Month: October 2019

PESTO – PE (files) Statistical Tool

October 31, 2019by Black Hat Sec

PESTO is a Python script that extracts and saves in a database some PE file security characteristics or flags searching for every PE binary in a whole directory, and saving results in a database.It checks for architecture flag in the header, and for the following security flags: ASLR, NO_SEH, DEP and CFG. Code is clear enough to modify flags and formats to your own needs.More details and flag explanation in here: script just needs a path and a tag. The program will go…

TUTORIALS ⁄ CTF Challenges

HA: Avengers Arsenal Vulnhub Walkthrough

October 31, 2019by Black Hat Sec

Today we are going to solve our Capture the Flag challenge called “HA: Avengers Arsenal” We have developed this lab for the purpose of online penetration practices. It contains 5 flags in the form of Avenger’s Weapons. Let’s Solve it!! Download Here Level: Intermediate Task: Find 5 Flags on the Target Machine. Penetration Methodologies Network Scanning Netdiscover Nmap Enumeration Browsing HTTP Service Enumerating Git logs Directory Bruteforce using drib Decoding using Spammimic Enumerating using cupp Bruteforcing using John the Ripper Exploitation Getting a reverse…

TUTORIALS ⁄ CTF Challenges

HA Rudra: Vulnhub Walkthrough

October 31, 2019by Black Hat Sec

This is our Walkthrough for HA: Rudra” and this CTF is designed by Hacking Articles Team . Lord Rudra also known as Shiv, Bolenath, Mahadev and he is Venerable by Hinduism. We have designed this VM because it is festival eve in India and all Indian strongly believe in Indian culture and religions and also to spread awareness of Indian culture among all people, hope you will enjoy. There are multiple methods to solve this machine or direct way to finish the task. You…

TUTORIALS ⁄ Website Hacking

Drupal: Reverseshell

October 31, 2019by Black Hat Sec

In this post, you will learn how to test security loopholes in Drupal CMS for any critical vulnerability which can cause great damage to any website if found on any webserver. In this article, you will learn how a misconfigured web application can be easily exploited. Remote Code Execution: Remote Code Evaluation is a vulnerability that occurs because of the unsafe handling of inputs by the server application or that can be exploited if user input is injected into a File or a String…

NEW TOOLS ⁄ Threat Intelligence ⁄ Threat Hunting ⁄ Intelligence Gathering ⁄ Threat Analysis ⁄ Threat Intelligence Platform ⁄ Threat Sharing ⁄ Malware Research ⁄ Fraud Detection ⁄ ThreatIngestor

ThreatIngestor – Extract And Aggregate Threat Intelligence

October 30, 2019by Black Hat Sec

An extendable tool to extract and aggregate IOCs from threat feeds.Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. OverviewThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources, extract meaningful information such as malicious IPs/domains and YARA signatures, and send that information to another system for analysis.Try it out now with this quick walkthrough, read more ThreatIngestor walkthroughs on the InQuest blog, and check out labs.inquest.net/iocdb, an IOC aggregation and…

NEW TOOLS ⁄ Python3 ⁄ Incident response ⁄ Swiss Army Knife ⁄ Command Line ⁄ Incident Response Tooling ⁄ Pockint ⁄ Tkinter Gui ⁄ Tkinter Python

Pockint – A Portable OSINT Swiss Army Knife For DFIR/OSINT Professionals

October 30, 2019by Black Hat Sec

POCKINT (a.k.a. Pocket Intelligence) is the OSINT swiss army knife for DFIR/OSINT professionals. Designed to be a lightweight and portable GUI program (to be carried within USBs or investigation VMs), it provides users with essential OSINT capabilities in a compact form factor: POCKINT's input box accepts typical indicators (URL, IP, MD5) and gives users the ability to perform basic OSINT data mining tasks in an iterable manner.InstallationYou can grab the latest version from the releases page. POCKINT is provided as a single executable that…

NEW TOOLS ⁄ Privilege Escalation ⁄ Post Exploitation ⁄ LinPwn ⁄ Linux Security

LinPwn – Interactive Post Exploitation Tool

October 29, 2019by Black Hat Sec

LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation.ConnectionSet your IP and port you want it to connect to in the Connection class.Place the LinPwn binary on the target machine.Run nc -lvp PORT on your machine and then run LinPwn on the target machine to get a connection.Usageshell - This command Executes /bin/sh Example usage: (LinPwn: Shell) > id Type exit to return to LinPwn.readfile - This command will print the contents of a file. Example usage:…

TUTORIALS ⁄ Website Hacking

Joomla: Reverse Shell

October 29, 2019by Black Hat Sec

Joomla is one of the popular Content Management System (CMS) which helps you to build your website. Joomla has gained its popularity by being user-friendly as its complication-free when during installation; and it is also pretty reliable. In this article, we learn how to get a reverse shell of Joomla. As you can see in the image below, the website is made in Joomla. Now, that we have our Joomla environment we start exploiting it. The attack that we are going to show is…

NEW TOOLS ⁄ WAF ⁄ WAF Bypass ⁄ Bypass WAF ⁄ XORpass

XORpass – Encoder To Bypass WAF Filters Using XOR Operations

October 29, 2019by Black Hat Sec

XORpass is an encoder to bypass WAF filters using XOR operations.Installation & Usagegit clone XORpass$ php encode.php STRING$ php decode.php "XORed STRING"Example of bypass:Using clear PHP function: Using XOR bypass of that function:$ php encode.php system # return A$ php encode.php ls # return Bpayload == A(B)Why does PHP treat our payload as a string?The ^ is the exclusive or operator, which means that we're in reality working with binary values. So lets break down what happens.The XOR operator on binary values will…