5 Best Free Photoshop Alternatives You Need to Know

Photoshop is the best photo editing software. There are many other photo editing software available but, no other software can reach up to it. Most of the professional photo editors use Photoshop.  The only thing people hate about Photoshop is that it is a premium software and costs too much. Not all computer users can […] More
The post 5 Best Free Photoshop Alternatives You Need to Know appeared first on UseThisTip.

Link: http://feedproxy.google.com/~r/blogspot/csAFg/~3/fd1fmJVH4sM/5-best-free-alternate-to-photoshop.html

Findomain v0.2.1 – The Fastest And Cross-Platform Subdomain Enumerator

The fastest and cross-platform subdomain enumerator.ComparisionIt comparision gives you a idea why you should use findomain instead of another tools. The domain used for the test was microsoft.com in the following BlackArch virtual machine:Host: KVM/QEMU (Standard PC (i440FX + PIIX, 1996) pc-i440fx-3.1)Kernel: 5.2.6-arch1-1-ARCHCPU: Intel (Skylake, IBRS) (4) @ 2.904GHzMemory: 139MiB / 3943MiBThe tool used to calculate the time, is the time command in Linux. You can see all the details of the tests in it link. Enumeration Tool Serch Time Total Subdomains Found CPU Usage RAM Usage Findomain real 0m38.701s 5622 Very Low Very Low assetfinder real 6m1.117s 4630 Very Low Very Low Subl1st3r real 7m14.996s 996 Low Low Amass* real 29m20.301s 332 Very Hight Very Hight I can’t wait to the amass test for finish, looks like it will never ends and aditionally the resources usage is very hight.Note: The benchmark was made the 10/08/2019, since it point other tools can improve things and you will got different results.FeaturesDiscover subdomains without brute-force, it tool uses Certificate Transparency Logs.Discover subdomains with or without IP address according to user arguments.Read target from user argument (-t).Read a list of targets from file and discover their subdomains with or without IP and also write to output files per-domain if specified by the user, recursively.Write output to TXT file.Write output to CSV file.Write output to JSON file.Cross platform support: Any platform.Optional multiple API support.Proxy support.Note: the proxy support is just to proxify APIs requests, the actual implementation to discover IP address of subdomains doesn’t support proxyfing and it’s made using the host network still if you use the -p option.How it works?It tool doesn’t use the common methods for sub(domains) discover, the tool uses Certificate Transparency logs to find subdomains and it method make it tool the most faster and reliable. The tool make use of multiple public available APIs to perform the search. If you want to know more about Certificate Transparency logs, read https://www.certificate-transparency.org/APIs that we are using at the moment:Certspotter: https://api.certspotter.com/Crt.sh : https://crt.shVirustotal: https://www.virustotal.com/ui/domains/Sublit3r: https://api.sublist3r.com/Facebook: https://developers.facebook.com/docs/certificate-transparencyIf you know other that should be added, open an issue.Supported platforms in our binary releasesAll supported platforms in the binarys that we give are 64 bits only and we don’t have plans to add support for 32 bits binary releases, if you want to have support for 32 bits follow the documentation.LinuxWindowsMacOSARMAarch64 (Raspberry Pi)Build for 32 bits or another platformIf you want to build the tool for your 32 bits system or another platform, follow it steps:Note: You need to have rust, make and perl installed in your system first.Using the crate:cargo install findomainExecute the tool from $HOME/.cargo/bin. See the cargo-install documentation.Using the Github source code:Clone the repository or download the release source code.Extract the release source code (only needed if you downloaded the compressed file).Go to the folder where the source code is.Execute cargo build –releaseNow your binary is in target/release/findomain and you can use it.Installation Android (Termux)Install the Termux package, open it and follow it commands:$ pkg install rust make perl$ cargo install findomain$ cd $HOME/.cargo/bin$ ./findomainInstallation in Linux using source codeIf you want to install it, you can do that manually compiling the source or using the precompiled binary.Manually: You need to have Rust installed in your computer first.$ git clone https://github.com/Edu4rdSHL/findomain.git$ cd findomain$ cargo build –release$ sudo cp target/release/findomain /usr/bin/$ findomainInstallation in Linux using compiled artifacts$ wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-linux$ chmod +x findomain-linux$ ./findomain-linuxIf you are using the BlackArch Linux distribution, you just need to use:$ sudo pacman -S findomainInstallation ARM$ wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-arm$ chmod +x findomain-arm$ ./findomain-armInstallation Aarch64 (Raspberry Pi)$ wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-aarch64$ chmod +x findomain-aarch64$ ./findomain-aarch64Installation WindowsDownload the binary from https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-windows.exeOpen a CMD shell and go to the dir where findomain-windows.exe was downloaded.Exec: findomain-windows in the CMD shell.Installation MacOS$ wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-osx$ chmod +x findomain-osx.dms$ ./findomain-osx.dmsUsageYou can use the tool in two ways, only discovering the domain name or discovering the domain + the IP address.findomain 0.2.0Eduard Tolosa A tool that use Certificates Transparency logs to find subdomains.USAGE: findomain [FLAGS] [OPTIONS]FLAGS: -a, –all-apis Use all the available APIs to perform the search. It take more time but you will have a lot of more results. -h, –help Prints help information -i, –get-ip Return the subdomain list with IP address if resolved. -V, –version Prints version informationOPTIONS: -f, –file <file> Sets the input file to use. -o, –output <output> Write data to output file in the specified format. [possible values: txt, csv, json] -p, –proxy <proxy> Use a proxy to make the requests to the APIs. -t, –target <target> Tar get hostExamplesMake a simple search of subdomains and print the info in the screen:findomain -t example.comMake a simple search of subdomains using all the APIs and print the info in the screen:findomain -t example.com -aMake a search of subdomains and export the data to a CSV file:findomain -t example.com -o csvMake a search of subdomains using all the APIs and export the data to a CSV file:findomain -t example.com -a -o csvMake a search of subdomains and resolve the IP address of subdomains (if possible):findomain -t example.com -iMake a search of subdomains with all the APIs and resolve the IP address of subdomains (if possible):findomain -t example.com -i -aMake a search of subdomains with all the APIs and resolve the IP address of subdomains (if possible), exporting the data to a CSV file:findomain -t example.com -i -a -o csvMake a search of subdomains using a proxy ( in it case, the rest of aguments continue working in the same way, you just need to add the -p flag to the before commands):findomain -t example.com -p in Twitter:https://twitter.com/sechacklabs (Team)https://twitter.com/edu4rdshl (Developer)Download Findomain

