PRINT
PRINT
SEND MAIL
SEND MAIL

Month: February 2020

NEW TOOLSBrute-forceScanBurpDNSBinSSRFExtended-SSRF-Search

Extended-SSRF-Search – Smart SSRF Scanner Using Different Methods Like Parameter Brute Forcing In Post And Get…

by Black Hat Sec

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).First stepRename example.app-settings.conf to app-settings.conf and adjust settings. The most important setting is the callback url. I recommend to use burp collaborator. Then you can add your urls to config/url-to-test.txt. Here the script accepts domains as well as urls with path and queryparameters. If you like you can add your own cookies to config/cookie-jar.txt and add additional headers for your requests. The brute force…

Read More Extended-SSRF-Search – Smart SSRF Scanner Using Different Methods Like Parameter Brute Forcing In Post And Get…
NEW TOOLSCommon VulnerabilitiesIoTGoat

IoTGoat – A Deliberately Insecure Firmware Based On OpenWrt

by Black Hat Sec

The IoTGoat Project is a deliberately insecure firmware based on OpenWrt. The project’s goal is to teach users about the most common vulnerabilities typically found in IoT devices. The vulnerabilities will be based on the IoT Top 10 as documented by OWASP: get started with developing IoTGoat challenges, review the Build Environment Guidance page. Precompiled firmware and an OVA with the latest build can be found via . If a crucial challenge idea is missing, please reach out to the project leaders below…

Read More IoTGoat – A Deliberately Insecure Firmware Based On OpenWrt
TUTORIALSCTF Challenges

Hack the Box: Haystack Walkthrough

by Black Hat Sec

Today, we’re sharing another Hack Challenge Walkthrough box: Haystack design by JoyDragon and the machine is part of the retired lab, so you can connect to the machine using your HTB VPN and then start to solve the CTF. The level of the Lab is set: Beginner to intermediate. Task: Capture the user.txt and root.txt flags. Methodology Network Scanning Nmap Enumeration Abusing HTTP Abusing elastic search Base64 decode Initial Foothold SSH login Exploiting LFI on Kibana Privilege Escalation Abusing Execution function Network Scanning Since…

Read More Hack the Box: Haystack Walkthrough
NEW TOOLSpenetration testingShell ScriptBatch ScriptPolyglotPolyshell

Polyshell – A Bash/Batch/PowerShell Polyglot!

by Black Hat Sec

PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payloads. PolyShell is also specifically designed to be deliverable via input injection using a USB Rubby Ducky, MalDuino, or similar device.How To Use ItAs a stand-alone scriptCopy/rename the script so it has the correct file extension (.sh, .bat, or .ps1).Run the script with a Unix shell, as…

Read More Polyshell – A Bash/Batch/PowerShell Polyglot!
TUTORIALSpenetration testing

Beginners Guide to TShark (Part 3)

by Black Hat Sec

This is the third instalment in the Beginners Guide to TShark Series. Please find the first and second instalments below. Beginners Guide to TShark (Part 1) Beginners Guide to TShark (Part 2) TL; DR In this part, we will understand the reporting functionalities and some additional tricks that we found while tinkering with TShark. Table of Content Version Information Reporting Options Column Formats Decodes Dissector Tables Elastic Mapping Field Count Fields Fundamental Types Heuristic Decodes Plugins Protocols Values Preferences Folders PyShark Installation Live Capture…

Read More Beginners Guide to TShark (Part 3)
Kali LinuxNEW TOOLSRemote ControlCommand LineJailbreakExploitation FrameworkCheckra1NEntynetprojectiOS HacksiOS JailbreakMacos HackMultihandler

Mouse Framework – An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload

by Black Hat Sec

About Mouse FrameworkMouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.Getting startedMouse installationcd mousechmod +x install.sh./install.shMouse uninstallationcd mousechmod +x uninstall.sh./uninstall.shMouse Framework executionTo execute Mouse Framework you should execute the following command.mouseMouse Payloads…

Read More Mouse Framework – An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload
NEW TOOLSJuice ShopOWASP Juice ShopRedisCapture the flagCTF PlatformMulti-Juicer

Multi-Juicer – Run Capture The Flags And Security Trainings With OWASP Juice Shop

by Black Hat Sec

Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time.MultiJuicer gives you the ability to run separate Juice Shop instances for every participant on a central kubernetes cluster, to run events without the need for local Juice Shop instances.Note: This project was called JuicyCTF until recently. This…

Read More Multi-Juicer – Run Capture The Flags And Security Trainings With OWASP Juice Shop
Security FeedsBotnetsMalware DescriptionsAPT reportsFeaturedGoogle AndroidMobile Malware

Roaming Mantis, part V

by Black Hat Sec

Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds. The attackers’ focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis environment detection and so on. We’ve also observed new malware families: Fakecop (also known as SpyAgent by McAfee) and Wroba.j (also known as Funkybot by Fortinet). Distribution of Wroba.g via SMiShing with impersonated brands In 2018, the group added a distribution…

Read More Roaming Mantis, part V
NEW TOOLSBinary ExploitationBinary AnalysisSymbolic ExecutionObfuscated CodeDeobfuscationABD

ABD – Course Materials For Advanced Binary Deobfuscation

by Black Hat Sec

Advanced Binary DeobfuscationThis repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020.Course AbstractReverse engineering is not easy, especially if a binary code is obfuscated. Once obfuscation performed, the binary would not be analyzed accurately with naive techniques alone. In this course, you will learn obfuscation principles (especially used by malware), theory and practice of obfuscated code analysis, and how to write your own tool for deobfuscation. In particular, we delve into data-flow analysis and SAT/SMT-based…

Read More ABD – Course Materials For Advanced Binary Deobfuscation