The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. “Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks,” SentinelOne researchers Aleksandar Milenkoski and Tom Hegel […]
Kimsuky is an advanced persistent threat (APT) organization that originates in North Korea and has a lengthy history of launching targeted attacks all around the globe. According to what is currently known about the organization, they have been mainly tasked with conducting information gathering and espionage activities in behalf of the North Korean government from […]
A BazarLoader Windows malware campaign has been detected recently by the security firm, Unit42 of Plaalto Networks that was hosting one of their malicious files on Microsoft’s OneDrive service. This BazarLoader Windows malware enables the threat actors backdoor access and network reconnaissance. After the revelation of this incident, a former senior threat intelligence analyst of […]
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation. Reconnaissance is the most important step in any penetration testing or a bug hunting process. It provides an attacker with some preliminary knowledge on the target organisation. Furthermore, it […]
Pown Recon Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between… The post pown-recon v2.67.3 releases: A powerful target reconnaissance framework appeared first on Penetration Testing.
Final Recon is a useful tool for gathering data about a target from open source resources, the tool is written in Python3. Installation steps It is really easy to install the tool from the official github link: https://github.com/thewhiteh4t/FinalRecon/blob/master/finalrecon.py There are also a few non standard python3 libraries required for the tool to What does it […]
Peasant Peasant is a LinkedIn reconnaissance utility written in Python3 that functions much like LinkedInt by @vysecurity. It authenticates to LinkedIn and uses the API to perform several tasks. Profile information harvesting Automated connection requests Profile spoofing, i.e. update your profile with the content of another The output from profile harvesting is provided in CSV format for simple […]
Kamerka-GUI Ultimate Internet of Things/Industrial Control Systems reconnaissance tool The main purpose of the ICS module of ꓘamerka is to map attack surfaces, in terms of Industrial Control Devices, for any country. Most used… The post Kamerka-GUI: Ultimate IoT/Industrial Control Systems reconnaissance tool appeared first on Penetration Testing. Share this: Tweet Share on Tumblr Telegram
Introduction Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable. Use Case: Gather as many public facing servers that a target organization possesses. Querying DNS resources […]
Attack Surface Mapper is a reconaissaince tool that uses a mixture of open source intelligence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and […]
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP). It may also be useful in real-world engagements. The tool works by firstly performing port scans / service detection scans. From those initial results, […]
Buster is an advanced OSINT tool used to: Get social accounts from various sources(gravatar,about.me,myspace,skype,github,linkedin,previous breaches) Get links to where the email was found using google,twitter,darksearch and paste sites Get breaches of an email Get domains registered with an email (reverse whois) Generate possible emails and usernames of a person Find the email of a social […]
Osmedeus allows you to run a collection of tools to simplify the reconnaissance and vulnerability scanning phase against the target. Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and […]
Osmedeus is a fully automated tool that allows you to run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage. ./osmedeus.py -t example.com Installation in detail For Kali Linux […]
Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms also help with diffing, searching, like finding the shortest […]
MALTEGO INTRO:- According to ethical hacking courses, Maltego is a tool used in information gathering. This tool is developed and maintained by paterva. This tool is widely used by pentester. Using Maltego will allow you to reconnaissance on the target, mention ethical hacking investigators. Maltego is the cross-platform application available in linux as well as […]
One of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather basic information such as country, area, carrier and line type on any international phone numbers with a very good accuracy. Then try to determine the VoIP provider or search for footprints on search engines to […]
SpiderFoot is an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN or person’s name. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about […]
Recon-ng is a reconnaissance framework that can perform open source web based information gathering for a given target. Recon-ng is loaded with different type of modules, such as reconnaissance, reporting, import, discovery, and exploitation modules. The type of information that can be gathered with these modules include contacts, credentials, social media profiles, and handful of […]
BadKarma is a GUI based network reconnaissance tool that can gather useful network information at any stage of the penetration testing process. The tool is loaded with some top level reconnaissance and active scanning modules, such as nmap, masscan, shodan, searchsploit, metasploit, dnsrecon, dnsenum, and Whois information resource. The user can select any of these […]
Reconnaissance Swiss Army Knife Main Features Wizard + CLA interface Can extracts targets from STDIN (piped input) and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys: Uses censys.io to gather massive amount of information about an IP address. NS Lookup: Does name server […]