So the latest news from behind the Great Firewall of China is that they plan to crack down on all unapproved Darknet VPN services. This means all VPN providers, cloud service providers and ISPs will have to seek an annually renewed licence to operate a VPN Service. Really, not very surprising coming out of China […]
Archives for 2017
dns2proxy – Offensive DNS server
dns2proxy is an offensive DNS server that offers various features for post-exploitation once you’ve changed the DNS server of a victim. It’s very frequently used in combination with sslstrip. Features Traditional DNS Spoofing Implements DNS Spoofing via Forwarding Detects and corrects changes for sslstrip to work Usage Using the spoof.cfg config file with the format: […]
icmpsh – Simple ICMP Reverse Shell
icmpsh is a simple ICMP reverse shell with a win32 slave and a POSIX-compatible master in C, Perl or Python. The main advantage over the other similar open source tools is that it does not require administrative privileges to run onto the target machine. The tool is clean, easy and portable. The slave (client) runs […]
Free Manual Pen-Testing Tools
Not long after releasing v11 of their scanner, Acunetix has decided to deliver free manual pen-testing tools. Previously these tools were only available to paying Acunetix customers, now anyone can use them to make their manual web application testing easier. Penetration testers can make use of an HTTP Editor to modify or craft HTTP requests […]
ZGrab – Application Layer Scanner For ZMap
ZGrab is a Go-based application layer scanner that operates with ZMap and supports multiple protocols and services including TLS, IMAP, SMTP, POP3 etc. It also stores TLS version and can detect Heartbleed. Building You will need to have a valid $GOPATH set up, for more information about $GOPATH, see https://golang.org/doc/code.html. Once you have a working […]