blackarchlinux.dz

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines Bad-PDF create malicious PDF to steal NTLM Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file. Bad-Pdf reads the NTLM hashes using Responder listener. This method work on all PDF readers(Any version) and java scripts are not required for this attack. Reference :  https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/ Dependency: Responder/Kali Linux Usage: python badpdf.py Run Bad-PDF in Kali linux: Responder waiting for NTLM hash: Run generated Bad-PDF file on a windows machine and get NTLM hash: :) Download Bad-Pdf

Faulty Patch for Oracle WebLogic Flaw Opens Updated Servers to Hackers Again Earlier this month, Oracle  patched  a highly critical Java deserialization remote code execution vulnerability in its WebLogic Server component of Fusion Middleware that could allow attackers to easily gain complete control of a vulnerable server. However, a security researcher, who operates through the Twitter handle @pyn3rd and claims to be part of the Alibaba security team, has now  found  a way using which attackers can bypass the security patch and exploit the WebLogic vulnerability once again. WebLogic Server acts as a middle layer between the front end user interface and the backend database of a multi-tier enterprise application. It provides a complete set of services for all components and handles details of the application behavior automatically. Initially discovered in November last year by  Liao Xinxi  of NSFOCUS security team, the Oracle WebLogic Server flaw (CV...

RedHunt OS - Virtual Machine For Adversary Emulation And Threat Hunting Virtual Machine for Adversary Emulation and Threat Hunting RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. Base Machine: Lubuntu-17.10.1 x64 Tool Setup Attack Emulation: Caldera Atomic Red Team DumpsterFire Metta RTA Nmap CrackMapExec Responder Zap Logging and Monitoring: Kolide Fleet ELK (Elasticsearch, Logstash, and Kibana) Stack Open Source Intelligence (OSINT): Maltego Recon-ng Datasploit theHarvestor Threat Intelligence: Yeti Harpoon Sneak Peek: References: https://cyberwardog.blogspot.in/2017/02/setting-up-pentesting-i-mean-threat_98.html https://jordanpotti.com/2018/02/16/elk-osquery-kolide-fleet-love/ Download RedHunt-OS

Phan - A Static Analyzer for PHP Phan is a static analyzer for PHP that prefers to minimize false-positives. It attempts to prove incorrectness rather than correctness. It looks for common issues and will verify type compatibility on various operations when type information is available or can be deduced. Phan has a good (but not comprehensive) understanding of flow control and does not attempt to track values. Features: Check that all methods, functions, classes, traits, interfaces, constants, properties and variables are defined and accessible. Check for type safety and arity issues on method/function/closure calls. Check for PHP7/PHP5 backward compatibility. Check for features that weren't supported in older PHP 7.x minor releases (E.g. object, void, iterable, ?T, [$x] = ...;, etc.) Check for sanity with array accesses. Check for type safety on binary operations. Check for valid and type-safe return values on methods, functions, and closures. Check for No...

PentestPackage - A Collection of Scripts for Pentesting PentestPackage is a collection of scripts for Pentesting. Scripts: Wordlists  - Comprises of password lists, username lists, and subdomains Web Service finder  - Finds web services of a list of IPs and also returns any URL rewrites Gpprefdecrypt.*  - Decrypt the password of local users added via Windows 2008 Group Policy Preferences. rdns.sh  - Runs through a file of line separated IPs and prints if there is a reverse DNS set or not. grouppolicypwn.sh  - Enter domain user creds (doesn't need to be priv) and will communicate with the domain controllers and pull any stored CPASS from group policies and decode to plain text. Useful for instant Domain Admin! privchecker.sh  - Very young script that simply checks DCenum to a list of users to find their group access, indicated any privileged users, this list can be edited. NessusParserSummary.py  - Parses Nessus results to give a sum...

Infection Monkey - An Automated Pentest Tool The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey is comprised of two parts: Monkey - A tool which infects other machines and propagates to them Monkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data center To read more about the Monkey, visit  http://infectionmonkey.com Main Features The Infection Monkey uses the following techniques and  exploits  to propagate to other machines. Multiple propagation techniques: Predefined passwords Common logical exploits Password stealing using Mimikatz Multiple exploit methods: SSH SMB RDP WMI Shellshock Conficker SambaCry Elastic Search (CVE-2015-1427) ...