PRINT
PRINT
SEND MAIL
SEND MAIL

Month: February 2020

NEW TOOLSBrute-forceScanBurpDNSBinSSRFExtended-SSRF-Search

Extended-SSRF-Search – Smart SSRF Scanner Using Different Methods Like Parameter Brute Forcing In Post And Get…

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).First stepRename example.app-settings.conf to app-settings.conf and adjust settings. The most important setting is the callback url. I recommend to use burp collaborator. Then you can add your urls to config/url-to-test.txt. Here the script accepts domains as well as urls with path and queryparameters. If you like you can add your own cookies to config/cookie-jar.txt and add additional headers for your requests. The brute force…

NEW TOOLSCommon VulnerabilitiesIoTGoat

IoTGoat – A Deliberately Insecure Firmware Based On OpenWrt

The IoTGoat Project is a deliberately insecure firmware based on OpenWrt. The project’s goal is to teach users about the most common vulnerabilities typically found in IoT devices. The vulnerabilities will be based on the IoT Top 10 as documented by OWASP: get started with developing IoTGoat challenges, review the Build Environment Guidance page. Precompiled firmware and an OVA with the latest build can be found via . If a crucial challenge idea is missing, please reach out to the project leaders below…

TUTORIALSCTF Challenges

Hack the Box: Haystack Walkthrough

Today, we’re sharing another Hack Challenge Walkthrough box: Haystack design by JoyDragon and the machine is part of the retired lab, so you can connect to the machine using your HTB VPN and then start to solve the CTF. The level of the Lab is set: Beginner to intermediate. Task: Capture the user.txt and root.txt flags. Methodology Network Scanning Nmap Enumeration Abusing HTTP Abusing elastic search Base64 decode Initial Foothold SSH login Exploiting LFI on Kibana Privilege Escalation Abusing Execution function Network Scanning Since…

NEW TOOLSpenetration testingShell ScriptBatch ScriptPolyglotPolyshell

Polyshell – A Bash/Batch/PowerShell Polyglot!

PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payloads. PolyShell is also specifically designed to be deliverable via input injection using a USB Rubby Ducky, MalDuino, or similar device.How To Use ItAs a stand-alone scriptCopy/rename the script so it has the correct file extension (.sh, .bat, or .ps1).Run the script with a Unix shell, as…

TUTORIALSpenetration testing

Beginners Guide to TShark (Part 3)

This is the third instalment in the Beginners Guide to TShark Series. Please find the first and second instalments below. Beginners Guide to TShark (Part 1) Beginners Guide to TShark (Part 2) TL; DR In this part, we will understand the reporting functionalities and some additional tricks that we found while tinkering with TShark. Table of Content Version Information Reporting Options Column Formats Decodes Dissector Tables Elastic Mapping Field Count Fields Fundamental Types Heuristic Decodes Plugins Protocols Values Preferences Folders PyShark Installation Live Capture…

Kali LinuxNEW TOOLSRemote ControlCommand LineJailbreakExploitation FrameworkCheckra1NEntynetprojectiOS HacksiOS JailbreakMacos HackMultihandler

Mouse Framework – An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload

About Mouse FrameworkMouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.Getting startedMouse installationcd mousechmod +x install.sh./install.shMouse uninstallationcd mousechmod +x uninstall.sh./uninstall.shMouse Framework executionTo execute Mouse Framework you should execute the following command.mouseMouse Payloads…

NEW TOOLSJuice ShopOWASP Juice ShopRedisCapture the flagCTF PlatformMulti-Juicer

Multi-Juicer – Run Capture The Flags And Security Trainings With OWASP Juice Shop

Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time.MultiJuicer gives you the ability to run separate Juice Shop instances for every participant on a central kubernetes cluster, to run events without the need for local Juice Shop instances.Note: This project was called JuicyCTF until recently. This…

Security FeedsBotnetsMalware DescriptionsAPT reportsFeaturedGoogle AndroidMobile Malware

Roaming Mantis, part V

Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds. The attackers’ focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis environment detection and so on. We’ve also observed new malware families: Fakecop (also known as SpyAgent by McAfee) and Wroba.j (also known as Funkybot by Fortinet). Distribution of Wroba.g via SMiShing with impersonated brands In 2018, the group added a distribution…

NEW TOOLSBinary ExploitationBinary AnalysisSymbolic ExecutionObfuscated CodeDeobfuscationABD

ABD – Course Materials For Advanced Binary Deobfuscation

Advanced Binary DeobfuscationThis repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020.Course AbstractReverse engineering is not easy, especially if a binary code is obfuscated. Once obfuscation performed, the binary would not be analyzed accurately with naive techniques alone. In this course, you will learn obfuscation principles (especially used by malware), theory and practice of obfuscated code analysis, and how to write your own tool for deobfuscation. In particular, we delve into data-flow analysis and SAT/SMT-based…