Loading...

Follow Hackers Online Club (HOC) on Feedspot

Continue with Google
Continue with Facebook
or

Valid

iky OSINT Project. Collect information from a mail. Gather, Profile, Timeline.
Project iKy is to collects information from an email and shows results in a nice visual interface.

Installation

Clone repository

git clone https://gitlab.com/kennbroorg/iKy.git
Install Backend Redis

You must install Redis

wget http://download.redis.io/redis-stable.tar.gz
tar xvzf redis-stable.tar.gz
cd redis-stable
make
sudo make install

And turn on the server in a terminal

redis-server

Python stuff and Celery

You must install the libraries inside requirements.txt
pip install -r requirements.txt

And turn on Celery in another terminal, within the directory backend
./celery.sh

Finally, again, in another terminal turn on backend app from directory backend

python app.py

Install Frontend Node

First of all, install nodejs.

DependenciesInside the directory frontend install the dependencies

npm install

Turn on Frontend ServerFinally, to run frontend server, execute:

npm start

BrowserOpen the browser in this url

Config API KeysOnce the application is loaded in the browser, you should go to the Api Keys option and load the values of the APIs that are needed.
  • Fullcontact: Generate the APIs from here
  • Twitter: Generate the APIs from here
  • Linkedin: Only the user and password of your account must be loaded
Video Demo
iKy-New - Vimeo



  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

RedGhost- Linux post exploitation framework 
It designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. 
  • Payloads
Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl

  • SudoInject
Function to inject sudo command with wrapper function to run a reverse root shell everytime "sudo" is run for privilege escalataion

  • lsInject
Function to inject the "ls" command with a wrapper function to run payload everytime "ls" is run for persistence

  • Crontab
Function to create cron job that downloads payload from remote server and runs payload every minute for persistence

  • GetRoot
Function to try various methods to escalate privileges

  • Clearlogs
Function to clear logs and make investigation with forensics difficult

  • MassInfoGrab
Function to grab mass reconaissance/information on system

  • CheckVM
Function to check if the system is a virtual machine

  • MemoryExec
Function to execute remote bash script in memory

  • BanIp
Function to BanIp using iptables

Installation Install RedGhost in one line code:

wget https://raw.githubusercontent.com/d4rk007/RedGhost/master/redghost.sh; chmod +x redghost.sh; ./redghost.sh

One line code to Install prerequisites and RedGhost :

wget https://raw.githubusercontent.com/d4rk007/RedGhost/master/redghost.sh; chmod +x redghost.sh; apt-get install dialog; apt-g
Download Redghost
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Python wrapper for tshark, allowing python packet parsing using Wireshark dissectors.
Pyshark features a few "Capture" objects (Live, Remote, File, InMem). Each of those files read from their respective source and then can be used as an iterator to get their packets. Each capture object can also receive various filters so that only some of the incoming packets will be saved.

InstallationAll Platforms

Simply run the following to install the latest from pypi

pip install pyshark

Or install from the git repository:

git clone https://github.com/KimiNewt/pyshark.git
cd pyshark/src
python setup.py install

Mac OS XYou may have to install libxml which can be unexpected. If you receive an error from clang or an error message about libxml, run the following:

xcode-select --install
pip install libxml

You will probably have to accept a EULA for XCode so be ready to click an "Accept" dialog in the GUI.

UsageReading from a capture file:

>>> import pyshark
>>> cap = pyshark.FileCapture('/tmp/mycapture.cap')
>>> cap
<FileCapture /tmp/mycapture.cap (589 packets)>
>>> print cap[0]
Packet (Length: 698)
Layer ETH:
        Destination: BLANKED
        Source: BLANKED
        Type: IP (0x0800)
Layer IP:
        Version: 4
        Header Length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
        Total Length: 684
        Identification: 0x254f (9551)
        Flags: 0x00
        Fragment offset: 0
        Time to live: 1
        Protocol: UDP (17)
        Header checksum: 0xe148 [correct]
        Source: BLANKED
        Destination: BLANKED
  ...

