domingo, 23 de agosto de 2020

Discover: A Custom Bash Scripts Used To Perform Pentesting Tasks With Metasploit


About discover: discover is a custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit Framework. For use with Kali Linux, Parrot Security OS and the Penetration Testers Framework (PTF).

About authors:

discover Installation and Updating


About RECON in discover
   Domain

RECON

1. Passive
2. Active
3. Import names into an existing recon-ng workspace
4. Previous menu

   Passive uses ARIN, dnsrecon, goofile, goog-mail, goohost, theHarvester, Metasploit Framework, URLCrazy, Whois, multiple websites, and recon-ng.

   Active uses dnsrecon, WAF00W, traceroute, Whatweb, and recon-ng.
   [*] Acquire API keys for Bing, Builtwith, Fullcontact, GitHub, Google, Hashes, Hunter, SecurityTrails, and Shodan for maximum results with recon-ng and theHarvester.

API key locations:

recon-ng
   show keys
   keys add bing_api <value>

theHarvester
   /opt/theHarvester/api-keys.yaml

   Person: Combines info from multiple websites.

RECON

First name:
Last name:

   Parse salesforce: Gather names and positions into a clean list.

Create a free account at salesforce (https://connect.data.com/login).
Perform a search on your target company > select the company name > see all.
Copy the results into a new file.

Enter the location of your list:

About SCANNING in discover
   Generate target list: Use different tools to create a target list including Angry IP Scanner, arp-scan, netdiscover and nmap pingsweep.

SCANNING

1. Local area network
2. NetBIOS
3. netdiscover
4. Ping sweep
5. Previous menu


   CIDR, List, IP, Range, or URL

Type of scan:

1. External
2. Internal
3. Previous menu

  • External scan will set the nmap source port to 53 and the max-rrt-timeout to 1500ms.
  • Internal scan will set the nmap source port to 88 and the max-rrt-timeout to 500ms.
  • Nmap is used to perform host discovery, port scanning, service enumeration and OS identification.
  • Matching nmap scripts are used for additional enumeration.
  • Addition tools: enum4linux, smbclient, and ike-scan.
  • Matching Metasploit auxiliary modules are also leveraged.

About WEB in discover
   Insecure direct object reference

Using Burp, authenticate to a site, map & Spider, then log out.
Target > Site map > select the URL > right click > Copy URLs in this host.
Paste the results into a new file.


Enter the location of your file:

   Open multiple tabs in Firefox

Open multiple tabs in Firefox with:

1. List
2. Directories from robots.txt.
3. Previous menu

  • Use a list containing IPs and/or URLs.
  • Use wget to pull a domain's robot.txt file, then open all of the directories.

   Nikto

Run multiple instances of Nikto in parallel.

1. List of IPs.
2. List of IP:port.
3. Previous menu

    SSL: Use sslscan and sslyze to check for SSL/TLS certificate issues.

Check for SSL certificate issues.

Enter the location of your list:

About MISC in discover
   Parse XML

Parse XML to CSV.

1. Burp (Base64)
2. Nessus (.nessus)
3. Nexpose (XML 2.0)
4. Nmap
5. Qualys
6. revious menu

   Generate a malicious payload

Malicious Payloads

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp (Linux)
4. java/jsp_shell_reverse_tcp (Windows)
5. linux/x64/meterpreter_reverse_https
6. linux/x64/meterpreter_reverse_tcp
7. linux/x64/shell/reverse_tcp
8. osx/x64/meterpreter_reverse_https
9. osx/x64/meterpreter_reverse_tcp
10. php/meterpreter/reverse_tcp
11. python/meterpreter_reverse_https 12. python/meterpreter_reverse_tcp
13. windows/x64/meterpreter_reverse_https
14. windows/x64/meterpreter_reverse_tcp
15. Previous menu

   Start a Metasploit listener

Metasploit Listeners

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp
4. linux/x64/meterpreter_reverse_https
5. linux/x64/meterpreter_reverse_tcp
6. linux/x64/shell/reverse_tcp
7. osx/x64/meterpreter_reverse_https
8. osx/x64/meterpreter_reverse_tcp
9. php/meterpreter/reverse_tcp
10. python/meterpreter_reverse_https
11. python/meterpreter_reverse_tcp
12. windows/x64/meterpreter_reverse_https
13. windows/x64/meterpreter_reverse_tcp
14. Previous menu


Read more


Publicado por en No hay comentarios:

TorghostNG: Make All Your Internet Traffic Anonymized With Tor Network

About TorghostNG
   TorghostNG is a tool that make all your internet traffic anonymized with Tor network. TorghostNG is rewritten from TorGhost with Python 3.

   TorghostNG was tested on:
  • Kali Linux 2020a
  • Manjaro
  • ...

What's new in TorghostNG 1.2

Before you use TorghostNG
  • For the goodness of Tor network, BitTorrent traffic will be blocked by iptables. Although you can bypass it with some tweaks with your torrent client 😥 It's difficult to completely block all torrent traffic.
  • For security reason, TorghostNG is gonna disable IPv6 to prevent IPv6 leaks (it happened to me lmao).

