Kautilya is a human interface device hacking toolkit which provides various payloads for HIDs which may help with breaking into a computer during penetration tests. The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7 and Windows 8. In principal Kautilya should work with […]
Censys is a public host & network search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet. Driven by Internet-wide scanning, Censys lets researchers find specific hosts and create aggregate reports on how devices, websites, and certificates are configured and deployed. Censys collects data on hosts and […]
Another DDoS service down after the owner got busted, this time a UK teenager who created the service called Titanium Stresser when he was just 15. Not long ago we wrote about the two Israeli guys who got busted for running the VDoS-s.com DDoS Service. There seems to be a bit of a crack down […]
Snort is an open-source, lightweight, free network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats. It’s capable of of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as […]
Advanced IP Scanner is a reliable and free Windows port scanner to analyse members of a LAN. The program shows all network devices, gives you access to shared folders, provides remote control of computers (via RDP and Radmin), and can even remotely switch computers off. It is easy to use and runs as a portable […]
Last week the Dyn DNS DDoS took out most of the East coast US websites including monsters like Spotify, Twitter, Netflix, Github, Heroku and many more. Hopefully it wasn’t because I shared the Mirai source code and some script kiddies got hold of it and decided to take half of the US websites out. A […]
Infernal Twin is an automated wireless hacking suite written in Python which automates many of the repetitive tasks involved in security testing for wifi networks. Originally created to automate the Evil Twin attack, it has grown much beyond that into a comprehensive suite including various wireless attack vectors. An evil twin attack is when a […]
Zenmap is the official Nmap GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. No frontend can replace good old command-line Nmap. The nature of a frontend is that […]
Hashing, it’s always a contentious issue – used to be md5, then sha-1, then bcrypt and now it looks like SHA-256 or SHA3-256 might the future with quantum science boffins predicting it’s not feasable to crack. You can read more about the algorithm and design (using sponge construction) on Wikipedia here: SHA-3 While it’s reasonable […]
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for penetration testing, offensive security and red teaming. Nishang is useful during all phases of penetration testing. Usage Import all the scripts in the current PowerShell session (PowerShell v3 onwards).
PS C:\nishang> Import-Module .\nishang.psm1
Use the individual scripts with dot sourcing.
PS C:\nishang> . C:\nishang\Gather\Get-Information.ps1
PS C:\nishang> Get-Information