Other options
  • param keep_packets: Whether to keep packets after reading them via next(). Used to conserve memory when reading large caps.
  • param input_file: Either a path or a file-like object containing either a packet capture file (PCAP, PCAP-NG..) or a TShark xml.
  • param display_filter: A display (wireshark) filter to apply on the cap before reading it.
  • param only_summaries: Only produce packet summaries, much faster but includes very little information
  • param disable_protocol: Disable detection of a protocol (tshark > version 2)
  • param decryption_key: Key used to encrypt and decrypt captured traffic.
  • param encryption_type: Standard of encryption used in captured traffic (must be either 'WEP', 'WPA-PWD', or 'WPA-PWK'. Defaults to WPA-PWK.
  • param tshark_path: Path of the tshark binary.

Reading from a live interface:>>> capture = pyshark.LiveCapture(interface='eth0')
>>> capture.sniff(timeout=50)
>>> capture
<LiveCapture (5 packets)>
>>> capture[3]
<UDP/HTTP Packet>

for packet in capture.sniff_continuously(packet_count=5):
    print 'Just arrived:', packet

Other options
  • param interface: Name of the interface to sniff on. If not given, takes the first available.
  • param bpf_filter: BPF filter to use on packets.
  • param display_filter: Display (wireshark) filter to use.
  • param only_summaries: Only produce packet summaries, much faster but includes very little information
  • param disable_protocol: Disable detection of a protocol (tshark > version 2)
  • param decryption_key: Key used to encrypt and decrypt captured traffic.
  • param encryption_type: Standard of encryption used in captured traffic (must be either 'WEP', 'WPA-PWD', or 'WPA-PWK'. Defaults to WPA-PWK).
  • param tshark_path: Path of the tshark binary
  • param output_file: Additionally save captured packets to this file.

Reading from a live interface using a ring buffer>>> capture = pyshark.LiveRingCapture(interface='eth0')
>>> capture.sniff(timeout=50)
>>> capture
<LiveCapture (5 packets)>
>>> capture[3]
<UDP/HTTP Packet>

for packet in capture.sniff_continuously(packet_count=5):
    print 'Just arrived:', packet

Other options
  • param ring_file_size: Size of the ring file in kB, default is 1024
  • param num_ring_files: Number of ring files to keep, default is 1
  • param ring_file_name: Name of the ring file, default is /tmp/pyshark.pcap
  • param interface: Name of the interface to sniff on. If not given, takes the first available.
  • param bpf_filter: BPF filter to use on packets.
  • param display_filter: Display (wireshark) filter to use.
  • param only_summaries: Only produce packet summaries, much faster but includes very little information
  • param disable_protocol: Disable detection of a protocol (tshark > version 2)
  • param decryption_key: Key used to encrypt and decrypt captured traffic.
  • param encryption_type: Standard of encryption used in captured traffic (must be either 'WEP', 'WPA-PWD', or 'WPA-PWK'. Defaults to WPA-PWK).
  • param tshark_path: Path of the tshark binary
  • param output_file: Additionally save captured packets to this file.
Reading from a live remote interface:>>> capture = pyshark.RemoteCapture('192.168.1.101', 'eth0')
>>> capture.sniff(timeout=50)
>>> capture

Other options
  • param remote_host: The remote host to capture on (IP or hostname). Should be running rpcapd.
  • param remote_interface: The remote interface on the remote machine to capture on. Note that on windows it is not the device display name but the true interface name (i.e. \Device\NPF_..).
  • param remote_port: The remote port the rpcapd service is listening on
  • param bpf_filter: A BPF (tcpdump) filter to apply on the cap before reading.
  • param only_summaries: Only produce packet summaries, much faster but includes very little information
  • param disable_protocol: Disable detection of a protocol (tshark > version 2)
  • param decryption_key: Key used to encrypt and decrypt captured traffic.
  • param encryption_type: Standard of encryption used in captured traffic (must be either 'WEP', 'WPA-PWD', or 'WPA-PWK'. Defaults to WPA-PWK).
  • param tshark_path: Path of the tshark binary
Accessing packet data:Data can be accessed in multiple ways. Packets are divided into layers, first you have to reach the appropriate layer and then you can select your field.

