Customize Termux Font & Colors:
ⒾⓃⓈⓉⒶⓁⓁⒾⓈⒶⓉⒾⓄⓃ & ⓇⓊⓃ :
1) apt update
2) apt install git -y
3) git clone https://github.com/htr-tech/tstyle
4) cd tstyle
5) bash setup.sh
> in on command install :
apt update && apt install git -y && git clone https://github.com/htr-tech/tstyle && cd tstyle && bash setup.sh && tstyle
6) then choose options via numbers
🦑Features :
Latest Fonts & Themes
Full Offline !
Easy to Use !
✅
Enjoy! Follow us for more...
Monitoring Dockers
- [Axibase Collector](https://github.com/axibase/atsd-use-cases/tree/master/Solutions/docker) - Axibase Collector streams performance counters, configuration changes and lifecycle events from the Docker engine(s) into Axibase Time Series Database for roll-up dashboards and integration with upstream monitoring systems.
- [cAdvisor](https://github.com/google/cadvisor) - Analyzes resource usage and performance characteristics of running containers. Created by [@Google](https://github.com/google)
- [Docker-Alertd](https://github.com/deltaskelta/docker-alertd) - Monitor and send alerts based on docker container resource usage/statistics
- [Docker-Flow-Monitor](https://github.com/vfarcic/docker-flow-monitor) - Reconfigures Prometheus when a new service is updated or deployed automatically by [@vfarcic][vfarcic]
- [Docker-Fluentd][fluentd] - Docker container to Log Other Containers' Logs. One can aggregate the logs of Docker containers running on the same host using Fluentd by [@kiyoto][kiyoto]
- [Glances](https://github.com/nicolargo/glances) - A cross-platform curses-based system monitoring tool written in Python by [@nicolargo](https://github.com/nicolargo)
- [Grafana Docker Dashboard Template](https://grafana.com/dashboards/179) - A template for your Docker, Grafana and Prometheus stack [@vegasbrianc][vegasbrianc]
- [InfluxDB, cAdvisor, Grafana](https://github.com/vegasbrianc/docker-monitoring) - InfluxDB Time series DB in combination with Grafana and cAdvisor by [@vegasbrianc][vegasbrianc]
- [LogJam](https://github.com/gocardless/logjam) - Logjam is a log forwarder designed to listen on a local port, receive log entries over UDP, and forward these messages on to a log collection server (such as logstash) by [@gocardless](https://github.com/gocardless)
- [Logsene for Docker][spm] Monitoring of Metrics, Events and Logs implemented in Node.js. Integrated [logagent-js](https://github.com/sematext/logagent-js) to detect and parse various log formats. [@sematext][sematext]
- [Logspout](https://github.com/gliderlabs/logspout) - Log routing for Docker container logs by [@gliderlabs][gliderlabs]
- [Out-of-the-box Host/Container Monitoring/Logging/Alerting Stack](https://github.com/uschtwill/docker_monitoring_logging_alerting) - Docker host and container monitoring, logging and alerting out of the box using cAdvisor, Prometheus, Grafana for monitoring, Elasticsearch, Kibana and Logstash for logging and elastalert and Alertmanager for alerting. Set up in 5 Minutes. Secure mode for production use with built-in [Automated Nginx Reverse Proxy (jwilder's)][nginxproxy].
- [Zabbix Docker module](https://github.com/monitoringartist/Zabbix-Docker-Monitoring) - Zabbix module that provides discovery of running containers, CPU/memory/blk IO/net container metrics. Systemd Docker and LXC execution driver is also supported. It's a dynamically linked shared object library, so its performance is (~10x) better, than any script solution.
- [Zabbix Docker](https://github.com/gomex/docker-zabbix) - Monitor containers automatically using zabbix LLD feature.
>git sources
Enjoy! Follow us for more...
Cloud Security Resources
* [Cloud Security Resources from AWS](https://aws.amazon.com/security/security-resources)
* [Penetration Testing in Microsoft Azure](https://docs.microsoft.com/en-us/azure/security/azure-security-pen-testing)
* [Penetration Testing in AWS](https://aws.amazon.com/security/
penetration-testing)
* [Penetration Testing in Google Cloud Platform](https://cloud.google.com/security/overview)
* [Google Cloud Security Center](https://cloud.google.com/security)
> git sources
Enjoy! Follow us for more...
Additional AWS Pen Testing References
- [PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET](https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-storage/) - Written by Dwight Hohnstein from [Rhino Security Labs](https://rhinosecuritylabs.com/).
- [AWS PENETRATION TESTING PART 1. S3 BUCKETS](https://www.virtuesecurity.com/blog/aws-penetration-testing-s3-buckets/) - Written by [@VirtueSecurity](https://twitter.com/VirtueSecurity).
- [AWS PENETRATION TESTING PART 2. S3, IAM, EC2](https://www.virtuesecurity.com/blog/aws-penetration-testing-part-2-s3-iam-ec2/) - Written by [@VirtueSecurity](https://twitter.com/VirtueSecurity).
#Kali in AWS
Kali Linux is already available at Amazon's AWS marketplace at:
https://aws.amazon.com/marketplace/pp/B01M26MMTT
> git sources
Enjoy! Follow us for more...
Security Onion, RedHunt OS, Proxmox, and Open vSwitch
If you have attended some of my classes and read some of my books, you know that I really like [Proxmox](https://www.proxmox.com/en/). I have several Proxmox clusters that I use for my training courses and to develop labs to learn new cybersecurity skills (offensive and defensive techniques).
🦑You can instantiate Linux systems such as
[Kali Linux](https://www.kali.org/),
[WebSploit](https://websploit.org),
[Parrot](https://parrotlinux.org/),
[BlackArch](https://blackarch.org/),
[Security Onion](https://securityonion.net),
[RedHuntOS](https://github.com/redhuntlabs/RedHunt-OS), and others in different VMs to practice and learn new skills in a safe environment.
> git sources
Enjoy! Follow us for More
monitor your network-Systems
like :
[Security Onion](https://securityonion.net)
[RedHuntOS](https://github.com/redhuntlabs/RedHunt-OS) come with
with [Snort](https://www.snort.org/),
[Suricata](https://suricata-ids.org/), [ELK](https://www.elastic.co/what-is/elk-stack), and many other security tools that allow you to monitor your network.
1) You have to setup [port mirroring](https://en.wikipedia.org/wiki/Port_mirroring) for IDS/IPS systems like Snort to be able to monitor traffic.
2) In Proxmox, you can setup [Linux bridges](https://pve.proxmox.com/wiki/Network_Configuration) and [Open vSwitch (OVS) bridges](https://pve.proxmox.com/wiki/Open_vSwitch).
Enjoy! Follow us for more...
[Security Onion](https://securityonion.net)
[RedHuntOS](https://github.com/redhuntlabs/RedHunt-OS) come with
with [Snort](https://www.snort.org/),
[Suricata](https://suricata-ids.org/), [ELK](https://www.elastic.co/what-is/elk-stack), and many other security tools that allow you to monitor your network.
1) You have to setup [port mirroring](https://en.wikipedia.org/wiki/Port_mirroring) for IDS/IPS systems like Snort to be able to monitor traffic.
2) In Proxmox, you can setup [Linux bridges](https://pve.proxmox.com/wiki/Network_Configuration) and [Open vSwitch (OVS) bridges](https://pve.proxmox.com/wiki/Open_vSwitch).
Enjoy! Follow us for more...
termux hack tool for Hack Patten
> in a way- generating pattern phishing tool which can hack victim pattern :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽
$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/hacklock
$ ls
$ cd hacklock
$ ls
$ bash hacklock.sh
🦑How it Works ?
1) Now you need internet connection to continue further process and Turn on your device hotspot to get link...
2) You will recieve patter pin in below image you can see pattern with numbers
3)You can select any option by clicking on your keyboard
Note:- Don't delete any of the scripts included in core files
4) From this option you can create phishing pattern link which get keys of victim pattern after he used this link
Enjoy! Follow us for more...
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽
$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/hacklock
$ ls
$ cd hacklock
$ ls
$ bash hacklock.sh
🦑How it Works ?
1) Now you need internet connection to continue further process and Turn on your device hotspot to get link...
2) You will recieve patter pin in below image you can see pattern with numbers
3)You can select any option by clicking on your keyboard
Note:- Don't delete any of the scripts included in core files
4) From this option you can create phishing pattern link which get keys of victim pattern after he used this link
Enjoy! Follow us for more...
Reverse Engineering Tools
The following are some of the most popular reverse engineering tools:
HOWEVER! GO TO THE [REVERSE ENGINEERING SECTION](https://github.com/The-Art-of-Hacking/art-of-hacking/blob/master/reverse_engineering/README.md) for more references.
* [Ghidra](https://ghidra-sre.org/) - a software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate
* [Interactive Disassembler (IDA Pro)](https://www.hex-rays.com/products/ida/) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware.shtml).
* [WDK/WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx) - Windows Driver Kit and WinDbg.
* [OllyDbg](http://www.ollydbg.de/) - x86 debugger for Windows binaries that emphasizes binary code analysis.
* [Radare2](http://rada.re/r/index.html) - Open source, crossplatform reverse engineering framework.
* [x64dbg](http://x64dbg.com/) - Open source x64/x32 debugger for windows.
* [Immunity Debugger](http://debugger.immunityinc.com/) - Powerful way to write exploits and analyze malware.
* [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for GNU/Linux.
* [Medusa](https://github.com/wisk/medusa) - Open source, cross-platform interactive disassembler.
* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
* [peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB.
* [dnSpy](https://github.com/0xd4d/dnSpy) - Tool to reverse engineer .NET assemblies.
* [binwalk](https://github.com/devttys0/binwalk) - Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
* [PyREBox](https://github.com/Cisco-Talos/pyrebox) - Python scriptable Reverse Engineering sandbox by Cisco-Talos.
* [Voltron](https://github.com/snare/voltron) - Extensible debugger UI toolkit written in Python.
* [Capstone](http://www.capstone-engine.org/) - Lightweight multi-platform, multi-architecture disassembly framework.
* [rVMI](https://github.com/fireeye/rVMI) - Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
* [Frida](https://www.frida.re/) - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
> git sources
Enjoy! Follow us for more...
Disk Image Creation Tools
* [AccessData FTK Imager](http://accessdata.com/product-download/?/support/adownloads#FTKImager) - AccessData FTK Imager is a forensics tool whose main purpose is to preview recoverable data from a disk of any kind. FTK Imager can also acquire live memory and paging file on 32bit and 64bit systems
* [Bitscout](https://github.com/vitaly-kamluk/bitscout) - Bitscout by Vitaly Kamluk helps you build your fully-trusted customizable LiveCD/LiveUSB image to be used for remote digital forensics (or perhaps any other task of your choice). It is meant to be transparent and monitorable by the owner of the system, forensically sound, customizable and compact.
* [GetData Forensic Imager](http://www.forensicimager.com/) - GetData Forensic Imager is a Windows based program that will acquire, convert, or verify a forensic image in one of the following common forensic file formats
* [Guymager](http://guymager.sourceforge.net) - Guymager is a free forensic imager for media acquisition on Linux
* [Magnet ACQUIRE](https://www.magnetforensics.com/magnet-acquire/) - ACQUIRE by Magnet Forensics allows various types of disk acquisitions to be performed on Windows, Linux, and OS X as well as mobile operating systems.
> git sources
Enjoy! Follow us for more...
TOP HACKING SOURCES
#Rogue BTS & CDMA/GSM Traffic Impersonation and Interception
- [How to create an Evil LTE Twin/LTE Rogue BTS](https://medium.com/@adam.toscher/how-to-create-an-evil-lte-twin-34b0a9ce193b)
How to setup a 4G/LTE Evil Twin Base Station using srsLTE and a USRP SDR device.
- [How To Build Your Own Rogue GSM BTS For Fun and Profit](https://www.evilsocket.net/2016/03/31/how-to-build-your-own-rogue-gsm-bts-for-fun-and-profit/)
"In this blog post I’m going to explain how to create a portable GSM BTS which can be used either to create a private ( and vendor free! ) GSM network or for GSM active tapping/interception/hijacking … yes, with some (relatively) cheap electronic equipment you can basically build something very similar to what the governments are using from years to perform GSM interception."
- [Practical attacks against GSM networks: Impersonation](https://blog.blazeinfosec.com/practical-attacks-against-gsm-networks-part-1/)
"Impersonating a cellular base station with SDR: With the flexibility, relative low cost of Software Defined Radio (SDR) and abundance of open source projects that emulate a cell tower, successfully impersonating a GSM Base Station (BTS) is not a difficult task these days."
- [Building a Portable GSM BTS Using BladeRF/PI](https://blog.strcpy.info/2016/04/21/building-a-portable-gsm-bts-using-bladerf-raspberry-and-yatebts-the-definitive-guide/)
"I was always amazed when I read articles published by some hackers related to GSM technology. However, playing with GSM technologies was not cheap until the arrival of Software Defined Radios (SDRs), besides not being something easy to be implemented."
- [rtl.sdr.com Tutorial-Analyzing GSM with-Airprobe and Wireshark](https://www.rtl-sdr.com/rtl-sdr-tutorial-analyzing-gsm-with-airprobe-and-wireshark/) "The RTL-SDR software defined radio can be used to analyze cellular phone GSM signals, using Linux based tools GR-GSM (or Airprobe) and Wireshark. This tutorial shows how to set up these tools for use with the RTL-SDR."
- [Traffic Interception for Penetration Testing Engagements](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/may/gsmgprs-traffic-interception-for-penetration-testing-engagements/) "Within the penetration testing domain quite often we have to deal with different technologies and devices. It’s important to cover all aspects of connectivity of a device being tested which is why we have built a GSM/GPRS interception capability. There are a number of different devices and systems that make use of GSM/GPRS, non-exhaustively we commonly see:"
#git sources
Enjoy! Follow us for more...
CCTV HACKING TERMUX-LINUX :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽
Mode Of Execution:
1) apt-get install python3
2) apt-get install git
3) git clone https://github.com/AngelSecurityTeam/Cam-Hackers
4) pip3 install requests
5) cd Cam-Hackers
6) python3 cam-hackers.py
Enjoy! Follow us for more...
SIM CARD GSM SOFTWARES FREE
🦑 :
> This is the source code for the pySimReader application.
> It requires a PCSC compatible SIM reader to be attached to the computer.
> The main product page is here: http://twhiteman.netfirms.com/pySIM.html
(You can download the Windows installer from here: https://github.com/toddw-as/SimReader/blob/master/installer/pySimReader_v14_setup.exe?raw=true )
> The application uses Python for the user interface and data processing, as well as a binary Python module (DLL) to utilize the Microsoft SmartCard Base Component APIs (note that if I were to rewrite this code today, I'd probably utilize Python ctypes instead of this wrapper library - as that would simplify the build process - removing the Microsoft Visual Studio and Swig dependencies).
#Requested
✅
Enjoy! Follow us for more...
> This is the source code for the pySimReader application.
> It requires a PCSC compatible SIM reader to be attached to the computer.
> The main product page is here: http://twhiteman.netfirms.com/pySIM.html
(You can download the Windows installer from here: https://github.com/toddw-as/SimReader/blob/master/installer/pySimReader_v14_setup.exe?raw=true )
> The application uses Python for the user interface and data processing, as well as a binary Python module (DLL) to utilize the Microsoft SmartCard Base Component APIs (note that if I were to rewrite this code today, I'd probably utilize Python ctypes instead of this wrapper library - as that would simplify the build process - removing the Microsoft Visual Studio and Swig dependencies).
#Requested
✅
Enjoy! Follow us for more...
WhatsApp vulnerability or exposed user's mobile number :
> A security researcher revealed that WhatsApp discovered a bug that allowed users' mobile numbers to be exposed on the Google search engine. Although not all users' numbers have been exposed, this issue has caused their concern. However, if the user has only talked to a WhatsApp user he knows (the group invitation link has not been used), there is a high probability that he will not be affected by this vulnerability.
WhatsApp vulnerability or exposed user's mobile number
Author: Content reprint Date: 2020-06-09 Category: Vulnerability event
Views 2550like 0score 12345
A security researcher revealed that WhatsApp discovered a bug that allowed users' mobile numbers to be exposed on the Google search engine. Although not all users' numbers have been exposed, this issue has caused their concern. However, if the user has only talked to a WhatsApp user he knows (the group invitation link has not been used), there is a high probability that he will not be affected by this vulnerability.
> Athul Jayaram, a security researcher, said that WhatsApp executives are aware of the problem, but are indifferent to it. It is reported that the issue is related to the WhatsApp QR code feature launched earlier this year.
> WhatsApp’s previously released group invite link works differently than the new QR code feature, but the former is obviously more secure-because the latter uses the unencrypted http://wa.me/ short URL system, The user's phone number is not hidden in the link.
> When a user shares a QR code on the new system, if the URL is crawled by a Google crawler, it will most likely be included in the search engine's index results. If you are worried about your number being accidentally received, please search and verify it via site:wa.me + country code.
> Currently, if searched through site:api.whatsapp.com, the Google search engine will also return thousands of search results. But unless the WhatsApp executives face the problem squarely, the negative impact of this matter will certainly continue.
Enjoy! Follow us for more...
dump the memory contents of a process to a file without stopping the process :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣ Download : https://vidstromlabs.com/downloads/pmdump.exe
2️⃣ Now you got a pmdump.exe file in downloads folder
3️⃣Open cmd go via dir ( cd)
In this case, your file path is C:\Program Files\Downloads\
4️⃣Type in cmd C:\Program Files\Downloads\ start pmdump.exe
( FOR DETAILS HOW TO RUN .EXE IN CMD WITH PICTURES GO TO
https://www.wikihow.com/Run-an-EXE-File-From-Command-Prompt )
Enjoy! Follow us for more...
Android Security Editing
- [Android Developer Studio](http://developer.android.com/sdk/index.html)
- [APKtool](http://ibotpeaches.github.io/Apktool/)
- [dex2jar](https://github.com/pxb1988/dex2jar)
- [Bytecode Viewer](https://bytecodeviewer.com/)
- [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
- [Android Reverse Engineering Arsenals](https://www.owasp.org/
index.php/OWASP_Mobile_Security_Project#tab=M-Tools)
Enjoy! Follow us for more...
Getting Data From Vulnerable Site:
Now, you need to run Havij as administrator and follow the steps below
Step 1. Paste the vulnerable site in the target TextBox on Havij and click Analyze .
Step 2. Once the process finished, you will see something like in the image below on your Havij log box.
Step 3. Click on Tables then Get Tables and you will see all the tables that are in the database.
Step 4. Now, look for a table named “ Orders ” or something similar. Tick the table and click on Get Columns.
Step 5. You will get the columns that are in the table “Orders”. Now tick on something that related to credit cards information, such as cc_number, cc_type, cc_expired_year, cc_expired_month, and cvv or cvv2 . Once you’re done, click on Get Data.
Step 6. Just wait for the dumping progress and you will get the information.
Enjoy! Follow us for more...
DNS Most popular tools used for informations gathering
:
> dnsenum : http://code.google.com/p/dnsenum
> dnsmap : http://code.google.com/p/dnsmap
> dnsrecon : http://www.darkoperator.com/tools-and-scripts
> dnstracer : http://www.mavetju.org/unix/dnstracer.php
> dnswalk : http://sourceforge.net/projects/dnswalk
Enjoy! Follow us for more...
> dnsenum : http://code.google.com/p/dnsenum
> dnsmap : http://code.google.com/p/dnsmap
> dnsrecon : http://www.darkoperator.com/tools-and-scripts
> dnstracer : http://www.mavetju.org/unix/dnstracer.php
> dnswalk : http://sourceforge.net/projects/dnswalk
Enjoy! Follow us for more...
Remote Access and Site-to-site VPN Troubleshooting References :
- [ASA and AnyConnect Troubleshooting TechNotes](https://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/products-tech-notes-list.html)
- [AnyConnect VPN Client Troubleshooting Guide](https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/212972-anyconnect-vpn-client-troubleshooting-gu.html)
- [Site-to-Site VPNs for Firepower Threat Defense
](https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/firepower_threat_defense_site_to_site_vpns.html)
- [Remote Access VPNs for Firepower Threat Defense](https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/firepower_threat_defense_remote_access_vpns.html)
- [VPN Monitoring for Firepower Threat Defense](https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/firepower_threat_defense_vpn_monitoring.html)
- [VPN Troubleshooting for Firepower Threat Defense](https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/firepower_threat_defense_vpn_troubleshooting.html)
Enjoy! Follow us for more...
Vulnerable Apps, Servers, and Websites
The following is a collection of vulnerable servers (VMs) or websites that you can use to practice your skills (sorted alphabetically).
- bWAPP : <https://sourceforge.net/projects/bwapp/files/bWAPP>
- Damn Vulnerable ARM Router (DVAR): <http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html>
- Damn Vulnerable iOS Application (DVIA): <http://damnvulnerableiosapp.com>
- Damn Vulnerable Web App (DVWA): <https://github.com/ethicalhack3r/DVWA>
- DOMXSS: <http://www.domxss.com/domxss/>
- Game of Hacks: <http://www.gameofhacks.com>
- Gruyere: <https://google-gruyere.appspot.com>
- Hack the Box: <https://www.hackthebox.eu/>
- Hack This Site: <https://www.hackthissite.org>
- Hack This: <https://www.hackthis.co.uk>
- Hack Yourself first <https://hack-yourself-first.com/>
- Hackazon : <https://github.com/rapid7/hackazon>
- HellBound Hackers: <https://www.hellboundhackers.org>
- Metasploitable2 : <https://community.rapid7.com/docs/DOC-1875>
- Metasploitable3 : <https://blog.rapid7.com/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3/>
- Over The Wire Wargames: <http://overthewire.org/wargames>
- OWASP Juice Shop : https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
- OWASP Mutillidae II: <https://sourceforge.net/projects/mutillidae>
- Peruggia: <https://sourceforge.net/projects/peruggia>
- RootMe: <https://www.root-me.org>
- Samurai Web Testing Framework: <http://www.samurai-wtf.org/>
- Try2Hack: <http://www.try2hack.nl>
- Vicnum: <http://vicnum.ciphertechs.com>
- VulnHub:https://www.vulnhub.com
- Web Security Dojo: <https://www.mavensecurity.com/resources/web-security-dojo>
- WebSploit Labs (created and maintained by Omar Ωr Santos): https://websploit.h4cker.org
- WebGoat: <https://github.com/WebGoat/WebGoat>
- PortSwigger Web Security Academy: <https://portswigger.net/web-security>
> git source
Enjoy! Follow us for more...
Service Discovery
- [docker-consul](https://github.com/gliderlabs/docker-consul) by [@progrium][progrium]
- [etcd](https://github.com/coreos/etcd) - A highly-available key value store for shared configuration and service discovery by [@coreOS][coreos]
- [istio](https://github.com/istio/istio) - An open platform to connect, manage, and secure microservices by [@IstioMesh](istio)
- [registrator](https://github.com/gliderlabs/registrator) - Service registry bridge for Docker by [@gliderlabs][gliderlabs] and [@progrium][progrium]
> git sources
Enjoy! Follow us for more...
Social Engineering
* [Social Engineering Toolkit](https://github.com/trustedsec/social-engineer-toolkit)
* [Social Engineer Portal](https://www.social-engineer.org/)
* [7 Best social Engineering attack](http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411)
* [Using Social Engineering Tactics For Big Data Espionage - RSA Conference Europe 2012](https://www.rsaconference.com/writable/presentations/file_upload/das-301_williams_rader.pdf)
* [Weaponizing data science for social engineering: Automated E2E spear phishing on Twitter - Defcon 23](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering-WP.pdf)
* [OWASP Presentation of Social Engineering - OWASP](https://www.owasp.org/images/5/54/Presentation_Social_Engineering.pdf)
* [USB Drop Attacks: The Danger of “Lost And Found†Thumb Drives](https://www.redteamsecure.com/usb-drop-attacks-the-danger-of-lost-
and-found-thumb-drives/)
* [PyPhishing Toolkit](https://github.com/redteamsecurity/PyPhishing)
* [Best Time to send email](https://coschedule.com/blog/best-time-to-send-email/)
* [Phishing on Twitter - POT](https://www.kitploit.com/2018/02/pot-phishing-on-twitter.html)
> git sources
Enjoy! Follow us for more...
Threat Hunting Resources
# Platforms and Tools
- [MITRE ATT&CK](https://attack.mitre.org/wiki/Main_Page) - A curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target.
- [MITRE CAR](https://car.mitre.org/wiki/Main_Page) - The Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK™️) adversary model.
- [MITRE ATT&CK Navigator](https://mitre.github.io/attack-navigator/enterprise/)([source code](https://github.com/mitre/attack-navigator)) - The ATT&CK Navigator is designed to provide basic navigation and annotation of ATT&CK matrices, something that people are already doing today in tools like Excel.
- [HELK](https://github.com/Cyb3rWard0g/HELK) - A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.
- [osquery](https://osquery.io/) - An operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. It exposes an operating system as a high-performance relational database.
- [osquery-configuration](https://github.com/palantir/osquery-configuration) - A repository for using osquery for incident detection and response.
- [DetectionLab](https://github.com/clong/DetectionLab/) - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices.
- [Sysmon-DFIR](https://github.com/MHaggis/sysmon-dfir) - Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
- [sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config) - Sysmon configuration file template with default high-quality event tracing.
- [sysmon-modular](https://github.com/olafhartong/sysmon-modular) - A repository of sysmon configuration modules. It also includes a [mapping](https://github.com/olafhartong/sysmon-modular/blob/master/attack_matrix/README.md) of Sysmon configurations to MITRE ATT&CK techniques.
- [Revoke-Obfuscation](https://github.com/danielbohannon/Revoke-Obfuscation) - PowerShell Obfuscation Detection Framework.
- [Invoke-ATTACKAPI](https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI) - A PowerShell script to interact with the MITRE ATT&CK Framework via its own API.
- [Unfetter](https://github.com/unfetter-analytic/unfetter) - A reference implementation provides a framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine and performing CAR analytics to detect potential adversary activity.
- [NOAH](https://github.com/giMini/NOAH) - PowerShell No Agent Hunting.
- [PSHunt](https://github.com/Infocyte/PSHunt) - Powershell Threat Hunting Module.
- [Flare](https://github.com/austin-taylor/flare) - An analytical framework for network traffic and behavioral analytics.
- [go-audit](https://github.com/slackhq/go-audit) - An alternative to the auditd daemon that ships with many distros.
- [sqhunter](https://github.com/0x4D31/sqhunter) - A simple threat hunting tool based on osquery, Salt Open and Cymon API.
- [Alerting and Detection Strategies Framework](https://github.com/palantir/alerting-detection-strategy-framework) - A framework for developing alerting and detection strategies.
- [A Simple Hunting Maturity Model](http://detect-respond.blogspot.com.au/2015/10/a-simple-hunting-maturity-model.html) - The Hunting Maturity Model describes five levels of organizational hunting capability, ranging from HMM0 (the least capability) to HMM4 (the most).
- [The Pyramic of Pain](http://detect-respond.blogspot.com.au/2013/03/the-pyramid-of-pain.html) - The relationship between the types of indicators you might use to detect an adversary's activities and how much pain it will cause them when you are able to deny those indicators to them.
- [A Framework for Cyber Threat Hunting](http://sqrrl.com/media/Framework-for-Threat-Hunting-Whitepaper.pdf)
- [The PARIS Model](http://threathunter.guru/blog/the-paris-model/) - A model for threat hunting.
[Cyber Kill Chain](https://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html) - It is part of the Intelligence Driven Defense®️ model for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective.
- [The DML Model](http://ryanstillions.blogspot.com.au/2014/04/the-dml-model_21.html) - The Detection Maturity Level (DML) model is a capability maturity model for referencing ones maturity in detecting cyber attacks.
- [Endgame Hunt Cycle](http://pages.endgame.com/rs/627-YBU-612/images/Endgame%20Hunt%20Methodology%20POV%203.24.16.pdf)
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [Sigma](https://github.com/Neo23x0/sigma) - Generic Signature Format for SIEM Systems
> git sources
Enjoy! Follow us for more...
Most advanced XSS scanner 8k stars
FEATURES :
Reflected and DOM XSS scanning
Multi-threaded crawling
Context analysis
Configurable core
WAF detection & evasion
Outdated JS lib scanning
Intelligent payload generator
Handmade HTML & JavaScript parser
Powerful fuzzing engine
Blind XSS support
Highly researched work-flow
Complete HTTP support
Bruteforce payloads from a file
Powered by Photon, Zetanize and Arjun
Payload Encoding
🦑Os :
> debians (kali-parrot-ubuntu...)
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/s0md3v/XSStrike
2️⃣cd XSStrike
2️⃣python xsstrike.py [-h] [-u TARGET] [--data DATA] [-t THREADS] [--seeds SEEDS] [--json] [--path]
[--fuzzer] [--update] [--timeout] [--params] [--crawl] [--blind]
[--skip-dom] [--headers] [--proxy] [-d DELAY] [-e ENCODING]
MORE USAGES :
4️⃣Scan a single URL
Option: -u or --url
5️⃣Test a single webpage which uses GET method.
python xsstrike.py -u "http://example.com/search.php?q=query"
6️⃣Supplying POST data
python xsstrike.py -u "http://example.com/search.php" --data "q=query"
7️⃣Testing URL path components
Option: --path
8️⃣Want to inject payloads in the URL path like http://example.com/search/<payload>, you can do that with --path switch.
python xsstrike.py -u "http://example.com/search/form/query" --path
9️⃣Treat POST data as JSON
Option: --json
This switch can be used to test JSON data via POST method.
python xsstrike.py -u "http://example.com/search.php" --data '{"q":"query"} --json'
🔟Crawling
Option: --crawl
For more type -h
✅
Enjoy! Follow us for more...
5G Cellular Attacks
🦑#
- [ENISA THREAT LANDSCAPE FOR 5G NETWORKS](https://github.com/W00t3k/Awesome-CellularHacking/blob/master/ENISA%20threat%20landscape%20for%205G%20Networks.pdf)
- [Protecting the 4G and 5G Cellular PagingProtocols against Security and Privacy Attacks](https://www.degruyter.com/downloadpdf/j/popets.2020.2020.issue-1/popets-2020-0008/popets-2020-0008.pdf)
- [Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil](https://relentless-warrior.github.io/wp-content/uploads/2019/05/wisec19-preprint.pdf)
- [5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol](https://relentless-warrior.github.io/wp-content/uploads/2019/10/5GReasoner.pdf)
- [QCSniper - A tool For capture 2g-4g air traffic using qualcomm phones ](https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/)
- [Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information](http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE-torpedo-NDSS19.pdf)
- [New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols ](https://arxiv.org/pdf/1905.07617.pdf)
- [New Vulnerabilities in 5G Networks](https://threatpost.com/5g-security-flaw-mitm-targeted-attacks/147073/)
- [Side Channel Analysis in 4G and 5G Cellular Networks](https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)
- [5G NR Jamming, Spoofing, and Sniffing](https://github.com/W00t3k/Awesome-Cellular-Hacking/blob/master/5gjam.pdf)
> git sources
Enjoy! Follow us for more...
- [ENISA THREAT LANDSCAPE FOR 5G NETWORKS](https://github.com/W00t3k/Awesome-CellularHacking/blob/master/ENISA%20threat%20landscape%20for%205G%20Networks.pdf)
- [Protecting the 4G and 5G Cellular PagingProtocols against Security and Privacy Attacks](https://www.degruyter.com/downloadpdf/j/popets.2020.2020.issue-1/popets-2020-0008/popets-2020-0008.pdf)
- [Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil](https://relentless-warrior.github.io/wp-content/uploads/2019/05/wisec19-preprint.pdf)
- [5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol](https://relentless-warrior.github.io/wp-content/uploads/2019/10/5GReasoner.pdf)
- [QCSniper - A tool For capture 2g-4g air traffic using qualcomm phones ](https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/)
- [Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information](http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE-torpedo-NDSS19.pdf)
- [New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols ](https://arxiv.org/pdf/1905.07617.pdf)
- [New Vulnerabilities in 5G Networks](https://threatpost.com/5g-security-flaw-mitm-targeted-attacks/147073/)
- [Side Channel Analysis in 4G and 5G Cellular Networks](https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)
- [5G NR Jamming, Spoofing, and Sniffing](https://github.com/W00t3k/Awesome-Cellular-Hacking/blob/master/5gjam.pdf)
> git sources
Enjoy! Follow us for more...
updated web server scanner
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/sullo/nikto
# Main script is in program/
2️⃣cd nikto/program
# Run using the shebang interpreter
3️⃣./nikto.pl -h http://www.example.com
# Run using perl (if you forget to chmod)
4️⃣perl nikto.pl -h http://www.example.com
🦑Run as a Docker container:
1️⃣git clone https://github.com/sullo/nikto.git
2️⃣cd nikto
3️⃣docker build -t sullo/nikto .
# Call it without arguments to display the full help
4️⃣docker run --rm sullo/nikto
# Basic usage
5️⃣docker run --rm sullo/nikto -h http://www.example.com
# To save the report in a specific format, mount /tmp as a volume:
6️⃣docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json
Enjoy! Follow us for more...
1️⃣git clone https://github.com/sullo/nikto
# Main script is in program/
2️⃣cd nikto/program
# Run using the shebang interpreter
3️⃣./nikto.pl -h http://www.example.com
# Run using perl (if you forget to chmod)
4️⃣perl nikto.pl -h http://www.example.com
🦑Run as a Docker container:
1️⃣git clone https://github.com/sullo/nikto.git
2️⃣cd nikto
3️⃣docker build -t sullo/nikto .
# Call it without arguments to display the full help
4️⃣docker run --rm sullo/nikto
# Basic usage
5️⃣docker run --rm sullo/nikto -h http://www.example.com
# To save the report in a specific format, mount /tmp as a volume:
6️⃣docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json
Enjoy! Follow us for more...
COMMUN VIRUS-MALWARES
1) Damn Simple Honeypot (DSHP) - Honeypot framework with pluggable handlers.
2) NOVA - uses honeypots as detectors, looks like a complete system.
3) OpenFlow Honeypot (OFPot) - Redirects traffic for unused IP addresses to a honeypot built on POX.
4) OpenCanary - A modular and decentralized honeypot daemon that runs several Canary versions of services and warns when (ab) is in use.
low- ciscoasa_honeypot Honeypot for a Cisco ASA that can detect CVE-2018-0101, DoS vulnerabilities, and remote code execution.
miniprint - Honeypot mid-interaction printer.
🦑 Botnet C2 Tools
1) Hale - Botnet management and control monitor.
2) dnsMole - analyzes DNS traffic and potentially detects botnet commands and monitors server activity, as well as infected hosts.
3) IPv6 attack detection tool
ipv6 attack detector is a Google Summer of Code 2012 project supported by the Honeynet Project.
dynamic code toolkit
4)Frida - Add JavaScript to explore native applications on Windows, Mac, Linux, iOS, and Android.
A tool for converting a site into server decoys
5) HIHAT - Convert arbitrary PHP applications to high-level Honeypots web interfaces.
malware collector
6) Kippo-Malware is a Python script that downloads all malicious files stored as URLs in the Kippo SSH honeypot database.
Distributed Deployment Sensor
7) Modern Honey Network - Multiple snort and honeypot sensor management, uses a network of virtual machines, small SNORT installations, hidden dioneas and a centralized server for management.
🦑Network analysis tool
1) Tracexploit - play network packets.
2) Anonymizer Journal
3) LogAnon - Anonymous logging library that helps ensure anonymous logs are consistent between logs and network captures.
Low-interaction Honeypot (router back door)
4) Honeypot-32764 - Honeypot for the back door of the router (TCP 32764).
5) WAPot - Honeypot that can be used to monitor traffic directed to home routers.
6) Honeynet Farm Traffic Redirector
Honeymole - Deploying multiple sensors that redirect traffic to a centralized collection of honey pots.
7) HTTPS Proxy
mitmproxy - allows you to intercept, verify, modify and play traffic flows.
🦑System hardware
1) Sysdig - An open-source system-level study allows you to record the status and activity of a system from a running GNU / Linux instance, and then save, filter, and analyze the results.
2) Fibratus - A tool for researching and tracking the Windows kernel.
Honeypot for malware distribution via USB
3) Ghost-usb - Honeypot for malware spreading through USB storage devices.
🦑 Data collection
1) Kippo2MySQL - Extracts some very simple statistics from Kippo text log files and inserts them into a MySQL database.
2) Kippo2ElasticSearch is a Python script for transferring data from the
3) Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster).
4) Passive Network Audit Framework Parser
[Passive Network Audit Infrastructure (pnaf)] ( https://github.com/jusafing/pnaf ) is a platform that combines several passive and automated analysis methods to provide an assessment of the security of network platforms.
🦑 VM monitoring and tools
1) Antivmdetect - Script to create templates for use with VirtualBox to make VM detection more difficult.
2) VMCloak - Automatically create a virtual machine and mask for a cuckoo sandbox.
[vmitools] ( http://libvmi.com/ ) is a C library with Python bindings that makes it easy to track the low-level details of a running virtual machine.
🦑 binary debugger
1) Hexgolems - the server part of the debugger Pint - the server part of the debugger and the LUA shell for the PIN code.
2) Hexgolems - external interface of the debugger Schem - external interface of the debugger.
ALL THOSE AVAIBLE AT GITHUB WILL WROTE SOME TUTORIALS FOR those
Enjoy! Follow us for more...
ONLINE 7/24-24/24 MARKETS POPULAR & TRUSTED SERVICES
:
http://mobil7rab6nuf7vx.onion/ – Mobile Store
http://54flq67kqr5wvjqf.onion/ – MSR Shop
http://yth5q7zdmqlycbcz.onion/ – Old Man Fixer’s Fixing Services
http://matrixtxri745dfw.onion/neo/uploads/
MATRIXtxri745dfwONION_130827231336IPA_pc.png – PC Shop
http://storegsq3o5mfxiz.onion/ – Samsung StorE
http://sheep5u64fi457aw.onion/ – Sheep Marketplace
http://nr6juudpp4as4gjg.onion/betcoin.htm – Tor BetCoin
http://qizriixqwmeq4p5b.onion/ – Tor Web Developer
http://vfqnd6mieccqyiit.onion/ – UK Passports
http://en35tuzqmn4lofbk.onion/ – US Fake ID Store
Enjoy! Follow us for more...
http://mobil7rab6nuf7vx.onion/ – Mobile Store
http://54flq67kqr5wvjqf.onion/ – MSR Shop
http://yth5q7zdmqlycbcz.onion/ – Old Man Fixer’s Fixing Services
http://matrixtxri745dfw.onion/neo/uploads/
MATRIXtxri745dfwONION_130827231336IPA_pc.png – PC Shop
http://storegsq3o5mfxiz.onion/ – Samsung StorE
http://sheep5u64fi457aw.onion/ – Sheep Marketplace
http://nr6juudpp4as4gjg.onion/betcoin.htm – Tor BetCoin
http://qizriixqwmeq4p5b.onion/ – Tor Web Developer
http://vfqnd6mieccqyiit.onion/ – UK Passports
http://en35tuzqmn4lofbk.onion/ – US Fake ID Store
Enjoy! Follow us for more...
Resources for Windows-based Assessments
#Tools used for Windows-based Assessments
- [PowerShell Empire](http://www.powershellempire.com/)
- [CimSweep](https://github.com/PowerShellMafia/CimSweep)
- [Responder](https://github.com/lgandx/Responder) - A LLMNR, NBT-NS and MDNS poisoner
- [BloodHound](https://github.com/BloodHoundAD/BloodHound) - Six Degrees of Domain Admin
- [AD Control Path](https://github.com/ANSSI-FR/AD-control-paths) - Active Directory Control Paths auditing and graphing tools
- [PowerSploit](https://github.com/PowerShellMafia/PowerSploit/) - A PowerShell Post-Exploitation Framework
- [PowerView](https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon) - Situational Awareness PowerShell framework
- [PowerSCCM](https://github.com/PowerShellMafia/PowerSCCM) - Functions to facilitate connections to and queries from SCCM databases and WMI interfaces for both offensive and defensive applications.
- [Empire](https://github.com/EmpireProject/Empire) - PowerShell and Python post-exploitation agent
- [Mimikatz](https://github.com/gentilkiwi/mimikatz) - Utility to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory but also perform pass-the-hash, pass-the-ticket or build Golden tickets
- [UACME](https://github.com/hfiref0x/UACME) - Defeating Windows User Account Control
- [Windows System Internals](https://technet.microsoft.com/en-us/sysinternals/bb545021.aspx) - (Including Sysmon etc.)
- [Hardentools](https://github.com/securitywithoutborders/hardentools) - Collection of simple utilities designed to disable a number of "features" exposed by Windows
- [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec) - A swiss army knife for pentesting Windows/Active Directory environments
#Additional Resources
- [PaulSec Windows Resource Repository](https://github.com/PaulSec/awesome-windows-domain-hardening)
- [Tools Cheatsheets](https://github.com/HarmJ0y/CheatSheets) - (Beacon, PowerView, PowerUp, Empire, ...)
- [SANS PowerShell Cheat Sheet](https://pen-testing.sans.org/blog/2016/05/25/sans-powershell-cheat-sheet/)
- [The Active Directory module for Windows PowerShell is a PowerShell module that consolidates a group of cmdlets.](https://docs.microsoft.com/en-us/powershell/module/addsadministration/?view=win10-ps)
>git sources
Enjoy! Follow us for more...
Passive #Recon Tools:
- [Maltego](https://www.paterva.com/web7/)
- [Shodan](https://shodan.io)
- [Recon-NG](https://github.com/lanmaster53/recon-ng)
- [SpiderFoot](http://spiderfoot.net)
- [Buscador VM](https://inteltechniques.com/buscador)
- [Visual SEO Studio](https://visual-seo.com/)
- [Scrapy](https://scrapy.org)
- [Screaming Frog](https://www.screamingfrog.co.uk)
- [Xenu](http://home.snafu.de)
- [ExtractMetadata](http://www.extractmetadata.com)
- [FOCA](https://elevenpaths.com)
- [Exiftool](https://www.sno.phy.queensu.ca/~phil/exiftool/)
- [Web Data Extractor](http://www.webextractor.com)
- [IntelTechniques](https://inteltechniques.com)
- [Findsubdomains](https://findsubdomains.com/)
> git sources
Enjoy! Follow us for more...
IP address and DNS #Lookup Tools
- [bgp](https://bgp.he.net/)
- [Bgpview](https://bgpview.io/)
- [DataSploit (IP Address Modules)](https://github.com/DataSploit/datasploit/tree/master/ip)
- [Domain Dossier](https://centralops.net/co/domaindossier.aspx)
- [Domaintoipconverter](http://domaintoipconverter.com/)
- [Googleapps Dig](https://toolbox.googleapps.com/apps/dig/)
- [Hurricane Electric BGP Toolkit](https://bgp.he.net/)
- [ICANN Whois](https://whois.icann.org/en)
- [Massdns](https://github.com/blechschmidt/massdns)
- [Mxtoolbox](https://mxtoolbox.com/BulkLookup.aspx)
- [Ultratools ipv6Info](https://www.ultratools.com/tools/ipv6Info)
- [Viewdns](https://viewdns.info/)
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)
> git sources
Enjoy! Follow us for more...
Public Pen Testing Reports recommended :
> The following are several resources that are useful when writing penetration testing reports, including many different examples:
1️⃣Curated List of penetration testing reports | https://
github.com/santosomar/public-pentesting-reports (forked from https://github.com/juliocesarfort/public-pentesting-reports) |
2️⃣ SANS guidance on writing penetration testing reports | https://www.sans.org/reading-room/whitepapers/bestprac/writing-penetration-testing-report-33343 |
3️⃣ Offensive Security example |https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf |
4️⃣ PCI Security report guidance | https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf |
5️⃣ Dradis Framework | https://dradisframework.com/ce/ |
> git sources
Enjoy! Follow us for more...
Network configuration-Prevent users from browsing using external proxiesPrevent users from browsing and using external proxies :
1️⃣ Some background knowledge:
(1) HTTP/1.0 protocol defines web server and When the client uses a proxy, in the
HTTP request and response headers, use Via: to identify the proxy server used to prevent the
server loop;
(2) snort is an open source IDS (intrusion detection system) that can be used Host or network IDS. With many IDS
rules, it can perform pattern recognition and matching on the captured (ip, tcp, udp, icmp) packets, and can generate corresponding records.
(3) libnet is open source software that can be used as a network protocol/packet generator.
(4) The TCP/IP network is a packet-switched network.
(5) Snort also has the function of generating IP packets using the libnet library. You can interrupt the TCP connection by issuing a TCP_RESET packet.
2️⃣Prerequisites:
(1) Snort runs on the route (linux) or through the port mirror function of the switch, runs on the same
network segment of the route
3️⃣ Implementation:
(1) compile snort with flexresp(flex response) feature
(2) Define snort rules:
alert tcp $HOME_NET any <> $EXTER_NET 80 (msg: "block proxy"; uricontent:"Via:"; resp: rst_all;)
4️⃣ Effect:
Internal network users can browse external websites normally. If the internal user’s browser is configured with an external proxy, the
HTTP REQUEST and RESPONSE headers will include Via: ... characters, and snort rules will capture this connection, and then
Send RST packets to client and server sockets. In this way, the TCP connection is terminated.
Enjoy! Follow us for more...
Reverse Proxy
- [docker-flow-proxy](https://github.com/vfarcic/docker-flow-proxy) - Reconfigures proxy every time a new service is deployed, or when a service is scaled. By [@vfarcic][vfarcic]
- [fabio](https://github.com/fabiolb/fabio) - A fast, modern, zero-conf load balancing HTTP(S) router for deploying microservices managed by consul. By [@magiconair](https://github.com/magiconair) (Frank Schroeder)
- [Let's Encrypt Nginx-proxy Companion](https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) - A lightweight companion container for the nginx-proxy. It allow the creation/renewal of Let's Encrypt certificates automatically. By [@JrCs](https://github.com/JrCs)
- [muguet](https://github.com/mattallty/muguet) - DNS Server & Reverse proxy for Docker environments. By [@mattallty](https://github.com/mattallty)
- [nginx-proxy][nginxproxy] - Automated nginx proxy for Docker containers using docker-gen by [@jwilder][jwilder]
- [Swarm Ingress Router](https://github.com/tpbowden/swarm-ingress-router) - Route DNS names to Swarm services based on labels. By [@tpbowden](https://github.com/tpbowden/)
- [Swarm Router](https://github.com/flavioaiello/swarm-router) - A «zero config» service name based router for docker swarm mode with a fresh and more secure approach. By [@flavioaiello](https://twitter.com/flavioaiello)
- [Træfɪk](https://github.com/containous/traefik) - Automated reverse proxy and load-balancer for Docker, Mesos, Consul, Etcd... By [@EmileVauge](https://github.com/emilevauge)
> git sources
Enjoy! Follow us for more...
Memory Imaging Tools 2020- manage and more-opensources codes :
* [Belkasoft Live RAM Capturer](http://belkasoft.com/ram-capturer) - A tiny free forensic tool to reliably extract the entire content of the computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system
* [Linux Memory Grabber](https://github.com/halpomeranz/lmg/) - A script for dumping Linux memory and creating Volatility profiles.
* [Magnet RAM Capture](https://www.magnetforensics.com/free-tool-magnet-ram-capture/) - Magnet RAM Capture is a free imaging tool designed to capture the physical memory of a
suspect’s computer. Supports recent versions of Windows
* [OSForensics](http://www.osforensics.com/) - OSForensics can acquire live memory on 32bit and 64bit systems. A dump of an individual process’s memory space or physical memory dump can be done
#git sources
Enjoy! Follow us for more...