Screenshots of Torghost (Version 1.0)
   Connecting to Tor exitnode in a specific country: torghostng -id COUNTRY ID

   Changing MAC address: torghostng -m INTERFACE

   Checking IP address: torghostng -c

   Disconnecting from Tor: torghostng -x

   Uninstalling TorghostNG: python3 install.py

Installing TorghostNG
   TorghostNG installer currently supports:
  • GNU/Linux distros that based on Arch Linux
  • GNU/Linux distros that based on Debian/Ubuntu
  • GNU/Linux distros that based on Fedora, CentOS, RHEL, openSUSE
  • Solus OS
  • Void Linux
  • Anh the elder guy: Slackware
  • (Too much package managers for one day :v)

   To install TorghostNG, open your Terminal and enter these commands:
   But with Slackware, you use sudo python3 torghostng.py to run TorghostNG :v

Help
    You can combine multiple choices at the same time, such as:
  • torghostng -s -m INTERFACE: Changing MAC address before connecting
  • torghostng -c -m INTERFACE: Checking IP address and changing MAC address
  • torghostng -s -x: Connecting to Tor anh then stop :v
  • ...
   If you have any questions, you can watch this tutorial videos 🙂
   I hope you will love it 😃

How to update TorghostNG
   Open Terminal and type sudo torghostng -u with sudo to update TorghostNG, but it will download new TorghostNG to /root, because you're running it as root. If you don't like that, you can type git pull -f and sudo python3 install.py.

Notes before you use Tor
   Tor can't help you completely anonymous, just almost:
   It's recommended that you should use NoScript before before surfing the web with Tor. NoScript shall block JavaScript/Java/Flash scripts on websites to make sure they won't reveal your real identify.

And please
  • Don't spam or perform DoS attacks with Tor. It's not effective, you will only make Tor get hated and waste Tor's money.
  • Don't torrent over Tor. If you want to keep anonymous while torrenting, use a no-logs VPN please.
   Bittorrent over Tor isn't a good idea
   Not anonymous: attack reveals BitTorrent users on Tor network

Changes log
   Version 1.2
  • Fixed update_commands and others in torghostng.py
  • Changed a few things in theme.py
  • Changed a few things in install.py
  • Now you can change Tor circuit with -r
   Version 1.1
  • Check your IPv6
  • Change all "TOR" to "Tor"
  • Block BitTorrent traffic
  • Auto disable IPv6 before connecting to Tor

Contact to the coder

To-do lists:
  • Block torrent, for you - Tor network (Done 😃)
  • Connect to IPv6 relays (maybe?)
  • GUI version
  • Fix bug, improve TorghostNG (always)

And finally: You can help me by telling me if you find any bugs or issues. Thank you for using my tool 😊

Continue reading


  1. Pentest Tools Subdomain
  2. Hacker Tools Hardware
  3. Hacking Tools Online
  4. Hacker Tools For Ios
  5. Hacker Tools Mac
  6. Hack Tools Github
  7. Pentest Tools Tcp Port Scanner
  8. Hacker Tools Mac
  9. Hacker Tools List
  10. Termux Hacking Tools 2019
  11. Hack Website Online Tool
  12. Hacking Tools And Software
  13. Pentest Tools Website
  14. Pentest Tools Alternative
  15. Hackers Toolbox
  16. New Hacker Tools
  17. Hacking Tools Windows 10
  18. Hacking Tools Pc
  19. Pentest Tools Alternative
  20. Physical Pentest Tools
  21. Pentest Tools Free
  22. Usb Pentest Tools
  23. Pentest Tools Review
  24. Pentest Tools Tcp Port Scanner
  25. Hack Tools For Windows
  26. Easy Hack Tools
  27. Growth Hacker Tools
  28. Game Hacking
  29. Hacking Tools Online
  30. Hack Website Online Tool
  31. Hacker Hardware Tools
  32. Pentest Tools Github
  33. Hacking Tools Online
  34. Top Pentest Tools
  35. Pentest Tools Subdomain
  36. Nsa Hack Tools
  37. Install Pentest Tools Ubuntu
  38. Hacking Tools Mac
  39. Hacker Tools For Windows
  40. Hack Tools Online
  41. Hack Tools Github
  42. Hackrf Tools
  43. Hacking Tools
  44. Hacker Tools For Windows
  45. Pentest Tools List
  46. Hacking Tools Mac
  47. Hack Tool Apk
  48. Pentest Tools Download
  49. Hacker Tools List
  50. How To Make Hacking Tools
  51. Game Hacking
  52. Hacker Search Tools
  53. Hacker Tools Mac
  54. Hacking Tools 2020
  55. Hacking Tools For Windows Free Download
  56. Hacking Tools Windows 10
  57. Hacker Search Tools
  58. Hacker Tool Kit
Publicado por en No hay comentarios:

