Archive | January, 2009

Using Twitter for Data Mining and Information Gathering

Outsmart Malicious Hackers


We’ve mentioned Twitter a few times lately as it has become a larger and larger part of the social web and the premier ‘micro-blogging’ platform.

There was a recent Phishing issue on Twitter and before that Twitter Jacking and a CSRF bug that allowed auto-following.

Due to the large update of Twitter, the amount of datable available on the site and it’s easily searchable nature it has become a great platform for data-mining and information gathering (the first and sometimes most important parts of any pen test/vuln ass or security test).

Twitter is fun. It’s also a powerful research tool. People increasingly use Twitter to share advice, opinions, news, moods, concerns, facts, rumors, and everything else imaginable. Much of that data is public and available for mining.

Here’s how to use Twitter to gather useful information about topics, companies, and individuals. I’ll cover native Twitter features, as well as third-party tools with catchy names, such as 5and2fish, Twitter Venn, TwitterFriends, PeopleBrowsr , Twitturly, Twitter Spectrum, and others.

Most of the techniques mentioned here don’t require you to be a registered Twitter user. If you use Twitter, consider what data tidbits you release there, and whether you need to be more careful.

People don’t tend to be so careful or post in such a considered manner when using Twitter as the tidbits posted are so short and off-the-cuff.

This leads to an interesting source of information for people like us doing research about an individual or organization. You can really get a good gauge on the publics feelings for a certain topic too by searching Twitter for relevant keywords.

For example if you search Twitter for ‘Darknet‘ you can see some people mentioning our posts and one guy pretty consistently re-syndicating our content onto the micro-blogging platform.

As you gather information on Twitter, be mindful of others attempting to manipulate you into arriving at their conclusions by feeding you misinformation. Cross-check data and understand its sources. For more on this, see Is Twitter A Market Manipulator’s Dream on the TwiTip blog. If the topic of reputational attacks interests you, also look at the SpinHunters blog.

If using Twitter to share information and stay in touch with your friends, be mindful of how others might misuse what you reveal about yourself, others, or your company. In the words of Wired magazine’s Steven Levy, “No matter how innocuous your individual tweets, the aggregate ends up being the foundation of a scary-deep self-portrait. It’s like a psychographic version of strip poker–I’m disrobing, 140 characters at a time.”

It’s an article well worth reading if you are a Twitter user or not, if you are an infosec professional it gives you another source to search when you are doing information gathering or data-mining tasks.

The Internet is always evolving along with the way people use it, as it becomes a more social platform – more information is bound to be ‘exposed‘ online – for us to find..

Source: SANS ISC

Learn about Hacking News



Posted in: Hacking News, Privacy, Social Engineering

Topic: Hacking News, Privacy, Social Engineering

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.


Acunetix Web Vulnerability Scanner 6 Review

Outsmart Malicious Hackers


As you might know if you’ve been reading for some time, I do occasionally review commercial software if it’s interesting and relevant – the last one I remember doing was back in 2007 “Outpost Security Suite PRO Review“.

This time it’s for a much more relevant piece of software IMHO, and one which I actually like using and have used in the past – Acunetix Web Vulnerability Scanner 6. Version 6 was recently released and has some quite exciting new features including the new more accurate Acusensor, Port Scanner and Network Alerts tool and actual Blind SQL Injection.

Acunetix

If you were previously using version 5 and you’re interesting in version 6 there are some good progressive changes. One good development is AcuSensor which goes much more in depth into web application security testing and code injection (it can find vulnerabilities that typical black box scanning wouldn’t). The new Port Scanning feature will perform some kind of Nessus like function and try and find vulnerabilities in network services, you can learn more about adding your own vulnerability scripts here.

Something important for me too is the additional of Pausing a scan, this is very useful especially on a long scan when you can only carry it out during off peak hours.

There are some other minor improvements like the ability to mark an alert as a false positive, improvements in the scheduler and general improvements in the searching and filtering features.

Installation

Installation is very easy, there are very few options to select and it’s just a next-next kind of install. There is the option of installing the BETA Firefox Plugin, which is pretty neat. No reboot is required during install, but you do need to Restart Firefox if you wish to utilize the Plugin.

Installation of Acunetix Web Vulnerability Scanner

Getting Started

Once you fire up the software it will let you know if there are any updates, it’s managed very well with no manual action needed by the user.

Acunetix Web Vulnerability Scanner - Scan Wizard

With the wizard it’s very easy to start a scan or any of the other tasks within WVS.

Acunetix Web Vulnerability Scanner - Scan Wizard

Once the target is selected it allows you to optimize the scan for various different technologies depending on the architecture of the site (PHP, ASP, Perl and so on).

Acunetix Web Vulnerability Scanner - Scan Target

Then the scanning options – it gives you 3 main options for scanning; Extensive, Heuristic and Quick.


Acunetix Web Vulnerability Scanner - Scan Options

It also offers you some variety in crawling options, how deep you want to go, should you scan above the root directory or only below and then after that it’s basically on auto-pilot (it does give you the option for HTTP Authentication if you need to scan something behind a login/password).

Features

The crawling and scanning is pretty comprehensive, whilst the scan is taking place it give you updates in terms of progress and in terms of anything it has found (categorised).

The progress section is quite detailed and shows which module is running, on which page of the site and generally what is happening (some scripts run concurrently).

Acunetix Web Vulnerability Scanner - Scan Information

As for anything it finds out of the ordinary, threats are categorised into 3 levels – High, Medium & Low. On top of that there is also info and knowledge base (such as which ports are open).

Acunetix Web Vulnerability Scanner - Scan Results

There are also other useful tools such as the HTTP Fuzzer and Sniffer which are good for examining HTTP traffic in detail and especially for exposing weak authentication schemes.

AcuSensor is interesting because it actually has a server side component, both for ASP.NET applications and PHP based web apps. This means that it can tell you exactly where in your code the flaw is – like this SQL Injection Vulnerability found in Mambo by AcuSensor.

There’s another example about backdoor code in web applications here, with the example this time being the WordPress 2.1.1 Vulnerability.

This is the first time I’ve encountered this kind of technology and I think it’s an excellent step forwards in automated code auditing and deeper web application security.

Surprisingly I also found some Legislation and Compliance reports inside the WVS, this was a welcome surprise (as I’ve been involved in many ISO27001 projects) something like this can really save time.

Conclusion

All in all it’s a well rounded tool with a pretty accurate scanning engine (You can find a list of vulnerabilities it checks for here including those for specific software), it’s come a long way since the earlier versions and is now quite strong in all areas of web application security testing.

The new AcuSensor also ensures more vulnerabilities are found and less false positives delivered – false positives are the bane of any vulnerability scanner. That’s where the consultant skill comes in, ascertaining which are real and which are not.

A good part is it’s quite usable by less technical people as it gives in-depth descriptions on both a conceptual and a technical level enabling people to understand the issue uncovered.

Darknet recommends Acunetix Web Vulnerability Scanner 6 highly, it could make a real difference to your work flow for the consultants and for the in-house guys it could help improve the security, stability and integrity of your web applications.

You can find more reviews about Acunetix WVS here and some Customer Testimonials here.

If you wish to read more about Acunetix WVS you can do so here and you can find the prices here (in both Euros and USD).

You can also check out WVS Free Edition.

Learn about Advertorial



Posted in: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.


Conficker (AKA Downadup or Kido) Infections Skyrocket To An Estimate 9 Million

Keep on Guard!


There hasn’t been a viral outbreak of this scale for quite some time, Conficker or Downadup as it’s known was only fairly recently discovered (Oct 2008) and has already infected an estimated 9 million machines!

It’s spreading fast though and it auto-updates itself via downloads from random domains making it almost impossible to stop as whatever countermeasures come out, it can just download itself the latest version and bypass them.

It also has multiple infection vectors including traveling via USB drives.

Infections of a worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is “skyrocketing”.

The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008. Anti-virus firm F-Secure estimates there are now 8.9m machines infected. Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft’s MS08-067 patch. In its security blog, F-Secure said that the number of infections based on its calculations was “skyrocketing” and that the situation was “getting worse”.

Speaking to the BBC, Graham Cluley, senior technology consultant with anti-virus firm Sophos, said the outbreak was of a scale they had not seen for some time.

The virus targets the services.exe process (Server service) by exploiting the vulnerability associated with the MS08-067 patch.

This was a serious remote execution flaw carried out by making a malformed RPC request, apparently it was reported ‘privately’. But now it seems that perhaps the details of the exploit weren’t that private after all.

According to Microsoft, the worm works by searching for a Windows executable file called “services.exe” and then becomes part of that code.

It then copies itself into the Windows system folder as a random file of a type known as a “dll”. It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine’s System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker’s web site. Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down. But Conficker does things differently.

It quite advanced even taking system restore out of the picture and downloading new files to update itself and to infect the machine further. It’s sneaky as it downloads from a bunch of seemingly randomly generated URLs making it very difficult to track and stop.

Many machines are infected in China, Brazil, Russia, and India – personally I think this is because piracy is rife in these areas and Microsoft doesn’t allow pirated copies of Windows to use Windows Update (especially with the WGA tool or Windows Genuine Advantage).

Source: BBC News (Thanks Navin)

Learn about Malware



Posted in: Malware

Topic: Malware

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.


FireCAT 1.5 Released – Firefox Catalog of Auditing Extensions

Outsmart Malicious Hackers


FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment

FireCAT 1.5 will be the last release of this 1.x branch. In fact, we are working on a new improved version 2.0 (management of plugins, instant download from security-database, ability to add new extension, extension version checker, Firefox 3.X compatible extensions..)

Changes for FireCAT 1.5

Categories :

  • New sub-category added “Anti Phising / Pharming / Jacking” under “Misc”
  • Renamed category “Network utilities” to “Network tools”
  • Added new sub-category “Protocols/Application” under “Network tools”
  • Added sub-category “Passwords” under “Network tools”

Extensions:

  • TraceAssure added in “Misc -> Anti Phishing”
  • Added Surf Jacking Cookie Security Inspector in “Misc->Anti phishing /pharming/jacking” : This extension is based on Sandro Gauci’s paper
  • Added entry Exploit-Me Suite in category “Security auditing”
  • Access-Me added in “Security auditing -> Exploit-Me Suite”
  • Added DNS Unpinning in “Network tools -> Protocols/application”
  • Added UnhidePassword in “Network tools -> Passwords”
  • Added BestSecurityTip in IT Security Related
  • Fixed links to SQL Inject-Me and XSS-Me

You can download Firecat 1.5 here:

FireCAT 1.5 Source (Zip – 5.2 kb)
FireCAT 1.5 Browsable HTML (Zip – 90.2 kb)
FireCAT 1.5 PDF (PDF – 224.1 kb)

Or read more here.

Learn about Hacking Tools



Posted in: Hacking Tools, Web Hacking

Topic: Hacking Tools, Web Hacking

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.


Next-Gen Botnets Taking The Place of Storm and Srizbi

Outsmart Malicious Hackers


Back in November there was a considerable drop in Spam when Spam friendly ISP McColo was cut off from the Internet by it’s upstream peer.

Srizbi worm was pretty smart though and was picking up again by the end of November. Later in the year the botnets were somewhat neutralised leading to a huge drop in spam.

But now, they are back – re-engineered – and ready to spam without going down again.

The demise late last year of four of the world’s biggest spam botnets was good news for anyone with an email inbox, as spam levels were cut in half – almost overnight. But the vacuum has created opportunities for a new breed of bots, some of which could be much tougher to bring down, several security experts are warning.

New botnets with names like Waledac and Xarvester are filling the void left by the dismantling of Storm and the impairment of Bobax, Rustock, and Srizbi, these researchers say. The new breed of botnets – massive networks of infected Windows machines that spammers use to blast out billions of junk messages – sport some new designs that may make them more immune to current take-down tactics.

Waledac is a good example. It appears to be a complete revision of Storm, that includes the same state-of-the-art peer-to-peer technology and fast-flux hosting found in its predecessor, according to researcher Joe Stewart of Atlanta-based security provider SecureWorks. But it differs from Storm in one significant way: Weak encryption protocols, which proved to be an Achilles Heel that led to its downfall, have been completely revamped

That’s one problem with attacking these botnets and the malware behind them, the people doing it aren’t kids having fun. They are business syndicates making serious money, so whatever you do – they are going to learn from it and adapt their software and methods to circumnavigate it.

That’s what seems to be happening now with Waledac, a new re-engineered version of Storm with stronger encryption protocols. They learnt from their mistakes and released a new, updated and more powerful version.

What amazes me is that in the Xarvester malware, it actually makes use of the Windows crash reports – sending them to the developers to make the bot more stable!

“Several researchers are actively studying the communications, but I don’t know if and when it will be broken and hijackable,” said Jose Nazario, a security researcher at Arbor Networks. “The guys behind the botnet seems intent on staying up and so evading researchers seems like the most appropriate thing to do.”

Waledac has amassed some 10,000 zombie computers so far, a tiny fraction of the bigger botnets. But Stewart expects it to be a major player in the coming months. Meanwhile, a spam botnet called Xarvester is making similar inroads. It is the world’s third-biggest spammer, accounting for over 13 percent of the world’s spam, according to Marshall. What’s more, its uncanny resemblance to Srizbi has sparked suspicions it is a reincarnation of that notorious botnet. Similarities include an HTTP-based command and control center that uses non-standard ports, encrypted template files used to send spam and configuration files with the common formats and data.

It also has a sophisticated feedback system that helps bot developers squash bugs so the software is harder to detect on a victim’s machine.

“Just like Srizbi, Xarvester has the ability to upload the Windows minidump crash dump file to a control server in the event that the bot crashes a system,” according to this analysis from Marshall. “This is presumably to help the botnet controllers debug their bot software.”

It seems like Xarvester has some uncanny resembelances to Srizbi too, so maybe it’s a new updated release from the same group which fixes the flaws that made Srizbi fail in the long term.

The infection rates for these bots are quite low currently, but due to the new measures the developers have taken they are likely to gain many more infections and be much harder to remove/detect and stop.

Source: The Register

Learn about Malware



Posted in: Malware, Phishing, Spammers & Scammers

Topic: Malware, Phishing, Spammers & Scammers

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.


The Associative Word List Generator (AWLG) – Create Related Wordlists for Password Cracking

Outsmart Malicious Hackers


You may remember some time back we did a fairly exhaustive post on Password Cracking Wordlists and Tools for Brute Forcing.

Wyd the Password Profiling Tool also does something similar to AWLG but it’s a PERL script rather than being based online.

I’d prefer if AWLG let us download an offline version too personally.

About AWLG

The Associative Word List Generator (AWLG) is a tool that generates a list of words relevant to some subjects, by scouring the Internet in an automated fashion.

Inclusion Example: A search string including the words (without quotes): “steve carell” would give us a word list with lots of words associated with the actor Steve Carell. This includes all of the words from his MySpace page, words from the Wikipedia article on him, etc.

Exclusion Example: We know that Steve Carell is an actor for lots of things, including a show called “The Office”. A search string: “steve carell” with omissions: “office” and “michael scott” would find words from websites that mention Steve Carell, but do not mention the word “office”, “michael”, or “scott”.

Privacy policy

AWLG.org does not record any transmitted search strings or user information. AWLG.org does record statistical information such as total site usage, total number of words generated per search, etc.

You can get cracking with AWLG here:

http://awlg.org/index.gen

Learn about Hacking Tools



Posted in: Hacking Tools, Password Cracking

Topic: Hacking Tools, Password Cracking

Latest Posts:


CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.