Installing a USRP Device-driver on Linux ? (used for cellular-pentesting)
1) sudo add-apt-repository ppa:ettusresearch/uhd
2) sudo apt-get update
3) sudo apt-get install libuhd-dev libuhd003 uhd-host
4) uhd_find_devices
5) cd /usr/lib/uhd/utils/
6) ./uhd_images_downloader.py
7) sudo uhd_usrp_probe
8) sudo uhd_usrp_probe
🦑STARTING :
[INFO] [UHD] linux; GNU C++ version 7.4.0; Boost_106501; UHD_3.14.1.1-release
[INFO] [B200] Detected Device: B*****
[INFO] [B200] Operating over USB 3.
[INFO] [B200] Initialize CODEC control...
[INFO] [B200] Initialize Radio control...
[INFO] [B200] Performing register loopback test...
[INFO] [B200] Register loopback test passed
[INFO] [B200] Setting master clock rate selection to 'automatic'.
[INFO] [B200] Asking for clock rate 16.000000 MHz...
[INFO] [B200] Actually got clock rate 16.000000 MHz.
_____________________________________________________
/
| Device: B-Series Device
Enjoy! Follow us for more...
TOP HACKING SOURCES :
#Rogue BTS & CDMA/GSM Traffic Impersonation and Interception
- [How to create an Evil LTE Twin/LTE Rogue BTS](https://medium.com/@adam.toscher/how-to-create-an-evil-lte-twin-34b0a9ce193b)
How to setup a 4G/LTE Evil Twin Base Station using srsLTE and a USRP SDR device.
- [How To Build Your Own Rogue GSM BTS For Fun and Profit](https://www.evilsocket.net/2016/03/31/how-to-build-your-own-rogue-gsm-bts-for-fun-and-profit/)
"In this blog post I’m going to explain how to create a portable GSM BTS which can be used either to create a private ( and vendor free! ) GSM network or for GSM active tapping/interception/hijacking … yes, with some (relatively) cheap electronic equipment you can basically build something very similar to what the governments are using from years to perform GSM interception."
- [Practical attacks against GSM networks: Impersonation](https://blog.blazeinfosec.com/practical-attacks-against-gsm-networks-part-1/)
"Impersonating a cellular base station with SDR: With the flexibility, relative low cost of Software Defined Radio (SDR) and abundance of open source projects that emulate a cell tower, successfully impersonating a GSM Base Station (BTS) is not a difficult task these days."
- [Building a Portable GSM BTS Using BladeRF/PI](https://blog.strcpy.info/2016/04/21/building-a-portable-gsm-bts-using-bladerf-raspberry-and-yatebts-the-definitive-guide/)
"I was always amazed when I read articles published by some hackers related to GSM technology. However, playing with GSM technologies was not cheap until the arrival of Software Defined Radios (SDRs), besides not being something easy to be implemented."
- [rtl.sdr.com Tutorial-Analyzing GSM with-Airprobe and Wireshark](https://www.rtl-sdr.com/rtl-sdr-tutorial-analyzing-gsm-with-airprobe-and-wireshark/) "The RTL-SDR software defined radio can be used to analyze cellular phone GSM signals, using Linux based tools GR-GSM (or Airprobe) and Wireshark. This tutorial shows how to set up these tools for use with the RTL-SDR."
- [Traffic Interception for Penetration Testing Engagements](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/may/gsmgprs-traffic-interception-for-penetration-testing-engagements/) "Within the penetration testing domain quite often we have to deal with different technologies and devices. It’s important to cover all aspects of connectivity of a device being tested which is why we have built a GSM/GPRS interception capability. There are a number of different devices and systems that make use of GSM/GPRS, non-exhaustively we commonly see:"
#git sources
Enjoy! Follow us for more...
Memory #Analysis Tools topic
* [Evolve](https://github.com/JamesHabben/evolve) - Web interface for the Volatility Memory Forensics Framework
* [inVtero.net](https://github.com/ShaneK2/inVtero.net) - Advanced memory analysis for Windows x64 with nested hypervisor support
* [KnTList](http://www.gmgsystemsinc.com/knttools/) - Computer memory analysis tools
* [LiME](https://github.com/504ensicsLabs/LiME) - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices
* [Memoryze](https://www.fireeye.com/services/freeware/memoryze.html) - Memoryze by Mandiant is a free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis
* [Memoryze for Mac](https://www.fireeye.com/services/freeware/memoryze-for-the-mac.html) - Memoryze for Mac is Memoryze but then for Macs. A lower number of features, however
* [Rekall](http://www.rekall-forensic.com/) - Open source tool (and library) for the extraction of digital artifacts from volatile memory (RAM) samples
* [Responder PRO](http://www.countertack.com/responder-pro) - Responder PRO is the industry standard physical memory and automated malware analysis solution
* [Volatility](https://github.com/volatilityfoundation/volatility) - An advanced memory forensics framework
* [VolatilityBot](https://github.com/mkorman90/VolatilityBot) - VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation
* [VolDiff](https://github.com/aim4r/VolDiff) - Malware Memory Footprint Analysis based on Volatility
* [WindowsSCOPE](http://www.windowsscope.com/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=35&category_id=3&option=com_virtuemart) - another memory forensics and reverse engineering tool used for analyzing volatile memory. It is basically used for reverse engineering of malwares. It provides the capability of analyzing the Windows kernel, drivers, DLLs, virtual and physical memory
> git resources
Enjoy! Follow us for more...
Hacking systems with the automation of PasteJacking attacks :
> In short, Pastejacking is a method that malicious websites employ to take control of your computers’ clipboard and change its content to something harmful without your knowledge. From The Windows club definition
> So here what I did is automating the original attack and adding two other tricks to fool the user, using HTML and CSS Will talk about it then added meterpreter sessions as I said before.
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/D4Vinci/PasteJacker.git
2️⃣sudo python3 -m pip install ./PasteJacker
3️⃣sudo pastejacker
🦑requirements :
1️⃣Python 3 and setuptools module.
2️⃣Linux or Unix-based system (Currently tested only on Kali Linux rolling and Ubuntu 16.04).
3️⃣Third-party requirements like msfvenom but only if you are gonna use the msfvenom option, of course.
4️⃣Third-party library ncurses-dev for Ubuntu (Thanks for @mhaskar).
Root access.
Enjoy! Follow us for more...
Network Attack Tool-any Linux :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣ Enter the following commands on Terminal to download and install zarp:
- git clone https://github.com/hatRiot/zarp (Download zarp)
-cd zarp
-pip install -r requirements.txt (Install the required modules)
-python zarp.py
2️⃣bryan@devbox:~/zarp$ sudo ./zarp.py --help
3️⃣ Choose options via numbers :
[1] Poisoners [5] Parameter
[2] DoS Attacks [6] Services
[3] Sniffers [7] Attacks
[4] Scanners [8] Sessions
USE FOR LEARNING ONLY !!!
Enjoy! Follow us for more...
Subscribe to:
Posts (Atom)
How to connect to an FTP server from Linux?
To connect to an FTP server from a Linux system, you can use either a command-line FTP client or a graphical one. Here’s how to do it usin...
