UPDATE: Infection Monkey 1.6.1

PenTestIT RSS Feed
I’m sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this version is that this is an AWS onlyRead more about UPDATE: Infection Monkey 1.6.1
The post UPDATE: Infection Monkey 1.6.1 appeared first on PenTestIT.

Link: http://pentestit.com/update-infection-monkey-1-6-1/

PENTOL – Pentester Toolkit For Fiddler2

PENTOL – Pentester Toolkit is built as a plugin for the Fiddler HTTP debugging proxy.FeaturesCORS DETECTED Cross-Origin Resource SharingCRLF DETECTED HTTP response splittingHeaders DETECTED (X-Frame-Options)USAGEInstall Fiddler2Open Fiddler2Press Key CTRL + R or Rules > Customize Rules…Copy all script SampleRules.jsPress Key CTRL + S for SaveCheck tools in Rules TABCreditsThanks to allahEka Syahwan (Creator) bugrecon / H1 / bugcrowdEdo Maland (Powerstager) https://github.com/ScreetsecJack Wilder admin in http://www.linuxsec.orgDisclaimerNote: modifications, changes, or changes to this code can be accepted, however, every public release that uses this code must be approved by writing this tool (Eka S)Download PENTOL

Link: http://feedproxy.google.com/~r/PentestTools/~3/Gqg497egrBM/pentol-pentester-toolkit-for-fiddler2.html

EdgeEngine, Cloud-Native, and Orkus – Enterprise Security Weekly #117

tackPath launches EdgeEngine Serverless Computing, Alcide advances Cloud-Native security Firewall platform, Orkus launches Access Governance platform for Cloud Security, Tufin announces a new Cloud Security solution, and more! Enterprise News CodeSonars Integration with Microsoft Visual Studio Aqua Security Announces First Consumption-Based Container Security Solution Available on AWS Marketplace for Containers StackPath Launches EdgeEngine Serverless Computing […]
The post EdgeEngine, Cloud-Native, and Orkus – Enterprise Security Weekly #117 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/2BbriETxmmc/

TOOL UPDATE: Cameradar v2.1.0

PenTestIT RSS Feed
My initial post covering this open source Real Time Streaming Protocol (RTSP) surveillance camera access multi-tool was about an older version – Cameradar v2.0.0. A lot has happened since then and an update – Cameradar v2.1.0 was made available by the author. This version comes with an increased test coverage. What is Cameradar? Cameradar is an RTSP streamRead more about TOOL UPDATE: Cameradar v2.1.0
The post TOOL UPDATE: Cameradar v2.1.0 appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/51PNPQT0QRQ/

UPDATED VERSION: RouterSploit 3.4.0

PenTestIT RSS Feed
RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements. What is RouterSploit? The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the followingRead more about UPDATED VERSION: RouterSploit 3.4.0
The post UPDATED VERSION: RouterSploit 3.4.0 appeared first on PenTestIT.

Link: http://pentestit.com/updated-version-routersploit-3-4-0/

iBombShell: A Dynamic Post-Exploitation Remote Shell

PenTestIT RSS Feed
Consider you have a shell on a system and other post-exploitation do not work for you as they are being caught by a security solution on the system. Worry not as we now have iBombShell, a dynamic remote shell that can be run on any system that supports PowerShell. The reason this is called dynamicRead more about iBombShell: A Dynamic Post-Exploitation Remote Shell
The post iBombShell: A Dynamic Post-Exploitation Remote Shell appeared first on PenTestIT.

Link: http://pentestit.com/ibombshell-dynamic-post-exploitation-remote-shell/

Comparison of Open Source Adversary Emulation Tools

PenTestIT RSS Feed
If you liked my older post titled “List of Adversary Emulation Tools“, I am sure you must want to know what is the difference or comparison between the different tools. This post is an attempt to do just that -to list down the comparison of open source adversary emulation tools. I have compared their capabilitiesRead more about Comparison of Open Source Adversary Emulation Tools
The post Comparison of Open Source Adversary Emulation Tools appeared first on PenTestIT.

Link: http://pentestit.com/open-source-adversary-emulation-tools-comparison/

UPDATE: Kali Linux 2018.3 Release!

PenTestIT RSS Feed
Kali Linux 2018.3 is the latest Kali Linux release. This is the third release which comes after the last release, that was made available in the month of April. This new release includes all patches, fixes, updates, and improvements since the last release – Kali Linux 2018.2, including a shiny new Linux kernel version 4.17.0 and upgrades toRead more about UPDATE: Kali Linux 2018.3 Release!
The post UPDATE: Kali Linux 2018.3 Release! appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2018-3-release/

Remote NTLM relaying through meterpreter on Windows port 445

The hijacking of port 445 to perform relay attacks or hash capturing attacks has been a recurring topic for a while now. When you infect a target with meterpreter, how do you listen on port 445? A few weeks ago this topic resurfaced again in part due to Dirk-jan (@_dirkjan) that saw this question flying … Continue reading “Remote NTLM relaying through meterpreter on Windows port 445"

Link: http://diablohorn.com/2018/08/25/remote-ntlm-relaying-through-meterpreter-on-windows-port-445/