Darknet https://www.darknet.org.uk Hacking Tools, Hacker News & Cyber Security Mon, 02 Dec 2019 07:10:10 +0800 en-US hourly 1 https://wordpress.org/?v=5.3 https://www.darknet.org.uk/images/darknet_logo_small.jpghttps://www.darknet.org.uk/images/darknet_logo_small.jpgdf6f0b truffleHog – Search Git for High Entropy Strings with Commit History https://www.darknet.org.uk/2019/12/trufflehog-search-git-for-high-entropy-strings-with-commit-history/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/12/trufflehog-search-git-for-high-entropy-strings-with-commit-history/#respond Mon, 02 Dec 2019 07:09:50 +0000 https://www.darknet.org.uk/?p=5348 truffleHog – Search Git for High Entropy Strings with Commit History

truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.

truffleHog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks have been added, and the ability to surpress entropy checking has also been added.

truffleHog --regex --entropy=False https://github.com/dxa4481/truffleHog.git

or

truffleHog file:///user/dxa4481/codeprojects/truffleHog/

truffleHog will go through the entire commit history of each branch, and check each diff from each commit, and check for secrets.

Read the rest of truffleHog – Search Git for High Entropy Strings with Commit History now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/12/trufflehog-search-git-for-high-entropy-strings-with-commit-history/feed/ 0
AIEngine – AI-driven Network Intrusion Detection System https://www.darknet.org.uk/2019/11/aiengine-ai-driven-network-intrusion-detection-system/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/11/aiengine-ai-driven-network-intrusion-detection-system/#respond Mon, 25 Nov 2019 14:05:03 +0000 https://www.darknet.org.uk/?p=5231 AIEngine – AI-driven Network Intrusion Detection System

AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with capabilities of learning without any human intervention, DNS domain classification, Spam detection, network collector, network forensics and many others.

AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Functionality of AIEngine AI-driven Network Intrusion Detection System

The main functionalities of AIEngine are:

  • Support for interacting/programing with the user while the engine is running.

Read the rest of AIEngine – AI-driven Network Intrusion Detection System now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/11/aiengine-ai-driven-network-intrusion-detection-system/feed/ 0
Sooty – SOC Analyst All-In-One CLI Tool https://www.darknet.org.uk/2019/11/sooty-soc-analyst-all-in-one-cli-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/11/sooty-soc-analyst-all-in-one-cli-tool/#respond Fri, 01 Nov 2019 15:21:01 +0000 https://www.darknet.org.uk/?p=5285 Sooty – SOC Analyst All-In-One CLI Tool

Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.

The main goal of Sooty is to perform as much of the routine checks as possible which allows the analyst more time to spend on deeper analysis.

Features of Sooty SOC Analyst CLI Tool

  • Sanitise URL’s to be safe to send in emails
  • Perform reverse DNS and DNS lookups
  • Perform reputation checks from:
    • VirusTotal
    • BadIP’s
    • Abuse IPDB
  • Check if an IP address is a TOR exit node
  • Decode Proofpoint URL’s, UTF-8 encoded URLS, Office SafeLink URL’s and Base64 Strings
  • Get file hashes and compare them against VirusTotal (see requirements)
  • Perform WhoIs Lookups
  • Check Usernames and Emails against HaveIBeenPwned to see if a breach has occurred.

Read the rest of Sooty – SOC Analyst All-In-One CLI Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/11/sooty-soc-analyst-all-in-one-cli-tool/feed/ 0
UBoat – Proof Of Concept PoC HTTP Botnet Project https://www.darknet.org.uk/2019/10/uboat-proof-of-concept-poc-http-botnet-project/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/10/uboat-proof-of-concept-poc-http-botnet-project/#respond Wed, 23 Oct 2019 17:34:10 +0000 https://www.darknet.org.uk/?p=5296 UBoat – Proof Of Concept PoC HTTP Botnet Project

UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.

Reviews of popular botnets have shown HTTP-based botnets have a set of attributes that make it difficult for them to be detected. On the other hand, the number of studies focusing on the detection of HTTP-based botnets is relatively low (compared to the number of those on IRC-based and P2P botnets) especially in the HTTP-based mobile botnets which operate on the mobile devices and networks.

