Well come to the planet earth

Well come to the planet earth

Este planeta é lindo! Mas não passa de um grande pasto para ovelhas e gados, que são controlados há muito tempo pelas mesmas linhagens sanguíneas de pastores ou donos da fazenda.

Devido à isso, pessoas evoluidas, mentalmente, psiquicamente, espiritualizadas de uma maneira sutil e sem doutrinas, mentes abertas e etc...

Estes não são bem vindos aqui são considerados divergentes e forças ocultas que aqui imperam, sempre dão um jeito de isolá-los, muitas vezes através de doenças mentais.

Em geral esses já nasceram despertos desde suas origens, vem aqui pagar penitência e com a missão de ajudar, em geral não conseguem, preferem observar e não se expor. 
Bem vindo a terra!

Source: Peter Fiuza.

By OffensiveSec

Read More

Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

- Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts.

- Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices.

- Data-mine popular social media websites and evade modern anti-virus.






By Offensive Sec

Read More

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.

This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG . We thank Compass for the nice collaboration and support during our bachelor thesis.

Features

The extension is divided in two parts. A SAML message editor and a certificate management tool.

Message Editor

Features of the SAML Raider message editor:

• Sign SAML Messages
• Sign SAML Assertions
• Remove Signatures
• Edit SAML Message
• Preview eight common XSW Attacks
• Execute eight common XSW Attacks
• Send certificate to SAMl Raider Certificate Management
• Undo all changes of a SAML Message
• Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile
• Supported Bindings: POST Binding, Redirect Binding, SOAP Binding

Certificate Management

Features of the SAML Raider Certificate Management:

• Import X.509 certificates (PEM and DER format)
• Import X.509 certificate chains
• Export X.509 certificates (PEM format)
• Delete imported X.509 certificates
• Display informations of X.509 certificates
• Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)
• Export private keys (traditional RSA Key PEM Format)
• Cloning X.509 certificates
• Cloning X.509 certificate chains
• Create new X.509 certificates
• Editing and self-sign existing X.509 certificates

Installation

Manual Installation

Start the Burp Suite and click at the Extender tab on Add . Choose the SAML Raider JAR file to install the extension.

Installation from BApp Store

The easy way to install SAML Raider is using the BApp Store. Open Burp and click in the Extender tab on the BApp Store tab. Select SAML Raider and hit the Install button to install our extension.
Don't forget to rate our extension with as many stars you like.

Usage

To test SAML environments more comfortable, you could add a intercept rule in the proxy settings. Add a new rule which checks if a Parameter Name SAMLResponse is in the request. We hope the usage of our extension is mostly self explaining.

Development

Build

Clone the repository and build the JAR file using Maven:

$ mvn install  

Use the JAR file in target/saml-raider-1.0-SNAPSHOT-jar-with-dependencies.jar as a Burp extension.

Run SAML Raider inside Eclipse

To start the Extension directly from Eclipse, import the Repository into Eclipse. Note that the Eclipse Maven Plugin m2e is required.
Place the Burp Suite JAR file into the lib folder and add the Burp JAR as a Library in the Eclipse Project ( Properties → Build Path → Libraries ).
Open the Burp JAR under Referenced Libraries in the Package Explorer and right click in the Package burp on StartBurp.class and select Run As... → Java Application to start Burp and load the Extension automatically.

Debug Mode

To enable the Debug Mode, set the DEBUG Flag in the Class Flags from the Package helpers to true . This will write all output to the SAMLRaiderDebug.log logfile and load example certificates for testing.

Test with fake SAML Response

To send a SAML Response to Burp, you can use the script samltest in the scripts/samltest directory. It sends the SAML Response from saml_response to Burp ( localhost:8080 ) and prints out the modified response from our plugin.

Download Samlraider

Read More

New World Order - Como a Nova Ordem Mundial quer nos eliminar.

COMO A NOVA ORDEM MUNDIAL QUER NOS ELIMINAR 

Rastros químicos no céu, vacinas, alimentos transgênicos e comida industrializada. Eis as armas da Nova Ordem Mundial para levar a cabo seu plano de redução populacional. 

O genocídio hoje, é muito mais discreto. A elite global faz com que sejamos nossos próprios carrascos. Veja neste vídeo a estratégia eugênica a que estamos sendo submetidos e como estamos nos comportando, exatamente como programado.


Source: Oculto Revelado

By OffensiveSec

Read More

Rogue Wi-Fi - Access Point Attack WiFi-Pumpkin

WiFi-Pumpkin is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snooping on the traffic. can be used to capture of credentials of unsuspecting users by either snooping the communication by phishing.


Installation

 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 chmod +x installer.sh

 ./installer.sh --install


Features

º Rouge Wi-Fi Access Point
º Deauth Clients AP
º Probe Request Monitor
º DHCP Starvation Attack
º Crendentials Monitor
º Windows Update Attack
º Templates phishing
º Partial bypass HSTS
º Dump credentials phishing
º Support airodump scan
º Support mkd3 deauth
º beef hook support
º Report Logs html
º Mac Changer
º ARP Posion
º DNS Spoof

Plugins

º net-creds
º dns2proxy
º sslstrip

     Download WiFi-Pumpkin

Read More

Maltrail - Malicious Traffic Detection System

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. http://109.162.38.120/harsh02.exe for known malicious executable ) or IP address (e.g. 103.224.167.117 for known attacker). Also, it has (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).

