Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com What is the simple email recon tool? This tool was based off the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but […]
Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source, self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script, D0xk1t is now fully capable of conducting reconnaissance and penetration testing for security researchers who need a framework without the head-scratching. There is no server […]
Digging up information on a business or individual is an extremely important part of information gathering. There are many programs and tools that can provide you with detailed reports on desired networks/businesses. The one discussed in this article is a program called Maltego. By digging up data from all visibly available sectors of the internet, […]
RecuperaBit, is a open source software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS format. It attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format The tool automatically determines the sectors from which partitions start. It does not modify the disk […]
Attackers are adding unauthorized code at the top of infected websites, over 3,500 8sites already infected. Alarms are ringing in Symantec’s offices, as its research team has discovered a massive Web injection campaign that’s currently infecting Web servers around the Internet. According to telemetry data received from Symantec security products, the company’s staff has identified […]
As all of you know, reconnaissance is critical to being successful in a pentest or hack. Recon is where we gather all the information we need to determine the best strategy for hacking. Without good recon, we are likely to waste many hours and be unsuccessful. Professional hackers know that good recon is key to […]
Often we come across times where binary reconstruction while analyzing malware / unpacking malware is required . Taking leverage of automated tools is not always useful, sometimes manual reconstruction is required. In this blog we will cover up manual and automated binary reconstruction . Reconstructing IAT from stolen API code This technique is used to […]
Since the official public launch of Microsoft’s new operating system Windows 10 and the announcement of the company’s revised all-in-one privacy policy, allegations against the privacy settings of Windows 10 and the user data being unwantedly spied by Microsoft have been levelled all over the Internet. The scale of finger-pointing at Microsoft have ultimately forced them to reconsider their privacy […]
Even after almost a year, Facebook apparently has failed to fix a bug that lets attackers hijack accounts on sites that leverage Facebook login such as Mashable, Bit.ly, About.me Vimeo, Angel.co and Stumbleupon etc., reveal Sakurity.com’s blog post. Egor Homakov, the author of the post, identified that “this bug abuses triple-CSRFs at once: CSRF on […]