Month: February 2019

NEW TOOLSCTFBinary AnalysisSymbolic ExecutionAngr

Angr – A Powerful And User-Friendly Binary Analysis Platform

angr is a platform-agnostic binary analysis framework. It is brought to you by the Computer Security Lab at UC Santa Barbara, SEFCOM at Arizona State University, their associated CTF team, Shellphish, the open source community, and @rhelmot.What?angr is a suite of Python 3 libraries that let you load a binary and do a lot of cool things to it:Disassembly and intermediate-representation liftingProgram instrumentationSymbolic executionControl-flow analysisData-dependency analysisValue-set analysis (VSA)DecompilationThe most common angr operation is loading a binary: p = angr.Project('/bin/bash') If you do this in…

Cyber Threats

BitSight Unveils Peer Analytics For More Effective Security Performance Management.

BitSight, the Standard in Security Ratings, today announced the availability of BitSight Peer Analytics, the latest Security Performance Management offering on the BitSight platform. Leveraging the world’s most trusted and comprehensive view of security performance across hundreds of thousands of global organisations, BitSight Peer Analytics provides security and risk leaders unprecedented visibility into the relative performance of their security programs against their peers and sector. The solution enables organisations to meet and surpass their industry standard by setting achievable security performance improvement goals, effectively…

NEW TOOLSNetwork TrafficNtopngPacket AnalyserPacket ProcessingTraffic Monitoring

Ntopng – Web-based Traffic And Security Network Traffic Monitoring

ntopng is the next generation version of the original ntop, a network traffic probe that monitors network usage. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Windows as well.ntopng – yes, it’s all lowercase – provides a intuitive, encrypted web user interface for the exploration of realtime and historical traffic information.Main FeaturesSort network traffic according to many criteria including IP address, port, L7 protocol, throughput, Autonomous Systems (ASs)Show…


Transform your Tablet or Smartphone to Cyber Attack Weapon and Hack with one click!

Transform your smartphone or tablet to a cyber attack weapon with our new hacking tools pack the package includes  the tools listed below and a How-to.txt file to set them all up: Tools List:   Barcode Scanner+ (Plus) 1.12.1 bcmon BlueNMEA Bugtroid Pentesting BusyBox for BusyBox_6.7.3.0 busybox-installer-6-7-3-0 com.appbox.fakecall.1 com.bigos.androdumpper.41 com.epicstudios.fakeidpro.5 com.joeykrim.rootcheck-5.2.7-68-minAPI11 com.kobisnir.fakeemail.1 com.spoofapp.spoofapp.11 com.TapFury.EvilOperator.7 com.wpr.wifirecover.2 com.zimperium.zanti.1199 com_dooblou_SECuRETSpyCam-72 Complete Linux Installer v2-8 cSploit-release Drivedroid Droid Pentest update v 1.2 droidsheep-1.5 eu.chainfire.supersu.downloader Fake ID Fake Text…

NEW TOOLSWPSNetwork WirelessNetwork Wireless HackingHT-WPS Breaker

HT-WPS Breaker – High Touch WPS Breaker

High Touch WPS Breaker [HT-WB] is a small tool based on the bash script language, it can help you to extract the WPS pin of many vulnerable routers and get the password, in the last you want to notice that HT-WPS Breaker in its process is using these tools :"Piexiewps""Reaver""Bully""Aircrack Suite""Wash"PreviewVideoNew VideoOld Video TutorialCrack Any Hidden wireless networkHere is how to make the script worksCopy to Desktop . Open The Terminal . Type the following commands : cd Desktopunzip HT-WPS-Breaker.zipcd HT-WPS-Breakerchmod +x…

NEW TOOLSOphcrackRainbow TablesWindows Password Cracker

Ophcrack – A Windows Password Cracker Based On Rainbow Tables

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.Features:Runs on Windows, Linux/Unix, Mac OS X, ...Cracks LM and NTLM hashes.Free tables available for Windows XP and Vista/7.Brute-force module for simple passwords.Audit mode and CSV export.Real-time graphs to analyze the passwords.LiveCD available to simplify the cracking.Dumps and loads hashes from encrypted SAM recovered from a…


What are the MOST Critical Web Vulnerabilities in 2019?

So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization? Well luckily for you Acunetix compiles an annual web application vulnerability report which is a fairly hefty piece of analysis on data gathered from the previous year. This is compiled from the automated web and network perimeter scans run on the Acunetix Online platform, over a 12 month period, across more than 10,000 scan targets. Read the rest of What…

NEW TOOLSMetasploit FrameworkExploitation FrameworkCheat SheetMetasploit Cheat SheetMetasploit DatabaseMetasploit Framework DatabaseSecurity Cheat Sheets

Metasploit Cheat Sheet

The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures.Metasploit is a popular tool used by pentest experts.Metasploit :Search for module:msf > search [regex]Specify and exploit to use:msf > use exploit/[ExploitPath]Specify a Payload to use:msf > set PAYLOAD [PayloadPath]Show options for the current modules:msf > show optionsSet options:msf > set [Option] [Value]Start exploit:msf > exploit Useful Auxiliary ModulesPort Scanner:msf > use auxiliary/scanner/portscan/tcpmsf > set RHOSTS > runDNS Enumeration:msf > use…

TUTORIALSpenetration testing

Post Exploitation on Saved Password with LaZagne

This article will be focused on The LaZagne project and its usage in Post Exploitation. Table of Content: Introduction of LaZagne Project Syntax and Parameters Achieve Meterpreter and Upload LaZagne Help Screen Mails Argument Windows Argument Browsers Argument Databases Argument Wi-Fi Argument All Argument oN Parameter Verbose Mode Parameter Quiet Parameter Introduction of LaZagne Project The LaZagne is an open source application. It retrieves stored passwords on a System. It directly injects the Python code in the memory without writing anything on disk. This…