Category: NEW TOOLS

Debian

Cerberus Linux v3

September 25, 2018 September 28, 2018by D4RkN

Cerberus Linux v3 Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

May 16, 2018 September 28, 2018by D4RkN

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

ReconDog v2.0 – Reconnaissance Swiss Army Knife

October 15, 2018by Black Hat Sec

Reconnaissance Swiss Army KnifeMain FeaturesWizard + CLA interfaceCan extracts targets from STDIN (piped input) and act upon themAll the information is extracted with APIs, no direct contact is made to the targetUtilitiesCensys: Uses censys.io to gather massive amount of information about an IP address.NS Lookup: Does name server lookupPort Scan: Scan most common TCP portsDetect CMS: Can detect 400+ content management systemsWhois lookup: Performs a whois lookupDetect honeypot: Uses shodan.io to check if target is a honeypotFind subdomains: Uses findsubdomains.com to find subdomainsReverse IP…

Auto-Root-Exploit ⁄ BSD ⁄ FreeBSD ⁄ NEW TOOLS ⁄ OpenBSD

Auto-Root-Exploit – Auto Root Exploit Tool

October 14, 2018by Black Hat Sec

Auto Root Exploit ToolAuthor : Nilotpal BiswasFacebook : : : for kernel version 2.6 all bash autoroot.sh 2 for kernel version 3 all bash autoroot.sh 3 for kernel version 4 all bash autoroot.sh 4 for freebsd & openbsd all bash autoroot.sh bsd for apple macos all bash autoroot.sh app for kernel 2.6,3,4 bsd & app all bash autoroot.sh allScreenshot 1Screenshot 2All exploits are suggested by "exploit-db.com" and will update according to it.Download Auto-Root-Exploit

Information Gathering ⁄ NEW TOOLS ⁄ Quasar

Quasar – An Information Gathering Framework For Lazy Penetration Testers

October 14, 2018by Black Hat Sec

Quasar Is An Information Gathering Framework For Penetration Testers Coded By Belahsan Ouerghi:Website InformationsE-mail Address CheckerPhone Number InformationCredit Card Bin CheckerIp LocatorPort ScannerInstallationsudo apt-get install gitgit clone quasarchmod +x install.shchmod +x quasar.shsudo ./install.shsudo ./quasar.shScreenshotsTested On :Backbox linuxUbuntuTutorialContactContact - Belahsan OuerghiYoutube - Tunisian Eagles Youtube ChannelDownload Quasar

Censys Subdomain Finder ⁄ Certificate transparency logs ⁄ Enumerate Subdomains ⁄ Mac ⁄ NEW TOOLS ⁄ Pentest Tool ⁄ Subdomain Enumeration ⁄ Subdomain Scanner

Censys Subdomain Finder – Perform Subdomain Enumeration Using The Certificate Transparency Logs From Censys

October 13, 2018by Black Hat Sec

This is a tool to enumerate subdomains using the Certificate Transparency logs stored by Censys. It should return any subdomain who has ever been issued a SSL certificate by a public CA.See it in action:$ python censys_subdomain_finder.py github.com[*] Searching Censys for subdomains of github.com[*] Found 42 unique subdomains of github.com in ~1.7 seconds - hq.github.com - talks.github.com - cla.github.com - github.com - cloud.github.com - enterprise.github.com - help.github.com - collector-cdn.github.com - central.github.com - smtp.github.com - cas.octodemo.github.com - schrauger.github.com - jobs.github.com - classroom.github.com - dodgeball.github.com -…

Mac ⁄ Media Metadata ⁄ Metadata-Attacker ⁄ NEW TOOLS ⁄ Pentesting Tool ⁄ Video Metadata ⁄ XSS

