Article: K0SASP - Hacking with OS X

(37 views)

by Ismael González D.

K0sasp is an installation package for Mac OS X systems able to compile and let installed all those programs that are necessary for security audits and ethical hacking . Designed by and for hackers.

Introduction
Many of the people who use Mac OS X and are dedicated to the world of security depend on using virtual machines to do audits. Usually the people always choose distributions prepared with all kinds of tools such as Kali or Backbox Linux . These distributions give us the possibility and ease of having an operating system ready to do all kinds of hacking and pentesting.
Other people opt to choose a Linux or Windows operating system and install only the tools you will have used to their audits.
However, these solutions require OS X users depend on virtual machines.
It is true that there are a number of multiplatform programs for Windows, Linux and Mac OS X. However install all of these programs, or take all the programs offered to Kali Linux Mac OS X requires a great job. You have to spend much time searching each of the programs, although some programs not require a complex installation, for to be a simple script in python or Java application, many others require compilation.
This is possibly the main reason why people use distributions already prepared.
From this need was born the idea of ​​K0SASP.

 

What is it?
Kontrol0-Security Auditor Software Pack, K0SASP in its abbreviation, is an installation package that includes a large number of programs ported to Mac OS X, organized by category. Without the need of having to search and compile.
When you install some of the tools needed to audit some other third party software is required. For example in the case of Metasploit framework is necessary that this previously installed the Xcode Command Line Tools package. This software is installed by default when you install msf from K0SASP.
K0SASP easy installation of all programs. When installed K0SASP, and is selected some other programs that require these dependencies, are also installed by default without the user having to do anything.
Under this package Installing K0SASP run a series of scripts that are responsible for deploying each of the applications and install all the necessary dependencies.
Once the software is installed we can have a wide range of possibilities to play with Hacking.

1

K0SASP was one of the selected applications and presented to the security event held in Madrid - Spain. Rooted Warfare (http://www.rootedwarfare.com/). Rooted Con is the most important events worldwide security, in its fifth edition the Rooted Warfare, a section presenting an array of tools was held. The process was held by all staff Rooted In assessing both the originality of the applications that are presented as the technical part of each and functionality that may contribute.

Following the launch was done on January 8, 2014 of K0SASP, despite its young age, today has exceeded 30,000 downloads.

What software include?
Currently the latest version of K0SASP includes software for Forensics Analysis, Pentesting web, sniffing, vulnerability analysis, etc.
Each program what includes the installation of K0SASP organize applications into categories according to their functionality.

List of tools included:

Information Gathering

TheHarvester

Nmap

Zenmap

Maltego

Knock-scan

Keepnote

Dnsmap

DMitrySniffing

TCPDump

Wireshark

Sslstrip

 

Anonymity

Tor+TorBrowserPassword Cracking

Hydra

John The Ripper

 

 

Connections

Cyberducks

DBeaverExploitation

Network

Metasploit

Setoolkit

Web Exploitation

Burp Suite

DirBuster

Sqlmap

ncat

Fimap

weevely

Slowhttptest

Wapiti

Webscarab

wfuzzForensic Analysis

Binary Cookie Reader

iExplorer

SQLite Database Brownser

 

Vulnerability Analysis

Owasp ZAP

Vega

Nikto

GoLISMERO

JoomscanSoftware requerido

PyGTK

XQuartz

Command Line Tools

The full article would be published soon in Hakin9 Magazine. 

 

About the author:
Ismael Gonzalez D. is a security researcher with an experience of over 7 years in the study of web vulnerabilities. He is currently certified in CEH, MCP, MCDTS, MCSA. LPIC-1 Founder and publisher of computer security blog (http://kontrol0.com). Writer of the book Backbox 3 - Initiation to pentesting, freely distributed and completely free. Founder of K0SASP – Hacking with OS X

September 2, 2014
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023