Monday, August 31, 2020

WPSeku V0.4 - Wordpress Security Scanner

This summary is not available. Please click here to view the post.
Posted by at No comments:

Sunday, August 30, 2020

Urlgrab - A Golang Utility To Spider Through A Website Searching For Additional Links


A golang utility to spider through a website searching for additional links with support for JavaScript rendering.

Install
go get -u github.com/iamstoxe/urlgrab

Features
  • Customizable Parallelism
  • Ability to Render JavaScript (including Single Page Applications such as Angular and React)

Usage
Usage of urlgrab:
  -cache-dir string
        Specify a directory to utilize caching. Works between sessions as well.
  -debug
        Extremely verbose debugging output. Useful mainly for development.
  -delay int
        Milliseconds to randomly apply as a delay between requests. (default 2000)
  -depth int
        The maximum limit on the recursion depth of visited URLs.  (default 2)
  -headless
        If true the browser will be displayed while crawling.
        Note: Requires render-js flag
        Note: Usage to show browser: --headless=false (default true)
  -ignore-query
        Strip the query portion of the URL before determining if we've visited it yet.
  -ignore-ssl
        Scrape pages with invalid SSL certificates
  -js-timeout int
        The amount of seconds before a request to render    javascript should timeout. (default 10)
  -json string
        The filename where we should store the output JSON file.
  -max-body int
        The limit of the retrieved response body in kilobytes.
        0 means unlimited.
        Supply this value in kilobytes. (i.e. 10 * 1024kb = 10MB) (default 10240)
  -no-head
        Do not send HEAD requests prior to GET for pre-validation.
  -output-all string
        The directory where we should store the output files.
  -proxy string
        The SOCKS5 proxy to utilize (format: socks5://127.0.0.1:8080 OR http://127.0.0.1:8080).
        Supply multiple proxies by separating them with a comma.
  -random-agent
        Utilize a random user agent string.
  -render-js
        Determines if we utilize a headless chrome instance to render javascript.
  -root-domain    string
        The root domain we should match links against.
        If not specified it will default to the host of --url.
        Example: --root-domain google.com
  -threads int
        The number of threads to utilize. (default 5)
  -timeout int
        The amount of seconds before a request should timeout. (default 10)
  -url string
        The URL where we should start crawling.
  -urls string
        A file path that contains a list of urls to supply as starting urls.
        Requires --root-domain flag.
  -user-agent string
        A user agent such as (Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0).
  -verbose
        Verbose output

Author
Devin Stokes




via KitPloit
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
Related articles
Posted by at No comments:

The Pillager 0.7 Release

I spent the last couple days recoding the Pillager, getting rid of bugs, optimizing code, making it more extendable and more solid overall. So this post is to release the new code.  However, with that being said, the Pillager is in mass revision right now and I added some more developers to the team to add a whole host of new database attacking features as well as moving past databases and into other areas of post exploitation pillaging. Soon to be released..  As usual this tool and any tool i create is based on my issues when performing penetration tests and solves those problems.. If you have any insight or comments i will certainly take them into consideration for future releases.

For now check out Version 0.7.. Named searches and Data searches via external config files are now functioning properly as well as other bugs fixed along the way... Drop this in a BT5 VM and make sure you have your DB python stuff installed per the help docs and you should be good to go.  If you are looking to use oracle you are going to have to install all the oracle nonsense from oracle or use a BT4r2 vm which has most of the needed drivers minus cxoracle which will need to be installed.

http://consolecowboys.org/pillager/pillage_0.7.zip



Ficti0n$ python pillager.py
 
[---] The Database Pillager (DBPillage) [---]
[---] CcLabs Release [---]
[---] Authors: Ficti0n, [---]
[---] Contributors: Steponequit [---]
[---] Version: 0.7 [---]
[---] Find Me On Twitter: ficti0n [---]
[---] Homepage: http://console-cowboys.blogspot.com [---]

Release Notes:
 --Fixed bugs and optimized code
 --Added Docstrings
 --Fixed Named and Data searches from config files                 

About:
The Database Pillager is a multiplatform database tool for searching and browsing common
database platforms encountered while penetration testing. DBPillage can be used to search
for PCI/HIPAA data automatically or use DBPillage to browse databases,display data.
and search for specified tables/data instances.
DBpillage was designed as a post exploitation pillaging tool with a goal of targeted
extraction of data without the use of database platform specific GUI based tools that
are difficult to use and make my job harder.

