PRINT
PRINT
SEND MAIL
SEND MAIL

Month: June 2018

Automate SSHCommand LineFirecallNEW TOOLSSSH

Firecall – Automate SSH Communication With Firewalls, Switches, Etc.

Automate SSH communication with firewalls, switches, etc.DescriptionThese scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into other scripts. These scripts were created with automation/orchestration in mind - if done securely, these scripts could ingest security intelligence data to automatically block malicious IPs based on certain criteria.ConfigurationRun bash…

penetration testingTUTORIALS

3 Ways Extract Password Hashes from NTDS.dit

Hello friends!! Today we are going to discuss some forensic tool which is quite helpful in penetration testing to obtain NTLM password hashes from inside the host machine. As we know while penetration testing we get lots of stuff from inside the host machine and if you found some files like NTDS.dit and system hive then read this article to extract user information from those files. Impacket-secretsdump Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing…

AkerBastion HostElk StackFreeipaJumpboxJumpserverNEW TOOLSSSHSSH Gateway

Aker – SSH Bastion/Jump Host/Jumpserver

Aker is a security tool that helps you configure your own Linux ssh jump/bastion host. Named after an Egyptian mythology deity who guarded the borders, Aker would act as choke point through which all your sysadmins and support staff access Linux production servers. Aker SSH gateway includes a lot of security features that would help you manage and administer thousands of Linux servers at ease. For a detailed look check our WikiMotivationI couldn't find an open source tool similar to CryptoAuditor and fudo, such…

CTF ChallengesTUTORIALS

Hack The Blackmarket VM (CTF Challenge)

BlackMarket VM presented at Brisbane SecTalks BNE0x1B (28th Session) which is focused on students and other InfoSec Professional. This VM has total 6 flags and one r00t flag. Each Flag leads to another Flag and flag format is flag {blahblah}. Download it from here. VM Difficulty Level: Beginner/Intermediate Penetrating Methodology Network Scanning (Nmap, netdiscover) Information gathering: Abusing web browser for the 1st flag Generate dictionary (Cewl) FTP brute-force (hydra) FTP login for the 2nd flag SQL injection for the 3rd flag Blackmarket login for the…

Log CleanerLog KillerNEW TOOLSPHP

Log Killer – Clear All Your Logs In (Linux/Windows) Servers

Log Killer is tool for [Linux/Windows] Servers. This tool will delete all your logs, just download the tool and run it on the server, if your server OS is Windows download the batch file but, if your server Linux then you should run the php script.ScreenShotsWindows (batch file): Linux :Video: Download Log-killer

Cyber ThreatsTOP 10 STORIES

Surge in cryptocurrency mining hacks blamed on risky smartphone apps

A cryptocurrency mining virus that hijacks computers and smartphones after they visit websites has surged in the last three months, thanks to risky smartphone apps and infected webpages. View Full Story ORIGINAL SOURCE: The Telegraph The post Surge in cryptocurrency mining hacks blamed on risky smartphone apps appeared first on IT SECURITY GURU.

Cyber ThreatsTOP 10 STORIES

PROPagate Code Injection Technique Detected in the Wild for the First Time

Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign. View Full Story ORIGINAL SOURCE: Bleeping Computer The post PROPagate Code Injection Technique Detected in the Wild for the First Time appeared first on IT SECURITY GURU.

Cyber ThreatsTOP 10 STORIES

UK Government Sets Minimum Cybersecurity Standard

The UK government has launched a new cybersecurity standard designed to set a baseline of mandatory security outcomes for all departments. The Minimum Cyber Security Standard announced this week presents a minimum set of measures which all government departments will need to follow, although the hope is that they will look to exceed these at all times. View Full Story ORIGINAL SOURCE: Infosecurity Magazine The post UK Government Sets Minimum Cybersecurity Standard appeared first on IT SECURITY GURU.

Cyber ThreatsTOP 10 STORIES

Ticketmaster ‘warned of hack attack in April by Monzo’

Ticketmaster was warned in April that it had been the victim of a hack attack, digital bank Monzo has claimed. Ticketmaster had previously said it did not know about the breach until June and had then acted quickly to inform “all relevant authorities”. View Full Story ORIGINAL SOURCE: BBC The post Ticketmaster ‘warned of hack attack in April by Monzo’ appeared first on IT SECURITY GURU.