Darknet https://www.darknet.org.uk Hacking Tools, Hacker News & Cyber Security Fri, 23 Aug 2019 15:08:44 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.2 https://www.darknet.org.uk/images/darknet_logo_small.jpghttps://www.darknet.org.uk/images/darknet_logo_small.jpgdf6f0b ZigDiggity – ZigBee Hacking Toolkit https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/#respond Fri, 23 Aug 2019 15:08:24 +0000 https://www.darknet.org.uk/?p=5277 ZigDiggity – ZigBee Hacking Toolkit

ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.

ZigBee continues to grow in popularity as a method for providing simple wireless communication between devices (i.e. low power/traffic, short distance), & can be found in a variety of consumer products that range from smart home automation to healthcare. Security concerns introduced by these systems are just as diverse and plentiful, underscoring a need for quality assessment tools.

Read the rest of ZigDiggity – ZigBee Hacking Toolkit now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/08/zigdiggity-zigbee-hacking-toolkit/feed/ 0
RandIP – Network Mapper To Find Servers https://www.darknet.org.uk/2019/07/randip-network-mapper-to-find-servers/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/07/randip-network-mapper-to-find-servers/#comments Fri, 26 Jul 2019 23:47:27 +0000 https://www.darknet.org.uk/?p=5261 RandIP – Network Mapper To Find Servers

RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.

RandIP – Network Mapper Features

  • HTTP and HTTPS enumeration
  • Python enumeration exploits
  • SSH enumeration exploits
  • Logger and error-code handler
  • SSH and Telnet Timeouts to prevent blocking
  • SSH Enumerations work in tandem

You can download RandIP here:

randip-master.zip

Or read more here.

Read the rest of RandIP – Network Mapper To Find Servers now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/07/randip-network-mapper-to-find-servers/feed/ 1
Nipe – Make Tor Default Gateway For Network https://www.darknet.org.uk/2019/07/nipe-make-tor-default-gateway-for-network/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/07/nipe-make-tor-default-gateway-for-network/#comments Thu, 18 Jul 2019 13:21:37 +0000 https://www.darknet.org.uk/?p=5237 Nipe – Make Tor Default Gateway For Network

Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network through which you can surf the internet anonymously without having to worry about being tracked or traced back.

Tor enables users to surf the internet, chat and send instant messages anonymously, and is used by a wide variety of people for both licit and illicit purposes.

Read the rest of Nipe – Make Tor Default Gateway For Network now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/07/nipe-make-tor-default-gateway-for-network/feed/ 1
Mosca – Manual Static Analysis Tool To Find Bugs https://www.darknet.org.uk/2019/07/mosca-manual-static-analysis-tool-to-find-bugs/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/07/mosca-manual-static-analysis-tool-to-find-bugs/#respond Thu, 11 Jul 2019 15:10:21 +0000 https://www.darknet.org.uk/?p=5243 Mosca – Manual Static Analysis Tool To Find Bugs

Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.

There are various ‘egg’ modules which contain patterns to scan for, it can scan through files recursively limited by file extension and logs results to an XML text file.

It’s also fairly easy to extend and add your own modules/eggs/languages.

Manual Static Analysis Tool Language Support

Languages it can scan for vulnerabilities are:

  • ASP
  • C
  • C#
  • Java
  • JavaScript
  • PHP
  • Ruby
  • Swift

You can download Mosca here:

Mosca-master.zip

Or read more here.

Read the rest of Mosca – Manual Static Analysis Tool To Find Bugs now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/07/mosca-manual-static-analysis-tool-to-find-bugs/feed/ 0
Slurp – Amazon AWS S3 Bucket Enumerator https://www.darknet.org.uk/2019/07/slurp-amazon-aws-s3-bucket-enumerator/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/07/slurp-amazon-aws-s3-bucket-enumerator/#respond Mon, 01 Jul 2019 06:35:02 +0000 https://www.darknet.org.uk/?p=5162 Slurp – Amazon AWS S3 Bucket Enumerator

Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan from an external perspective or an AWS API to scan internally.

There are two modes that this tool operates at; blackbox and whitebox mode. Whitebox mode (or internal) is significantly faster than blackbox (external) mode.

