Empire - PowerShell Post-Exploitation Agent

Empire – PowerShell Post-Exploitation Agent

Empire is a pure PowerShell post-exploitation agent built on cryptographically secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It has a LOT […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Windows Hacking | Add a Comment
BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

So another data breach, and no surprise here, but another dating site. This time the BeautifulPeople.com Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private now is it. And no surprise either the entry point for this leak, was the not-so excellent NoSQL database MongoDB which […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment
Google Rapid Response (GRR ) - Remote Live Forensics For Incident Response

Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response

GRR Rapid Response is an incident response framework focused on remote live forensics. It based on client server architecture, so there’s an agent which is installed on target systems and a Python server infrastructure that can manage and communicate with the agents. There are agents for Windows, Linux and Mac OS X environments. Overview To […]

Tags: , , , , , , ,

Posted in: Countermeasures, Forensics, Security Software | Add a Comment
SamParser - Parse SAM Registry Hives With Python

SamParser – Parse SAM Registry Hives With Python

SamParser is a Python script used to parse SAM registry hives for both users and groups, it’s only dependency is python-registry. This would be a great little script to write into another toolset or larger attack pattern, especially if you’re already using a Python kit or framework. Dependencies

Usage

Sample Output

You […]

Tags: , , , , , , , ,

Posted in: Password Cracking, Windows Hacking | Add a Comment
Apple Will Not Patch Windows QuickTime Vulnerabilities

Apple Will Not Patch Windows QuickTime Vulnerabilities

Much like Adobe Flash, QuickTime from Apple is a bit of a relic some pretty serious, remote code execution type Windows QuickTime Vulnerabilities were recently discovered by Trend Micro. Apple has officially stated that they won’t be fixing them and the official line on this, is to uninstall QuickTime. I guess a lot of people […]

Tags: , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recon-ng - Web Reconnaissance Framework

Recon-ng – Web Reconnaissance Framework

Recon-ng is a full-featured Web Reconnaissance Framework written in Python. Complete with independent modules, database interaction, interactive help, and command completion – Recon-ng provides a powerful environment in which open source web-based reconnaissance can be conducted quickly and thoroughly. Recon-ng has a look and feel and even command flow similar to the Metasploit Framework, reducing […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Privacy, Web Hacking | Add a Comment
IPGeoLocation - Retrieve IP Geolocation Information

IPGeoLocation – Retrieve IP Geolocation Information

IPGeoLocation is a Python based tool designed to retrieve IP geolocation information from the ip-api service, useful for building into your security tools. Do be aware that as this tool is leveraging a 3rd party API, you will be limited to 150 requests a minute. Whilst that is quite a lot, just be wary of […]

Tags: , , , , , , ,

Posted in: Network Hacking, Privacy | Add a Comment
BADLOCK - Are 'Branded' Exploits Going Too Far?

BADLOCK – Are ‘Branded’ Exploits Going Too Far?

So there’s been hype about this big exploit coming, for over a month, before anything was released. It had a name, a website and a logo – and it was called Badlock. And now it’s out, and it’s more like Sadlock – really a local network DoS against DCE/RPC services on Windows and Linux with […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, General Hacking | Add a Comment
INURLBR - Advanced Search Engine Tool

INURLBR – Advanced Search Engine Tool

INURLBR is a PHP based advanced search engine tool for security professionals, it supports 24 search engines and 6 deep web or special options. Very useful for the information gathering phase of a penetration test or vulnerability assessment. This tool functions in many ways enabling you to harness the power of what’s already indexed by […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
DNSRecon - DNS Enumeration Script

DNSRecon – DNS Enumeration Script

DNSRecon is a Python based DNS enumeration script designed to help you audit your DNS security and configuration as part of information gathering stage of a pen-test. DNS reconnaissance is an important step when mapping out domain resources, sub-domains, e-mail servers and so on and can often lead to you finding an old DNS entry […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment