PRINT
PRINT
SEND MAIL
SEND MAIL

Month: May 2018

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Apk filesCommon VulnerabilitiesjavaNEW TOOLSReverse EngineerReverse EngineeringReverseAPK

ReverseAPK – Quickly Analyze And Reverse Engineer Android Packages

Quickly analyze and reverse engineer Android applications.FEATURES:Displays all extracted files for easy referenceAutomatically decompile APK files to Java and Smali formatAnalyze AndroidManifest.xml for common vulnerabilities and behaviorStatic source code analysis for common vulnerabilities and behaviorDevice infoIntentsCommand executionSQLite referencesLogging referencesContent providersBroadcast recieversService referencesFile referencesCrypto referencesHardcoded secretsURL'sNetwork connectionsSSL referencesWebView referencesINSTALL:./installUSAGE:reverse-apk <apk_name>Download ReverseAPK

penetration testingTUTORIALS

Linux Privilege Escalation Using PATH Variable

After solving several OSCP Challenges we decided to write the article on the various method used for Linux privilege escalation, that could be helpful for our readers in their penetration testing project. In this article, we will learn “various method to manipulate $PATH variable” to gain root access of a remote host machine and the techniques used by CTF challenges to generate $PATH vulnerability that lead to Privilege escalation. If you have solved CTF challenges for Post exploit then by reading this article you…

CrawlingDiscoveryFile SharingFileshareMacNetwork AnalysisNEW TOOLSNmapNmap ScriptsScanSharesnifferSnifferSniffing

Sharesniffer – Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems

sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and auto-mounting of any open cifs and nfs shares.How to useExample to find all hosts in 192.168.56.0/24 network and auto-mount at /mnt:python sniffshares.py -l 4 --hosts 192.168.56.0/24 -a -m /mntRequirementsPython 2.7 or 3.5Linux or macOSNmap in PATHNmap scripts (.nse) in PATH (on Linux/macOS they are usually in /usr/local/share/nmap/), if you don't have the ones required are also in the rootdir of sharesniffer.python-nmap…

Cyber ThreatsTOP 10 STORIES

FBI warns of password stealing malware on the loose

US authorities have provided more details of two pieces of malware which, they said, are used by North Korean hackers to infiltrate computer systems and steal passwords and other data. View Full Story ORIGINAL SOURCE: ZDNet The post FBI warns of password stealing malware on the loose appeared first on IT SECURITY GURU.

Cyber ThreatsTOP 10 STORIES

World Cup phishing scams on the rise

Malicious actors are exploiting the upcoming 2018 FIFA World Cup to conduct phishing attacks only two weeks before the tournament kicks off. Researchers at cyber security company Kaspersky Lab have detected a spike in the number of phishing pages appearing during match ticket sales, alongside a general rise in the number of football-related spam and World Cup-themed attacks. View Full Story ORIGINAL SOURCE: IT Pro The post World Cup phishing scams on the rise appeared first on IT SECURITY GURU.

Cyber ThreatsTOP 10 STORIES

Federal agencies found to be failing at cybersecurity basics

The Office of Management and Budget reports that the federal government is a shambles — cybersecurity-wise, anyway. Finding little situational awareness, few standard processes for reporting or managing attacks and almost no agencies adequately performing even basic encryption, the OMB concluded that “the current situation is untenable.” View Full Story ORIGINAL SOURCE: Tech Crunch The post Federal agencies found to be failing at cybersecurity basics appeared first on IT SECURITY GURU.

Cyber ThreatsEDITOR’S NEWS

27% of security teams receive over 1 million security alerts every day

A new survey from Imperva has revealed that 27 percent of today’s security teams receive over 1 million security alerts every day, which leaves 53 percent of IT professionals struggling to identify critical security incidents over false positives. As a result of the huge volume of alerts security teams are faced with today, the study also revealed that 30 percent of IT professionals have flat-out ignored certain categories of alerts, while four percent have turned off the alert notifications altogether. To help combat the…

Cyber ThreatsTOP 10 STORIES

ActiveX Zero-Day found in Recent N. Korean cyber attacks

A North Korean cyber-espionage group has exploited an ActiveX zero-day to infect South Korean targets with malware or steal data from compromised systems, local media and security researchers have reported. The perpetrators of these attacks are known as the Andariel Group. According to a report authored by South Korean cyber-security firm AhnLab, the Andariel Group is a smaller unit of the larger and more well-known Lazarus Group —North Korea’s cyber-espionage apparatus, believed to be a unit of its military. View Full Story ORIGINAL SOURCE:…

Cyber ThreatsEDITOR’S NEWS

Facebook at the front all considering – Only 2% of UK Consumers consider GDPR to be NOT Important

Following Mark Zuckerberg’s meeting with the EU Parliament and GDPR coming into force from Friday, new research from GlobalWebIndex shows that consumers across the UK overwhelmingly describe GDPR as being extremely or very important to them in relation to their digital lives (76%), and just 2% think it has no importance. Further to this, 58% want to see companies being held accountable for their actions.   Based on interviews with more than 1,500 consumers, GlobalWebIndex found that 27% of people do not trust companies…