The following (black)lists (i.e. feeds) are being utilized:

alienvault, autoshun, badips, bambenekconsultingc2,  bambenekconsultingdga, binarydefense, bitcoinnodes, blocklist,  botscout, bruteforceblocker, ciarmy, cruzit, cybercrimetracker,  dshielddns, dshieldip, emergingthreatsbot, emergingthreatscip,  emergingthreatsdns, feodotrackerdns, feodotrackerip, greensnow,  malwarepatrol, malwareurlsnormal, maxmind, myip, nothink,  openbl, openphish, palevotracker, proxylists, proxyrss,  proxy, riproxies, rutgers, sblam, snort, socksproxy,  sslipbl, sslproxies, torproject, torstatus, voipbl, vxvault,  zeustrackerdns, zeustrackerip, zeustrackermonitor, zeustrackerurl,  etc.  

As of static entries, the trails for the following malicious entities (e.g. malware C&Cs) have been manually included (from various AV reports):

alureon, android_stealer, angler, aridviper, axpergle,  babar, balamid, bamital, bankpatch, bedep, black_vine,  bubnix, carbanak, careto, casper, chewbacca, cleaver,  conficker, cosmicduke, couponarific, crilock, cryptolocker,  cryptowall, ctblocker, darkhotel, defru, desertfalcon,  destory, dorifel, dorkbot, dridex, dukes, dursg,  dyreza, emotet, equation, evilbunny, expiro, fakeran,  fareit, fbi_ransomware, fiexp, fignotok, fin4,  finfisher, gamarue, gauss, htran, jenxcus, kegotip,  kovter, lollipop, lotus_blossom, luckycat, mariposa,  miniduke, modpos, nbot, nettraveler, neurevt, nitol,  nonbolqu, nuqel, nwt, nymaim, palevo, pdfjsc, pift,  plugx, ponmocup, powelike, proslikefan, pushdo,  ransirac, redoctober, reveton, russian_doll, sality,  sathurbot, scieron, sefnit, shylock, siesta, simda,  sinkhole_1and1, sinkhole_abuse, sinkhole_blacklistthisdomain,  sinkhole_certpl, sinkhole_drweb, sinkhole_fbizeus,  sinkhole_fitsec, sinkhole_georgiatech, sinkhole_kaspersky,  sinkhole_microsoft, sinkhole_shadowserver, sinkhole_sinkdns,  sinkhole_zinkhole, skyper, smsfakesky, snake, snifula,  sofacy, stuxnet, teerac, teslacrypt, torpig,  torrentlocker, unruy, upatre, vawtrak, virut, vobfus,  volatile_cedar, vundo, waterbug, zeroaccess, zlob, etc.  

Architecture

Maltrail is based on the Sensor <-> Server <-> Client architecture. Sensor (s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "sniffs" the passing traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).

Server 's primary role is to store the event details and provide back-end support for the reporting web application. In default configuration, server and sensor will run on the same machine. So, to prevent potential disruptions in sensor activities, the front-end reporting part is based on the "Fat client" architecture (i.e. all data post-processing is being done inside the client's web browser instance). Events (i.e. log entries) for the chosen (24h) period are transferred to the Client , where the reporting web application is solely responsible for the presentation part. Data is sent toward the client in compressed chunks, where they are processed sequentially. The final report is created in a highly condensed form, practically allowing presentation of virtually unlimited number of events.
Note: Server component can be skipped altogether, and just use the standalone Sensor . In such case, all events would be stored in the local logging directory, while the log entries could be examined either manually or by some CSV reading application.

Quick start

The following set of commands should get your Maltrail Sensor up and running (out of the box with default settings and monitoring interface "any"):

sudo apt-get install python-pcapy  

git clone https://github.com/stamparm/maltrail.git  

cd maltrail  

sudo python sensor.py  

Download Maltrail

Read More

Winpayloads - Undetectable Windows Payload Generation

Undetectable Windows Payload Generation with extras Running on Python2.7

Getting Started

git clone https://github.com/Charliedean/Winpayloads
cd WinPayloads
sudo ./setup.sh
python WinPayloads.py

Menu

[1] Windows Reverse Shell(Stageless) [Shellter]
[2] Windows Reverse Meterpreter(Staged) [Shellter, UacBypass, Priv Esc Checks, Persistence]
[3] Windows Bind Meterpreter(Staged) [Shellter, UacBypass, Priv Esc Checks, Persistence]
[4] Windows Reverse Meterpreter(Raw Shellcode) [Base64 Encode]

Download Winpayloads

Read More

Kali Linux - Wireless Penetration Testing Beginner’s Guide

An updated version of BackTrack 5 Penetration Testing by Vivek Ramachandran. Right from the beginning, this book gives you what you need, without wasting time in unnecessary justifications. Instead of explaining only theoretical concepts, the book consists of finely tuned and crystal clear tutorials that can be easliy performed in Kali Linux. It provides a good mix of basics and high level knowledge and works cohesively with the reader.






By Offensive Sec

Read More

Metasploit - The Penetration Tester’s Guide

This book deals with Penetration Testing by making use of the open source Metasploit Framework testing. It is suitable for readers who have no prior knowledge of Metasploit. The tutorial-like style of the book makes you learn things by doing them.

The ending of the book provides you with an actual penetration test’s simulated version so as to provide you with a realistic experience.






By Offensive Sec

Read More