All of the following work:

>>> packet['ip'].dst
192.168.0.1
>>> packet.ip.src
192.168.0.100
>>> packet[2].src
192.168.0.100

To test whether a layer is in a packet, you can use its name:

>>> 'IP' in packet
True

To see all possible field names, use the packet.layer.field_names attribute (i.e. packet.ip.field_names) or the autocomplete function on your interpreter.

You can also get the original binary data of a field, or a pretty description of it:

>>> p.ip.addr.showname
Source or Destination Address: 10.0.0.10 (10.0.0.10)
# And some new attributes as well:
>>> p.ip.addr.int_value
167772170
>>> p.ip.addr.binary_value
'\n\x00\x00\n'

Decrypting packet capturesPyshark supports automatic decryption of traces using the WEP, WPA-PWD, and WPA-PSK standards (WPA-PWD is the default).

>>> cap1 = pyshark.FileCapture('/tmp/capture1.cap', decryption_key='password')
>>> cap2 = pyshark.LiveCapture(interface='wi0', decryption_key='password', encryption_type='wpa-psk')

A tuple of supported encryption standards, SUPPORTED_ENCRYPTION_STANDARDS, exists in each capture class.

>>> pyshark.FileCapture.SUPPORTED_ENCRYPTION_STANDARDS
('wep', 'wpa-pwd', 'wpa-psk')
>>> pyshark.LiveCapture.SUPPORTED_ENCRYPTION_STANDARDS
('wep', 'wpa-pwd', 'wpa-psk')

Python2 deprecation - This package no longer supports Python2. If you wish to still use it in Python2, you can:

Use version 0.3.8

  • Install pyshark-legacy via pypi
  • Clone the pyshark-legacy [repo (https://github.com/KimiNewt/pyshark-legacy)], where bugfixes will be applied.


Looking for contributors - for various reasons I have a hard time finding time to maintain and enhance the package at the moment. Any pull-requests will be reviewed and if any one is interested and is suitable, I will be happy to include them in the project. Feel free to mail me at dorgreen1 at gmail.

There are quite a few python packet parsing modules, this one is different because it doesn't actually parse any packets, it simply uses tshark's (wireshark command-line utility) ability to export XMLs to use its parsing.

This package allows parsing from a capture file or a live capture, using all wireshark dissectors you have installed. Tested on windows/linux.
Download Pyshark
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

"Learn Ethical Hacking from Scratch ($23 Value) FREE For a Limited Time"
Learn how to hack systems like black hat hackers and secure them like security experts.

This eBook will help you:
  • Understand ethical hacking and the different fields and types of hackers
  • Set up a penetration testing lab to practice safe and legal hacking
  • Explore Linux basics, commands, and how to interact with the terminal
  • Access password-protected networks and spy on connected clients
  • Use server and client-side attacks to hack and control remote computers
  • Control a hacked system remotely and use it to hack other systems
  • Discover, exploit, and prevent a number of web application vulnerabilities such as XSS and SQL injections
  • Understand how computer systems work and their vulnerabilities, exploit weaknesses and hack into machines to test their security, and learn how to secure systems from hackers now!

Free offer expires 07/23/19.

Offered Free by: Packt

DOWNLOAD NOW

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Seccubus- Easy Automated Vulnerability Scanning, Reporting And Analysis
Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans.Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI where findings can be easily marked as either real findings or non-issues.

On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes.

Seccubus 2.x is the only actively developed and maintained branch and all support for Seccubus V1 has officially been dropped.

Seccubus V2 works with the following scanners:
  • Nessus
  • OpenVAS
  • Skipfish
  • Medusa (local and remote)
  • Nikto (local and remote)
  • NMap (local and remote)
  • OWASP-ZAP (local and remote)
  • SSLyze
  • Medusa
  • Qualys SSL labs
  • testssl.sh (local and remote)

DockerAvailable images.

         Image name                                   Purpose                         
  • seccubus                     Run a full Seccubus stack in a single container
  • seccubus-front            Serving just the front end HTML, javascript and css
  • seccubus-web             Serving front and code and API simultaniously
  • seccubus-api               Serving just the API.
  • seccubus-perl              Running command line scripts, e.g. to scan
  • seccubus-cron             Running cron deamon to execute scans


Information about the docker containers is here

Default password, changing it.