Supported Platforms:
        --------------------
-Oracle
-MSSQL
-MYSQL
        -PostGreSQL
     

        Usage Examples:
        ************************************************************************
        
        For Mysql Postgres and MsSQL pillaging:
        ---------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password]
        
        
        For Oracle pillaging you need a SID connection string:
        ------------------------------------------------------
        python dbPillage-a [address]/[sid] -d [dbType] -u [username] -p [password]
        

        Grab some hashes and Hipaa specific:(Default is PCI)
        ------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password] --hashes -s hipaa


Drop into a SQL CMDShell:
-------------------------
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -q

Config file specified searches:
-------------------------------
Search for data Items from inputFiles/data.txt:
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -D

Search for specific table names from inputFiles/tables.txt:
python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -N

     
     
        Switch Options:
        ---------------------
        -# --hashes = grab database password hashes
        -l --limit  = limit the amount of rows that are searched or when displaying data (options = any number)
        -s --searchType = Type of data search you want to perform (options:pci, hipaa, all)(PCI default)
        -u --user = Database servers username
        -p --pass = Password for the database server
        -a --address = Ipaddress of the database server
        -d --database = The database type you are pillageing (options: mssql,mysql,oracle,postgres)
        -r --report = report format (HTML, XML, screen(default))
        -N --nameSearch = Search via inputFiles/tables.txt
        -D --dataSearch = Targeted data searches per inputFiles/data.txt
-q --queryShell = Drop into a SQL CMDshell in mysql or mssql
     
     
        Prerequisites:
        -------------
        python v2  (Tested on Python 2.5.2 BT4 R2 and BT5 R3 - Oracle stuff on BT4r2 only unless you install the drivers from oracle)
        cx_oracle (cx-oracle.sourceforge.net)
        psycopg2  (initd.org/psycopg/download/)
        MySQLdb   (should be on BT by default)
        pymssql   (should be on BT by default)
     

Read more
  1. Hackrf Tools
  2. Hack Tools 2019
  3. Best Pentesting Tools 2018
  4. Hacking Tools Usb
  5. Hacking Tools Hardware
  6. Pentest Tools Find Subdomains
  7. Hacker Tools Hardware
  8. Growth Hacker Tools
  9. Hack Tools For Ubuntu
  10. Hacking Tools For Windows Free Download
  11. Pentest Tools Github
  12. Usb Pentest Tools
  13. What Is Hacking Tools
  14. Hack Tools
  15. Hack And Tools
  16. Kik Hack Tools
  17. Hack Tools For Pc
  18. Pentest Tools For Android
  19. What Are Hacking Tools
  20. Hacking Tools And Software
  21. Hacking Tools Usb
  22. Hacking Tools For Kali Linux
  23. Hack Apps
  24. Hack Tools For Pc
  25. Hacker Tools For Pc
  26. Pentest Tools Port Scanner
  27. Hacking Tools Software
  28. Hak5 Tools
  29. Hacking Tools
  30. Game Hacking
  31. Pentest Automation Tools
  32. Pentest Tools For Ubuntu
  33. Pentest Tools Bluekeep
  34. Best Pentesting Tools 2018
  35. Hack Tools For Ubuntu
  36. Pentest Tools For Ubuntu
  37. Hacker Tools Apk
  38. Hacker Tools 2020
  39. Pentest Tools Free
  40. Pentest Tools Online
  41. Hacker Tools Apk
  42. Pentest Tools Subdomain
  43. Beginner Hacker Tools
  44. Hack And Tools
  45. Pentest Tools Android
  46. Github Hacking Tools
  47. Hack Tools
  48. Hacker Tools For Ios
  49. Hacker Tools For Windows
  50. Pentest Tools Port Scanner
  51. Hacking Tools Download
  52. Hacks And Tools
  53. Hacking Tools
  54. Pentest Tools Alternative
  55. Hacking Tools Online
  56. Hacker Tools Free
  57. Best Hacking Tools 2020
  58. Pentest Tools Review
  59. Pentest Tools Review
  60. Pentest Recon Tools
  61. Hacking Tools Online
  62. Hak5 Tools
  63. What Are Hacking Tools
  64. World No 1 Hacker Software
  65. Hacking Tools And Software
  66. Pentest Box Tools Download
  67. Hacker Security Tools
  68. Hacker Tools For Pc
  69. Hacking Tools 2020
  70. Github Hacking Tools
  71. Hack App
  72. Hack Tools Mac
  73. World No 1 Hacker Software
  74. Hacker Tools Linux
  75. Hack And Tools
  76. Usb Pentest Tools
  77. Hack Tool Apk
  78. Beginner Hacker Tools
  79. Hacking Tools Online
  80. Growth Hacker Tools
  81. Free Pentest Tools For Windows
  82. Hacker Tools 2019
  83. Pentest Tools Android
  84. Bluetooth Hacking Tools Kali
  85. What Is Hacking Tools
  86. Hacker Tools Apk
  87. Hacking Tools Pc
  88. Nsa Hack Tools Download
  89. Hack Website Online Tool
  90. Pentest Tools Kali Linux
  91. How To Hack
  92. Hacker Tools Free
  93. Black Hat Hacker Tools
  94. Pentest Tools Apk
  95. Hack Tools
  96. Hacker Search Tools
  97. Hacking Tools Mac
  98. Pentest Reporting Tools
  99. Hak5 Tools
  100. Termux Hacking Tools 2019
  101. Hack Tools Github
  102. Hackrf Tools
  103. Pentest Tools For Ubuntu
  104. Hacker Security Tools
  105. Free Pentest Tools For Windows
  106. Kik Hack Tools
  107. Easy Hack Tools
  108. Hackrf Tools
  109. Nsa Hacker Tools
  110. Hack Tool Apk No Root
  111. Hack Tools For Mac
  112. Hacker Search Tools
  113. Tools For Hacker
  114. Pentest Tools Nmap
  115. Hacking Tools Windows 10
  116. Pentest Tools For Windows
  117. Tools 4 Hack
  118. Hack Tools For Ubuntu
  119. Pentest Tools Website
  120. Ethical Hacker Tools
  121. Hacker Tools Hardware
  122. Tools For Hacker
  123. Pentest Tools Kali Linux
  124. Hack Tool Apk
  125. Hacking Tools Pc
  126. Install Pentest Tools Ubuntu
  127. Hack Tools For Pc
  128. Hacker Tools Online
  129. Usb Pentest Tools
  130. Pentest Tools Linux
  131. New Hack Tools
  132. Bluetooth Hacking Tools Kali
  133. Underground Hacker Sites
  134. Best Hacking Tools 2020
  135. Hackrf Tools
  136. Pentest Tools Website
  137. Top Pentest Tools
  138. Beginner Hacker Tools
  139. Android Hack Tools Github
  140. Pentest Tools List
  141. Hack Tools For Pc
  142. Hack Tools 2019
  143. Nsa Hacker Tools
  144. Pentest Automation Tools
  145. Pentest Tools Framework
  146. Hacking Tools Hardware
  147. Pentest Tools Github
  148. Hack Tools
  149. Hacking Tools Github
  150. Hacking Apps
  151. Top Pentest Tools
  152. Hack Tools Github
  153. Pentest Tools Framework
  154. Pentest Tools
  155. Hacker Tools For Ios
  156. Pentest Tools Port Scanner
  157. Hack Tools For Pc
  158. Hack App
  159. Hacking Tools 2020
  160. Hacking Tools Name
  161. Ethical Hacker Tools
  162. Pentest Tools Linux
  163. Hacking Tools For Mac
  164. Best Hacking Tools 2019
  165. Game Hacking
  166. Hacker Search Tools
  167. Free Pentest Tools For Windows
  168. Hacker Security Tools
  169. Best Hacking Tools 2020
Posted by at No comments:

Saturday, August 29, 2020

$$$ Bug Bounty $$$

What is Bug Bounty ?



A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for discovering and reporting software bugs. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy.




Many software vendors and websites run bug bounty programs, paying out cash rewards to software security researchers and white hat hackers who report software vulnerabilities that have the potential to be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Typically, payment amounts are commensurate with the size of the organization, the difficulty in hacking the system and how much impact on users a bug might have.


Mozilla paid out a $3,000 flat rate bounty for bugs that fit its criteria, while Facebook has given out as much as $20,000 for a single bug report. Google paid Chrome operating system bug reporters a combined $700,000 in 2012 and Microsoft paid UK researcher James Forshaw $100,000 for an attack vulnerability in Windows 8.1.  In 2016, Apple announced rewards that max out at $200,000 for a flaw in the iOS secure boot firmware components and up to $50,000 for execution of arbitrary code with kernel privileges or unauthorized iCloud access.


While the use of ethical hackers to find bugs can be very effective, such programs can also be controversial. To limit potential risk, some organizations are offering closed bug bounty programs that require an invitation. Apple, for example, has limited bug bounty participation to few dozen researchers.
Read more
Posted by at No comments:
Subscribe to: Comments (Atom)