All posts by Darknet

LambdaGuard – AWS Lambda Serverless Security Scanner

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/10/lambdaguard-aws-lambda-serverless-security-scanner/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

LambdaGuard –  AWS Lambda Serverless Security Scanner

LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.

LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results.

Read the rest of LambdaGuard – AWS Lambda Serverless Security Scanner now! Only available at Darknet.

exe2powershell – Convert EXE to BAT Files

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/09/exe2powershell-convert-exe-to-bat-files/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

exe2powershell – Convert EXE to BAT Files

exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.

This will convert any binary file (*.exe) to a BAT file, the resulting BAT file contains only echo commands followed by a PowerShell command to re-create the original binary file.

This kind of tool can be useful during a pen-test when you want to trigger a shell without any upload feature.

Read the rest of exe2powershell – Convert EXE to BAT Files now! Only available at Darknet.

HiddenWall – Create Hidden Kernel Modules

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/09/hiddenwall-create-hidden-kernel-modules/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

HiddenWall – Create Hidden Kernel Modules

HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers. It supports custom rules with netfilter (block ports, hidden mode, rootkit functions etc).

The motivation is basically another layer of protection, much like a hidden firewall – setting securelevel to 2 on BSD would have a similar effect.

In a typical attack, the bad actor can alter your IPTables or UFW rules – with HiddenWall you still have another layer that can block external access because it hooks directly into netfilter from kernel land.

Read the rest of HiddenWall – Create Hidden Kernel Modules now! Only available at Darknet.

Anteater – CI/CD Security Gate Check Framework

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/08/anteater-ci-cd-security-gate-check-framework/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Anteater – CI/CD Security Gate Check Framework

Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of nominated strings, filenames, binaries, deprecated functions, staging environment code/credentials etc.

It’s main function is to block content based on regular expressions.

Anything that can be specified with regular expression syntax, can be sniffed out by Anteater. You tell Anteater exactly what you don’t want to get merged, and anteater looks after the rest.

How Anteater CI/CD Security Gate Check Framework Works

If Anteater finds something, it exits with a non-zero code which in turn fails the build of your CI tool, with the idea that it would prevent a pull request merging.

Read the rest of Anteater – CI/CD Security Gate Check Framework now! Only available at Darknet.

Stardox – Github Stargazers Information Gathering Tool

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/08/stardox-github-stargazers-information-gathering-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Stardox – Github Stargazers Information Gathering Tool

Stardox is a Python-based GitHub stargazers information gathering tool, it scrapes Github for information and displays them in a list tree view. It can be used for collecting information about your or someone else’s repository stargazers details.

GitHub allows visitors to star a repo to bookmark it for later perusal. Stars represent a casual interest in a repo, and when enough of them accumulate, it’s natural to wonder what’s driving interest.

Read the rest of Stardox – Github Stargazers Information Gathering Tool now! Only available at Darknet.

ZigDiggity – ZigBee Hacking Toolkit

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

ZigDiggity – ZigBee Hacking Toolkit

ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.

ZigBee continues to grow in popularity as a method for providing simple wireless communication between devices (i.e. low power/traffic, short distance), & can be found in a variety of consumer products that range from smart home automation to healthcare. Security concerns introduced by these systems are just as diverse and plentiful, underscoring a need for quality assessment tools.

Read the rest of ZigDiggity – ZigBee Hacking Toolkit now! Only available at Darknet.

RandIP – Network Mapper To Find Servers

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/07/randip-network-mapper-to-find-servers/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

RandIP – Network Mapper To Find Servers

RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.

RandIP – Network Mapper Features

  • HTTP and HTTPS enumeration
  • Python enumeration exploits
  • SSH enumeration exploits
  • Logger and error-code handler
  • SSH and Telnet Timeouts to prevent blocking
  • SSH Enumerations work in tandem

You can download RandIP here:

randip-master.zip

Or read more here.

Read the rest of RandIP – Network Mapper To Find Servers now! Only available at Darknet.

Nipe – Make Tor Default Gateway For Network

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/07/nipe-make-tor-default-gateway-for-network/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Nipe – Make Tor Default Gateway For Network

Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network through which you can surf the internet anonymously without having to worry about being tracked or traced back.

Tor enables users to surf the internet, chat and send instant messages anonymously, and is used by a wide variety of people for both licit and illicit purposes.

Read the rest of Nipe – Make Tor Default Gateway For Network now! Only available at Darknet.

Mosca – Manual Static Analysis Tool To Find Bugs

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/07/mosca-manual-static-analysis-tool-to-find-bugs/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Mosca – Manual Static Analysis Tool To Find Bugs

Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.

There are various ‘egg’ modules which contain patterns to scan for, it can scan through files recursively limited by file extension and logs results to an XML text file.

It’s also fairly easy to extend and add your own modules/eggs/languages.

Manual Static Analysis Tool Language Support

Languages it can scan for vulnerabilities are:

  • ASP
  • C
  • C#
  • Java
  • JavaScript
  • PHP
  • Ruby
  • Swift

You can download Mosca here:

Mosca-master.zip

Or read more here.

Read the rest of Mosca – Manual Static Analysis Tool To Find Bugs now! Only available at Darknet.

Slurp – Amazon AWS S3 Bucket Enumerator

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/07/slurp-amazon-aws-s3-bucket-enumerator/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Slurp – Amazon AWS S3 Bucket Enumerator

Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan from an external perspective or an AWS API to scan internally.

There are two modes that this tool operates at; blackbox and whitebox mode. Whitebox mode (or internal) is significantly faster than blackbox (external) mode.

Blackbox (external)

In this mode, you are using the permutations list to conduct scans.

Read the rest of Slurp – Amazon AWS S3 Bucket Enumerator now! Only available at Darknet.

US Government Cyber Security Still Inadequate

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/06/us-government-cyber-security-still-inadequate/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

US Government Cyber Security Still Inadequate

Surprise, surprise, surprise – an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.

US Government security has often been called into question but we’d hope in 2019 it would have gotten better and at least everyone would have adopted the anti-virus solution introduced in 2013..

A committee report (PDF) examining a decade of internal audits this week concluded that outdated systems, unpatched software, and weak data protection are so widespread that it’s clear American bureaucrats fail to meet even basic security requirements.

Read the rest of US Government Cyber Security Still Inadequate now! Only available at Darknet.

BloodHound – Hacking Active Directory Trust Relationships

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/06/bloodhound-hacking-active-directory-trust-relationships/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

BloodHound – Hacking Active Directory Trust Relationships

BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.

Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use it to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.

Read the rest of BloodHound – Hacking Active Directory Trust Relationships now! Only available at Darknet.

SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/04/seclists-usernames-passwords-urls-sensitive-data-patterns-fuzzing-payloads-web-shells/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.

List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

Contents of SecLists

Each section has tonnes of content including the below:

  • Discovery lists (DNS, SNMP, Web content)
  • Fuzzing Payloads (Databases, LFI, SQLi, XSS)
  • Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
  • Data Pattern lists
  • Payload files (Zip bombs, flash, images)
  • Username lists (Honeypot captures)
  • Web shells

Install SecLists

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& unzip SecList.zip \
&& rm -f SecList.zip

Git (Small)

git clone –depth 1 https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone [email protected]:danielmiessler/SecLists.git

You can access all the lists here:

https://github.com/danielmiessler/SecLists

Read the rest of SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells now! Only available at Darknet.

DeepSound – Audio Steganography Tool

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/03/deepsound-audio-steganography-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

DeepSound – Audio Steganography Tool

DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract secret files directly from audio files or audio CD tracks.

This audio steganography tool can be used as copyright marking software for wave, flac, wma, ape, and audio CD.

DeepSound also support encrypting secret files using AES-256(Advanced Encryption Standard) to improve data protection. The application additionally contains an easy to use Audio Converter Module that can encode several audio formats (FLAC, MP3, WMA, WAV, APE) to others (FLAC, MP3, WAV, APE).

Read the rest of DeepSound – Audio Steganography Tool now! Only available at Darknet.

What are the MOST Critical Web Vulnerabilities in 2019?

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/02/what-are-the-most-critical-web-vulnerabilities-in-2019/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

What are the MOST Critical Web Vulnerabilities in 2019?

So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?

Well luckily for you Acunetix compiles an annual web application vulnerability report which is a fairly hefty piece of analysis on data gathered from the previous year. This is compiled from the automated web and network perimeter scans run on the Acunetix Online platform, over a 12 month period, across more than 10,000 scan targets.

Read the rest of What are the MOST Critical Web Vulnerabilities in 2019? now! Only available at Darknet.