After installation the default username and password for seccubus is:

admin / GiveMeVulns!

It is highly recommended you change this after installation.

/bin/seccubus_passwd -u admin

Download Seccubus
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

TOR Router- A tool that allow you to make TOR your default gateway and send all internet connections under TOR (as transparent proxy) for increase privacy/anonymity without extra unnecessary code.

Tor Router allow you to use TOR as a transparent proxy and send all your traffic under TOR INCLUDING DNS REQUESTS, the only that you need is: a system using systemd (if you want to use the service) and tor.

TOR router doesn't touch system files as the rest of tools for routing your taffic does and the reason is: there isn't needed to move files for routing traffic, also moving files is a bad idea since that a fail in the script/tool can break your system connection without you knowing what has happened.

Script to install on distros using SystemD onlyIf you are using BlackArch Linux (https://blackarch.org) you can install the script from the repos using the following command:

# pacman -S tor-router

To install from source:

Note that you need BASH, not sh

~$ git clone https://gitub.com/edu4rdshl/tor-router.git && cd ./tor-router && sudo bash install.sh

UsageIn distros using systemd, you should consideer using the install.sh script, anyways the process to install/configure tor-router is described here.

It script require root privileges

1. Open a terminal and clone the script using the following command:
~$ git clone https://gitub.com/edu4rdshl/tor-router.git && cd tor-router/files

2. Put the following lines at the end of /etc/tor/torrc
# Seting up TOR transparent proxy for tor-router
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
DNSPort 5353

3. Restart the tor service
4. Execute the tor-router script as root
# sudo ./tor-router

5. Now all your traffic is under TOR, you can check that in the following pages: https://check.torproject.org and for DNS tests: https://dnsleaktest.com

6. In order to automate the process of the script, you should add it to the SYSTEM autostart scripts according that the init that you are using, for systemd we have a .service file in the files folder.

Uninstalling/StopingDelete the tor-router configuration lines in /etc/tor/torrc, disable the tor-router.service using systemctl (if you used the install.sh script), remove /usr/bin/tor-router, /etc/systemd/system/tor-router.service and restart your computer.

Proof of conceptAfter of run the script, follow the next steps to ensure that all is working as expected:

IP hidden and TOR network configured: 
Visit https://check.torproject.org, you should see a message like it:


Checking DNS Leaks: 

Visit https://dnsleaktest.com and make a extended test to see what are your DNS. You shloud get some like it:


Distros using the scriptBlackArch Linux: https://github.com/BlackArch/blackarch/blob/master/packages/tor-router

Download TOR Router
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
IPFinder CLI (Command Line Interface) - To Locate and Identify Website Visitors by IP Address
  • Supports Single IP Address, asn, ranges, firewall as Input
  • Supports Bulk
  • Exports Results to Screen or to An Output File
  • Supports IPv4 and IPv6
  • Supports ASN number , RANGES , Firewall


Getting Startedsinging up for a free account at https://ipfinder.io/auth/signup, for Free IPFinder API access token.

The free plan is limited to 4,000 requests a day, and doesn't include some of the data fields To enable all the data fields and additional request volumes see https://ipfinder.io/pricing.

DocumentationVisit IPFinder documentation.

System Requirements


InstallationVia composer
First, download the IPfinder cli using Composer:

composer global require ipfinder-io/ip-finder-cli

Make sure to place composer's system-wide vendor bin directory in your $PATH so the IPfinder executable can be located by your system. This directory exists in different locations based on your operating system; however, some common locations include:

  • macOS: $HOME/.composer/vendor/bin
  • GNU / Linux Distributions: $HOME/.config/composer/vendor/bin
  • Windows: %USERPROFILE%\AppData\Roaming\Composer\vendor\bin


Linux Distributions / macOSdownload the IPfinder cli using from github using curl

## using curl
$ curl -LO https://github.com/ipfinder-io/ip-finder-cli/releases/download/v1.0.0/ipfinder.phar
## using wget
$ wget https://github.com/ipfinder-io/ip-finder-cli/releases/download/v1.0.0/ipfinder.phar 
$ chmod +x ipfinder.phar
$ sudo mv ipfinder.phar /usr/bin/ipfinder
$ ipfinder -h

