Zeus is a advanced dork searching tool that is capable of bypassing search engine API calls, search engine captchas, and IP address blocking from sending many requests to the search engine itself. Zeus can use three different search engines to do the search (default is Google). Zeus has a powerful built in engine, automates a […]
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu (but will probably work on other distributions as well). It uses […]
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) […]
A BLE scanner for “smart” devices hacking based on the bluepy library, dead easy to use because retarded devices should be dead easy to hack. How to Install Install bluepy from source: git clone https://github.com/IanHarvey/bluepy.git cd bluepy python setup.py build sudo python setup.py install Then install bleah: git clone https://github.com/evilsocket/bleah.git cd bleah python setup.py build sudo python setup.py […]
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit VPN Gate auto-grabber Greetz shouts to sh3llg0d, an0n_l1t3, daemochi, akatz!!!! Overview Bluetooth scanner for blueborne-vulnerable devices, Android only for the moment Quickstart git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne-scanner sudo chmod +x ./bluebornescan.py pip install -r ./requirements.txt ./bluebornescan.py Breakdown Scans for local bluetooth devices Looks […]
Lenovo has settled charges with the FTC and 32 state attorneys for shipping laptops preinstalled with the Superfish adware back in 2014 and 2015. According to a decision published on the FTC’s website, the Chinese hardware vendor has dodged crippling financial penalties. Instead, the FTC has “prohibited” Lenovo from “misrepresenting any features” in case it […]
Wapiti is an open source command-line application that you can use to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scan the webpages of the deployed web app, looking for scripts and forms where it can inject data. Once it […]
Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.3+. Description SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers. […]
Synopsis Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application’s behavior during the scan process and is able to perform meta-analysis using a number of factors in order to […]
German Firm Siemens will Update PET Scanner Software as DHS Issues Security Threat to Machines. Cyber-attacks on medical equipment are intensifying every passing day. The latest to join the list of unsecured medical equipment is the Positron Emission Tomography scanners or PET scanners manufactured by the Munich based company Siemens. These scanners require Microsoft Windows […]
Atscan is a Perl script for finding vulnerabilities in servers and sites, as well as a dork scanner. The tool contains the following ● Search engine Google / Bing / Ask / Yandex / Sogou ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random […]
Let’s go over some basics to start off – a port is a place where information is transferred in and out of a computer. A port scanner is a software application intended to analyze a server or host for open ports. Most commonly, port scanners are used by IT professionals in order to validate the […]
A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source penetration testing tool. Discovered by security researchers from Recorded Future on an underground hacking forum, the tool was put together by a Russian-speaking criminal and […]
Acunetix Vulnerability Scanner uses automated tools to detect security vulnerabilities that affect a given system or application. Acunetix Vulnerability Scanner typically works fingerprinting a target operating system (ie, recognizing the type and version), and services running. Once you have taken the fingerprints from your target operating system, use the vulnerability scan tool to run specific […]
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator Subdomain Finder Reverse IP Scanner CMS detection For Sites On the same server. […]
Scan Web Servers For Vulnerabilities Using Nikto Kali Linux Scan Web Servers with Nikto Welcome back today we will be talking a little about web vulnerabilities and how we can scan for vulnerabilities in web servers using Nikto. Before attacking a website its vital to do reconnaissance on the target website this helps us gather […]
Diane Greene, the founder of VMware Inc. and the board member at Google revealed that Google will now stop analyzing user’s personal emails for targeted advertising purposes. Gmail As you may know, Gmail users encounter a number of ads based on the content of their emails. That is, the company uses algorithms to monitor the […]
It’s been said a million times before: security scanning tools are a necessity for pen-testing, information gathering, and sometimes general computer use. When fulfilled, a security scanner can give you a head start on upgrading your security applications. For Linux based users, the installation is simple: (sudo) dpkg –install Nessus-4.4.1-debian5_i386.deb (example version – check for […]
Among all security scanners, the w3af facility offers the best interface is easy to use with the maximum strong application. W3af official website explains its operation as follows: “[W3af] is the web application attack and audit framework.The goal of the project is to create a framework to help protect your web applications by finding and […]
Automatic SQL injection with Charles and sqlmap api Download SQLiScanner (Credits 0xbug) – http://0r1.me/SQLiScanner/ Github: https://github.com/0xbug/SQLiScanner Installation Preferably, you can download SQLiScanner by cloning the Git repository: git clone https://github.com/0xbug/SQLiScanner.git –depth 1 You can download sqlmap by cloning the Git repository: git clone https://github.com/sqlmapproject/sqlmap.git –depth 1 SQLiScanner works with Python version 3.x on Linux and […]
After the breach of HSBC’s voice-recognition system, Samsung Galaxy S8 has been the next target with its iris scanner that has been claimed to be superior to the traditional password system to access one’s digital devices. Chaos Computer Club proves that the iris scanner is no good: a group of hackers at the Chaos Computer Club […]