Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label Mac. Show all posts
Showing posts with label Mac. Show all posts

Thursday, October 18, 2018

macSubstrate - Tool For Interprocess Code Injection On macOS


macSubstrate is a platform tool for interprocess code injection on macOS, with the similar function to Cydia Substrate on iOS. Using macSubstrate, you can inject your plugins (.bundle or .framework) into a mac app (including sandboxed apps) to tweak it in the runtime.
  • All you need is to get or create plugins for your target app.
  • No trouble with modification and codesign for the original target app.
  • No more work after the target app is updated.
  • Super easy to install or uninstall a plugin.
  • Loading plugins automatically whenever the target app is relaunched.
  • Providing a GUI app to make injection much easier.

Prepare
  • Disable SIP
  • Why should disable SIP
    System Integrity Protection is a new security policy that applies to every running process, including privileged code and code that runs out of the sandbox. The policy extends additional protections to components on disk and at run-time, only allowing system binaries to be modified by the system installer and software updates. Code injection and runtime attachments to system binaries are no longer permitted.

Usage
  1. download macSubstrate.app, put into /Applications and launch it.
    StatusBar
  2. grant authorization if needed.
  3. install a plugin by importing or dragging into macSubstrate.
    ToInstall
  4. launch the target app.
    step 3 and step 4 can be switched
    Once a plugin is installed by macSubstrate, it will take effect immediately. But if you want it to work whenever the target app is relaunched or macOS is restarted, you need to keep macSubstrate running and allow it to automatically launch at login.
  5. uninstall a plugin when you do not need it anymore.
    Installed

Plugin
macSubstrate supports plugins of .bundle or .framework, so you just need to create a valid .bundle or .framework file. The most important thing is to add a key macSubstratePlugin into the info.plist, with the dictionary value:
Key Value
TargetAppBundleID the target app's CFBundleIdentifier, this tells macSubstrate which app to inject.
Description brief description of the plugin
AuthorName author name of the plugin
AuthorEmail author email of the plugin
Please check the demo plugins demo.bundle and demo.framework for details.

Xcode Templates
macSubstrate also provides Xcode Templates to help you create plugins conveniently:
  1. ln -fhs ./macSubstratePluginTemplate ~/Library/Developer/Xcode/Templates/macSubstrate\ Plugin
  2. Launch Xcode, and there will be 2 new plugin templates for you.

Security
  1. SIP is a new security policy on macOS, which will help to keep you away from potential security risk. Disable it means you will lose the protection from SIP.
  2. If you install a plugin from a developer, you should be responsible for the security of the plugin. If you do not trust it, please do not install it. macSubstrate will help to verify the code signature of a plugin, and I suggest you to scan it using VirusTotal. Anyway, macSubstrate is just a tool, and it is your choice to decide what plugin to install.


Share:

Sunday, March 4, 2018

Know The Dangers Of Credential Reuse Attacks - Cr3dOv3r v0.3


Your best friend in credential reuse attacks.
Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) :
  • Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API).
  • Now you give it this email's old or leaked password then it checks this credentials against 16 websites (ex: facebook, twitter, google...) then it tells you if login successful in any website!


Imagine with me this scenario
  • You checking a targeted email with this tool.
  • The tool finds it in a leak so you open the leakage link.
  • You get the leaked password after searching the leak.
  • Now you back to the tool and enters this password to check if there's any website the user uses the same password in it.
  • You imagine the rest

Screenshots



Usage
usage: Cr3d0v3r.py [-h] email

positional arguments:
  email       Email/username to check
a
optional arguments:
  -h, --help  show this help message and exit

Installing and requirements

To make the tool work at its best you must have :
  • Python 3.x.
  • Linux or windows system.
  • The requirements mentioned in the next few lines.

Installing
+For windows : (After downloading ZIP and upzip it)
cd Cr3dOv3r-master
python -m pip install -r win_requirements.txt
python Cr3dOv3r.py -h
+For linux :
git clone https://github.com/D4Vinci/Cr3dOv3r.git
chmod 777 -R Cr3dOv3r-master
cd Cr3dOv3r-master
pip3 install -r requirements.txt
python Cr3dOv3r.py -h
If you want to add a website to the tool, follow the instructions in the wiki

Contact



Share:

Saturday, February 3, 2018

A Tool to Generate Various Ways to Do a Reverse Shell - ReverShellGenerator

Share:

Website Vulnerability Scanner & Auto Exploiter - XAttacker




XAttacker is a Website Vulnerability Scanner & Auto Exploiter developed by Mohamed Riahi

Installation
git clone https://github.com/Moham3dRiahi/XAttacker.git

Auto Cms Detect
  • [1] WordPress :
    • [+] Adblock Blocker
    • [+] WP All Import
    • [+] Blaze
    • [+] Catpro
    • [+] Cherry Plugin
    • [+] Download Manager
    • [+] Formcraft
    • [+] levoslideshow
    • [+] Power Zoomer
    • [+] Gravity Forms
    • [+] Revslider Upload Shell
    • [+] Revslider Dafece Ajax
    • [+] Revslider Get Config
    • [+] Showbiz
    • [+] Simple Ads Manager
    • [+] Slide Show Pro
    • [+] WP Mobile Detector
    • [+] Wysija
    • [+] InBoundio Marketing
    • [+] dzs-zoomsounds
    • [+] Reflex Gallery
    • [+] Creative Contact Form
    • [+] Work The Flow File Upload
    • [+] WP Job Manger
    • [+] PHP Event Calendar
    • [+] Synoptic
    • [+] Wp Shop
    • [+] Content Injection
  • [2] Joomla
    • [+] Com Jce
    • [+] Com Media
    • [+] Com Jdownloads
    • [+] Com Fabrik
    • [+] Com Jdownloads Index
    • [+] Com Foxcontact
    • [+] Com Ads Manager
    • [+] Com Blog
    • [+] Com Users
    • [+] Com Weblinks
    • [+] mod_simplefileupload
  • [3] DruPal
    • [+] Add Admin
  • [4] PrestaShop
    • [+] columnadverts
    • [+] soopamobile
    • [+] soopabanners
    • [+] Vtermslideshow
    • [+] simpleslideshow
    • [+] productpageadverts
    • [+] homepageadvertise
    • [+] homepageadvertise2
    • [+] jro_homepageadvertise
    • [+] attributewizardpro
    • [+] 1attributewizardpro
    • [+] AttributewizardproOLD
    • [+] attributewizardpro_x
    • [+] advancedslider
    • [+] cartabandonmentpro
    • [+] cartabandonmentproOld
    • [+] videostab
    • [+] wg24themeadministration
    • [+] fieldvmegamenu
    • [+] wdoptionpanel
    • [+] pk_flexmenu
    • [+] pk_vertflexmenu
    • [+] nvn_export_orders
    • [+] megamenu
    • [+] tdpsthemeoptionpanel
    • [+] psmodthemeoptionpanel
    • [+] masseditproduct
  • [5] Lokomedia
    • SQL injection

Video

Usage

Short FormLong FormDescription
-l --list websites list

Example
if you have list websites run tool with this command line
perl XAttacker.pl -l list.txt
if you don't have list websites run the tool with this command
perl XAttacker.pl

For coloring in windows Add This Line
use Win32::Console::ANSI;



Version
Current version is 2.1 What's New
• Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload
• GS-Dorker
• speed up
• Bug fixes
version 2.0
• speed up
• Bug fixes
version 1.9
• Bug fixes




Share:

Sunday, January 28, 2018

A Framework For NoSQL Scanning and Exploitation - NoSQL Exploitation Framework 2.0



A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander.

Added Features:
  • First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra
  • Support For NoSQL WebAPPS
  • Added payload list for JS Injection,Web application Enumeration.
  • Scan Support for Mongo,CouchDB and Redis
  • Dictionary Attack Support for Mongo,Cocuh and Redis
  • Enumeration Module added for the DB's,retrieves data in db's @ one shot.
  • Currently Discover's Web Interface for Mongo
  • Shodan Query Feature
  • MultiThreaded IP List Scanner
  • Dump and Copy Database features Added for CouchDB
  • Sniff for Mongo,Couch and Redis

Change Log V2.0:
  • Modularised approach, Now comes with Configuration file, tweak to your customization
  • Multithreaded dictionary attacks,file enumeration
  • Support for Heuristic based Redis remote file enumeration,Added Redis System enumeration
  • Now select Databases depending upon options -d "Database" -t "table" -d "Dump"
  • Improved Scan Support for Mongo,CouchDB,Redis,Cassandra and H-Base
  • Improved dump feature
  • Bug fixes

Installation
  • Install Pip, sudo apt-get install python-setuptools;easy_install pip
  • pip install -r requirements.txt
  • python nosqlframework.py -h (For Help Options)

Installation on Mac/Kali
  • Removed the scapy module by default for mac. So this should run by default. If you need to sniff run the script and then continue.
  • Run installformac-kali.sh directly
  • python nosqlframework.py -h (For Help Options)

Installing Nosql Exploitaiton Framework in Virtualenv
  • virtualenv nosqlframework
  • source nosqlframework/bin/activate
  • pip install -r requirements.txt
  • nosqlframework/bin/python nosqlframework.py -h (For Help Options)
  • deactivate (After usage)

Sample Usage
nosqlframework.py -ip localhost -scan
nosqlframework.py -ip localhost -dict mongo -file b.txt
nosqlframework.py -ip localhost -enum couch
nosqlframework.py -ip localhost -enum redis
nosqlframework.py -ip localhost -clone couch




Share:

Detect And Bypass Web Application Firewalls And Protection Systems - WhatWaf



Features
  • Ability to run on a single URL with the -u/--url flag
  • Ability to run through a list of URL's with the -l/--list flag
  • Ability to detect over 40 different firewalls
  • Ability to try over 20 different tampering techniques
  • Ability to pass your own payloads either from a file or from the terminal
  • Payloads that are guaranteed to produce at least one WAF triggering
  • Ability to bypass firewalls using both SQLi techniques and cross site scripting techniques
  • Ability to run behind Tor
  • Ability to run behind multiple proxy types (socks4, socks5, http, https)
  • Ability to use a random user agent, personal user agent, or custom default user agent
  • More to come...

Installation
Installing whatwaf is super easy, all you have to do is the following:
Have Python 2.7, Python 3.x compatibility is being implemented soon:
sudo -s << EOF
git clone https://github.com/ekultek/whatwaf.git
cd whatwaf
chmod +x whatwaf.py
pip2 install -r requirements.txt
./whatwaf.py --help

Proof of concept
First we'll run the website through WhatWaf and figure out which firewall protects it (if any):



Next we'll go to that website and see what the page looks like:



Hmm.. that doesn't really look like Cloudflare does it? Let's check what the HTTP headers server and cookies say:



And finally, lets try one of the bypasses that it tells us to try:



Demo vídeo






Share:
Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition