PRINT
PRINT
SEND MAIL
SEND MAIL

Month: October 2018

TUTORIALS

Earn Bitcoins just by surfing Online !

Use CryptoTab as your default browser to maximize your revenue Mining speed increases when your browser is active. Use CryptoTab browser for your everyday activities, visit your favorite sites, watch movies online, and take advantage of maximum mining power. Browser with built-in mining CryptoTab Browser includes built-in mining algorithm that allows using your computer resources more effectively than in extension format. It boosts your mining speed up to 8 times and increases BTC earnings. Enhance your browser with over 150 thousand extensions Set up…

TUTORIALS

Cerberus Linux v1 Subsystem for Windows 10!

Cerberus Linux subsystem is Linux to run on top windows! like the picture bellow^^^ Cerberus linux v1 tools and extras : 15 new Cerberus Frameworks : Metapackages , containers with custom scripts within! Exploits (to analyze): EARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploit EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86. ECHOWRECKER remote Samba 3.0.x Linux exploit. EASYBEE appears to be an MDaemon email server vulnerability EASYFUN EasyFun 2.2.0 Exploit for WDaemon…

Windows10

Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

DistroKaliKali LinuxNEW TOOLSPenetration Testing DistributionPentesting Distribution

Kali Linux 2018.4 Release – Penetration Testing and Ethical Hacking Linux Distribution

Welcome to our fourth and final release of 2018, Kali Linux 2018.4, which is available for immediate download. This release brings kernel up to version 4.18.10, fixes numerous bugs, includes many updated packages, and a very experimental 64-bit Raspberry Pi 3 image.New Tools and Tool UpgradesWireguard is a powerful and easy to configure VPN solution that eliminates many of the headaches one typically encounters setting up VPNs. Check out Wireguard post for more details on this great addition.Kali Linux 2018.4 also includes updated packages for…

penetration testingTUTORIALS

Hack the Box: Bounty Walkthrough

Today we are going to solve another CTF challenge “Bounty”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Medium Task: To find user.txt and root.txt file Note: Since these labs are online available therefore they have a static IP. The IP of Bounty is 10.10.10.93 Walkthrough Let’s start off with our basic nmap command to…

DarkSpiritzMacNEW TOOLSPenetration Test Frameworkpenetration testingPenetration Testing FrameworkPentesting FrameworkTesting Framework

DarkSpiritz v2.0 – A Penetration Testing Framework For Linux, MacOS, And Windows Systems

A penetration testing framework for Linux and Windows systems.What is DarkSpiritz?Created by the SynTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this framework and if you are then it will help you with DarkSpiritz. DarkSpiritz also works like another pentesting framework known as Metasploit. If you know how…

Hacking Toolspenetration testingTUTORIALS

Xerosploit- A Man-In-The-Middle Attack Framework

Networking is an important platform for an Ethical Hacker to check on, many of the threat can come from the internal network like network sniffing, Arp Spoofing, MITM e.t.c, This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets, steal password etc. Table of Content Introduction to Xerosploit Man-In-The-Middle Xerosploit Installation PSCAN (Port Scanner) DOS (Denial of service) INJECTHTML (HTML INJECTION) SNIFF dspoof YPLAY REPLACE Driftnet Introduction to Xerosploit Xerosploit is a penetration testing toolkit whose goal…

HardeningMacNEW TOOLSSystem Auditing ToolSystem AuditorSystem HardeningSystem/Network ManagerVulnerability Scanner

Lynis 2.7.0 – Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration.Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.Supported…

penetration testingTUTORIALS

Comprehensive Guide on MSFPC

Hello Friends!! As you all are aware of MSFvenom-A tool in Kali Linux for generating payload, is also available as MSFvenom Payload Creator (MSFPC) for generating various “basic” Meterpreter payloads via msfvenom. It is fully automating msfvenom & Metasploit is the end goal. MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on user’s choice. The idea is to be as simple as possible (only requiring one input) to produce their payload. Source:  Author: g0tmi1k Syntaxmsfpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>)…

Arbitrary File UploadJQShellMacNEW TOOLSpwnedTOR

JQShell – A Weaponized Version Of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0)

JQShellA weaponized version of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0).DisclaimerUsing this agianst servers you dont control, is illegal in most countries. The author claims no responsibility for the actions of those who use this software for illegal purposes. This software is intended for educational use only. No servers were illegally pwned in the making of this software.FeaturesSingle Target Multi Target Tor PrerequisitesPlease install these required packages.Python3pip3 install requests pysocks subprocess stem Tor Control PortTo use tor, in this script,…

Cyber ThreatsOPINIONS & ANALYSIS

Three Tips for Combating Fraud.

Chris Camacho, Chief Strategy Officer at Flashpoint Fraud is an inevitability of business, and one that most won’t concede they’re susceptible to. But the blunt truth is, insiders who are close to critical systems—or outsiders who are skilled enough to exploit vulnerabilities in anti-fraud and other security controls—will steal. They may target assets they’re entrusted to protect or cook the books to hide their tracks; in the end both types of fraudsters aim to make off with significant money. Fraud persists, and frankly, it’s…

Cyber ThreatsOPINIONS & ANALYSIS

IBM Mobile Cybersecurity Center Makes RIT Its First University Stop On World Tour.

RIT Computing Weekend will have an extra special visitor – the new IBM X-Force Command Tactical Operation Center (C-TOC), which will be making its first visit to a university as part of the Nov. 2–4 event. IBM recently announced the C-TOC, the industry’s first fully operational Security Operations Center on wheels, capable of travelling onsite for cybersecurity training, preparedness and response. Housed in a tractor trailer, the center will visit RIT Nov. 2 before continuing its tour around the U.S. and Europe, running incident…