WAF Buster – Disrupt WAF By Abusing SSL/TLS Ciphers

Disrupt WAF by abusing SSL/TLS CiphersAbout WAF_busterThis tool was created to Analyze the ciphers that are supported by the Web application firewall being used at the web server end. (Reference: ) It works by first triggering SslScan to look for all the supported ciphers during SSL/TLS negotiation with the web server.After getting the text file of all the supported ciphers, then we use Curl to query web server with each and every Cipher to check which of the ciphers are unsupported by WAF and supported by…

Cobalt StrikeCommand LineNEW TOOLSParameterRegistrywePWNise

wePWNise – Generates Architecture Independent VBA Code To Be Used In Office Documents Or Templates And Automates Bypassing Application Control And Exploit Mitigation Software

wePWNise is proof-of-concept Python script which generates VBA code that can be used in Office macros or templates. It was designed with automation and integration in mind, targeting locked down environment scenarios. The tool enumerates Software Restriction Policies (SRPs) and EMET mitigations and dynamically identifies safe binaries to inject payloads into. wePWNise integrates with existing exploitation frameworks (e.g. Metasploit, Cobalt Strike) and it also accepts any custom payload in raw format.PrerequisitesPython termcolor package. To install run: pip install termcolorCommand line argumentsTo start using wePWNise,…

AWSAws_Public_IpsIP addressesMacNEW TOOLS

Aws_Public_Ips – Fetch All Public IP Addresses Tied To Your AWS Account

aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account.It can be used as a library and as a CLI, and supports the following AWS services (all with both Classic & VPC flavors):APIGatewayCloudFrontEC2 (and as a result: ECS, EKS, Beanstalk, Fargate, Batch, & NAT Instances)ElasticSearchELB (Classic ELB)ELBv2 (ALB/NLB)LightsailRDSRedshiftIf a service isn't listed (S3, ElastiCache, etc) it's most likely because it doesn't have anything to support (i.e. it might not be deployable publicly, it might have all ip…

penetration testingTUTORIALS

Windows Privilege Escalation (Unquoted Path Service)

Hello Friends!! In this article we are demonstrating Windows privilege escalation via Unquoted service Path.  In penetration testing when we spawn command shell as local user, it is not possible to check restricted file or folder, therefore we need to escalated privileges to get administrators access. Table of content Introduction Lab setup Spawn command shell as local user Escalated privilege via Prepend-migrate Escalated privilege via Adding user Administrators Group Escalated privilege via RDP & Sticky_keys Introduction Unquoted service Path Vulnerability The vulnerability is related…

AWSCommand LineMacNEW TOOLSResource-Counter

Resource-Counter – This Command Line Tool Counts The Number Of Resources In Different Categories Across Amazon Regions

This command line tool counts the number of resources in different categories across Amazon regions.This is a simple Python app that will count resources across different regions and display them on the command line. It first shows the dictionary of the results for the monitored services on a per-region basis, then it shows totals across all regions in a friendlier format. It tries to use the most-efficient query mechanism for each resource in order to manage the impact of API activity. I wrote this…

Cyber ThreatsEDITOR’S NEWS

FCA lays out new rules for banks on reporting operational and security incidents to customers

On Wednesday 15th August, the Financial Conduct Authority (FCA) enforced new rules requiring providers of personal and business accounts to publish information that will help current customers to compare bank accounts from different providers. Banks will have to report major operational and security incidents that have taken place and disclose whether 24-hour customer helplines are available. The pressure for banks to report system failures is further compounded by the Bank of England and FCA’s fast approaching 5 October deadline, by which they must report on their…


Chatbots Say Plenty About New Threats to Data

By Amina Bashir and Mike Mimoso, Flashpoint Chatbots are becoming a useful customer interaction and support tool for businesses. These bots are powered by an artificial intelligence that allows customers to ask simple questions, pay bills, or resolve conflicts over transactions; they’re cheaper than hiring more call centre personnel, and they’re popping up everywhere. As with most other innovations, threat actors have found a use for them too. A number of recent security incidents have involved the abuse of a chatbot to steal personal…

Cyber ThreatsEDITOR’S NEWS

32,000 smart homes and businesses at risk of leaking data

New research from Avast (LSE: AVST), the global leader in cybersecurity products, found more than 49,000 Message Queuing Telemetry Transport (MQTT) servers publicly visible on the internet due to a misconfigured MQTT protocol. This includes more than 32,000 servers with no password protection, putting them at risk of leaking data. The MQTT protocol is used to interconnect and control smart home devices, via smart home hubs. When implementing the MQTT protocol, users set up a server. In the case of consumers, the server usually…

Cyber ThreatsTOP 10 STORIES

Ajit Pai Knew FCC Cyberattack Was Fake for Seven Months but Kept Quiet

Asked only once at a Senate hearing Thursday about the fake security incident that’s needled his agency for more than a year, the chairman of the Federal Communications Commission, Ajit Pai, acknowledged for the first time knowing secretly for several months that his office likely fed U.S. lawmakers false information. View full story ORIGINAL SOURCE: Gizmodo The post Ajit Pai Knew FCC Cyberattack Was Fake for Seven Months but Kept Quiet appeared first on IT SECURITY GURU.