Sign in to follow this
Followers
0
Exploits Tor Browser 7.0.8 Information Disclosure
By
1337day-Exploits, in Updated Exploits
-
Similar Content
-
By dEEpEst
Tool To Be Used: Harvester
Today we will learn about Information Gathering using theHarvester in Kali Linux. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client.
TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server.
This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use.
The sources supported are:
Google – emails, subdomains
Google profiles – Employee names
Bing search – emails, subdomains/hostnames, virtual hosts
Pgp servers – emails, subdomains/hostnames
LinkedIn – Employee names
Exalead – emails, subdomain/hostnames
New features:
Time delays between requests
XML results export
Search a domain in all sources
Virtual host verifier
Let’s get started,
If you are using Kali Linux, open the terminal and type theharvester
If not then it can be easily downloaded from here:
Hidden Content
Give reaction to this post to see the hidden content. Simply Download and extract it
Provide execute permission to: theHarvester.py by [chmod 755 theHavester.py]
Then simply run ./theharvester
You will see similar to this:
Here I am using kali linux.
Tutorial:
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. kalitorify
kalitorify is a shell script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network, the program also allows you to perform various checks like checking the Tor Exit Node (i.e. your public IP when you are under Tor proxy), or if Tor has been configured correctly.
What is Transparent Proxy through Tor?
A transparent proxy is an intermediary system that sits between a user and a content provider. When a user makes a request to a web server, the transparent proxy intercepts the request to perform various actions including caching, redirection, and authentication.
Changelog v1.26.2
Update data/torrc, Makefile
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. SpoolSploit
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
Summary
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine accoun
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Features
-> Create a hidden service
-> Generate non-staged payload (python/meterpreter_reverse_http)
-> Convert url using Tor2Web: a final extension .ws will be added, so url becomes available outside tor network
-> Generate batch .rc file for msfconsole
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
This script uses “WafW00f” to detect the WAF in the first step.
This script uses “Sublist3r” to scan subdomains.
This script uses “waybacktool” to check in the waybackmachine.
Features
URL fuzzing and dir/file detection
Test backup/old file on all the files found (index.php.bak, index.php~ …)
Check header information
Check DNS information
Check whois information
User-agent random or personal
Extract files
Keep a trace of the scan
Check @mail in the website and check if @mails leaked
CMS detection + version and vulns
Subdomain Checker
Backup system (if the script stopped, it take again in the same place)
WAF detection
Add personal prefix
Auto-update script
Auto or personal output of scan (scan.txt)
Check Github
Recursive dir/file
Scan with an authentication cookie
Option –profil to pass profil page during the scan
HTML report
Work it with py2 and py3
Add option rate-limit if the app is unstable (–timesleep)
Check-in waybackmachine
Response error to WAF
Check if DataBase firebaseio exist and accessible
Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30
Search S3 buckets in source code page
Testing bypass of waf if detected
Testing if it’s possible scanning with “localhost” host
Changelog v1.9
Fixed: Fixed percentage & line count bug during scan
Added: Display errors number in live during scan
Hidden Content
Give reaction to this post to see the hidden content.
-