PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Social Engineering

Windows10

Black Window 10 v2 (codename: Polemos)

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and…

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

FeaturedMalicious spamMalware DescriptionsNigerian SpamSecurity FeedsSocial EngineeringSpam and phishing reportsSpam StatisticsSpammer techniquesTematic Spam

Spam and phishing in Q3 2018

Quarterly highlights Personal data in spam We have often said that personal data is candy on a stick to fraudsters and must be kept safe (that is, not given out on dubious websites). It can be used to gain access to accounts and in targeted attacks and ransomware campaigns. In Q3, we registered a surge of fraudulent emails in spam traffic. This type of scam we have already reported at the beginning of the year. A ransom (in bitcoins) is demanded  in exchange for…

FeaturedSecurity FeedsSocial EngineeringSpam and phishingSpam LettersTematic Spam

Phishing for knowledge

When we talk about phishing, top of mind are fake banking sites, payment systems, as well as mail and other globally popular services. However, cybercriminals have their fingers in far more pies than that. Unobviously, perhaps, students and university faculties are also in the line of fire. The reason is the research they carry out and the potentially valuable results. Examples of phishing pages mimicking the login pages of the University of Washington, Harvard Business School, and Stanford University websites Over the past year,…

DistributedFireworkNEW TOOLSNTLMPenetration TestRDPRed TeamSocial EngineeringTLS

Firework – Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it.This tool may be used as part of a penetration test or red team exercise to create a .wcx payload (and associated feed) that if clicked on could be used to:Phish for credentials - NetNTLM hashes will be sent…

FeaturedMalicious spamMalware DescriptionsNigerian SpamSecurity FeedsSocial EngineeringSpam and phishing reportsSpam StatisticsSpammer techniquesTematic Spam

Spam and phishing in Q2 2018

Quarterly highlights GDPR as a phishing opportunity In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect on May 25, 2018. Back then spam traffic was limited to invitations to participate in workshops and other educational events and purchase software or databases. We predicted that fraudulent emails were soon to follow. And we found them in the second quarter. As required by the regulation, companies notified email recipients that they were switching to a new…

AircrackAircrack-ngBlackArchCaptive PortalEvil TwinFakeapFluxionKaliKali LinuxLINSETMITMNEW TOOLSrogueSocial EngineeringWPA

Fluxion – WPA/WPA2 Security Hacked Without Brute Force

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.If you need quick help, fluxion is also avaible…

Dll HijackingFeaturedIndustrial threatsInternet BankingRAT TrojanRDPSecurity FeedsSocial EngineeringSpywareTargeted Attacks

Attacks on industrial enterprises using RMS and TeamViewer

Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and are sent mainly to industrial companies located in Russia. The content of each email reflects the activity of the organization under attack and the type of work performed by the employee to whom the email is sent. According to the data…

CamelishingNEW TOOLSSocial Engineering

Camelishing – Social Engineering Tool

CamelishingSocial Engineering ToolFeaturesBulk email sendingBasic Python Agent CreatorOffice Excel Macro CreatorDDE Excel Creator(or Custom Payload)Return İnformation[Mail Open Track][Agent Open Track]AutoSaveStatistics ReportUser ControlInstallation Modules$ pip install -r requirements.txt$ Install Microsoft OfficeTested and Supported[+]Windows 7[+]Windows 10+SCREENSHOTMail Sender[+]Note : Compress and send the exe file(rar,zip)[+] Start Project : python start.pyMacro CreatorAgent CreatorAgentDDE CreatorGeneral SettingMail SendOpen MailReturn InformationStatistic Reportand more...Contact| Coded Abdulaziz ALTUNTAŞ || Email: a.azizaltuntas@gmail.com || Github: github/azizaltuntas || Twitter: @esccopyright |Download Camelishing

Hacking FrameworkInformation SecurityNetpwnNetwork SecurityNEW TOOLSSecurity ToolsSocial EngineeringWeb Spider

Netpwn – Tool Made To Automate Tasks Of Pentesting

A framework made to automate tasks of pentesting. Written in python 2.7ScreenshotsInstallgit clone netpwnchmod +x install./installTwitterhttps://twitter.com/3XPL017GH057Download Netpwn

messengersSecurity FeedsSocial EngineeringSpam and phishing

Tens of thousands per Gram

Looking at Instagram one morning, I spotted several posts from some fairly well-known people (in certain circles) who had invested in an ICO held by Telegram. Interesting, I thought to myself. I fancy a piece of that. Only I was pretty sure that if Telegram was indeed holding an ICO, it would be a private affair — off limits to cash-strapped social media-based “investors.” That’s when I decided to do some digging. Let’s start with a brief history lesson. In late 2017, information appeared…