Link: http://feedproxy.google.com/~r/PentestTools/~3/769TW1TSpjw/findomain-v021-fastest-and-cross.html

HackerTarget ToolKit v2.0 – Tools And Network Intelligence To Help Organizations With Attack Surface Discovery

Use open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities. Identification of an organizations vulnerabilities is an impossible task without tactical intelligence on the network footprint. By combining open source intelligence with the worlds best open source security scanning tools, we enable your attack surface discovery. With the ability for Internet assets to be deployed in seconds, the attack surface is more dynamic and ever growing. This very fact makes mapping your external network footprint a hard problem. We aim to provide solutions to solve this problem. Start with our tools for domain and IP address data, then pivot to mapping the exposure with hosted open source scanners. We have developed a linux terminal tool using python programming language through an api which we received from !How do you run it?Clone with HTTPSgit clone https://github.com/ismailtasdelen/hackertarget.gitcd hackertarget/Run pip3 install to set up this scriptpip3 install .Run hackertarget CLI script via following commandpython hackertarget.pyView :root@ismailtasdelen:~# python hackertarget.py _ _ _ _ | |_ __ _ __ | |__ ___ _ _ | |_ __ _ _ _ __ _ ___ | |_ | ‘ \ / _` |/ _|| / // -_)| ‘_|| _|/ _` || ‘_|/ _` |/ -_)| _| |_||_|\__,_|\__||_\_\___||_| \__|\__,_||_| \__, |\___| \__| |___/ Ismail Tasdelen | github.com/ismailtasdelen | linkedin.com/in/ismailtasdelen |[1] Traceroute[2] Ping Test[3] DNS Lookup[4] Reverse DNS[5] Find DNS Host[6] Find Shared DNS[7] Zone Transfer[8] Whois Lookup[9] IP Location Lookup[10] Reverse IP Lookup[11] TCP Port Scan[12] Subnet Lookup[13] HTTP Header Check[14] Extract Page Links[15] Version[16] ExitWhich option number :Menu :[1] Traceroute[2] Ping Test[3] DNS Lookup[4] Reverse DNS[5] Find DNS Host[6] Find Shared DNS[7] Zone Transfer[8] Whois Lookup[9] IP Location Lookup[10] Reverse IP Lookup[11] TCP Port Scan[12] Subnet Lookup[13] HTTP Header Check[14] Extract Page Links[15] Version[16] ExitCloning an Existing Repository ( Clone with HTTPS )root@ismailtasdelen:~# git clone https://github.com/ismailtasdelen/hackertarget.gitCloning an Existing Repository ( Clone with SSH )root@ismailtasdelen:~# git clone git@github.com:ismailtasdelen/hackertarget.gitChangelog v2.0:To support the python3 version at least, using the print(…) function.Split the hackertarget_api from hackertarget.py file.Added the hackertarget_api test.Added setup file.Added .travis.yml file and integration was achieved.raw_input function is undefined in python-3.x versions. Using the input function instead.Using the mock tests because we don’t need to test the external API service. We can assume that external API service is expected successfully.Added the tool version information module.Reference :https://hackertarget.com/Download Hackertarget

Link: http://feedproxy.google.com/~r/PentestTools/~3/p7tD_g2ZmJY/hackertarget-toolkit-v20-tools-and.html

AbsoluteZero – Python APT Backdoor

This project is a Python APT backdoor, optimized for Red Team Post Exploitation Tool, it can generate binary payload or pure python source. The final stub uses polymorphic encryption to give a first obfuscation layer to itself.DeploymentAbsoluteZero is a complete software written in Python 2.7 and works both on Windows and Linux platforms, in order to make it working you need to have Python 2.7 installed and then using ‘pip’ install the requirements.txt file. Remember that to compile binaries for Windows you have to run the entire software a Microsoft platform seen that pyinstaller doesn’t allow cross-platform compiling without using vine.Make sure that Python installation folder is set on ‘C:/Python27’ to avoid binary compiling troubles.Download AbsoluteZero

Link: http://feedproxy.google.com/~r/PentestTools/~3/4A8E633X560/absolutezero-python-apt-backdoor.html

SQLMap v1.3.8 – Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.FeaturesFull support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB and Informix database management systems.Full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries and out-of-band.Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name.Support to enumerate users, password hashes, privileges, roles, databases, tables and columns.Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack.Support to dump database tables entirely, a range of entries or specific columns as per user’s choice. The user can also choose to dump only a range of characters from each column’s entry.Support to search for specific database names, specific tables across all databases or specific columns across all databases’ tables. This is useful, for instance, to identify tables containing custom application credentials where relevant columns’ names contain string like name and pass.Support to download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.Support to execute arbitrary commands and retrieve their standard output on the database server underlying operating system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.Support to establish an out-of-band stateful TCP connection between the attacker machine and the database server underlying operating system. This channel can be an interactive command prompt, a Meterpreter session or a graphical user interface (VNC) session as per user’s choice.Support for database process’ user privilege escalation via Metasploit’s Meterpreter getsystem command.InstallationYou can download the latest tarball by clicking here or latest zipball by clicking here.Preferably, you can download sqlmap by cloning the Git repository:git clone –depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-devsqlmap works out of the box with Python version 2.6.x and 2.7.x on any platform.UsageTo get a list of basic options and switches use:python sqlmap.py -hTo get a list of all options and switches use:python sqlmap.py -hhYou can find a sample run here. To get an overview of sqlmap capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the user’s manual.DemoLinksHomepage: http://sqlmap.orgDownload: .tar.gz or .zipCommits RSS feed: https://github.com/sqlmapproject/sqlmap/commits/master.atomIssue tracker: https://github.com/sqlmapproject/sqlmap/issuesUser’s manual: https://github.com/sqlmapproject/sqlmap/wikiFrequently Asked Questions (FAQ): https://github.com/sqlmapproject/sqlmap/wiki/FAQTwitter: @sqlmapDemos: http://www.youtube.com/user/inquisb/videosScreenshots: https://github.com/sqlmapproject/sqlmap/wiki/ScreenshotsTranslationsBulgarianChineseCroatianFrenchGreekIndonesianItalianJapanesePortugueseSpanishTurkishDownload SQLMap v1.3.8

Link: http://feedproxy.google.com/~r/PentestTools/~3/tXw2LTJ-djQ/sqlmap-v138-automatic-sql-injection-and.html

Skadi – Collect, Process, And Hunt With Host Based Data From MacOS, Windows, And Linux

(pronounced “SKAH-Dee”: similar to Scotty but with a d sound) is a giantess and goddess of hunting in Norse mythologyPurposeSkadi is a free, open source collection of tools that enables the collection, processing and advanced analysis of forensic artifacts and images. It works on MacOS, Windows, and Linux machines. It scales to work effectively on laptops, desktops, servers, the cloud, and can be installed on top of hardened / gold disk images.How to Get Started and SupportDownload Latest ReleaseAvailable in OVA, Vagrant and Signed Installer formatsDownload the Latest ReleaseInstallation InstructionsStarting Skadi on Docker Instructions Vagrant Installation InstructionsOVA Installation InstructionsSigned Installer InstructionsSkadi PortalThis portal allows easy access to Skadi tools. By default it is available at the IP address of the Skadi Server.The default credentials are:Username: skadiPassword: skadiAccess the portal through a web browser at the IP address of the server. In this example the server is while Vagrant and Docker will create a link to localhostExample: Example: http://localhostIncluded Tools The tools are combined into one platform that all work together to provide the ability to collect data, convert the bits and bytes to words and numbers, and analyze the results quickly and easily. This enables the ability to rapidly hunt for host based evidence of a malicious activities quickly and accurately.CDQRCyberChefCyLRDockerElasticSearchGlancesGrafanaPortainerKibanaYetiPlasoTimeSketchYeti (Threat Intelligence Tool)Kibana and TimeSketch Included11 Kibana DashboardsTimeSketchVideos and MediaAlamo ISSA 2018 Slides: Reviews CCF-VM components, walkthrough of how to install GCP version and discuss automation possibilities and risksSANS DFIR Summit 2017 Video: A talk about using CCF-VM for Digital Forensics and Incident Response (DFIR)ISC2 Security Congress 2017 Slides: Another talk about using CCF-VM for Digital Forensics and Incident Response (DFIR)DEFCON 25 4-hour Workshop 2017 Slides: Free and Easy DFIR Triage for EveryoneOSDFCON 2017 Slides: Walk-through different techniques that are required to provide forensics results for Windows and *nix environments (Including CyLR and CDQR)Skadi Wiki PageThe answers to common questions and information about how to get started with Skadi is stored in the Skadi Wiki Pages.Skadi CommunityThere is a Slack community setup for developers and users of the Skadi ecosystem. It is a safe place to ask questions and share information.Join the Skadi Community SlackSkadi Add-on PacksSkadi add-on packs are installed on top of the base Skadi VM to provide extra functionalitySkadi Pack 01: Automation: Provides two methods of integrating with any Automation tool: gRPC API or using SSHSkadi Pack 02: Secure Networking: Updates the firewall and authenticated reverse proxy for use in network deployment. Provides instructions for obtaining TLS/SSL certificatesThank you to everyone who has helped, and those that continue to, making this project a reality.Special Thanks to:The team from Komand for their advice and support on all things AutomationJackie & Jason from @SpyglassSec for their guidanceEvery single one of the contributors who’s efforts made the automation Addon Pack possibleCREATORAlan OrlikoskiDownload Skadi

