linux

Linux Kodachi3 – Secure Open Source Linux Distribution

Linux Kodachi operating system is based on Debian 8.6 it will provide you with a secure, anti forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.Kod…


credmap v0.1 – The Credential Mapper

Credmap is an open source tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these. An official int…


Noriben – Portable, Simple, Malware Analysis Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text…


Vproxy – Forward HTTP/S Traffic To Proxy Instance

If you are familiar with mobile penetration testing and you did one before, you probably came across this kind of situation when you want to intercept the application HTTP or HTTPS traffic using your favorite proxy tool such as Burp Suite, Fiddler, Charles , etc.
After modifying the WIFI connection and adding your proxy host and port there, you should immediately be able to capture the HTTP/S traffic.
However, this kind of method is not always working since some mobile applications are using customized HTTP/S functionalities within the device.
So what you should do in order to capture all of the HTTP/S traffic from the mobile device without breaking you heads? it’s simple, use Vproxy!

Vproxy
Vproxy is a python script that built to quickly configure a PPTP VPN server that will redirect HTTP/S traffic to your favorite proxy instance host. 
Screenshot

System Requirements
This script was built and test on Kali-Linux and should work on any linux distribution

Prerequisites

pip install termcolor

Usage
Setup VPN server on localip and redirect traffic sent from the clients (80,443) to proxy 192.168.1.10:8080

$sudo python vproxy.py -localip 192.168.1.9 -phost 192.168.1.10 -pport 8080 -port 80,443

The Goal

  1. Help Penetration Testers conduct mobile security assessment easier
  2. Intercept Mobile HTTP/S traffic from any mobile device

Configuring VPN Videos

IOS – https://www.youtube.com/watch?v=TC-xJ9rCTXU
Android – https://www.youtube.com/watch?v=bFeJZKX4O3A


backdoorppt – transform your payload.exe into one fake word doc (.ppt)

backdoorppt – ‘Office spoof extensions tool’

Version release: v1.5-Stable
Distros Supported: Linux Kali, Ubuntu, Mint
Author: pedro ubuntu [ r00t-3xp10it ]
Suspicious-Shell-Activity© (SSA) RedTeam develop @2017


Transform your payload.exe into one fake word doc (.ppt)

Simple script that allow users to add a ms-word icon to one
existing executable.exe (using resource-hacker as backend appl)
and a ruby one-liner command that will hidde the .exe extension
and add the word doc .ppt extension to the end of the file name.

Spoof extension methods

backdoorppt tool uses 2 diferent extension spoof methods:
'Right to Left Override' & 'Hide Extensions for Known File Types'
Edit the 'settings' file to chose what method should be used..

cd backdoorppt && nano settings

Dependencies (backend applications required)

xterm, wine, ruby, ResourceHacker(wine)

'backdoorppt script will work on wine 32 or 64 bits'
'it also installs ResourceHacker under .../.wine/Program Files/.. directorys'

Tool Limitations

1º - backdoorppt only supports windows binarys to be transformed (.exe -> .ppt)
2º - backdoorppt requires ResourceHacker installed (wine) to change the icons
3º - backdoorppt present you 6 available diferent icons (.ico) to chose from
4º - backdoorppt does not build real ms-word doc files, but it will transform
your payload.exe to look like one word doc file (social engineering).

Backdoorppt 1º run (Kali distros)

Backdoorppt working (Kali distros)

transformed files on-target system (windows)

Final notes

Target user thinks they are opening a word document file,
but in fact they are executing one binary payload insted.

Credits: Damon Mohammadbagher
Article: goo.gl/hKHesk


cgPwn – Cyber Grand Pwnage Box

A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks. This is a Ubuntu VM tailored for hardware hacking, RE and Wargaming. Tools included Pwndbg Pwntools Binwalk Radare2 …


Hakku Framework – Simple Penetration Testing Framework

Hakku is simple framework that has been made for penetration testing tools. Hakku framework offers simple structure, basic CLI, and useful features for penetration testing tools developing. Hakku is on early stages and may be unstable, so please down…


Operative – The Fingerprint Framework

__ _ ____ ____ ___ _________ _/ /_(_) _____ / __ \/ __ \/ _ \/ ___/ __ `/ __/ / | / / _ \/ /_/ / /_/ / __/ / / /_/ / /_/ /| |/ / __/\____/ .___/\___/_/ \__,_/\__/_/ |___/\___/ /_/ This is a fram…


crackle – Crack Bluetooth Smart (BLE) Encryption

crackle cracks BLE Encryption (AKA Bluetooth Smart). crackle exploits a flaw in the BLE pairing process that allows an attacker to guess or very quickly brute force the TK (Temporary Key). With the TK and other data collected from the pairing proces…






SPARTA – Network Infrastructure Penetration Testing Tool

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and…


Faraday v2.4 – Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time without the need for a single email. Developed with a specialized set of functionalities that helps users improve their own work, the main purpose is to re-use the available tools in the community taking advantage of them in a collaborative way!

LDAP support

Yes, Faraday’s bucket list is an item shorter as of this release! LDAP support has been on the horizon for quite some time now, but not anymore – this brand new version comes with LDAP support out of the box, no additional modules required, isn’t that neat?
Why LDAP? Well, because a great number of companies around the world use it to centralize their user account management. The protocol provides total control over the credentials in all the platforms, which comes in pretty handy when managing large volumes of data. In fact, LDAP is so popular that some companies have a policy to only use tools that support LDAP authentication.
By adding LDAP support to Faraday, we give our clients the possibility to manage larger teams, implement large-scale installations and maintain a granular and simple control over their user accounts.
In addition, using Faraday over LDAP provides better configuration than ever, allowing complex credential policies such as password expiration and quality standards, or credential lockout.

Faraday Plugin

There are some changes to the Faraday Plugin, improving its functionality by allowing users to run it through the GTK interface, performing actions in batch and filtering objects.
One of the best things about this new version of the Plugin is that you can now use it to script some of the most boring tasks needed in every assessment.


Example of task automation using Faraday Plugin – Running ping for every host that has a service on port 22

We also added a menu option to run directly from GTK!

New menu item in GTK allows users to run Fplugin without having to type anything!
Read more about FPlugin in our documentation

Details are everything

And that is what this release is all about. We believe that correcting very specific details and introducing small improvements also adds quality and efficiency to a platform like ours. So it is in those items that we focused on the last iteration.

Changes

  • Added LDAP support for authentication 
  • Removed grouping by issue tracker option in status report
  • Added command line option to automatically install the license files before launching Faraday 
  • Fixed bug when editing workspaces with maximum allowed workspaces reached 
  • Improved login in Web UI 
  • Improved the validation applied to passwords when editing them in the Web UI


Better password validation

  • Improved UX in users list Web UI 
  • Improved GTK UX when the client loses connection to the server 
  • Added link to name column in Hosts list

Host names with links

  • Fixed bug in SQLMap plugin that made the client freeze 
  • Fixed bug when creating/updating Credentials 
  • Fixed bug in the WEB UI – menu explanation bubbles were hidden behind inputs

    • Fixed conflict resolution when the object was deleted from another client before resolving the conflict 
    • Improved FPlugin
    • Improved the installation process 
    • Improved SQLMap plugin to support –tables and –columns options 
    • Improved navigation in Web UI 
    • Merged PR #137 – CScan improvements: bug fixing, change plugin format and removed unnecessary file output 
    • Merged PR #173 – Hostnames: added hostnames to plugins 
    • Merged PR #105 – OSint: added the possibility of using a DB other than Shodan 
    • The Status Report now remembers the sorting column and order
    • Created a requirements_extras.txt file to handle optional packages for specific features

    We hope you enjoy it, and let us know if you have any questions or comments.

    https://www.faradaysec.com
    https://github.com/infobyte/faraday
    https://twitter.com/faradaysec 


    wuzz – Interactive CLI Tool for HTTP Inspection

    Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL’s arguments, so it can be used to inspect/modify requests copied from the browser’s network inspector with the “copy as cURL” feature. Installation and us…



    netattack – Scan and Attack Wireless Networks

    The netattack.py is a python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks. The effectiveness and power of this script highly depends on your wireless card.USAGEEASYSCANNING FOR WIFI NETWORKSpyt…