Darknet https://www.darknet.org.uk Hacking Tools, Hacker News & Cyber Security Mon, 17 Aug 2020 18:50:29 +0000 en-US hourly 1 https://wordpress.org/?v=5.5.1 https://www.darknet.org.uk/images/darknet_logo_small.jpghttps://www.darknet.org.uk/images/darknet_logo_small.jpgdf6f0b Arcane – Tool To Backdoor iOS Packages (iPhone ARM) https://www.darknet.org.uk/2020/08/arcane-tool-to-backdoor-ios-packages-iphone-arm/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/08/arcane-tool-to-backdoor-ios-packages-iphone-arm/#respond Mon, 17 Aug 2020 08:03:23 +0000 https://www.darknet.org.uk/?p=5469 Arcane – Tool To Backdoor iOS Packages (iPhone ARM)

Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.

It was created to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device.

How Arcane Tool To Backdoor iOS Package Works

It’s possible to supply scripts as part of a package when installing or removing applications. Package maintainer scripts include the preinst, postinst, prerm, and postrm files.

Read the rest of Arcane – Tool To Backdoor iOS Packages (iPhone ARM) now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/08/arcane-tool-to-backdoor-ios-packages-iphone-arm/feed/ 0
SharpHose – Asynchronous Password Spraying Tool https://www.darknet.org.uk/2020/07/sharphose-asynchronous-password-spraying-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/07/sharphose-asynchronous-password-spraying-tool/#respond Mon, 27 Jul 2020 14:50:13 +0000 https://www.darknet.org.uk/?p=5448 SharpHose – Asynchronous Password Spraying Tool

SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly.

It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers. The tool takes into consideration the domain password policy, including fine-grained password policies, in an attempt to avoid account lockouts.

Read the rest of SharpHose – Asynchronous Password Spraying Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/07/sharphose-asynchronous-password-spraying-tool/feed/ 0
Axiom – Pen-Testing Server For Collecting Bug Bounties https://www.darknet.org.uk/2020/07/axiom-pen-testing-server-for-collecting-bug-bounties/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Mon, 06 Jul 2020 19:09:32 +0000 https://www.darknet.org.uk/?p=5453 Axiom – Pen-Testing Server For Collecting Bug Bounties

Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.

With Axiom, you just need to run a single command to get setup, and then you can use the Axiom toolkit scripts to spin up and down your new hacking VPS.

Setting up your own ‘hacking vps’, to catch shells, run enumeration tools, scan, let things run in the background in a tmux window, used to be an afternoon project – running into a whole day sometimes if you hit some package isues or ‘dependency hell’.

Read the rest of Axiom – Pen-Testing Server For Collecting Bug Bounties now! Only available at Darknet.

]]>
Quasar RAT – Windows Remote Administration Tool https://www.darknet.org.uk/2020/05/quasar-rat-windows-remote-administration-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/05/quasar-rat-windows-remote-administration-tool/#comments Wed, 27 May 2020 17:41:21 +0000 https://www.darknet.org.uk/?p=5456 Quasar RAT – Windows Remote Administration Tool

Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring.

It aims to provide high stability and an easy-to-use user interface and is a free, open source tool.

Features of Quasar RAT Windows Remote Administration Tool

The main features that can be found in Quasar are:

  • TCP network stream (IPv4 & IPv6 support)
  • Fast network serialization (Protocol Buffers)
  • Compressed (QuickLZ) & Encrypted (TLS) communication
  • UPnP Support
  • Task Manager
  • File Manager
  • Startup Manager
  • Remote Desktop
  • Remote Shell
  • Remote Execution
  • System Information
  • Registry Editor
  • System Power Commands (Restart, Shutdown, Standby)
  • Keylogger (Unicode Support)
  • Reverse Proxy (SOCKS5)
  • Password Recovery (Common Browsers and FTP Clients)

Using Quasar Windows Remote Administration Tool

1.

Read the rest of Quasar RAT – Windows Remote Administration Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/05/quasar-rat-windows-remote-administration-tool/feed/ 1
Pingcastle – Active Directory Security Assessment Tool https://www.darknet.org.uk/2020/05/pingcastle-active-directory-security-assessment-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/05/pingcastle-active-directory-security-assessment-tool/#comments Mon, 18 May 2020 16:56:26 +0000 https://www.darknet.org.uk/?p=5427 Pingcastle – Active Directory Security Assessment Tool

PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level with a methodology based on a risk assessment and maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.

The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org.

CMMI is a well known methodology from the Carnegie Mellon university to evaluate the maturity with a grade from 1 to 5, PingCastle has adapated CMMI to Active Directory security.