Link: http://feedproxy.google.com/~r/PentestTools/~3/ASo4pP2sP6k/skadi-collect-process-and-hunt-with.html

KRF – A Kernelspace Randomized Faulter

KRF is a Kernelspace Randomized Faulter.It currently supports the Linux and FreeBSD kernels.What?Fault injection is a software testing technique that involves inducing failures (“faults") in the functions called by a program. If the callee has failed to perform proper error checking and handling, these faults can result in unreliable application behavior or exploitable vulnerabilities.Unlike the many userspace fault injection systems out there, KRF runs in kernelspace via a loaded module. This has several advantages:It works on static binaries, as it does not rely on LD_PRELOAD for injection.Because it intercepts raw syscalls and not their libc wrappers, it can inject faults into calls made by syscall(3) or inline assembly.It’s probably faster and less error-prone than futzing with dlsym.There are also several disadvantages:You’ll probably need to build it yourself.It probably only works on x86(_64), since it twiddles cr0 manually. There is probably an architecture-independent way to do that in Linux, somewhere.It’s essentially a rootkit. You should definitely never, ever run it on a non-testing system.It probably doesn’t cover everything that the Linux kernel expects of syscalls, and may destabilize its host in weird and difficult to reproduce ways.How does it work?KRF rewrites the Linux or FreeBSD system call table: when configured via krfctl, KRF replaces faultable syscalls with thin wrappers.Each wrapper then performs a check to see whether the call should be faulted using a configurable targeting system capable of targeting a specific personality(2), PID, UID, and/or GID. If the process shouldn’t be faulted, the original syscall is invoked.Finally, the targeted call is faulted via a random failure function. For example, a read(2) call might receive one of EBADF, EINTR, EIO, and so on.SetupCompatibilityNOTE: If you have Vagrant, just use the Vagrantfile and jump to the build steps.KRF should work on any recent-ish (4.15+) Linux kernel with CONFIG_KALLSYMS=1.This includes the default kernel on Ubuntu 18.04 and probably many other recent distros.DependenciesNOTE: Ignore this if you’re using Vagrant.Apart from a C toolchain (GCC is probably necessary for Linux), KRF’s only dependencies should be libelf, the kernel headers, and Ruby (for code generation).GNU Make is required on all platforms; FreeBSD additionally requires BSD Make.For systems with apt:sudo apt install libelf-dev ruby linux-headers-$(uname -r)Buildinggit clone https://github.com/trailofbits/krf && cd krfmake -j$(nproc)or, if you’re using Vagrant:git clone https://github.com/trailofbits/krf && cd krfvagrant up linux && vagrant ssh linux# inside the VMcd /vagrantmake -j$(nproc)or, for FreeBSD:git clone https://github.com/trailofbits/krf && cd krfcd vagrant up freebsd && vagrant ssh freebsd# inside the VMcd /vagrantgmake # NOT make!UsageKRF has three components:A kernel module (krfx)An execution utility (krfexec)A control utility (krfctl)To load the kernel module, run make insmod. To unload it, run make rmmod.KRF begins in a neutral state: no syscalls will be intercepted or faulted until the user specifies some behavior via krfctl:# no induced faults, even with KRF loadedls# tell krf to fault read(2) and write(2) calls# note that krfctl requires root privilegessudo ./src/krfctl/krfctl -F ‘read,write’# tell krf to fault any program with a# personality of 28 (the value set by krfexec)sudo ./src/krfctl/krfctl -T personality=28# may fault!./src/krfexec/krfexec ls# krfexec will pass options correctly as well./src/krfexec/krfexec echo -n ‘no newline’# clear the fault specificationsudo ./src/krfctl/krfctl -c# clear the targeting specificationsudo ./src/krfctl/krfctl -C# no