IceFloor, a MAC OSX pf firewall front-end

IceFloor is a MAC OSX firewall graphical front-end (FOSS).

Web site: http://www.hanynet.com/icefloor/

MAC OSX is delivered with 2 firewalls:

• ALF (Application Level Firewall). Configuration is performed via the Control Panel "System Preferences", and by default hides almost all of the gory details of the configuration to the end-user.
• PF (Packet Filter). A network firewall of the OpenBSD project. Configuration is performed via the command line (shell), and/or via a configuration script (pf.conf).

Both can run at the same time. Note that IceFloor will not touch any of the default OSX firewalls configuration files and it runs fine on OSX 10.8 (Mountain Lion).

If your version of OSX is Mavericks, Yosemite or later, then head to the new  http://www.murusfirewall.com ; the "Lite" version is free, but a bit limited. if cost is an issue, or if you are addicted to the FOSS model, then man pfctl is your friend.

If I had to attempt a security conference like DEFCON or Black Hat with my MAC, I'd certainly add pf to the existing ALF firewalling (but the best is to use a dedicated machine for this purpose, freshly imaged, and use an OS like Tails, avoiding by all means to work on job related stuff, or private emails picking etc).

• Nice blog post: http://blog.scottlowe.org/2013/05/15/using-pf-on-os-x-mountain-lion/
• Using the Emerging Threats ETOpen ruleset with pf: http://ikawnoclast.com/security/mac-os-x-pf-firewall-avoiding-known-bad-guys/

Burp Suite MAC OSX icon

I created this Burp Suite icon for my own usage and pleasure, and sharing it.
It's a mix of the Burp Suite and the greenpois0n icons (made with The GIMP).

To change the default icon for an application, see http://osxdaily.com/2013/06/04/change-icon-mac/

Burp Suite MAC OSX icon (size: 400 x 400)

PTF: The Pen-tester Framework

PTF

PTF is a Python script designed for Debian/Ubuntu (plans on expanding to more) based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we’ve been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all of the time.

PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used. PTF simplifies installation and packaging and creates an entire pentest framework for you. Since this is a framework, you can configure and add as you see fit. We commonly see internally developed repos that you can use as well as part of this framework. It’s all up to you.

To run PTF, first check out the config/ptf.config file which contains the base location of where to install everything. By default this will install in the /pentest directory. Once you have that configured, move to running PTF by typing ./ptf (or python ptf).
This will put you in a “Metasploitesk” type shell which has a similar look and feel for consistency. Show modules, use , etc. are all accepted commands. First things first, always type help or ? to see a full list of commands.

If you want to install and/or update everything, simply do the following:

./ptf
use modules/install_update_all
run

This will install all of the tools inside of PTF. If they are already installed, this will iterate through and update everything for you automatically. You can also install or update each individual module separately just by use then run. If its already installed, it will simply update the package.
You can also show options to change information about the modules. If you want to create your own module, its simple. First, head over to the modules/ directory, inside of there are sub directories based on the Penetration Testing Execution Standard (PTES) phases. Go into those phases and look at the different modules. As soon as you add a new one, for example testing.py, it will automatically be imported next time you launch PTF. There are a few key components when looking at a module that must be completed.

In order to download PTF, head over to github or clone it.



git clone https://github.com/trustedsec/ptf

Full announcement: https://www.trustedsec.com/may-2015/new-tool-the-pentesters-framework-ptf-released/

Opt out of global data surveillance programs like PRISM, XKeyscore andTempora. 

https://prism-break.org
Loads of resources for many platforms. Worth the bookmark !