Tuesday, July 19, 2011

BlackHat baby!!!

Jip it's that time of the year again, and Yeti made it into the BlackHat arsenal! So we'll be doing some live demo's and talking to people, and overall just have some fun.
So if you are going to BlackHat popin and have a chat.

See you there.
./w

Wednesday, June 1, 2011

Release 0.6a (This is a big one!)

Let me start off by saying that this is a fairly big release for yeti, in the sense that there has been some mayor changes made. Most of these changes have been on the back of suggestions and feedback from users and for that I say "big up" and thanx a stack!

What we tried to do in this release was to make it easier to use,  and that starts right at the start when you start up yeti for the first time. All the configs are ready to go so there is no need go and look for files and directories. The only thing left is the pesky Bing Application Id or API Key, sorry I can't really do much about that.

The next big thing is the fact that all results are now stored in a database, and that you can do multiple footprints in the same database, the reason for this is so that we can start doing some interesting comparisons across footprints, but more on that a bit laterer :)

Also is that new scripting API, the JSR-223 standard got implemented, so scripting languages like Groovy, Jython, JRuby etc are now supported. I'll start adding the tutorial section on the API in due course. The main reason for this is to allow anybody to generate their own reports or even scanning/data collection engines. Also it makes it easy to do really cool things without compiling and releasing an entire new app :)

So please, take it for a spin and let us know!

Good hunting...
./w

Saturday, May 14, 2011

... if silence is golden then ducktape must be silver ...

Ok, we've not been as active as we've wanted to, and I'm sure that my KPI's will suffer :) but this post is just to prepare you for something. After the first couple of releases we received some comments and suggestions, and seeing that some of these were really actually very useful we started on the long path of implementing them. This turned out to be way more work, and as we kept on making changes, we started adding more "cool" stuff, because adding new things is way better than fixing stuff :)

So within the next couple of days we will be putting version 0.6a out and here are some highlights:

* Working out the box, thats right, no more adding paths and stuff, unzip, start and go
* Scripting interface, API documents will also follow soon
* Fingerprinting service
* Hopefully a cleaner UI
* And as always, plenty more bugs to fix later

Watch this space...

Tuesday, March 15, 2011

Release 0.5c (we have clickable links now!)

So after another 2 weeks of slaving away at work we finally have another minor release out.

Now before I go on I just need to put out a big shout-out for Rob Fuller and the gang at Hak5.org. After the last release Rob sent me a LIST of some pointers and feedback and while I know that this release doesn't nearly cover everything in that list,  the feedback was greatly appreciated.  Needless to say, I'll be attempting to address everything that was mentioned, not just from Rob, but from everybody.

So to Rob, Hak5 and everybody that has been supporting us with comments and feedback, thank you, and keep them coming :)

Now, for this release most of the changes were subtle GUI enhancements, but the idea was to make things a bit more usable and straight forward. Yes, there are still some glaring issues, but I'm working on that :)

Download here...

Oh yes, we also added some new tutorials and I'll be adding another one today on how to use the GeoIP locations, KML and Google Maps. More fun than useful, but keep an eye out for that one.

Thank you for the support, and please keep those comments coming!

./w

Wednesday, March 2, 2011

Why don't apps have a "Make it better" menu option?

Well that means more work for the developers :) I actually got that off a tweet @mubix, and that kinda stuck with me. I'm building Yeti to work in a way to solve a problem that I've got, and in turn I'm sharing it with the world, however, I doubt that the way I like things are the same as most other @people out there.
So to compromise, instead of adding a menu option I've decided to add a weekly poll, so that people out there, meaning you, can choose how I spend my free time. (Note option 4 :P)
Also, I would like people using Yeti, to tell me the single most annoying feature of the app, and if what they like to be done to it. Trust me, I'll get round to it ... eventually.

./w

Release 0.5b (we have version numbers now)

Hi Everybody,
Sorry we've been so quiet, but we've be sorting some gremlins and doing training, well in short we've been training to earn our keep here at SensePost....

But I've got a new release out today with some nice fixes on the ForwardLookup (hostname brute  forcing) it should go a lot faster plus you can now do large lists of domains in a single go. I just did a test on brute forcing about 2000 domains in a single go, it took some time but the app handled it with no problems :)

There are some other bug fixes, minor tweaks here and there, so check out the First releasenotes.txt file that shipped with the application.

Some highlights in the next release to look out for will be a custom data exporter and some custom search engine searches, so in short, watch this space.

O and by the way I'll be pushing out a new tutorial a bit later this week.

As always, have some fun!

./w

Thursday, February 17, 2011

Something new...

As this tool is growing some new features keeps creeping in. Like the "Web spider" function that is now available as a brand new button on the menubar...
In short, what this little button does, is to allow you to ad a list of hosts/urls...
and Yeti will go along and attempt to spider all the hosts/urls in the list, and extract links/src items from the html, parse out the host name and domains from these links and will then attempt to perform a "whois" query on the found domains...
I think this is a cute little feature that lays the foundation from many more possibilities, so if you can think of some cool stuff that we can do with this, please send me a mail/message and we'll take it from there.
Thanx for the support so far
./w