Month: August 2020

NEW TOOLSScanNTLMSwiss Army KnifeStealthNetBIOSWindows DefenderAlertingRemote DesktopAccess RightsLateral MovementDVS

DVS – D(COM) V(ulnerability) S(canner) AKA Devious Swiss Army Knife

Did you ever wonder how you can move laterally through internal networks? or interact with remote machines without alerting EDRs?Let's assume that we have a valid credentials, or an active session with access to a remote machine, but we are without an option for executing a process remotely in a known, expected or a highly-monitored method (i.e. WMI, Task Scheduler, WinRM, PowerShell Remoting).For these scenarios, the DVS framework comes to the rescue.The DVS framework is a swiss army knife which allows you to enumerate…

TUTORIALSpenetration testing

Penetration Testing on CouchDB (5984)

What is CouchDB CouchDB is a Free and open-source fault-tolerant NoSQL database developed by Apache software foundation. It uses JSON, to store data, javascript as its query languages and It includes RESTFUL API to transmit data over HTTP. CouchDB Features CouchDB have REST API that is based on HTTP which helps to communicate with database... Continue reading → The post Penetration Testing on CouchDB (5984) appeared first on Hacking Articles.

NEW TOOLSSHA1ShodanMISPThreat IntelligenceSHA256VirusTotalThreat HuntingCensysZoomeyeWebhookMihariOnypheThehive

Mihari – A Helper To Run OSINT Queries & Manage Results Continuously

Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting.How it worksMihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts (IP addresses, domains, URLs and hashes) from the results.Mihari checks whether a DB (SQLite3 or PostgreSQL) contains the artifacts or not. If it doesn't contain the artifacts: Mihari creates an alert on TheHive. (Optional)Mihari sends a notification to Slack. (Optional)Mihari creates an event on MISP. (Optional)ScreenshotsTheHive alert exampleSlack…

NEW TOOLSBrute-forcePython3CrawlingCrawlerSubdomain EnumerationBroken Link HijackingSourceWolf

SourceWolf – Amazingly Fast Response Crawler To Find Juicy Stuff In The Source Code!

Tested environments: Windows, MAC, linux, and windows subsystem for linux (WSL) What can SourceWolf do? Crawl through responses to find hidden endpoints, either by sending requests, or from the local response files (if any). Create a list of javascript variables found in the source Extract all the social media links from the websites to identify potentially broken links Brute forcing host using a wordlist. Get the status codes for a list of URLs / Filtering out the live domains from a list of hosts.…

NEW TOOLSScanReverse EngineeringiOSMach-oVulnerability ScannersiOS SecuritySwiftIDAIblessing

Iblessing – An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis.iblessing is based on unicorn engine and capstone engine.FeaturesCross-platform: Tested on macOS and Ubuntu. iOS App static info extract, including metadata, deeplinks, urls, etc. Mach-O parser and dyld symbol bind simulator Objective-C class realizing and parsing Scanners making dynamic analysis for arm64 assembly code and find key information or attack surface Scanners using unicorn to partially simulate Mach-O arm64 code execution and find some features Generators that…

NEW TOOLSJavaScriptJSONgolangScrapeSocks5HeadlessHeadless ChromeUrlgrab

Urlgrab – A Golang Utility To Spider Through A Website Searching For Additional Links

A golang utility to spider through a website searching for additional links with support for JavaScript rendering.Installgo get -u ParallelismAbility to Render JavaScript (including Single Page Applications such as Angular and React)UsageUsage of urlgrab: -cache-dir string Specify a directory to utilize caching. Works between sessions as well. -debug Extremely verbose debugging output. Useful mainly for development. -delay int Milliseconds to randomly apply as a delay between requests. (default 2000) -depth int The maximum limit on the recursion depth of visited URLs. (default 2)…