Collaborate Disseminate
Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way.
Using Second Order Subdoma… Continue reading Second Order – Subdomain Takeover Scanner Tool
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware.
First uncovered in November last year, the DNSpion… Continue reading ‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
You missed AXFR technique didn’t you? (Open DNS zone transfers), so how does it work? CTFR does not use dictionary attack or b… Continue reading CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—an… Continue reading GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
Cybercriminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect.
A new strain of malware has now been discovered… Continue reading New Point-of-Sale Malware Steals Credit Card Data via DNS Queries
Altdns is a Subdomain Recon Tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdo… Continue reading altdns – Subdomain Recon Tool With Permutation Generation
A Google security researcher has discovered a severe vulnerability in Blizzard games that could allow remote attackers to run malicious code on gamers’ computers.
Played every month by half a billion users—World of Warcraft, Overwatch, Diablo III, Hea… Continue reading Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs
A Google security researcher has discovered a severe vulnerability in Blizzard games that could allow remote attackers to run malicious code on gamers’ computers.
Played every month by half a billion users—World of Warcraft, Overwatch, Diablo III, Hea… Continue reading Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs
When yesterday I was reporting about the sudden outbreak of another global ransomware attack ‘Bad Rabbit,’ I thought what could be worse than this?
Then late last night I got my answer with a notification that Coinhive has been hacked — a popular browser-based service that offers website owners to embed a JavaScript to utilise their site visitors’ CPUs power to mine the Monero cryptocurrency
Continue reading Hacker Hijacks CoinHive’s DNS to Mine Cryptocurrency Using Thousands of Websites
Bluto is a Python-based tool for DNS recon, DNS zone transfer testing, DNS wild card checks, DNS brute forcing, e-mail enumeration and more. The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them […]
The…
Read the full post at darknet.org.uk
Continue reading Bluto – DNS Recon, Zone Transfer & Brute Forcer