SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.
List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
Contents of SecLists
Each section has tonnes of content including the below:
- Discovery lists (DNS, SNMP, Web content)
- Fuzzing Payloads (Databases, LFI, SQLi, XSS)
- Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
- Data Pattern lists
- Payload files (Zip bombs, flash, images)
- Username lists (Honeypot captures)
- Web shells
Install SecLists
Zip
|
1 2 3 |
wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \ && unzip SecList.zip \ && rm -f SecList.zip |
Git (Small)
|
1 |
git clone --depth 1 https://github.com/danielmiessler/SecLists.git |
Git (Complete)
|
1 |
git clone git@github.com:danielmiessler/SecLists.git |
You can access all the lists here:
Topic: Hacking Tools
DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract secret files directly from audio files or audio CD tracks.
This audio steganography tool can be used as copyright marking software for wave, flac, wma, ape, and audio CD.
DeepSound also support encrypting secret files using AES-256(Advanced Encryption Standard) to improve data protection. The application additionally contains an easy to use Audio Converter Module that can encode several audio formats (FLAC, MP3, WMA, WAV, APE) to others (FLAC, MP3, WAV, APE).
How to use DeepSound Audio Steganography Tool
To hide data into audio file, follow these steps:
- Click to ‘Open carrier files (F2)’ or drag and drop audio file (flac, wav, wma, mp3, ape) to Carrier audio files list.
- Click to ‘Add secret files (F3)’ or drag and drop secret files into the Secret files list on the bottom side of application.
- Press F4 key or click to ‘Encode secret files’ button.
- You can choose output audio format (wav, flac or ape). DeepSound does not support wma output format. If you want to hide data into wma, hide secret data into wav file and then use external software such as Windows Media Encoder for convert wav to wma lossless audio format.
- In ‘Encode secret files’ dialog window you can turn on/off AES-256 encryption. Modified audio file will be copied to output directory. If you want to change output directory, click to Settings.
- Click to ‘Encode secret files’ button to start hiding secret files into carrier audio file.
You can download DeepSound here:
Or read more here.
Topic: Cryptography
What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
Well luckily for you Acunetix compiles an annual web application vulnerability report which is a fairly hefty piece of analysis on data gathered from the previous year. This is compiled from the automated web and network perimeter scans run on the Acunetix Online platform, over a 12 month period, across more than 10,000 scan targets.
To be more specific:
- 67,355 Network scans
- 10,000 Scan targets
- 76,686 Web scans
It was found that as many that almost half of the scanned websites contain high severity vulnerabilities with almost all containing medium severity vulnerabilities.
Although SQL Injection vulnerabilities are on the slight decline, XSS vulnerabilities, vulnerable JavaScript libraries, and WordPress related issues were found to each claim a significant 30% of the sampled targets.
What are the most critical web vulnerabilities in 2019?
The report gives you the low down on:
- Which vulnerabilities are rising and falling in frequency
- Current security concerns, such as the increasing complexity of new apps, the accelerating rate of new versions, and the problem of scale
- Changes in threat landscape from both the client and server sides
- The four major stages of vulnerability analysis
- Vulnerability findings by type and severity
- An analysis of each discovered vulnerability in terms of how it works, its statistical status and pointers for remediation.
So, top line message – keep yourself safe!
You can download the full report here:
Topic: Advertorial
GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a Go-based tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (with wildcard support) – essentially a directory/file & DNS busting tool.
The author built YET ANOTHER directory and DNS brute forcing tool because he wanted..
- … something that didn’t have a fat Java GUI (console FTW).
- … to build something that just worked on the command line.
- … something that did not do recursive brute force.
- … something that allowed me to brute force folders and multiple extensions at once.
- … something that compiled to native on multiple platforms.
- … something that was faster than an interpreted script (such as Python).
- … something that didn’t require a run-time.
- … use something that was good with concurrency (hence Go).
- … to build something in Go that wasn’t totally useless.
Using GoBuster Directory/File & DNS Busting Tool
There are many options for GoBuster, these include:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
root: ./gobuster -help -fw - force processing of a domain with wildcard results. -np - hide the progress output. -m <mode> - which mode to use, either dir or dns (default: dir). -q - disables banner/underline output. -t <threads> - number of threads to run (default: 10). -u <url/domain> - full URL (including scheme), or base domain name. -v - verbose output (show all results). -w <wordlist> - path to the wordlist used for brute forcing (use - for stdin). -cn - show CNAME records (cannot be used with '-i' option). -i - show all IP addresses for the result. -a <user agent string> - specify a user agent string to send in the request header. -c <http cookies> - use this to specify any cookies that you might need (simulating auth). -e - specify extended mode that renders the full URL. -f - append / for directory brute forces. -k - Skip verification of SSL certificates. -l - show the length of the response. -n - "no status" mode, disables the output of the result's status code. -o <file> - specify a file name to write the output to. -p <proxy url> - specify a proxy to use for all requests (scheme much match the URL scheme). -r - follow redirects. -s <status codes> - comma-separated set of the list of status codes to be deemed a "positive" (default: 200,204,301,302,307). -x <extensions> - list of extensions to check for, if any. -P <password> - HTTP Authorization password (Basic Auth only, prompted if missing). -U <username> - HTTP Authorization username (Basic Auth only). -to <timeout> - HTTP timeout. Examples: 10s, 100ms, 1m (default: 10s). |
You can download GoBuster here:
Or read more here.
Topic: Hacking Tools
BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity. The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that […]
Topic: Hacking Tools
Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting. This produces categorized screenshots, server response headers and signature based default credential checking. It is written in Python heavily leveraging Recon-ng. Domains Subdomain Enumeration Tools […]
Topic: Hacking Tools