Metadata-Attacker – A Tool To Generate Media Files With Malicious Metadata

October 13, 2018by Black Hat Sec

With this small suite of open source pentesting tools you're able to create an image (.jpg), audio (.mp3) or video (.mp4) file containing your custom metadata or a set of cross-site scripting vectors to test any webservice against possible XSS vulnerabilities when displaying unfiltered meta data.Installation / UsageFirst install docker on your host system.Now you can simply run the following command:sudo docker run -p 80:80 --rm lednerb/metadata-attackerWhen finished open your favorite browser and switch to the docker ip or developed by @mniemietzAudio-Attacker developed…

Forensic Analysis ⁄ NEW TOOLS ⁄ Post Exploitation ⁄ Swap Digger ⁄ Wifi

Swap Digger – Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc

October 12, 2018by Black Hat Sec

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.Download and run the toolOn your machineUse the following commands to download and run the script on your machine:alice@1nvuln3r4bl3:~$ git clone cd swap_diggeralice@1nvuln3r4bl3:~$ chmod +x swap_digger.shalice@1nvuln3r4bl3:~$ sudo ./swap_digger.sh -vxOn a mounted hard driveTo use swap_digger on a mounted hard drive, do the following:First, download…

NEW TOOLS ⁄ Nmap ⁄ NSE ⁄ Parameter ⁄ Patator ⁄ Pentest ⁄ Pentest-Machine ⁄ Scan ⁄ WhatWeb

Pentest-Machine – Automates Some Pentest Jobs Via Nmap Xml File

October 11, 2018by Black Hat Sec

Automates some pentesting work via an nmap XML file. As soon as each command finishes it writes its output to the terminal and the files in output-by-service/ and output-by-host/. Runs fast-returning commands first. Please send me protocols/commands/options that you would like to see included.HTTPwhatwebWPScan (only if whatweb returns a WordPress result)EyeWitness with active login attemptslight dirb directory bruteforceDNSnmap NSE dns-zone-transfer and dns-recursionMySQLlight patator bruteforcePostgreSQLlight patator bruteforceMSSQLlight patator bruteforceSMTPnmap NSE smtp-enum-users and smtp-open-relaySNMPlight patador bruteforcesnmpcheck (if patador successfully finds a string)SMBenum4linux -anmap NSE smb-enum-shares, smb-vuln-ms08-067,…

Arduino ⁄ BadUsb ⁄ DigiDuck Framework ⁄ NEW TOOLS ⁄ Rubber Ducky ⁄ Scripts

DigiDuck Framework – Framework For Digiduck Development Boards Running ATTiny85 Processors And Micronucleus Bootloader

October 10, 2018by Black Hat Sec

Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader!Roadmap:Plan to implement a command for Duckyspark translation within the framework.Requirements:- ATTiny85 or other compatible "Digispark" Development Board(s)- DigiSpark Drivers (If you can use it with arduino you should be fine.)- OSX or MacOS- ArduinoIDE with Digispark Library InstalledGetting Started:Installation:DigiDuck Framework (Referred to as DDF) is really simple to start and setup! There are no third party modules required for DDF! All you need to do is make sure you have Python 3.6+ (I…

Crawler ⁄ EKFiddle ⁄ Fiddler ⁄ Mac ⁄ NEW TOOLS ⁄ Pcap ⁄ VirusTotal ⁄ VPN

EKFiddle v.0.8.2 – A Framework Based On The Fiddler Web Debugger To Study Exploit Kits, Malvertising And Malicious Traffic In General

October 10, 2018by Black Hat Sec

A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.InstallationDownload and install the latest version of Fiddlerhttps://www.telerik.com/fiddlerSpecial instructions for Linux and Mac here: C# scripting (Windows only)Launch Fiddler, and go to Tools -> OptionsIn the Scripting tab, change the default (JScript.NET) to C#.Change default text editor (optional)In the same Tools -> Options menu, click on the Tools tab.Windows: notepad.exe or notepad++.exeLinux: geditMac: /Applications/TextEdit.app or /Applications/TextWrangler.appClose FiddlerDownload or clone CustomRules.cs into the appropriate folder based on your…