Archive | July, 2018

Enumall – Subdomain Discovery Using Recon-ng & AltDNS

The New Acunetix V12 Engine


Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.

Enumall - Subdomain Discovery Using Recon-ng & AltDNS


This gives you the ability to run multiple domains within the same session. The tool only has one module that needs an API key (/api/google_site) find instructions for that on the recon-ng wiki.

Setting up Enumall for Subdomain Discovery

Install recon-ng from Source, clone the Recon-ng repository:

Change into the Recon-ng directory:

Install dependencies:

Link the installation directory to /usr/share/recon-ng

Optionally (highly recommended) download:

AltDNS
– A good subdomain bruteforce list (example here)

Create the config.py file and specify the path to Recon-ng and AltDNS as it showed in config_sample.py.


Basic Usage for Subdomain Enumeration

Also supports:

You can download Enumall here:

enumall-amster.zip

Or read more here.

Posted in: Networking Hacking

Topic: Networking Hacking


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


RidRelay – SMB Relay Attack For Username Enumeration

The New Acunetix V12 Engine


RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.

RidRelay - SMB Relay Attack For Username Enumeration


How RidRelay SMB Relay Attack Works

RidRelay combines the SMB Relay attack, common lsarpc based queries and RID cycling to get a list of domain usernames. It takes these steps:

  1. Spins up an SMB server and waits for an incoming SMB connection
  2. The incoming credentials are relayed to a specified target, creating a connection with the context of the relayed user
  3. Queries are made down the SMB connection to the lsarpc pipe to get the list of domain usernames. This is done by cycling up to 50000 RIDs

For best results, use with Responder.


Using RidRelay to Enumerate Usernames

First, find a target host to relay to. The target must be a member of the domain and MUST have SMB Signin off. CrackMapExec can get this info for you very quick!

Start RidRelay pointing to the target:

OR

Also output usernames to file

You can download RidRelay here:

ridrelay-master.zip

Or read more here.

Posted in: Hacking Tools

Topic: Hacking Tools


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


NetBScanner – NetBIOS Network Scanner

Use Netsparker


NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.

NetBScanner - NetBIOS Network Scanner


For every computer located by this NetBIOS scanner, the following information is displayed:

  • IP Address
  • Computer Name
  • Workgroup or Domain
  • MAC Address
  • Network adapter manufacturer (from MAC address).

NetBScanner also shows whether a computer is a Master Browser. You can easily select one or more computers found by NetBScanner, and then export the list into csv/tab-delimited/xml/html file.

NetBIOS Network Scanner System Requirements

  • This utility works on every version of Windows, starting from Windows 2000 and up to Windows 10, including both 32-bit systems and x64 systems.
  • NetBIOS scan uses UDP port 137 to send and receive the NetBIOS data. If this port is blocked by your computer or in the remote network computers that you scan, the NetBIOS scan will not work.
  • When you run NetBScanner in the first time, you might get a warning from the Firewall of Windows. Even if you choose to keep blocking NetBScanner, the NetBIOS scan will still work properly.

Using NetBScanner NetBIOS Scanner

NetBScanner doesn’t require any installation process or additional dll files. In order to start using it, simply run the executable file – NetBScanner.exe

After running NetBScanner, you have to choose the IP addresses range to scan (by default, NetBScanner takes the IP addresses range from the configuration of your network adapter) and the scan speed. Be aware that if you increase the scan speed, the NetBIOS scan may become less reliable and miss some of your computers.


After you choose the desired scan option, click the ‘Ok’ button, and then NetBScanner will start scanning your network.

After the NetBIOS scan is finished, you can select one or more computers, and then export the computers list into csv/tab-delimited/xml/html file, by using the ‘Save Selected Items’ option (Ctrl+S)

Command-line Options for NetBIOS Scanning

Also check out:

nbtscan Download – NetBIOS Scanner For Windows & Linux

You can download NetBScanner here:

netbscanner.zip

Or read more here.

Posted in: Hacking Tools

Topic: Hacking Tools


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.