PRINT
PRINT
SEND MAIL
SEND MAIL
Windows10

Black Window 10 v2 (codename: Polemos)

by D4RkN

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and…

Read More Black Window 10 v2 (codename: Polemos)
Debian

Cerberus Linux v3

by D4RkN

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Read More Cerberus Linux v3
Windows Hacking

Black Window 10 Enterprise

by D4RkN

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Read More Black Window 10 Enterprise
Debian

Cerberus Linux v3

by D4RkN

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Read More Cerberus Linux v3
Windows Hacking

Black Window 10 Enterprise

by D4RkN

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Read More Black Window 10 Enterprise
AcunetixAcunetix OnlineAcunetix Online Vulnerability ScannerAcunetix Web Vulnerability ScannerNEW TOOLS

Acunetix Vulnerability Scanner Version For Linux

by Black Hat Sec

Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix for Linux. Known to be reliable, cost-effective and secure, Linux is the server operating system of choice for many large organizations including Facebook, Twitter, and Google. Acunetix is one of the first commercial, automated web vulnerability scanners to be released for Linux.“Following extensive customer research, it became clear to us that a number of customers and security community professionals preferred to run on Linux. Tech professionals have long chosen…

Read More Acunetix Vulnerability Scanner Version For Linux
CTF ChallengesTUTORIALS

Hack the Box: Jerry Walkthrough

by Black Hat Sec

Hello CTF Crackers!! Today we are going to capture the flag on a Challenge named as “Jerry” which is available online for those who want to increase their skill in penetration testing and black box testing. Jerry is a retired vulnerable lab presented by ‘Hack the Box’ for making online penetration practices according to your experience level; they have the collection of vulnerable labs as challenges from beginners to expert level. Level: Easy Flags: There are two flags. (user.txt & root.txt) IP Address: 10.10.10.95…

Read More Hack the Box: Jerry Walkthrough
Auditing SSHBrute-forceNEW TOOLSScanSSHSSH Auditorssh securitySSH server

SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

by Black Hat Sec

The Best Way To Scan For Weak Ssh Passwords On Your NetworkFeaturesssh-auditor will automatically:Re-check all known hosts as new credentials are added. It will only check the new credentials.Queue a full credential scan on any new host discovered.Queue a full credential scan on any known host whose ssh version or key fingerprint changes.Attempt command execution as well as attempt to tunnel a TCP connection.Re-check each credential using a per credential scan_interval - default 14 days.It's designed so that you can run ssh-auditor discover +…

Read More SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network
Brute-forceFingerprintingHASSHNEW TOOLSSSHSSH ClientSSH HoneypotSSH server

HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations

by Black Hat Sec

"HASSH" is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.What can HASSH help with:Use in highly controlled, well understood environments, where any fingerprints outside of a known good set are alertable.It is possible to detect, control and investigate brute force or Cred Stuffing password attempts at a higher level of granularity than IP Source - which may be impacted by…

Read More HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations
Hacking Toolspenetration testingTUTORIALS

Comprehensive Guide on Cewl Tool

by Black Hat Sec

Hello Friends!! In this article we are focusing on Generating Wordlist using Kali Linux tool Cewl and learn more about its available options. Table of Content Introduction to Cewl Default Method Save Wordlist in a file Generating Wordlist of Specific Length Retrieving Emails from a Website Count the number of Word Repeated in a website Increase the Depth to Spider Extra Debug Information Verbose Mode Generating Alpha-Numeric Cewl with Digest/Basic Authentication Proxy URL Introduction to Cewl CeWL is a ruby app which spiders a…

Read More Comprehensive Guide on Cewl Tool
AWSAWS SecurityBackdooringNEW TOOLSPacupenetration testingPython3ReportingRhinoWeb Services

Pacu – The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

by Black Hat Sec

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.InstallationPacu is a fairly lightweight program, as it requires only Python3.5+ and pip3 to install a handful of Python libraries. Running…

Read More Pacu – The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments
GoNEW TOOLSPastebinPastego.Scraper

Pastego – Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)

by Black Hat Sec

Scrape/Parse Pastebin using GO and grammar expression (PEG).Installation$ go get -u github.com/edoz90/pastegoUsageSearch keywords are case sensitivepastego -s "password,keygen,PASSWORD"You can use boolean operators to reduce false positivepastego -s "quake && ~earthquake, password && ~(php || sudo || Linux || '<body>')"This command will search for bins with quake but not earthquake words and for bins with password but not php, sudo, Linux, <body> words.usage: pastego [<flags>]Flags: --help Show context-sensitive help (also try --help-long and --help-man). -s, --search="pass" Strings to search, i.e: "password,ssh" -o, --output="results" Folder to…

Read More Pastego – Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)
penetration testingTUTORIALS

Socks Proxy Penetration Lab Setup using Microsocks

by Black Hat Sec

Hello friends!! In our previous article we have disccuss “Web Proxy Penetration Lab Setup Testing using Squid” and today’s article we are going to setup SOCKS Proxy to use it as a Proxy Server on Ubuntu/Debian machines and will try to penetrate it. Table of Content Intoduction to proxy What is socks proxy Difference Between Socks proxy and HTTP Proxy Socks proxy Installation Web Proxy Penetration Testing SSH Proxy Penetration Testing FTP Proxy Penetration Testing Intoduction to Proxy A proxy is a computer system…

Read More Socks Proxy Penetration Lab Setup using Microsocks
CensysCloudBunnyNEW TOOLSPentestPentest ToolsSearch EnginesShodanToolWAFZoomeye

CloudBunny – A Tool To Capture The Real IP Of The Server That Uses A WAF As A Proxy Or Protection

by Black Hat Sec

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection.How worksIn this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links:Shodan - - - : In Zoomeye you need to enter the login and password, it generates a dynamic api key and I already do this work for you. Just…

Read More CloudBunny – A Tool To Capture The Real IP Of The Server That Uses A WAF As A Proxy Or Protection