Darknet – Page 18 – WindowsTechs.com

Yuki Chan – Automated Penetration Testing Tool

Posted on October 1, 2017 by Darknet

Yuki Chan is an Automated Penetration Testing Tool that carries out a whole range of standard security auditing tasks automatically. It’s highly recommended to use this tool within Kali Linux OS as it already contains all the dependencies.

This tool is only designed for Linux OS so if you are not using Linux OS it won’t be much use, but if you have Android Smartphone or Tablet you can run this tool via Termux or GNURoot Debian.

Read the rest of Yuki Chan – Automated Penetration Testing Tool now! Only available at Darknet.

Continue reading Yuki Chan – Automated Penetration Testing Tool→

Deloitte Hacked – Client Emails, Usernames & Passwords Leaked

Posted on September 29, 2017 by Darknet

It seems to be non-stop lately, this time it’s Deloitte Hacked, which has also revealed all kinds of publically accessible resources that really should be more secure (VPN, RDP & Proxy services).

The irony is that Deloitte positions itself as a global leader in information security and offers consulting services to huge clients all over the planet, now it seems they don’t take their own advice. Honestly this is not all that uncommon, it’s human nature to leave your own stuff last as it doesn’t directly impact revenue or value (until you get hacked).

Read the rest of Deloitte Hacked – Client Emails, Usernames & Passwords Leaked now! Only available at Darknet.

Continue reading Deloitte Hacked – Client Emails, Usernames & Passwords Leaked→

Rapid7 Nexpose Community Edition – Free Vulnerability Scanner

Posted on September 26, 2017 by Darknet

Rapid7 Nexpose Community Edition is a free vulnerability scanner & security risk intelligence solution designed for organizations with large networks, prioritize and manage risk effectively.

It proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation.

Nexpose Community Edition Features

Data breaches are growing at an alarming rate. Your attack surface is constantly changing, the adversary is becoming more nimble than your security teams, and your board wants to know what you are doing about it.

Read the rest of Rapid7 Nexpose Community Edition – Free Vulnerability Scanner now! Only available at Darknet.

Continue reading Rapid7 Nexpose Community Edition – Free Vulnerability Scanner→

BSQLinjector – Blind SQL Injection Tool Download in Ruby

Posted on September 22, 2017 by Darknet

BSQLinjector is an easy to use Blind SQL Injection tool in Ruby, that uses blind methods to retrieve data from SQL databases. The download is below.

The author recommends using the “–test” switch to clearly see how configured payload looks like before sending it to an application.

What is Blind SQL Injection?

Blind SQL Injection is a type of SQL Injection (SQLi) attack that asks the database true or false questions and determines the answer based on the application’s response.

Read the rest of BSQLinjector – Blind SQL Injection Tool Download in Ruby now! Only available at Darknet.

Continue reading BSQLinjector – Blind SQL Injection Tool Download in Ruby→

CCleaner Hack – Spreading Malware To Specific Tech Companies

Posted on September 21, 2017 by Darknet

The CCleaner Hack is blowing up, with it initially estimated to be huge, it’s hit at least 700,000 computers and is specifically targeting 20 top tech organisations including Cisco, Intel, Microsoft, Akamai, Samsung and more for a second, more intrusive and pervasive layer of infection.

This could be classified as slightly ironic too as CCleaner is extremely popular software for removing crapware from computers, it was a clever assumption that a corrupt version would find itself installed in some very high-value networks.

Read the rest of CCleaner Hack – Spreading Malware To Specific Tech Companies now! Only available at Darknet.

Continue reading CCleaner Hack – Spreading Malware To Specific Tech Companies→

AWSBucketDump – AWS S3 Security Scanning Tool

Posted on September 19, 2017 by Darknet

AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files. It’s similar to a subdomain brute-forcing tool but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you’re not afraid to quickly fill up your hard drive.

Using the download feature might fill your hard drive up, you can provide a max file size for each download at the command line when you run the tool.

Read the rest of AWSBucketDump – AWS S3 Security Scanning Tool now! Only available at Darknet.

Continue reading AWSBucketDump – AWS S3 Security Scanning Tool→

nbtscan Download – NetBIOS Scanner For Windows & Linux

Posted on September 17, 2017 by Darknet

nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network, and this is the first step in the finding of open shares.

It is based on the functionality of the standard Windows tool nbtstat, but it operates on a range of addresses instead of just one.

What is nbtscan?

NETBIOS is commonly known as the Windows “Network Neighborhood” protocol, and (among other things), it provides a name service that listens on UDP port 137.

Read the rest of nbtscan Download – NetBIOS Scanner For Windows & Linux now! Only available at Darknet.

Continue reading nbtscan Download – NetBIOS Scanner For Windows & Linux→

Equifax Data Breach – Hack Due To Missed Apache Patch

Posted on September 14, 2017 by Darknet

The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.

The original statement about the breach is as follows for those that weren’t up to date with it, which came out Sept 7th (4 months AFTER the breach happened).

Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S.

Read the rest of Equifax Data Breach – Hack Due To Missed Apache Patch now! Only available at Darknet.

Continue reading Equifax Data Breach – Hack Due To Missed Apache Patch→

Seth – RDP Man In The Middle Attack Tool

Posted on September 12, 2017 by Darknet

Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection in order to extract clear text credentials.

It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks.

Usage of Seth RDP Man In The Middle Attack Tool

Run it like this:

$ ./seth.sh <INTERFACE> <ATTACKER IP> <VICTIM IP> <GATEWAY IP|HOST IP>

Unless the RDP host is on the same subnet as the victim machine, the last IP address must be that of the gateway.

Read the rest of Seth – RDP Man In The Middle Attack Tool now! Only available at Darknet.

Continue reading Seth – RDP Man In The Middle Attack Tool→

dcrawl – Web Crawler For Unique Domains

Posted on September 8, 2017 by Darknet

dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names.

How does dcrawl work?

dcrawl takes one site URL as input and detects all a href= links in the site’s body. Each found link is put into the queue. Successively, each queued link is crawled in the same way, branching out to more URLs found in links on each site’s body.

dcrawl Web Crawler Features

Branching out only to predefined number of links found per one hostname.

Read the rest of dcrawl – Web Crawler For Unique Domains now! Only available at Darknet.

Continue reading dcrawl – Web Crawler For Unique Domains→