Pastenum – Pastebin/pastie enumeration tool Introduction When conducting a pen-test, the process typically starts with the reconnaissance phase, the process of gathering information about your target(s) system, organization or person. Today, we want to present a tool that can be added to your reconnaissance toolkit. Text dump sites such as pastebin and pastie.org allow users to dump large amounts of text for sharing and storage. As these sites become more popular the amount of sensitive information being posted will inevitably increase. Pastenum is designed to help you find that information and bring it into one easy to read location. The hope is it will allow internal security teams to run simple queries about their companies and determine if they have sensitive information residing in one of these text dumps. In order to do so, it uses a series of search queries for keywords, provided by the pentester. Installing the tool To use Pastenum you will need ruby 1.9.2. Example : Now become that user account, using the profile of the user :
Mac OS X rootkit - Support multiple kernel versions and gives root privileges Today, a 64bit Mac OS-X kernel rootkit has been released by prdelka from NullSecurity . It supports: multiple kernel versions, give root privileges, hide files / folders, hide process, hide user from 'who'/'w', hide network port, sysctl interface for userland control, execute a binary with root privileges via magic ICMP ping. See backdoor section. 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. currently supports: * works across multiple kernel versions (tested 11.0.0+) * give root privileges to pid * hide files / folders * hide a process * hide a user from 'who'/'w' * hide a network port from netstat * sysctl interface for userland control
MPC - Msfvenom Payload Creator Msfvenom Payload Creator (MPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload. Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MPC itself). The only necessary input from the user should be defining the payload they want by either the platform (e.g. windows), or the file extension they wish the payload to have (e.g. exe). Can't remember your IP for a interface? Note: This will not try to bypass any anti-virus solutions. InstallDesigned for Kali Linux v1.1.0a+ & Metasploit v4.11+ (nothing else has been tested). curl -k -L " > /usr/bin/mpc chmod +x /usr/bin/mpc mpc Help Example #1 (Windows, Fully Automated With IP) Example #2 (Linux Format, Fully Automated With Interface and Port) root@kali:~# . Example #3 (Python Format, Stageless Command Prompt Using Interactive IP Menu)
What you need to know about Stagefright - SANS Institute What you need to know about Stagefright Friday, August 14 at 1:00 PM EDT (17:00:00 UTC) Josh Wright and Brian LaFlamme Sponsor You can now attend the webinar using your mobile device! Overview In Late July researchers disclosed a critical security flaw in Android which lets an attacker take control of a phone simply by sending a text message - and for the vast majority of Android users, there's no fix available yet. During this webinar Veracode's director of solutions enablement, Brian LaFlamme and Josh Wright, SANS Senior Instructor, will discuss new details regarding the Stagefright vulnerability and why vulnerabilities in graphic libraries keep cropping up. Speaker Bios Joshua Wright Joshua Wright is a Senior Security Analyst with InGuardians, LLC and a Senior Instructor with the SANS Institute. Brian LaFlamme Brian is a security professional with over 14 years of experience in IT and security.
AutoBrowser - Create Report and Screenshots of HTTP/s Based Ports on the Network AutoBrowser is a tool written in python for penetration testers. The purpose of this tool is to create report and screenshots of http/s based ports on the network. It analyze Nmap Report or scan with Nmap, Check the results with http/s request on each host using headless web browser, Grab a screenshot of the response page content. This tool is designed for IT professionals to perform penetration testing to scan and analyze NMAP results.Proof of concept video (From version: 2.0)Examples Delimiting the values on the CLI arguments it must be by double quotes only! Linux Installation: