R3Con1Z3R – A Lightweight Web Information Gathering Tool With An Intuitive Features (OSINT)

R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence (OSINT) web-based footprinting can be conducted quickly and thoroughly.Footprinting is the first phase of ethical hacking, its the collection of every possible information regarding the target. R3con1z3r is a passive reconnaissance tool with built-in functionalities which includes: HTTP header flag, Traceroute, Whois Footprinting, DNS information, Site on same server, Nmap port scanner, Reverse Target and hyperlinks on a webpage. The tool, after being provided with necessary inputs generates an output in HTML format.ScreenshotsInstallationr3con1z3r supports Python 2 and Python 3.$ git clone https://github.com/abdulgaphy/r3con1z3r.git$ cd r3con1z3r$ pip install -r requirements.txtOptional for Linux users$ sudo chmod +x r3con1z3r.pyModuldesr3con1z3r depends only on the sys and the requests python modules.Python 3: $ pip3 install -r requirements.txtFor Coloring on Windows: pip install win_unicode_console coloramaUsagepython3 r3con1z3r.py [domain.com]ExamplesTo run on all Operating Systems (Linux, Windows, Mac OS X, Android e.t.c) i.e Python 2 environmentpython r3con1z3r.py google.comTo run on python3 environment:python3 r3con1z3r.py facebook.comTo run as executable Unix only./r3con1z3r.py google.comDownload R3Con1Z3R

Link: http://feedproxy.google.com/~r/PentestTools/~3/xpd1vC23W3c/r3con1z3r-lightweight-web-information.html

UPDATE: Infection Monkey 1.6.1

PenTestIT RSS Feed
I’m sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this version is that this is an AWS onlyRead more about UPDATE: Infection Monkey 1.6.1
The post UPDATE: Infection Monkey 1.6.1 appeared first on PenTestIT.

Link: http://pentestit.com/update-infection-monkey-1-6-1/

TOOL UPDATE: Cameradar v2.1.0

PenTestIT RSS Feed
My initial post covering this open source Real Time Streaming Protocol (RTSP) surveillance camera access multi-tool was about an older version – Cameradar v2.0.0. A lot has happened since then and an update – Cameradar v2.1.0 was made available by the author. This version comes with an increased test coverage. What is Cameradar? Cameradar is an RTSP streamRead more about TOOL UPDATE: Cameradar v2.1.0
The post TOOL UPDATE: Cameradar v2.1.0 appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/51PNPQT0QRQ/

Instagram, Kraken, GitMiner – Application Security Weekly #40

Instagram leaks passwords to the public, Clickjacking on Google MyAccount Worth $7,500, James Wickett’s thread on Open Source SAST options, an advanced search tool for sensitive information stored in GitHub repos, and more! News Bugs, Breaches, and More! 1.) Instagram leaks passwords to the Public 2.) Apple Warned about iPhone X Hack that Stole “Deleted” photo” 3.) Clickjacking […]
The post Instagram, Kraken, GitMiner – Application Security Weekly #40 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/2JGtW94mAuE/

Robber – Robber Is Open Source Tool For Finding Executables Prone To DLL Hijacking

Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies.What is DLL hijacking ?!Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path (triggering this search process), you can then place your hostile DLL somewhere higher up the search path so it’ll be found before the real version is, and Windows will happilly feed your attack code to the application.So, let’s pretend Windows’s DLL search path looks something like this:A) . <-- current working directory of the executable, highest priority, first checkB) \WindowsC) \Windows\system32D) \Windows\syswow64 <-- lowest priority, last checkand some executable "Foo.exe" requests "bar.dll", which happens to live in the syswow64 (D) subdir. This gives you the opportunity to place your malicious version in A), B) or C) and it will be loaded into executable.As stated before, even an absolute full path can't protect against this, if you can replace the DLL with your own version.Microsoft Windows protect system pathes like System32 using Windows File Protection mechanism but the best way to protect executable from DLL hijacking in entrprise solutions is :Use absolute path instead of relative pathIf you have personal sign, sign your DLL files and check the sign in your application before load DLL into memory. otherwise check the hash of DLL file with original DLL hash)And of course, this isn't really limited to Windows either. Any OS which allows for dynamic linking of external libraries is theoretically vulnerable to this.Robber use simple mechanism to figure out DLLs that prone to hijacking :Scan import table of executable and find out DLLs that linked to executableSearch for DLL files placed inside executable that match with linked DLL (as i said before current working directory of the executable has highest priority)If any DLL found, scan the export table of themeCompare import table of executable with export table of DLL and if any matching was found, the executable and matched common functions flag as DLL hijack candidate.Feauters :Ability to select scan type (signed/unsigned applications)Determine executable signerDetermine wich referenced DLLs candidate for hijackingDetermine exported method names of candidate DLLsConfigure rules to determine which hijacks is best or good choice for use and show theme in different colorsFind out latest Robber executable hereDownload Robber

Link: http://feedproxy.google.com/~r/PentestTools/~3/-3o2PCxEGpE/robber-robber-is-open-source-tool-for.html

UPDATED VERSION: RouterSploit 3.4.0

PenTestIT RSS Feed
RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements. What is RouterSploit? The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the followingRead more about UPDATED VERSION: RouterSploit 3.4.0
The post UPDATED VERSION: RouterSploit 3.4.0 appeared first on PenTestIT.

Link: http://pentestit.com/updated-version-routersploit-3-4-0/

Bugs, Breaches, and More – Application Security Weekly #34

Facebook discloses the loss of at least 50M Access Tokens also covered by Motherboard Formjacking is on the rise, Google admits to allowing hundreds of companies read your email, FireFox Monitor will alert you when your accounts have been Pwned, Microsoft releases MS-DOS v1.25 and v2.0 as Open Source, and more! Full Show NotesFollow us […]
The post Bugs, Breaches, and More – Application Security Weekly #34 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/xnqA1tkRiKQ/

BitSight, SentinelOne, and McAfee – Enterprise Security Weekly #105

How the Department of Defense is using Open Source, BitSight launches forecasting capability, SentinelOne teams up with Sumo Logic, Swimlane supports McAfees advanced security operation, Fortinet releases new IoT security controller, and Secureworks opens up proprietary UEBA through partner programme. Full Show NotesVisit http://securityweekly.com/esw for all the latest episodes! Hosts
The post BitSight, SentinelOne, and McAfee – Enterprise Security Weekly #105 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/osTWr0l-KuI/