Tag Archives: Network Hacking

SAML Raider – SAML2 Security Testing Burp Extension

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/uIEtvAVuRck/

SAML Raider is a Burp Suite extension for SAML2 security testing, it contains two core functionalities – Manipulating SAML Messages and managing X.509 certificates. The extension is divided into two parts, a SAML message editor and a certificate management tool. Features Message Editor Features of the SAML Raider message editor: Sign SAML Messages…

Read the full post at darknet.org.uk

Bluto – DNS Recon, Zone Transfer & Brute Forcer

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/RSRUMWtgLQA/

Bluto is a Python-based tool for DNS recon, DNS zone transfer testing, DNS wild card checks, DNS brute forcing, e-mail enumeration and more. The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them […]

The…

Read the full post at darknet.org.uk

T50 – The Fastest Mixed Packet Injector Tool

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/B2WjV8EI9MA/

T50 (f.k.a. F22 Raptor) is a high performance mixed packet injector tool designed to perform Stress Testing. The concept started on 2001, right after release ‘nb-isakmp.c‘, and the main goal was to have a tool to perform TCP/IP protocol fuzzing, covering common regular protocols, such as: ICMP, TCP and UDP. Why Stress Testing? Why Stress…

Read the full post at darknet.org.uk

PenTools – Penetration Testing Tools Bundle

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/LSfV9g_sP6g/

PenTools is a bundle of Python and Bash penetration testing tools for the recon and information gathering stage of a PT or VA. They are fairly simple scripts but might be interesting if you are new and want to see how some things are done, or how things can be automated using Python or Bash. […]

The post PenTools – Penetration Testing…

Read the full post at darknet.org.uk

EtherApe – Graphical Network Monitor

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/DxSK15EgI5k/

EtherApe is a graphical network monitor for Unix modelled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Colour coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN devices, plus several encapsulation formats. It can…

Read the full post at darknet.org.uk

evilscan – Massive IP Port Scanner

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/iEwo-IRviGI/

evilscan is a Node.js based massive IP Port scanner designed for concurrency, speed and scanning large ranges of IP addresses. Features Individual IP or IP range scan Individual port, ports list, or port range Banner grabbing (not fully implemented, works with verbose ports only) IAC negotiation Reverse dns Geolocation information Shell or…

Read the full post at darknet.org.uk

Sn1per – Penetration Testing Automation Scanner

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/7u7rGmLhYJc/

Sn1per is a penetration testing automation scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning…

Read the full post at darknet.org.uk

Pybelt – The Hackers Tool Belt

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/Pu7iNhjZuJ0/

Pybelt is a Python-based hackers tool belt capable of cracking hashes without prior knowledge of the algorithm, scanning ports on a given host, searching for SQLi vulnerabilities in a given URL, verifying that your Google dorks work like they should, verifying the algorithm of a given hash, scanning a URL for XSS vulnerability, and finding…

Read the full post at darknet.org.uk

scanless – A Public Port Scan Scraper

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/BzB9c8HkhZo/

scanless is a Python-based command-line utility that functions as a public port scan scraper, it can use websites that can perform port scans on your behalf. This is useful for early stages of penetration tests when you’d like to run a port scan on a host without having it originate from your IP address. Public […]

The post scanless –…

Read the full post at darknet.org.uk

Ubertooth – Open Source Bluetooth Sniffer

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/8fG834VW8HA/

Ubertooth is an open source Bluetooth sniffer and is essentially a development platform for Bluetooth experimentation. It runs best as a native Linux install and should work fine from within a VM. Ubertooth ships with a capable BLE (Bluetooth Smart) sniffer and can sniff some data from Basic Rate (BR) Bluetooth Classic connections. Features The…

Read the full post at darknet.org.uk

Angry IP Scanner – Fast Network Scanner

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/lri5HnQceOg/

Angry IP scanner is a very easy to use, fast network scanner – basically a cross-platform IP address and port scanner. It can scan IP addresses in any range as well as any their ports, it’s also very lightweight and doesn’t require any installation, it can be freely copied and used anywhere. Angry IP scanner […]

The post Angry IP Scanner…

Read the full post at darknet.org.uk

Termineter – Smart Meter Security Testing Framework

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/zZEoeAaVBJI/

Termineter is a Python Smart Meter Security Testing framework which allows authorised individuals to test Smart Meters for vulnerabilities such as energy consumption fraud, network hijacking, and more. Many of these vulnerabilities have been highlighted by the media and advisories have been sent out by law enforcement agencies. The goal of a…

Read the full post at darknet.org.uk

crackle – Crack Bluetooth Smart Encryption (BLE)

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/zIaG6r8gh6g/

crackle is a tool to crack Bluetooth Smart Encryption (BLE), it exploits a flaw in the pairing mechanism that leaves all communications vulnerable to decryption by passive eavesdroppers. crackle can guess or very quickly brute force the TK (temporary key) used in the pairing modes supported by most devices (Just Works and 6-digit PIN). With…

Read the full post at darknet.org.uk

160,000 Network Printers Hacked

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/UDyj8J_Rqfw/

It’s a pretty simple hack (in a rather grey-hat fashion), but it’s getting a LOT of media coverage and 160,000 network printers hacked just goes to show once again the whole Internet of Things chapter we are entering is pretty scary. Definitely a neat hack tho, utilising the mass scanning power of Zmap and scanning […]

The post 160,000…

Read the full post at darknet.org.uk

Webbies Toolkit – Web Recon & Enumeration Tools

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/JDuw9qqgUfo/

Webbies Toolkit is a pair of tools that enable asynchronous web recon & enumeration including SSL detection, banner grabbing and presence of login forms. Webbies Features Respects scope (including redirects) Uses same DNS resolver for enumeration and retrieval by patching aiohttp TCPConnector Cached DNS requests by wrapping aiodns SSLContext…

Read the full post at darknet.org.uk

Barnyard2 – Dedicated Spooler for Snort Output

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/fMWXH8xpXCo/

Barnyard2 is an open source dedicated spooler for Snort output as unified2 binary output files. Its primary use is allowing Snort to write to disk in an efficient manner and leaving the task of parsing binary data into various formats to a separate process that will not cause Snort to miss network traffic. How it […]

The post Barnyard2…

Read the full post at darknet.org.uk

dns2proxy – Offensive DNS server

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/cF8_oQY_q14/

dns2proxy is an offensive DNS server that offers various features for post-exploitation once you’ve changed the DNS server of a victim. It’s very frequently used in combination with sslstrip. Features Traditional DNS Spoofing Implements DNS Spoofing via Forwarding Detects and corrects changes for sslstrip to work Usage Using the spoof.cfg config…

Read the full post at darknet.org.uk

icmpsh – Simple ICMP Reverse Shell

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/Egcguwc_5H0/

icmpsh is a simple ICMP reverse shell with a win32 slave and a POSIX-compatible master in C, Perl or Python. The main advantage over the other similar open source tools is that it does not require administrative privileges to run onto the target machine. The tool is clean, easy and portable. The slave (client) runs […]

The post icmpsh…

Read the full post at darknet.org.uk

ZGrab – Application Layer Scanner For ZMap

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/YWIKZO37ygQ/

ZGrab is a Go-based application layer scanner that operates with ZMap and supports multiple protocols and services including TLS, IMAP, SMTP, POP3 etc. It also stores TLS version and can detect Heartbleed. Building You will need to have a valid $GOPATH set up, for more information about $GOPATH, see https://golang.org/doc/code.html. Once you have…

Read the full post at darknet.org.uk

Fluxion – Automated EvilAP Attack Tool

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/9T4e6Vl_EoI/

Fluxion is an automated EvilAP attack tool for carrying out MiTM attacks on WPA Wireless networks written in a mix of Bash and Python. Fluxion is heavily based off Linset the Evil Twin Attack Bash Script, with some improvements and bug-fixes. How it Works Scan the networks. Capture a handshake (can’t be used without a […]

The post Fluxion…

Read the full post at darknet.org.uk