Post Syndicated from original https://www.darknet.org.uk/2023/05/padre-padding-oracle-attack-exploiter-tool/
padre is an advanced exploiter and Padding Oracle attack tool that can be deployed against CBC mode encryption.
Post Syndicated from original https://www.darknet.org.uk/2023/05/padre-padding-oracle-attack-exploiter-tool/
padre is an advanced exploiter and Padding Oracle attack tool that can be deployed against CBC mode encryption.
Post Syndicated from original https://www.darknet.org.uk/2023/03/datasurgeon-extract-sensitive-information-pii-from-logs/
DataSurgeon (ds) is a versatile tool designed to Extract Sensitive Information (PII) From Logs, it’s intended to be used for incident response, penetration testing, and CTF challenges.
Post Syndicated from original https://www.darknet.org.uk/2023/02/pwnagotchi-maximize-crackable-wpa-key-material-for-bettercap/
Pwnagotchi is an A2C-based “AI” leveraging bettercap that learns from its surrounding WiFi environment to maximize crackable WPA key material it captures
Post Syndicated from original https://www.darknet.org.uk/2022/04/socialscan-command-line-tool-to-check-for-email-and-social-media-username-usage/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms.
Other similar tools check username availability by requesting the profile page of the username in question and based on information like the HTTP status code or error text on the requested page, determine whether a username is already taken.
Post Syndicated from original https://www.darknet.org.uk/2022/01/credninja-test-credential-validity-of-dumped-credentials-or-hashes/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
At the core of it, you provide it with a list of credentials you have dumped (or hashes, it can pass-the-hash) and a list of systems on the domain (the author suggests scanning for port 445 first, or you can use “–scan”). It will tell you if the credentials you dumped are valid on the domain, and if you have local administrator access to a host.
Post Syndicated from original https://www.darknet.org.uk/2021/12/assetfinder-find-related-domains-and-subdomains/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more.
assetfinder uses a variety of sources including those in the infosec space and social networks which can give relevant info:
Sources to be implemented:
Usage of assetfinder to Find Related Domains and Subdomains
The usage is very simple with only one option basically, to limit the search to subdomains only – by default it will scan for all associated domains and subdomains.
Read the rest of assetfinder – Find Related Domains and Subdomains now! Only available at Darknet.
Post Syndicated from original https://www.darknet.org.uk/2021/08/karkinos-beginner-friendly-penetration-testing-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s.
Karkinos Beginner Friendly Penetration Testing Tool Features
How to Install Karkinos Beginner Friendly Penetration Testing Tool
Dependencies are:
Then:
Post Syndicated from original https://www.darknet.org.uk/2021/07/aclpwn-py-exploit-acl-based-privilege-escalation-paths-in-active-directory/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths.
It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path.
Features of Aclpwn.Py Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.Py currently has the following features:
Installation of Aclpwn.py ACL Based Privilege Escalation
Aclpwn.py is compatible with both Python 2.7 and 3.5+.
Post Syndicated from original https://www.darknet.org.uk/2020/12/zanti-android-wireless-hacking-tool-free-download/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using your mobile device for free download.
This easy to use mobile toolkit enables IT Security Administrators to simulate an advanced attacker to identify the malicious techniques they use in the wild to compromise the corporate network.
Features of zANTI Android Wireless Hacking Tool
This network auditor comes along with a rather simple interface compared to other solutions and running its tasks is pretty straightforward.
Read the rest of zANTI – Android Wireless Hacking Tool Free Download now! Only available at Darknet.
Post Syndicated from original https://www.darknet.org.uk/2020/11/helk-open-source-threat-hunting-platform/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack.
This project was developed primarily for research, but due to its flexible design and core components, it can be deployed in larger environments with the right configurations and scalable infrastructure.
Goals of HELK Open Source Threat Hunting Platform
Read the rest of HELK – Open Source Threat Hunting Platform now! Only available at Darknet.
Post Syndicated from original https://www.darknet.org.uk/2020/09/tko-subs-detect-takeover-subdomains-with-dead-dns-records/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services or to nothing at all or NS records that are mistyped.
What does tko-subs – Detect & Takeover Subdomains With Dead DNS Records Do?
This tool allows you:
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.