Blackbox (external)

In this mode, you are using the permutations list to conduct scans.

Read the rest of Slurp – Amazon AWS S3 Bucket Enumerator now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/07/slurp-amazon-aws-s3-bucket-enumerator/feed/ 0
US Government Cyber Security Still Inadequate https://www.darknet.org.uk/2019/06/us-government-cyber-security-still-inadequate/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/06/us-government-cyber-security-still-inadequate/#respond Thu, 27 Jun 2019 15:47:39 +0000 https://www.darknet.org.uk/?p=5174 US Government Cyber Security Still Inadequate

Surprise, surprise, surprise – an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.

US Government security has often been called into question but we’d hope in 2019 it would have gotten better and at least everyone would have adopted the anti-virus solution introduced in 2013..

A committee report (PDF) examining a decade of internal audits this week concluded that outdated systems, unpatched software, and weak data protection are so widespread that it’s clear American bureaucrats fail to meet even basic security requirements.

Read the rest of US Government Cyber Security Still Inadequate now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/06/us-government-cyber-security-still-inadequate/feed/ 0
BloodHound – Hacking Active Directory Trust Relationships https://www.darknet.org.uk/2019/06/bloodhound-hacking-active-directory-trust-relationships/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Mon, 24 Jun 2019 14:52:53 +0000 https://www.darknet.org.uk/?p=5142 BloodHound – Hacking Active Directory Trust Relationships

BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.

Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use it to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.

Read the rest of BloodHound – Hacking Active Directory Trust Relationships now! Only available at Darknet.

]]>
SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells https://www.darknet.org.uk/2019/04/seclists-usernames-passwords-urls-sensitive-data-patterns-fuzzing-payloads-web-shells/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Tue, 30 Apr 2019 08:06:38 +0000 https://www.darknet.org.uk/?p=5106 SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.

List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

Contents of SecLists

Each section has tonnes of content including the below:

  • Discovery lists (DNS, SNMP, Web content)
  • Fuzzing Payloads (Databases, LFI, SQLi, XSS)
  • Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
  • Data Pattern lists
  • Payload files (Zip bombs, flash, images)
  • Username lists (Honeypot captures)
  • Web shells

Install SecLists

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& unzip SecList.zip \
&& rm -f SecList.zip

Git (Small)

git clone --depth 1 https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone git@github.com:danielmiessler/SecLists.git

You can access all the lists here:

https://github.com/danielmiessler/SecLists

Read the rest of SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells now! Only available at Darknet.

]]>
DeepSound – Audio Steganography Tool https://www.darknet.org.uk/2019/03/deepsound-audio-steganography-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed https://www.darknet.org.uk/2019/03/deepsound-audio-steganography-tool/#comments Tue, 05 Mar 2019 10:34:11 +0000 http://www.darknet.org.uk/?p=4487 DeepSound – Audio Steganography Tool

DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract secret files directly from audio files or audio CD tracks.

This audio steganography tool can be used as copyright marking software for wave, flac, wma, ape, and audio CD.

DeepSound also support encrypting secret files using AES-256(Advanced Encryption Standard) to improve data protection. The application additionally contains an easy to use Audio Converter Module that can encode several audio formats (FLAC, MP3, WMA, WAV, APE) to others (FLAC, MP3, WAV, APE).

Read the rest of DeepSound – Audio Steganography Tool now! Only available at Darknet.

]]>
https://www.darknet.org.uk/2019/03/deepsound-audio-steganography-tool/feed/ 1
What are the MOST Critical Web Vulnerabilities in 2019? https://www.darknet.org.uk/2019/02/what-are-the-most-critical-web-vulnerabilities-in-2019/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed Wed, 27 Feb 2019 06:43:24 +0000 https://www.darknet.org.uk/?p=5114 What are the MOST Critical Web Vulnerabilities in 2019?

So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?

Well luckily for you Acunetix compiles an annual web application vulnerability report which is a fairly hefty piece of analysis on data gathered from the previous year. This is compiled from the automated web and network perimeter scans run on the Acunetix Online platform, over a 12 month period, across more than 10,000 scan targets.

Read the rest of What are the MOST Critical Web Vulnerabilities in 2019? now! Only available at Darknet.

]]>