OnionDuke Samples










File attributes

Size: 219136
MD5:  28F96A57FA5FF663926E9BAD51A1D0CB

Size: 126464
MD5:  C8EB6040FD02D77660D19057A38FF769


Size: 316928
MD5:  D1CE79089578DA2D41F1AD901F7B1014


Virustotal info

https://www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/
SHA256: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
File name: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
Detection ratio: 8 / 52
Analysis date: 2014-11-15 18:37:30 UTC ( 8 hours, 44 minutes ago ) 
Antivirus Result Update
Baidu-International Trojan.Win32.Agent.adYf 20141107
F-Secure Backdoor:W32/OnionDuke.B 20141115
Ikarus Trojan.Win32.Agent 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
Norman OnionDuke.A 20141115
Sophos Troj/Ransom-ALA 20141115
Symantec Backdoor.Miniduke!gen4 20141115
Tencent Win32.Trojan.Agent.Tbsl 20141115

https://www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/


SHA256: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
File name: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
Detection ratio: 8 / 52
Antivirus Result Update
Baidu-International Trojan.Win32.Agent.adYf 20141107
F-Secure Backdoor:W32/OnionDuke.B 20141115
Ikarus Trojan.Win32.Agent 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
Norman OnionDuke.A 20141115
Sophos Troj/Ransom-ALA 20141115
Symantec Backdoor.Miniduke!gen4 20141115
Tencent Win32.Trojan.Agent.Tbsl 20141115

https://www.virustotal.com/en/file/0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade/analysis/
SHA256: 0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
File name: 0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
Detection ratio: 19 / 55
Analysis date: 2014-11-15 18:37:25 UTC ( 8 hours, 47 minutes ago ) 
Antivirus Result Update
AVware Trojan.Win32.Generic!BT 20141115
Ad-Aware Backdoor.Generic.933739 20141115
Baidu-International Trojan.Win32.OnionDuke.BA 20141107
BitDefender Backdoor.Generic.933739 20141115
ESET-NOD32 a variant of Win32/OnionDuke.A 20141115
Emsisoft Backdoor.Generic.933739 (B) 20141115
F-Secure Backdoor:W32/OnionDuke.A 20141115
GData Backdoor.Generic.933739 20141115
Ikarus Trojan.Win32.Onionduke 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
McAfee RDN/Generic BackDoor!zw 20141115
McAfee-GW-Edition BehavesLike.Win32.Trojan.fh 20141114
MicroWorld-eScan Backdoor.Generic.933739 20141115
Norman OnionDuke.B 20141115
Sophos Troj/Ransom-ANU 20141115
Symantec Backdoor.Miniduke!gen4 20141115
TrendMicro BKDR_ONIONDUKE.AD 20141115
TrendMicro-HouseCall BKDR_ONIONDUKE.AD 20141115
VIPRE Trojan.Win32.Generic!BT 20141115


More info


  1. Top Pentest Tools
  2. Hacking Tools For Pc
  3. Pentest Tools Online
  4. Hack Tool Apk No Root
  5. Hacking Tools Windows 10
  6. Pentest Reporting Tools
  7. Pentest Tools Linux
  8. Ethical Hacker Tools
  9. Hacking App
  10. Hackers Toolbox
  11. Pentest Reporting Tools
  12. Pentest Tools For Mac
  13. Pentest Tools Download
  14. Best Pentesting Tools 2018
  15. Hack App
  16. Hacker Tools Apk
  17. Hack Tools Mac
  18. Best Pentesting Tools 2018
  19. Pentest Tools Download
  20. Hacking Tools For Beginners
  21. Hack Rom Tools
  22. Pentest Tools Subdomain
  23. Hacking Tools Hardware
  24. Nsa Hacker Tools
  25. Hacks And Tools
  26. Pentest Tools Linux
  27. Hacker Tools Free
  28. Hacking Tools Name
  29. Hack And Tools
  30. Hacking Tools And Software
  31. Hack Tools Pc
  32. Hacking Tools Kit
  33. Hack Tools For Pc
  34. Hacker Security Tools
  35. Hacking Tools Pc
  36. Best Hacking Tools 2019
  37. Pentest Tools For Ubuntu
  38. Pentest Tools For Android
  39. Pentest Tools For Windows
  40. Hack Tools Pc
  41. Pentest Tools Alternative
  42. Game Hacking
  43. Best Pentesting Tools 2018
  44. Hacker Tools For Ios
  45. Hack Tool Apk No Root
  46. Hack Website Online Tool
  47. Beginner Hacker Tools
  48. How To Make Hacking Tools
  49. Hacker Tools 2020
  50. Hacking Tools For Windows
  51. Hacking Tools For Pc
  52. Hacker Tools For Pc
  53. Hacker Tools Github
  54. Hacking Tools Hardware
  55. Hack Tools Online
  56. Hacking Tools Usb
  57. Hack Tools 2019
  58. Hacks And Tools
  59. Pentest Tools
  60. Pentest Tools Url Fuzzer
  61. Hacker Tools Free Download
  62. Pentest Tools Website Vulnerability
  63. Hack Tools For Windows
Publicado por en No hay comentarios:
Suscribirse a: Entradas (Atom)