Browsing tag
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Read more on thewhiteh4t’s Blog .Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will […]
A simple CORS misconfiguration scannerBased on the research of James KettleCORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin […]
The data breach that hit Desjardins last June continues to have consequences. According to digital forensics specialists, the Canadian credit union fired its chief operating officer (COO) and vice president of technology for their relationship with the incident that led to the exposure of data from more than 4 million members. In addition to affecting […]
A Dutch politician could be living his last days at large, as he is facing a sentence of up to three years in prison for a hacking scandal. According to information security specialists, the politician aspiring faces charges for having compromised hundreds of iCloud accounts. Mitchel Van der K, a marketing worker nominated for the […]
Web application security researchers at security firm Qualys Research Labs have reported multiple vulnerabilities in the OpenBSD operating system authentication system. The OpenBSD developer team has already confirmed the existence of the flaws, and some fixes were also revealed within 48 hours of recognition. In total, researchers found four vulnerabilities that have already been identified […]
Just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null terminated) registry key. This works by adding a null byte in front of the UNICODE_STRING key valuename.More info about this technique can be found in the following whitepaper: https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdfThe tool uses the following registry path in which […]
CodeCat is a open source tool to help you in codereview, to find/track sinks and this points follow regex rules…How too install, step by step: Go to CodeCat directory, install backend and frontend libs: $ cd Front$ sudo python3 -m pip install -r requirements.txt$ cd ..$ cd Backend$ sudo python3 -m pip install -r requirements.txt […]
HackerOne is one of the most important vulnerability reporting platforms, so it has access to large amounts of information, although sometimes that information can be exposed. According to ethical hacking specialists, the platform had to pay more than $20k USD after mistakenly handing over improper access to an external actor, as per a report published […]
According to web application security specialists, a recently patched vulnerability in Microsoft login system could have been exploited to trick some users into granting hackers full access to their online accounts. Thanks to the presence of this vulnerability, threat actors were able to inadvertently extract access tokens, so they could access victims’ accounts without having […]
Data protection specialists from security firm vpnMentor reported the detection of a data breach on a Romanian web platform, owned by tobacco company British American Tobacco; headquartered in the UK, this is one of the world’s largest manufacturers of tobacco and nicotine-based products. The vpnMentor research team, led by renowned expert Noam Rotem, found the […]
A small linux information collection script is mainly used for emergency response. It can be used under Debian or Centos.Features CPU TOP10, memory TOP10 CPU usage boot time Hard disk space information User information, passwd information Environmental variable detection Service list System program changes (debsums -e and rpm -va) Network traffic statistics Network connection, listening […]
Burp Suite extension to discover a apikey/tokens from HTTP response. Install download SecretFinder wget https://raw.githubusercontent.com/m4ll0k/BurpSuite-Secret_Finder/master/SecretFinder.pyorgit clone https://github.com/m4ll0k/BurpSuite-Secret_Finder.git now open Burp > Extender > Extensions > Add > set python and select file (SecretFinder.py) Requirements jython burpsuite Download BurpSuite-Secret_Finder
aSYNcrone is a SYN Flood DDoS Attack Tool!Usage: git clone https://github.com/fatih4842/aSYNcrone.gitcd aSYNcronegcc aSYNcrone.c -o aSYNcrone./aSYNcrone <source IP> <source port> <destination IP> <destination port> Download aSYNcrone
Nessus XML Praser Requirements Python3 Django Tested on Ubuntu 18.04 What it does Vulnerability based parsing Service based parsing Host bases parsing Unsupported OS parsing Generate Executive Summary of scan Export parsed .nessus(s) to JSON file(s) Import JSON file in Nessus_Map How it works Create XML directory in Nessus_Map home directory and place all .nessus […]
Sooty is a tool developed with the task of aiding SOC analysts with automating part of their workflow. One of the goals of Sooty is to perform as much of the routines checks as possible, allowing the analyst more time to spend on deeper analysis within the same time-frame.Sooty is now proudly supported by Tines.io! […]
CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware. This allows CAPE to detect malware based on payload signatures, as well as automating many of the goals of malware reverse engineering and threat intelligence.There […]
ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! The development of ANDRAX began on 08/09/2016 (DD/MM/YYYY) only for people in BrazilANDRAX has been fully redefined and reloaded on 05/10/2018 (DD/MM/YYYY) open to […]
Documentationhttps://docs.rs/goblin/changelog UsageGoblin requires rustc 1.31.1.Add to your Cargo.toml [dependencies]goblin = “0.1” Features awesome crate name zero-copy, cross-platform, endian-aware, ELF64/32 implementation – wow! zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o parser – zoiks! PE 32/64-bit parser – bing! a Unix and BSD style archive parser (latter courtesy of @willglynn) – huzzah! many cfg options – it will […]
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments. Quick reference Where to get help: the Pacu/CloudGoat/CCAT Community Slack, or Stack Overflow Where to file issues: https://github.com/RhinoSecurityLabs/ccat/issues Maintained by: the Rhino Assessment Team Requirements Python 3.5+ is required. Docker is required. Note: CCAT is tested with Docker Engine 19.03.1 version. […]
Subdomain3 is a new generation of tool , It helps penetration testers to discover more information in a shorter time than other tools.The information includes subdomains, IP, CDN, and so on. Please enjoy it.Features More quick Three patterns for speed. User can modify the configuration(lib/config.py) file to speed-up. CDN support Determines whether the subdomain uses […]
The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation (JSON) files for easy consumption. The pre-recorded data is categorized by platforms, adversary groups, tactics and techniques defined by the Mitre ATT&CK Framework. The pre-recorded data represents not only specific known malicious events but additional context/events […]