Month: April 2018


Hack the Box Challenge Bashed Walkthrough

Hello Friends!! Today we are going to solve a CTF Challenge “Bashed”. It is a lab that is developed by Hack the Box. They have an amazing collection of Online Labs, on which you can practice your penetration testing skills. They have labs are designed for beginner to the Expert penetration tester. Bashed is a Retired Lab. Level: Medium Task: Find the user.txt and root.txt in the vulnerable Lab. Let’s Begin! As these labs are only available online, therefore, they have a static IP. Bashed…

DistroMemory ForensicsNEW TOOLSRedHunt OSThreat Intelligence

RedHunt OS – Virtual Machine For Adversary Emulation And Threat Hunting

Virtual Machine for Adversary Emulation and Threat HuntingRedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment.Base Machine:Lubuntu-17.10.1 x64Tool SetupAttack Emulation:CalderaAtomic Red TeamDumpsterFireMettaRTANmapCrackMapExecResponderZapLogging and Monitoring:Kolide FleetELK (Elasticsearch, Logstash, and Kibana) StackOpen Source Intelligence (OSINT):MaltegoRecon-ngDatasploittheHarvestorThreat Intelligence:YetiHarpoonSneak Peek:References: RedHunt-OS

Information discoveryIntrusion DetectionIntrusion PreventionInvoke-ATTACKAPIMitreMitre Attack DBNEW TOOLSPowerShell ScriptPrivilege EscalationSniffingThreat Intelligence

Invoke-ATTACKAPI – A PowerShell Script To Interact With The MITRE ATT& CK Framework Via Its Own API

A PowerShell script to interact with the MITRE ATT&CK Framework via its own API in order to gather information about techniques, tactics, groups, software and references provided by the MITRE ATT&CK Team @MITREattack.GoalsProvide an easy way to interact with the MITRE ATT&CK Framework via its own API and PowerShell to the community.Expedite the acquisition of data from ATT&CK when preparing for a Hunting Campaign.Learn PowerShell Dynamic Parameters :)Getting StartedRequirementsPowerShell version 3+Installing /Importinggit clone Invoke-ATTACKAPIImport-Module .\Invoke-ATTACKAPI.ps1 /$$$$$$ /$$$$$$$$ /$$$$$$$$ /$$$ /$$$$$$ /$$ /$$ /$$$$$$…

Infection MonkeyNEW TOOLSpenetration testingPentestSecurity AutomationSecurity Tools

Infection Monkey – An Automated Pentest Tool

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.The Infection Monkey is comprised of two parts:Monkey - A tool which infects other machines and propagates to themMonkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data centerTo read more about the Monkey, visit…

NEW TOOLSRed Team ArsenalRTA

RTA – Framework Designed To Test The Detection Capabilities Against Malicious Tradecraft

RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.RTA is composed of python scripts that generate evidence of over 50 different ATT&CK tactics, as well as a compiled binary application that performs activities such as file timestopping, process injections, and beacon simulation as needed.Where possible, RTA attempts to perform the actual malicious activity described. In other cases, the RTAs will emulate all or parts of the activity. For example, some…

EXPLOIT-COLLECTORHacking NewsHomemyetherwallet

MyEtherWallet DNS Hack Causes 17 Million USD User Loss

Big news in the crypto scene this week was that the MyEtherWallet DNS Hack that occured managed to collect about $17 Million USD worth of Ethereum in just a few hours. The hack itself could have been MUCH bigger as it actually involved compromising 1300 Amazon AWS Route 53 DNS IP addresses, fortunately though only MEW was targetted resulting in the damage being contained in the cryptosphere (as far as we know anyway). Read the rest of MyEtherWallet DNS Hack Causes 17 Million USD…

AdversarialMettaNEW TOOLSSimulationToolVagrant

Metta – An Information Security Preparedness Tool To Do Adversarial Simulation

Metta is an information security preparedness tool.This project uses Redis/Celery, python, and vagrant with virtualbox to do adversarial simulation. This allows you to test (mostly) your host based instrumentation but may also allow you to test any network based detection and controls depending on how you set up your vagrants.The project parses yaml files with actions and uses celery to queue these actions up and run them one at a time without interaction.Installationsee setup.mdThere is also a wikiRunning actionsThe various actions live in the…

Security Feeds

GandCrab v3 Ransomware on the wild!

This is the new Ransomware virus that engrypts your files , it creates a file called CRAB-DECRYPT on any egrypted directory with the following message : ---= GANDCRAB V3 =--- Attention! All your files documents, photos, databases and other important files are encrypted and have the extension: .CRAB The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files. The server with your key is in a closed network TOR. You can get…

BINDGrok-backdoorMacNEW TOOLS

Grok-backdoor – Backdoor With Ngrok Tunnel Support

Grok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the communication. Ngrok-backdoor can generate windows, linux and mac binaries using Pyinstaller.Disclaimer:All the code provided on this repository is for educational/research purposes only. Any actions and/or activities related to the material contained within this repository is solely your responsibility. The misuse of the code in this repository can result in criminal charges brought against the persons in question. Author will not be held responsible in the event any criminal charges be brought…