Read the rest of Pingcastle – Active Directory Security Assessment Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/05/pingcastle-active-directory-security-assessment-tool/feed/ 1
Second Order – Subdomain Takeover Scanner Tool https://www.darknet.org.uk/2020/04/second-order-subdomain-takeover-scanner-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Thu, 30 Apr 2020 14:46:33 +0000 https://www.darknet.org.uk/?p=5392 Second Order – Subdomain Takeover Scanner Tool

Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way.

Using Second Order Subdomain Takeover Scanner Tool

Command line options:

-base string
Base link to start scraping from (default "http://127.0.0.1")
-config string
Configuration file (default "config.json")
-debug
Print visited links in real-time to stdout
-output string
Directory to save results in (default "output")

Example:

go run second-order.go -base https://example.com -config config.json -output example.com -concurrency 10

Config File for Second Order Subdomain Takeover Scanner Tool

Example configuration file included (config.json)

  • Headers: A map of headers that will be sent with every request.

Read the rest of Second Order – Subdomain Takeover Scanner Tool now! Only available at Darknet.

]]>
Binwalk – Firmware Security Analysis & Extraction Tool https://www.darknet.org.uk/2020/04/binwalk-firmware-security-analysis-extraction-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/04/binwalk-firmware-security-analysis-extraction-tool/#comments Tue, 14 Apr 2020 16:14:56 +0000 https://www.darknet.org.uk/?p=5436 Binwalk – Firmware Security Analysis & Extraction Tool

Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images.

Features of Binwalk Firmware Security Analysis & Extraction Tool

  • Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems
  • File Extraction – You can tell binwalk to extract any files that it finds in the firmware image
  • Entropy Analysis – Can help identify interesting sections of data inside a firmware image
  • String Search – Allows you to search the specified file(s) for a custom string

There are also various filters such as by CPU architecture, number of instructions, include filter, exclude filter,

Installation of Binwalk Firmware Security Analysis & Extraction Tool

Download binwalk:

$ wget https://github.com/ReFirmLabs/binwalk/archive/master.zip
$ unzip master.zip

Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:

$ (cd binwalk-master && sudo python setup.py uninstall && sudo python setup.py install)

Debian users can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):

$ sudo ./binwalk-master/deps.sh

If you are not a Debian user, or if you wish to install only selected dependencies, see the INSTALL documentation for more details.

Read the rest of Binwalk – Firmware Security Analysis & Extraction Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/04/binwalk-firmware-security-analysis-extraction-tool/feed/ 1
zBang – Privileged Account Threat Detection Tool https://www.darknet.org.uk/2020/03/zbang-privileged-account-threat-detection-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/03/zbang-privileged-account-threat-detection-tool/#comments Tue, 31 Mar 2020 15:20:31 +0000 https://www.darknet.org.uk/?p=5424 zBang –  Privileged Account Threat Detection Tool

zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture of the network.

The results can be analyzed with the graphic interface or by reviewing the raw output files.

The tool is built from five different scanning modules:

  • ACLight scan – discovers the most privileged accounts that must be protected, including suspicious Shadow Admins.

Read the rest of zBang – Privileged Account Threat Detection Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/03/zbang-privileged-account-threat-detection-tool/feed/ 2
Memhunter – Automated Memory Resident Malware Detection https://www.darknet.org.uk/2020/03/memhunter-automated-memory-resident-malware-detection/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/03/memhunter-automated-memory-resident-malware-detection/#comments Sun, 29 Mar 2020 07:14:18 +0000 https://www.darknet.org.uk/?p=5377 Memhunter – Automated Memory Resident Malware Detection

Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving the threat hunter analysis process and remediation times.

It’s a self contained binary that can be deployed and managed at scale, does not use memory dumps and relies purely on memory inspection to do its work. It also does not require any complex infrastructure to deploy.

The tool was designed as a replacement of memory forensic volatility plugins such as malfind and hollowfind.

Read the rest of Memhunter – Automated Memory Resident Malware Detection now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/03/memhunter-automated-memory-resident-malware-detection/feed/ 3
Sandcastle – AWS S3 Bucket Enumeration Tool https://www.darknet.org.uk/2020/03/sandcastle-aws-s3-bucket-enumeration-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2020/03/sandcastle-aws-s3-bucket-enumeration-tool/#comments Tue, 24 Mar 2020 15:48:52 +0000 https://www.darknet.org.uk/?p=5419 Sandcastle – AWS S3 Bucket Enumeration Tool

Sandcastle is a Python-based Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations.

Amazon S3 [Simple Storage Service] is cloud storage for the Internet. To upload your data (photos, videos, documents etc.), you first create a bucket in one of the AWS Regions. You can then upload any number of objects to the bucket.

Read the rest of Sandcastle – AWS S3 Bucket Enumeration Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2020/03/sandcastle-aws-s3-bucket-enumeration-tool/feed/ 2