Read the rest of UBoat – Proof Of Concept PoC HTTP Botnet Project now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/10/uboat-proof-of-concept-poc-http-botnet-project/feed/ 0
LambdaGuard – AWS Lambda Serverless Security Scanner https://www.darknet.org.uk/2019/10/lambdaguard-aws-lambda-serverless-security-scanner/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Mon, 07 Oct 2019 07:46:46 +0000 https://www.darknet.org.uk/?p=5323 LambdaGuard –  AWS Lambda Serverless Security Scanner

LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.

LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results.

Read the rest of LambdaGuard – AWS Lambda Serverless Security Scanner now! Only available at Darknet.

]]>
exe2powershell – Convert EXE to BAT Files https://www.darknet.org.uk/2019/09/exe2powershell-convert-exe-to-bat-files/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Mon, 23 Sep 2019 05:59:19 +0000 https://www.darknet.org.uk/?p=5219 exe2powershell – Convert EXE to BAT Files

exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.

This will convert any binary file (*.exe) to a BAT file, the resulting BAT file contains only echo commands followed by a PowerShell command to re-create the original binary file.

This kind of tool can be useful during a pen-test when you want to trigger a shell without any upload feature.

Read the rest of exe2powershell – Convert EXE to BAT Files now! Only available at Darknet.

]]>
HiddenWall – Create Hidden Kernel Modules https://www.darknet.org.uk/2019/09/hiddenwall-create-hidden-kernel-modules/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Fri, 06 Sep 2019 18:12:16 +0000 https://www.darknet.org.uk/?p=5180 HiddenWall – Create Hidden Kernel Modules

HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers. It supports custom rules with netfilter (block ports, hidden mode, rootkit functions etc).

The motivation is basically another layer of protection, much like a hidden firewall – setting securelevel to 2 on BSD would have a similar effect.

In a typical attack, the bad actor can alter your IPTables or UFW rules – with HiddenWall you still have another layer that can block external access because it hooks directly into netfilter from kernel land.

Read the rest of HiddenWall – Create Hidden Kernel Modules now! Only available at Darknet.

]]>
Anteater – CI/CD Security Gate Check Framework https://www.darknet.org.uk/2019/08/anteater-ci-cd-security-gate-check-framework/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Fri, 30 Aug 2019 18:50:01 +0000 https://www.darknet.org.uk/?p=5168 Anteater – CI/CD Security Gate Check Framework

Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of nominated strings, filenames, binaries, deprecated functions, staging environment code/credentials etc.

It’s main function is to block content based on regular expressions.

Anything that can be specified with regular expression syntax, can be sniffed out by Anteater. You tell Anteater exactly what you don’t want to get merged, and anteater looks after the rest.

How Anteater CI/CD Security Gate Check Framework Works

If Anteater finds something, it exits with a non-zero code which in turn fails the build of your CI tool, with the idea that it would prevent a pull request merging.

Read the rest of Anteater – CI/CD Security Gate Check Framework now! Only available at Darknet.

]]>
Stardox – Github Stargazers Information Gathering Tool https://www.darknet.org.uk/2019/08/stardox-github-stargazers-information-gathering-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Wed, 28 Aug 2019 06:11:50 +0000 https://www.darknet.org.uk/?p=5205 Stardox – Github Stargazers Information Gathering Tool

Stardox is a Python-based GitHub stargazers information gathering tool, it scrapes Github for information and displays them in a list tree view. It can be used for collecting information about your or someone else’s repository stargazers details.

GitHub allows visitors to star a repo to bookmark it for later perusal. Stars represent a casual interest in a repo, and when enough of them accumulate, it’s natural to wonder what’s driving interest.

Read the rest of Stardox – Github Stargazers Information Gathering Tool now! Only available at Darknet.

]]>
ZigDiggity – ZigBee Hacking Toolkit https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/#comments Fri, 23 Aug 2019 15:08:24 +0000 https://www.darknet.org.uk/?p=5277 ZigDiggity – ZigBee Hacking Toolkit

ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.

ZigBee continues to grow in popularity as a method for providing simple wireless communication between devices (i.e. low power/traffic, short distance), & can be found in a variety of consumer products that range from smart home automation to healthcare. Security concerns introduced by these systems are just as diverse and plentiful, underscoring a need for quality assessment tools.

Read the rest of ZigDiggity – ZigBee Hacking Toolkit now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/feed/ 4