Archive | April, 2017

spectrology – Basic Audio Steganography Tool

The New Acunetix V12 Engine


spectrology is a Python-based audio steganography tool that can convert images to audio files with a corresponding spectrogram encoding, this allows you to hide hidden messages via images inside audio files.

spectrology - Basic Audio Steganography Tool

Using this tool you can select range of frequencies to be used and all popular image codecs are supported.


Usage

Example

You can download spectrology here:

spectrology-master.zip

Or read more here.

Posted in: Cryptography, Hacking Tools, Privacy

Topic: Cryptography, Hacking Tools, Privacy


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


PowerMemory – Exploit Windows Credentials In Memory

Use Netsparker


PowerMemory is a PowerShell based tool to exploit Windows credentials present in files and memory, it levers Microsoft signed binaries to hack Windows.

PowerMemory - Exploit Windows Credentials In Memory

The method is totally new. It proves that it can be extremely easy to get credentials or any other information from Windows memory without needing to code in C-type languages. In addition, with this method, we can modify the user-land and kernel land behaviour without being caught by antivirus or new defending techniques.

It can actually be done with 4GL language-type or with a scripting language like PowerShell which is installed everywhere.

With that being said, this technique implies that the detection is made hard due to the fact that we can do pretty much what we want by sending and receiving bytes.


Features

  • It’s fully written in PowerShell
  • It can work locally as well as remotely
  • It can get the passwords of virtual machines without having any access to them (works for Hyper-V and VMware)
  • It does not use the operating system .dll to locate credentials address in memory but a Microsoft Signed Debugger
  • PowerMemory maps the keys in the memory and cracks everything by itself (AES, TripleDES, DES-X)
  • It breaks undocumented Microsoft DES-X
  • It works even if you are on a different architecture than the target architecture
  • It leaves no trace in memory
  • It can manipulate memory to fool software and operating system
  • It can write the memory to execute shellcode without making any API call, it only sends bytes to write at specific addresses

You can use the module waiting to be integrated to leave Wonder Land and launch a crafted advanced attack with PowerShell Empire serving as the vector.

You can download PowerMemory here:

PowerMemory-master.zip

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking

Topic: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


Microsoft Azure Web Application Firewall (WAF) Launched

The New Acunetix V12 Engine


Not too long after Amazon launched their cloud protection WAF the Microsoft Azure Web Application Firewall (WAF) has been made generally available in all public Azure DCs.

Microsoft Azure Web Application Firewall (WAF) Launched

It’s a good move with the majority of websites and services moving into one of the big 3 cloud providers (AWS, Google or Azure) and the vast majority of attacks coming from the same few patterns (SQL Injection, XSS etc). A WAF can mitigate against a lot of that without too much worry of false positives.

Microsoft is making it harder for cyber-attackers to target web applications hosted on its Azure cloud computing platform.

Azure Web Application Firewall (WAF), a component of the company’s Azure Application Gateway offering, is now generally available in all public Azure data center regions. Azure Application Gateway is a cloud-based HTTP (Hypertext Transfer Protocol) load-balancing and SSL (Secure Sockets Layer) offloading system that enables businesses to build and deliver scalable and secure web applications.

With the addition of the Web Application Firewall, customers can now fortify their applications, making them less susceptible to cross-site scripting attacks, SQL injection and other methods of exploiting or disrupting web applications. The firewall provides protection for up to 20 websites per gateway.

In its analysis of web security landscape for the fourth quarter of 2016, Akamai found that SQL injection was responsible for 51 percent of all web application attacks. As the term suggests, SQL injection involves inserting or “injecting” code into database-driven applications for the purposes of tampering with data, extracting information and other activities that pose a risk to sensitive or critical business data.


The Azure WAF is part of their Application Gateway and is now available across all public data center regions.

As with most things Microsoft it seems to be a bit more automated and a bit less manual than the AWS option which is basically just a glorified regex engine you have to configure yourself.

In addition to blocking SQL injection and cross-site scripting attempts, Azure Web Application Firewall can stop other common attack methods like remote file inclusion, command injection and HTTP request smuggling and response splitting, explained Yousef Khalidi, corporate vice president of Azure Networking at Microsoft, in a March 30 blog post.

It can also thwart attacks that depend on HTTP protocol anomalies and violations, along with misconfigured Apache and Internet Information Services (IIS) deployments, among other servers and applications involved in delivering a web application.

Automated tools like bots and crawlers are similarly blocked. Finally, the firewall helps customers stand up to debilitating HTTP denial-of-service attacks, added Khalidi.

Packing a big punch, courtesy of vast armies of compromised PCs and Internet of Things (IoT) devices, denial-of-service attacks have emerged into one of the leading threats affecting today’s web-facing businesses.

Last September, a website belonging to renowned security blogger Brian Krebs was hit with a massive distributed denial-of-service (DDoS) attack that overwhelmed his site with 665 Gbps of disruptive traffic.

The scale of the attack forced Akamai, the content delivery network who provided DDoS protection to the blog, to drop its support Krebs. Around the same time, French cloud computing company OVH reported a DDoS attack approaching 1 Tbps.

It also by default mitigates against more types of attacks, and some common misconfigurations – which you see a lot of in the cloud space (hello MongoDB).

Now we’ll have to wait and see if Google Cloud Platform comes out with a similar offering, then they will all be on par again.

Source: eWeek

Posted in: Countermeasures, Web Hacking

Topic: Countermeasures, Web Hacking


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


HashData – A Command-line Hash Identifying Tool

Use Netsparker


HashData is a Ruby-based command-line REPL Hash Identifying Tool with support for a lot of different (most popular) hash types.

HashData - A Command-line Hash Identifying Tool

Installation

Usage

Command Line

When installed, run hashdata and paste in hashes when prompted.

Library

Example Script:

The above should output true. The library only matches the start of your second input, this means that you can check something is an MD5 hash without having to worry about if it is from Joomla or Unix for example.


Hashes Supported

  • Adler32
  • Blowfish(Eggdrop), Blowfish(OpenBSD)
  • CRC-16, CRC-16-CCITT
  • CRC-32, CRC-32B
  • CRC-96(ZIP)
  • Domain Cached Credentials, Domain Cached Credentials 2
  • DES(Unix), DES(Oracle)
  • FCS-16, FCS-32
  • FNV-132, FNV-164
  • GOST R 34.11-94
  • GHash-32-3, GHash-32-5
  • Haval-128, Haval-160, Haval-192, Haval-224, Haval-256
  • Joaat
  • Lineage II C4
  • LM
  • Lotus Domino
  • MD2, MD4, MD5
  • MD5(Joomla), MD5(osCommerce), MD5(PalshopCMS)
  • MD5(APR), MD5(Cisco PIX), MD5(Unix)
  • MD5(IP.Board), MD5(MyBB), MD5(phpBB3), MD5(WordPress)
  • MySQL3.x, MySQL4.x, MySQL5.x
  • MSSQL(2000), MSSQL(2005), MSSQL(2008)
  • NTLM
  • RAdmin v2.x
  • RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320
  • SAM(LM_Hash:NT_Hash)
  • SHA-1, SHA-1(Django), SHA-1(MaNGOS), SHA-1(MaNGOS2)
  • SHA-224
  • SHA-256, SHA-256(Django), SHA-256(Unix)
  • SHA3-224, SHA3-256, SHA3-384, SHA3-512
  • SHA-384, SHA-384(Django)
  • SHA-512, SHA-512(Drupal), SHA-512(Unix)
  • SSHA-1
  • Skein-256, Skein-256(128), Skein-256(160), Skein-256(224)
  • Skein-512, Skein-512(128), Skein-512(160), Skein-512(224), Skein-512(256), Skein-512(384)
  • Skein-1024, Skein-1024(384), Skein-1024(512)
  • Snefru-128, Snefru-256
  • Tiger-128, Tiger-160, Tiger-192
  • VNC
  • Whirlpool
  • XOR-32

You can download HashData here:

HashData-v0.0.3.zip

Or read more here.

Posted in: Cryptography, Hacking Tools, Password Cracking

Topic: Cryptography, Hacking Tools, Password Cracking


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.