GoBuster – Directory/File & DNS Busting Tool in Go

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/02/gobuster-directory-file-dns-busting-tool-in-go/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

GoBuster – Directory/File & DNS Busting Tool in Go

GoBuster is a Go-based tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (with wildcard support) – essentially a directory/file & DNS busting tool.

The author built YET ANOTHER directory and DNS brute forcing tool because he wanted..

  • … something that didn’t have a fat Java GUI (console FTW).
  • … to build something that just worked on the command line.
  • … something that did not do recursive brute force.

Read the rest of GoBuster – Directory/File & DNS Busting Tool in Go now! Only available at Darknet.

BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/02/bdfproxy-patch-binaries-via-mitm-backdoorfactory-mitmproxy/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy

BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity.

The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that can catch HTTP, change traffic on the fly, replay traffic, decode and render primitive data types – gives you BDFProxy.

Read the rest of BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy now! Only available at Darknet.

Domained – Multi Tool Subdomain Enumeration

Post Syndicated from Darknet original https://www.darknet.org.uk/2019/01/domained-multi-tool-subdomain-enumeration/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Domained – Multi Tool Subdomain Enumeration

Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting.

This produces categorized screenshots, server response headers and signature based default credential checking. It is written in Python heavily leveraging Recon-ng.

Domains Subdomain Enumeration Tools Leveraged

Subdomain Enumeraton Tools:

  • Sublist3r
  • enumall
  • Knock
  • Subbrute
  • massdns
  • Recon-ng
  • Amass
  • SubFinder

Reporting + Wordlists:

  • EyeWitness
  • SecList (DNS Recon List)
  • LevelUp All.txt Subdomain List

Domained Subdomain Enumeration Tool Usage

–install/–upgrade Both do the same function – install all prerequisite tools
–vpn Check if you are on VPN (update with your provider)
–quick Use ONLY Amass and SubFinder
–bruteall Bruteforce with JHaddix All.txt List instead of SecList
–fresh Delete old data from output folder
–notify Send Pushover or Gmail Notifications
–active EyeWitness Active Scan
–noeyewitness No Eyewitness
-d The domain you want to preform recon on
-b Bruteforce with subbrute/massdns and SecList wordlist
-s n Only HTTPs domains
-p Add port 8080 for HTTP and 8443 for HTTPS

Subdomain Enumeration Examples

First Steps are to install required Python modules and tools:

sudo pip install -r ./ext/requirements.txt
sudo python domained.py –install

Example 1 – Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)

python domained.py -d example.com

Example 2: – Uses subdomain example.com with seclist subdomain list bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN

python domained.py -d example.com -b -p –vpn

Example 3: – Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)

python domained.py -d example.com -b –bruteall

Example 4: – Uses subdomain example.com and only Amass and SubFinder

python domained.py -d example.com –quick

Example 5: – Uses subdomain example.com, only Amass and SubFinder and notification

python domained.py -d example.com –quick –notify

Example 6: – Uses subdomain example.com with no EyeWitness

python domained.py -d example.com –noeyewitness

Note: –bruteall must be used with the -b flag

You can download Domained here:

domained-master.zip

Or read more here.

Read the rest of Domained – Multi Tool Subdomain Enumeration now! Only available at Darknet.

Acunetix Vulnerability Scanner For Linux Now Available

Post Syndicated from Darknet original https://www.darknet.org.uk/2018/12/acunetix-vulnerability-scanner-for-linux-now-available/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Acunetix Vulnerability Scanner For Linux Now Available

Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.

Following extensive customer research, it became clear to us that a number of customers and security community professionals preferred to run on Linux. Tech professionals have long chosen Linux for their servers and computers due to its robust security. However, in recent years, this open source operating system has become much more user-friendly.

Read the rest of Acunetix Vulnerability Scanner For Linux Now Available now! Only available at Darknet.

Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI

Post Syndicated from Darknet original https://www.darknet.org.uk/2018/12/gerix-wifi-cracker-wireless-802-11-hacking-tool-with-gui/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI

Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).

To get it up and running make sure you do:

apt-get install qt4-dev-tools

Running Gerix Wireless 802.11 Hacking Tool

$ python gerix.py

You can download Gerix here:

gerix-wifi-cracker-master.zip

Or read more here.

Read the rest of Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI now! Only available at Darknet.