Tracker blocking extensions are available for almost all popular browsers, including Firefox, Chromium and Internet Explorer.

Your privacy is important, you will realize it once you have lost it.

Monday, November 19, 2012

Create Mantra icon on Windows 8 Metro UI start screen

Windows 8 is here, so is Metro UI (or Modern UI?).

This tutorial will help you to make cool application tile shortcut of Mantra or any other application on your Windows 8 start screen.

First of all, you will be needing a small and free utility called OblyTile, which can be downloaded from here. Just run the program, supply application information like tile name, program location, icon image you would like to use, the color of tile, etc. Then click on the Create Tile button.

Creating OWASP Mantra icon on Windows 8 start screen using OblyTile

Your new icon will be placed towards the end of your start screen, all you have to do is to drag it to the position where you want it to be.

Windows 8 Tiles of Mantra, Firefox, VLC and Word 2013 created using OblyTile

You can download the PNG pictures attached below to make a tile for Mantra.

120x120 transparent PNG logo of Mantra

30 x 30 transparent PNG logo of Mantra

Tuesday, May 29, 2012

Running Mantra and Firefox together

Is that possible to run Mantra and Firefox together. The answer is, yes and we will be discussing how you can make it possible by a simple trick.

Step 1

Go to the OWASP Mantra folder where you extracted files into.

Step 2

Right click on it and create a shortcut

Step 3

Go to the Properties of shortcut file.

Step 4

Go to the Target field

Step 5

Add --no-remote. Then Apply and OK

Step 6

  • Now run Firefox first and 
  • Then run OWASP Mantra by using the shortcut you just created and enjoy.!!!

Saturday, May 26, 2012

Downloading YouTube videos in bulk

Ever wanted to download bulk amount of YouTube videos? There are many services already out there which can help you to download videos one by one.

What if you want to download all videos from a YouTube channel?
What if you want to download all YouTube videos from an external website?
What if you want to download videos from a big list of YouTube video links?

BYTubeD helps you to automate bulk downloading tasks and thus saves your time and effort. It is a Firefox add-on developed by MS Ram, an IIT student.

After installing this add-on, you can access it in following ways:

Tools Menu -> BYTubeD

Right Click Context Menu -> BYTubeD

Toolbar -> BYTubeD icon ( Turned off by default)

All you have to do is to visit any web page with YouTube videos and then access BYTubeD. Then you can select videos from a list, can set video format, quality etc. One of the interesting thing about BYTubeD is that it can work with download managers like DownThemAll and makes the task more hassle free.

Enjoy batch downloads in YouTube!

Friday, May 25, 2012

Exploiting URL Shortening services

URL shortening services are very popular nowadays. Self descriptive, long URLs are good for SEO but not for sharing on social websites. There are plenty of URL shortening services available today. You can even find a handful of them at Galley.

URL shortening services possesses lots of issues already, and what if such a service get compromised?

Today, you are going to see such a scenario. An URL shortening service vulnerable to SQL Injection. You can get vulnerable application from the video page so that you can try it yourself. See the ideo below:

What an attacker could have done after compromising such a service?