PRINT
PRINT
SEND MAIL
SEND MAIL

Month: March 2020

NEW TOOLSToolAWSEC2DistributedCytoscapeAWS SecurityNeo4JAwspxGraph TheoryOMENS

Awspx – A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments

by Black Hat Sec

auspex [ˈau̯s.pɛks] noun: An augur of ancient Rome, especially one who interpreted omens derived from the observation of birds.awspx is a graph-based tool for visualizing effective access and resource relationships within AWS. It resolves policy information to determine what actions affect which resources, while taking into account how these actions may be combined to produce attack paths. Unlike tools like Bloodhound, awspx requires permissions to function. It is not expected to be useful in cases where these privileges have not been granted.Quick startInstall (see…

Read More Awspx – A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments
NEW TOOLSScanVulnerability ScannerOsint FrameworkBanner GrabbingMachine LearningPort ScanningMetadataPulsar

Pulsar – Network Footprint Scanner Platform – Discover Domains And Run Your Custom Checks Periodically

by Black Hat Sec

Pulsar is an automated network footprint scanner for Red Teams, Pentesters and Bounty Hunters. Its focused on discovery of organization public facing assets with minimal knowledge about its infrastructure. Along with network data visualization, it attempts to give a basic vulnerability score to find infrastructure weak points and their relation to other resources. It can be also used as a custom vulnerability scanner for wide and uncharted scopes. This software was created with availability and openness in mind, so it is 100% free, and…

Read More Pulsar – Network Footprint Scanner Platform – Discover Domains And Run Your Custom Checks Periodically
JavaScriptSecurity FeedsMalware DescriptionsAPT reportsFeaturedTargeted AttacksWatering hole attacksWebsite HacksAdobe Flashdrive-by attack

Holy water: ongoing targeted water-holing attack in Asia

by Black Hat Sec

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot since the inception date, may still be in development, and leverages Sojson obfuscation, NSIS installer, Python, open-source code, GitHub distribution, Go language, as well as Google Drive-based C2 channels.…

Read More Holy water: ongoing targeted water-holing attack in Asia
NEW TOOLS

CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC

by Black Hat Sec

(c) 2020 ZecOps, Inc. - - Find Attackers' Mistakes POC to check for CVE-2020-0796 / "SMBGhost" Expected outcome: Blue Screen Intended only for educational and testing in corporate environments. ZecOps takes no responsibility for the code, use at your own risk. Please contact sales@ZecOps.com if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically. Usage CVE-2020-0796-POC.exe [<TargetServer>] If <TargetServer> is omitted, the POC is executed on localhost (127.0.0.1). Compiled POC…

Read More CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC
NEW TOOLSPcapAirodump-ngProcessesPacket AnalysisR00Kie-Kr00Kie

R00Kie-Kr00Kie – PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

by Black Hat Sec

DisclaimerThis is a PoC exploit for the CVE-2019-15126 kr00k vulnerability.This project is intended for educational purposes only and cannot be used for law violation or personal gain.The author of this project is not responsible for any possible harm caused by the materials.RequirementsTo use these scripts, you will need a WiFi card supporting the active monitor mode with frame injection. We recommend the Atheros AR9280 chip (IEEE 802.11n) we used to develop and test the code. We have tested this PoC on Kali LinuxInstallation# clone…

Read More R00Kie-Kr00Kie – PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability
NEW TOOLSPrivilege EscalationOne-Lin3rMultiplatformPentesting WindowsLiners DatabaseOne LinerOne LinersPayloads DatabaseWeb Based Attacks

One-Lin3r v2.1 – Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

by Black Hat Sec

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing (Windows, Linux, macOS or even BSD systems) or hacking generally with a lot of new features to make all of this fully automated (ex: you won't even need to copy the one-liners).ScreenshotsIt consists of various one-liners types with various functions, some of them are: One-liner functionWhat this function refers toReverse ShellVarious methods and commands to give you a reverse shell.PrivEscMany commands to help in Enumeration…

Read More One-Lin3r v2.1 – Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More
NEW TOOLSMacOSINT ToolOsint FrameworkiKyProject iKy

Project iKy v2.4.0 – Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

by Black Hat Sec

Project iKy is a tool that collects information from an email and shows results in a nice visual interface.Visit the Gitlab Page of the ProjectInstallationClone repositorygit clone BackendRedisYou must install Rediswget xvzf redis-stable.tar.gzcd redis-stablemakesudo make installPython stuff and CeleryYou must install the libraries inside requirements.txtpython3 -m pip install -r requirements.txtInstall FrontendNodeFirst of all, install nodejs.DependenciasInside the directory frontend install the dependenciescd frontendnpm installWake up iKy ToolTurn on BackendRedisTurn on the server in a terminalredis-serverPython stuff and CeleryTurn on Celery in another terminal,…

Read More Project iKy v2.4.0 – Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface