Zydra – File Password Recovery Tool And Linux Shadow File Cracker

Zydra is a file password recovery tool and Linux shadow file cracker. It uses the dictionary search or Brute force method for cracking passwords.Supported FilesRAR FilesLegacy ZIP FilesPDF FilesLinux Shadow Files (zydra can find all the user’s password in the linux shadow file one after the other)PrerequisitesTo run the app, minimal requirements are:Python 3.3 or higherdebian-based linux distro, preferably Kali linux 2qpdf and unrar packages Installing these packages on kali is as easy as running the following commands on terminal: $ sudo apt-get update $ sudo apt-get install qpdf unrarsome python modules in this program need to be installed manually, like: zipfile, rarfile, crypt, pyfiglet, py-term(for term module) and so on. you can use pip3 for install them example: $ pip3 install py-term notice: rar,zip and pdf files must have an extension, shadow files does not need an extension.DisclaimerThis tool is only for testing and academic purposes Do not use it for illegal purposes!FeaturesCracking files password using two methods: 1. dictionary method 2. brute force methodIn the brute force method, you can specify the min length and max length of the passwords.In the brute force method, you can specify the type of characters that may be used in the password.There is a percent progress bar showing how much of the process has been performed.Error handling.One of the most important features of Zydra is the multiprocessing feature that speeds up the program. For example if you have 8 CPU cores, Zydra will use all of them for processing at the same time.InstallationDownload Zydra by cloning the Git repository: $ git clone https://github.com/hamedA2/Zydra.gitUsageTo get a list of all options and learn how to use this app, enter the following command:$ python3 Zydra.py -h Examples1- Dictionary search to find the password for a zip file In this example I use rockyou.txt dictionary $ python3 Zydra.py –f file.zip –d rockyou.txt2- Brute force search to find the password for the users in the shadow file Minimum length of password is 4 and maximum length is 4 and we try to find passwords that are composed of numbers and symbols letters. $ python3 Zydra.py –f shadow –b digits,symbols –m 4 –x 4AuthorHamed HosseiniA special thank to, Hamed IzadiDownload Zydra

Link: http://feedproxy.google.com/~r/PentestTools/~3/6ATnAnKScCs/zydra-file-password-recovery-tool-and.html

UPDATE: Kali Linux 2019.2 Release

PenTestIT RSS Feed
Kali Linux 2019.2, the latest and the greatest Kali Linux release is now officially available! This is the second 2019 release, which comes after Kali Linux 2019.1, that was made available in the month of February. This new release majorly focuses on Kali Linux NetHunter updates including 13 new images and added device support along withRead more about UPDATE: Kali Linux 2019.2 Release
The post UPDATE: Kali Linux 2019.2 Release appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2019-2-release/

Kali Linux 2019.2 Release – Penetration Testing and Ethical Hacking Linux Distribution

This release brings the kernel up to version 4.19.28, fixes numerous bugs, includes many updated packages, and most excitingly, features a new release of Kali Linux NetHunter!Kali NetHunter 2019.2 ReleaseNetHunter now supports over 50 devices running all the latest Android versions, from KitKat through to Pie.13 new NetHunter images have been released for the latest Android versions of your favorite devices, including:Nexus 6 running PieNexus 6P, OreoOnePlus2, PieGalaxy Tab S4 LTE & WiFi, OreoThese and many more can be downloaded from the NetHunter page.Tool UpgradesThis release largely features various tweaks and bug fixes but there are still many updated tools including seclists, msfpc, and exe2hex.For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.ARM UpdatesFor the ARM users, be aware that the first boot will take a bit longer than usual, as it requires the reinstallation of a few packages on the hardware. This manifests as the login manager crashing a few times until the packages finish reinstalling and is expected behaviour.Upgrade to Kali Linux 2019.2If you already have a Kali installation you’re happy with, you can easily upgrade in place as follows.root@kali:~# apt update && apt -y full-upgradeEnsuring your Installation is UpdatedTo double check your version, first make sure your Kali package repositories are correct.root@kali:~# cat /etc/apt/sources.listdeb http://http.kali.org/kali kali-rolling main non-free contribThen after running ‘apt -y full-upgrade’, you may require a ‘reboot’ before checking:root@kali:~# grep VERSION /etc/os-releaseVERSION=”2019.2"VERSION_ID="2019.2"root@kali:~# uname -aLinux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/LinuxIf you come across any bugs in Kali, please open a report on our bug tracker. Download Kali Linux 2019.2

Link: http://www.kitploit.com/2019/05/kali-linux-20192-release-penetration.html

Sn1per v7.0 – Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com.SN1PER PROFESSIONAL FEATURES:Professional reporting interfaceSlideshow for all gathered screenshotsSearchable and sortable DNS, IP and open port databaseDetailed host reportsNMap HTML host reportsQuick links to online recon tools and Google hacking queriesTakeovers and Email SecurityHTML5 NotepadORDER SN1PER PROFESSIONAL:To obtain a Sn1per Professional license, go to https://xerosecurity.com.DEMO VIDEO:SN1PER COMMUNITY FEATURES:Automatically collects basic recon (ie. whois, ping, DNS, etc.)Automatically launches Google hacking queries against a target domainAutomatically enumerates open ports via NMap port scanningAutomatically brute forces sub-domains, gathers DNS info and checks for zone transfersAutomatically checks for sub-domain hijackingAutomatically runs targeted NMap scripts against open portsAutomatically runs targeted Metasploit scan and exploit modulesAutomatically scans all web applications for common vulnerabilitiesAutomatically brute forces ALL open servicesAutomatically test for anonymous FTP accessAutomatically runs WPScan, Arachni and Nikto for all web servicesAutomatically enumerates NFS sharesAutomatically test for anonymous LDAP accessAutomatically enumerate SSL/TLS ciphers, protocols and vulnerabilitiesAutomatically enumerate SNMP community strings, services and usersAutomatically list SMB users and shares, check for NULL sessions and exploit MS08-067Automatically exploit vulnerable JBoss, Java RMI and Tomcat serversAutomatically tests for open X11 serversAuto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat CredsPerforms high level enumeration of multiple hosts and subnetsAutomatically integrates with Metasploit Pro, MSFConsole and Zenmap for reportingAutomatically gathers screenshots of all web sitesCreate individual workspaces to store all scan outputEXPLOITS:Drupal RESTful Web Services unserialize() SA-CORE-2019-003Apache Struts: S2-057 (CVE-2018-11776): Security updates available for Apache StrutsDrupal: CVE-2018-7600: Remote Code Execution – SA-CORE-2018-002GPON Routers – Authentication Bypass / Command Injection CVE-2018-10561MS17-010 EternalBlue SMB Remote Windows Kernel Pool CorruptionApache Tomcat: Remote Code Execution (CVE-2017-12617)Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution CVE-2017-10271Apache Struts Content-Type arbitrary command execution (CVE-2017-5638)Apache Struts 2 Framework Checks – REST plugin with XStream handler (CVE-2017-9805)Apache Struts Content-Type arbitrary command execution (CVE-2017-5638)Microsoft IIS WebDav ScStoragePathFromUrl Overflow CVE-2017-7269ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability CVE-2015-8249Shellshock Bash Shell remote code execution CVE-2014-6271HeartBleed OpenSSL Detection CVE-2014-0160MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)Tomcat Application Manager Default Ovwebusr Password Vulnerability CVE-2009-3843MS08-067 Microsoft Server Service Relative Path Stack CorruptionWebmin File Disclosure CVE-2006-3392VsFTPd 2.3.4 BackdoorProFTPd 1.3.3C BackdoorMS03-026 Microsoft RPC DCOM Interface OverflowDistCC Daemon Command ExecutionJBoss Java De-SerializationHTTP Writable Path PUT/DELETE File AccessApache Tomcat User EnumerationTomcat Application Manager Login BruteforceJenkins-CI EnumerationHTTP WebDAV ScannerAndroid Insecure ADBAnonymous FTP AccessPHPMyAdmin BackdoorPHPMyAdmin Auth BypassOpenSSH User EnumerationLibSSH Auth BypassSMTP User EnumerationPublic NFS MountsKALI LINUX INSTALL:bash install.shUBUNTU/DEBIAN/PARROT INSTALL:bash install_debian_ubuntu.shDOCKER INSTALL:docker build DockerfileUSAGE:[*] NORMAL MODEsniper -t|–target [*] NORMAL MODE + OSINT + RECON + FULL PORT SCAN + BRUTE FORCEsniper -t|–target <TARGET> -o|–osint -re|–recon -fp|–fullportonly -b|–bruteforce[*] STEALTH MODE + OSINT + RECONsniper -t|–target <TARGET> -m|–mode stealth -o|–osint -re|–recon[*] DISCOVER MODEsniper -t|–target <CIDR> -m|–mode discover -w|–workspace <WORSPACE_ALIAS>[*] FLYOVER MODEsniper -t|–target <TARGET> -m|–mode flyover -w|–workspace <WORKSPACE_ALIAS>[*] AIRSTRIKE MODEsniper -f|–file /full/path/to/targets.txt -m|–mode airstrike[*] NUKE MODE WITH TARGET LIST, BRUTEFORCE ENABLED, FULLPORTSCAN ENABLED, OSINT ENABLED, RECON ENABLED, WORKSPACE & LOOT ENABLEDsniper -f–file /full/path/to/targets.txt -m|–mode nuke -w|–workspace <WORKSPACE_ALIAS>[*] SCAN ONLY SPECIFIC PORTsniper -t|–target <TA RGET> -m port -p|–port <portnum>[*] FULLPORTONLY SCAN MODEsniper -t|–target <TARGET> -fp|–fullportonly[*] PORT SCAN MODEsniper -t|–target <TARGET> -m|–mode port -p|–port <PORT_NUM>[*] WEB MODE – PORT 80 + 443 ONLY!sniper -t|–target <TARGET> -m|–mode web[*] HTTP WEB PORT HTTP MODEsniper -t|–target <TARGET> -m|–mode webporthttp -p|–port <port>[*] HTTPS WEB PORT HTTPS MODEsniper -t|–target <TARGET> -m|–mode webporthttps -p|–port <port>[*] WEBSCAN MODEsniper -t|–target <TARGET> -m|–mode webscan[*] ENABLE BRUTEFORCEsniper -t|–target <TARGET> -b|–bruteforce[*] ENABLE LOOT IMPORTING INTO METASPLOITsniper -t|–target <TARGET>[*] LOOT REIMPORT FUNCTIONsniper -w <WORKSPACE_ALIAS> –reimport[*] LOOT REIMPORTALL FUNCTIONsniper -w <WORKSPACE_ALIAS& gt; –reimportall[*] DELETE WORKSPACEsniper -w <WORKSPACE_ALIAS> -d[*] DELETE HOST FROM WORKSPACEsniper -w <WORKSPACE_ALIAS> -t <TARGET> -dh[*] SCHEDULED SCANS’sniper -w <WORKSPACE_ALIAS> -s daily|weekly|monthly'[*] SCAN STATUSsniper –status[*] UPDATE SNIPERsniper -u|–updateMODES:NORMAL: Performs basic scan of targets and open ports using both active and passive checks for optimal performance.STEALTH: Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking.FLYOVER: Fast multi-threaded high level scans of multiple targets (useful for collecting high level data on many hosts quickly).AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IPs that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.NUKE: Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke.DISCOVER: Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.PORT: Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.FULLPORTONLY: Performs a full detailed port scan and saves results to XML.WEB: Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.WEBPORTHTTP: Launches a full HTTP web application scan against a specific host and port.WEBPORTHTTPS: Launches a full HTTPS web application scan against a specific host and port.WEBSCAN: Launches a full HTTP & HTTPS web application scan against via Burpsuite and Arachni.SAMPLE REPORT:https://gist.github.com/1N3/8214ec2da2c91691bcbcDownload Sn1per

Link: http://feedproxy.google.com/~r/PentestTools/~3/IoUOymJezTw/sn1per-v70-automated-pentest-framework.html

Kostebek – Reconnaissance Tool Which Uses Firms Trademark Information To Discover Their Domains

The Kostebek is a reconnaissance tool which uses firms’ trademark information to discover their domains.InstallationTested on Kali Linux 2018.2, Ubuntu 16.04 sudo apt-get -y install python3-pippip3 install -r requirements.txt download latest version of Chromedriver and configure your driver-path#sudo apt-get install unzip#sudo unzip /tmp/chromedriver.zip chromedriver -d /usr/local/bin/download latest version of Chromehttps://www.google.com/chrome/browser/desktop/#dpkg -i google-chrome-stable_current_amd64.deb#apt-get install -f#dpkg -i google-chrome-stable_current_amd64.debExampleTrademark Scan : python3 kostebek.py -u list.txt -n Organization NameGet Google Domains : python3 kostebek.py -g Organization NameGet Company Trademarks : python3 kostebek.py -t Organization NameDemoDownload Kostebek

Link: http://feedproxy.google.com/~r/PentestTools/~3/uTvabW9syZ4/kostebek-reconnaissance-tool-which-uses.html

pwnedOrNot v1.1.7 – OSINT Tool To Find Passwords For Compromised Email Addresses

pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.Featureshaveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script:Name of BreachDomain NameDate of BreachFabrication statusVerification StatusRetirement statusSpam StatusAnd with all this information pwnedOrNot can easily find passwords for compromised emails if the dump is accessible and it contains the passwordTested onKali Linux 18.2Ubuntu 18.04Kali NethunterTermuxInstallationUbuntu / Kali Linux / Nethunter / Termuxchmod 777 install.sh./install.shUsagepython3 pwnedornot.py -husage: pwnedornot.py [-h] [-e EMAIL] [-f FILE] [-d DOMAIN] [-n] [-l] [-c CHECK]optional arguments: -h, –help show this help message and exit -e EMAIL, –email EMAIL Email Address You Want to Test -f FILE, –file FILE Load a File with Multiple Email Addresses -d DOMAIN, –domain DOMAIN Filter Results by Domain Name -n, –nodumps Only Check Breach Info and Skip Password Dumps -l, –list Get List of all pwned Domains -c CHECK, –check CHECK Check if your Domain is pwned# Examples# Check Single Emailpython3 pwnedornot.py -e #ORpython3 pwnedornot.py –email <email># Check Multiple Emails from Filepython3 pwnedornot.py -f <file name># ORpython3 pwnedornot.py –file <file name># Filter Result for a Domain Name [Ex : adobe.com]python3 pwnedornot.py -e <email> -d <domain name>#ORpython3 pwnedornot.py -f <file name> –domain <domain name># Get only Breach Info, Skip Password Dumpspython3 pwnedornot.py -e <email> -n#ORpython3 pwnedornot.py -f <file name> –nodumps# Get List of all Breached Domainspython3 pwnedornot.py -l#ORpython3 pwnedornot.py –list# Check if a Domain is Pwnedpython3 pwnedornot.py -c <domain name>#ORpython3 pwnedornot.py –check <domain name>DemoDownload pwnedOrNot

Link: http://feedproxy.google.com/~r/PentestTools/~3/zMsIKFBaGtY/pwnedornot-v117-osint-tool-to-find.html

CHAOS Framework v2.0 – Generate Payloads And Control Remote Windows Systems

CHAOS is a PoC that allow generate payloads and control remote operating systems.Features Feature Windows Mac Linux Reverse Shell X X X Download File X X X Upload File X X X Screenshot X X X Keylogger X Persistence X Open URL X X X Get OS Info X X X Fork Bomb X X X Run Hidden X Tested OnKali Linux – ROLLING EDITIONHow to Install# Install dependencies$ sudo apt install golang git -y# Get this repository$ go get github.com/tiagorlampert/CHAOS# Get external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)$ go get github.com/kbinani/screenshot$ go get github.com/lxn/win$ go get github.com/matishsiao/goInfo$ go get golang.org/x/sys/windows# Maybe you will see the message “package github.com/lxn/win: build constraints exclude all Go files".# It’s occurs because the libraries are to windows systems, but it necessary to build the payload.# Go into the repository$ cd ~/go/src/github.com/tiagorlampert/CHAOS# Run$ go run main.goHow to Use Command On HOST does… generate Generate a payload (e.g. generate lhost=192.168.0.100 lport=8080 fname=chaos –windows) lhost= Specify a ip for connection lport= Specify a port for connection fname= Specify a filename to output –windows Target Windows –macos Target Mac OS –linux Target Linux listen Listen for a new connection (e.g. listen lport=8080) serve Serve files exit Quit this program Command On TARGET does… download File Download upload File Upload screenshot Take a Screenshot keylogger_start Start Keylogger session keylogger_show Show Keylogger session logs persistence_enable Install at Startup persistence_disable Remove from Startup getos Get OS name lockscreen Lock the OS screen openurl Open the URL informed bomb Run Fork Bomb clear Clear the Screen back Close connection but keep running on target exit Close connection and exit on target VideoFAQWhy does Keylogger capture all uppercase letters?All the letters obtained using the keylogger are uppercase letters. It is a known issue, in case anyone knows how to fix the Keylogger function using golang, please contact me or open an issue.Why are necessary get and install external libraries?To implement the screenshot function i used a third-party library, you can check it in https://github.com/kbinani/screenshot and https://github.com/lxn/win. You must download and install it to generate the payload.Contacttiagorlampert@gmail.comDownload CHAOS

Link: http://www.kitploit.com/2019/04/chaos-framework-v20-generate-payloads.html

SocialFish v2 – Educational Phishing Tool & Information Collector

Ultimate phishing tool with Ngrok integrated.Are you looking for SF’s mobile controller? UndeadSec/SocialFishMobilePREREQUISITESPython 2.7Wget from PythonPHPTESTED ONKali Linux – ROLLING EDITIONCLONEgit clone https://github.com/UndeadSec/SocialFish.gitRUNNINGcd SocialFishsudo pip install -r requirements.txtpython SocialFish.pyAVAILABLE PAGES+ Facebook:Traditional Facebook login page.Advanced login with Facebook.+ Google:Traditional Google login page.Advanced login with Facebook.+ LinkedIN:Traditional LinkedIN login page.+ Github:Traditional Github login page.+ Stackoverflow:Traditional Stackoverflow login page.+ WordPress:Similar WordPress login page.VIDEODownload SocialFish

Link: http://feedproxy.google.com/~r/PentestTools/~3/UIciopFruGI/socialfish-v2-educational-phishing-tool.html

Cat-Nip – Automated Basic Pentest Tool (Designed For Kali Linux)

Cat-Nip Automated Basic Pentest Toolthis tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic.Usage GuideDownload / Clone Cat-Nip~# git clone https://github.com/baguswiratmaadi/catnipGo Inside Cat-Nip Dir~# cd catnipGive Permission To Cat-Nip~# chmod 777 catnip.shRun Cat-Nip~# ./catnip.shChangelog1.0 First ReleasePentest Tools Auto Executed With Cat-NipWhois LookupDNSmapNmapDmitryTheharvesterLoad Balancing DetectorSSLyzeAutomaterUa TesterGobusterGrabberParseroUniscanAnd More Tool SoonScreenshotthis is preview Cat-NipTools PreviewOutput ResultReport In HTMLDisclaimerDo not scan government and private IT objects without legal permission.Do At Your Own RiskDownload Catnip

Link: http://feedproxy.google.com/~r/PentestTools/~3/8By2_tKKSAQ/cat-nip-automated-basic-pentest-tool.html

UPDATE: Kali Linux 2019.1 Release!

PenTestIT RSS Feed
Kali Linux 2019.1 is the latest Kali Linux release. This is the first 2019 release, which comes after Kali Linux 2018.4, that was made available in the month of October. This new release includes all patches, fixes, updates, and improvements since the last release – Kali Linux 2018.3, including a shiny new Linux kernel versionRead more about UPDATE: Kali Linux 2019.1 Release!
The post UPDATE: Kali Linux 2019.1 Release! appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2019-1-release/