Oct 7, 2011

MagicTree: Data management for penetration testers

Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host or service? Or copy-pasting bits of output from a bunch of typescripts into a report?


MagicTree does such mind-numbing stuff for you, while you spend your time hacking.

MagicTree is a penetration testing productivity tool. It is designed to allow easy and straightforward data consolidation, querying, external command execution and report generation. "Tree" is because all the data is stored in a tree structure, and "Magic" is because it is designed to magically do the most cumbersome and boring part of penetration testing - data management and reporting.

Version 1.0 includes a lot of bug fixes and a number of new features, such as:
  • Support for Acunetix data import
  • Support for W3AF data import
  • Support for OpenVAS 4 XML format
  • Importing data from flat text files
  • Simplified manual creation of ports
  • Copy/paste and drag and drop support for tree nodes, table view data, queries and tasks
  • mt:sort() custom XPath function for sorting data, such as findings, in TableView and reports
  • More sophisticated auto-creation of tree nodes. We now support netblocks in various formats (192.168.1.1/24, 192.168.1.0-192.168.1.255, 192.168.1.0/255.255.255.0), DNS names, IP addresses and URLs.
  • Search in output files panel
  • Creating cross-references by drag and drop
  • Better support for KDE and XFCE desktop environments on Linux. View in Browser and opening reports now works on both.


No comments:

Post a Comment