induced faults, since no syscalls are being faulted./src/krfexec/krfexec firefoxOn FreeBSD, krfexec requires root privileges. By default, it will attempt to use SUDO_UID and the username returned by getlogin_r to return to a non-root user before executing the target. To force a particular UID, export REAL_UID, e.g.:REAL_UID=1000 sudo ./src/krfexec/krfexec lsConfigurationNOTE: Most users should use krfctl instead of manipulating these files by hand. In FreeBSD, these same values are accessible through sysctl krf.whatever instead of procfs./proc/krf/rng_stateThis file allows a user to read and modify the internal state of KRF’s PRNG.For example, each of the following will correctly update the state:echo "1234" | sudo tee /proc/krf/rng_stateecho "0777" | sudo tee /proc/krf/rng_stateecho "0xFF" | sudo tee /proc/krf/rng_stateThe state is a 32-bit unsigned integer; attempting to change it beyond that will fail./proc/krf/targetingThis file allows a user set the values used by KRF for syscall targeting.NOTE: KRF uses a default personality not currently used by the Linux kernel by default. If you change this, you should be careful to avoid making it something that Linux cares about. man 2 personality has the details.echo "0 28" | sudo tee /proc/krf/targetingA personality of 28 is hardcoded into krfexec./proc/krf/probabilityThis file allows a user to read and write the probability of inducing fault for a given (faultable) syscall.The probability is represented as a reciprocal, e.g. 1000 means that, on average, 0.1% of faultable syscalls will be faulted.echo "100000" | sudo tee /proc/krf/probability/proc/krf/controlThis file controls the syscalls that KRF faults.NOTE: Most users should use krfctl instead of interacting with this file directly — the former will perform syscall name-to-number translation automatically and will provide clearer error messages when things go wrong.# replace the syscall in slot 0 (usually SYS_read) with its faulty wrapperecho "0" | sudo tee /proc/krf/controlPassing any number greater than KRF_NR_SYSCALLS will cause KRF to flush the entire syscall table, returning it to the neutral state. Since KRF_NR_SYSCALLS isn’t necessarily predictable for arbitrary versions of the Linux kernel, choosing a large number (like 65535) is fine.Passing a valid syscall number that lacks a fault injection wrapper will cause the write(2) to the file to fail with EOPNOTSUPP./proc/krf/log_faultsThis file controls whether or not KRF emits kernel logs on faulty syscalls. By default, no logging messages are emitted.NOTE: Most users should use krfctl instead of interacting with this file directly.# enable fault loggingecho "1" | sudo tee /proc/krf/log_faults# disable fault loggingecho "0" | sudo tee /proc/krf/log_faults# read the logging statecat /proc/krf/log_faultsDownload Krf

Link: http://www.kitploit.com/2019/08/krf-kernelspace-randomized-faulter.html

SET v8.0.1 – The Social-Engineer Toolkit

Copyright 2019 The Social-Engineer Toolkit (SET)Written by: David Kennedy (ReL1K)Company: TrustedSecDISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period.Please read the LICENSE under readme/LICENSE for the licensing of SET.SET TutorialFor a full document on how to use SET, visit the SET user manual.FeaturesThe Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.Bugs and enhancementsFor bug reports or enhancements, please open an issue here.Supported platformsLinuxMac OS XInstallationResolve dependenciesUbuntu/Debian SystemLinuxMac OS X (experimental)InstallationInstall via requirements.txt$ pip install -r requirements.txtInstall SETAll OSs$ git clone https://github.com/trustedsec/social-engineer-toolkit/ set/$ cd set$ pip install -r requirements.txtDownload Social-Engineer-Toolkit

Link: http://feedproxy.google.com/~r/PentestTools/~3/w4tiBuIcrYw/set-v801-social-engineer-toolkit.html