Windows
  1. Download IPFINDER PHAR from github
  2. Create a directory for PHP binaries; e.g., C:\bin
  3. Open a command line (e.g., press Windows+R » type cmd » ENTER)
  4. Create a wrapping batch script (results in C:\bin\ipfinder.cmd):

C:\Users\username> cd C:\bin
C:\bin> echo @php "%~dp0ipfinder.phar" %* > ipfinder.cmd
C:\bin> exit

Open a new command line and confirm that you can execute IPfinder from any path:

C:\Users\username> ipfinder --help

Download IPFinder
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Sojobo - A Binary Analysis Framework
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries (the project is self contained).

With Sojobo you can:
  • Emulate a (32 bit) PE binary
  • Inspect the memory of the emulated process
  • Read the process state
  • Display a disassembly of the executed code
  • Emulate functions in a managed language (C# || F#)

Download

Using SojoboSojobo is intended to be used as a framework to create program analysis utilities. However, various sample utilities were created in order to show how to use the framework in a profitable way.

CompileIn order to compile Sojobo you need .NET Core to be installed and Visual Studio. To compile just run build.bat.
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Terminus is a highly configurable terminal emulator for Windows, macOS and Linux

  • Theming and color schemes
  • Fully configurable shortcuts
  • Split panes
  • Remembers your tabs
  • PowerShell (and PS Core), WSL, Git-Bash, Cygwin, Cmder and CMD support
  • Integrated SSH client and connection manager
  • Full Unicode support including double-width characters
  • Doesn't choke on fast-flowing outputs
  • Proper shell experience on Windows including tab completion (via Clink)


Terminus is an alternative to Windows' standard terminal (conhost), PowerShell ISE, PuTTY or iTerm

Terminus is not a new shell or a MinGW or Cygwin replacement. Neither is it lightweight - if RAM usage is of importance, consider Conemu or Alacritty

PluginsPlugins and themes can be installed directly from the Settings view inside Terminus.

  • clickable-links - makes paths and URLs in the terminal clickable
  • shell-selector - a quick shell selector pane
  • title-control - allows modifying the title of the terminal tabs by providing a prefix, suffix, and/or strings to be removed
  • quick-cmds - quickly send commands to one or all terminal tabs
  • save-output - record terminal output into a file
  • scrollbar - adds a scrollbar to hterm tabs


Themes
  1. hype - a Hyper inspired theme
  2. relaxed - the Relaxed theme for Terminus
  3. gruvbox
  4. windows10
  5. altair

Download Terminus
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

FinalRecon- OSINT Tool for All-In-One Web Reconnaissance
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.

FeaturesFinalRecon provides detailed information such as :

Header Information


WHOIS


SSL Certificate Details


Found Flag in SSL Certificate - Securinets CTF Quals 2019 - Hidden (200 Points)

Crawler


More modules will be added in future
Tested on
  • Kali Linux 2019.1
  • BlackArch Linux

Installationgit clone https://github.com/thewhiteh4t/FinalRecon.git
cd FinalRecon
pip3 install -r requirements.txt

Usagepython3 finalrecon.py -h
usage: finalrecon.py [-h] [--headers] [--sslinfo] [--whois] [--crawl] [--full]
                     url

FinalRecon - OSINT Tool for All-In-One Web Recon | v1.0.0

positional arguments:
  url         Target URL

optional arguments:
  -h, --help  show this help message and exit
  --headers   Get Header Information
  --sslinfo   Get SSL Certificate Information
  --whois     Get Whois Lookup
  --crawl     Crawl Target Website
  --full      Get Full Analysis, Test All Available Options

# Check headers

python3 finalrecon.py --headers <url>

# Check ssl Certificate

python3 finalrecon.py --sslinfo <url>

# Check whois Information

python3 finalrecon.py --whois <url>

# Crawl Target

python3 finalrecon.py --crawl <url>

# full scan

python3 finalrecon.py --full <url>

Download FinalRecon

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview