Hackazon - A Modern Vulnerable Web App

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and testing ground for IT security professionals. And, it’s full of your favorite vulnerabilities like SQL Injection, cross-site scripting and so on.

Today’s web and mobile applications as well as web services have a host of new technologies that are not being adequately tested for security vulnerabilities. It is critical for IT security professionals to have a vulnerable web application to use for testing the effectiveness of their tools and for honing their skills.

Hackazon enables users to configure each area of the application in order to change the vulnerability landscape to prevent “known vuln testing” or any other form of ‘cheating.’ Since the application includes RESTful interfaces that power AJAX functionality and mobile clients (JSON, XML, GwT, and AMF), users will need to the latest application security testing tools and techniques to discover all the vulnerabilities. Hackazon also requires detailed testing of strict workflows, like shopping carts,that are commonly used in business applications. to the latest application security testing tools and techniques to discover all the vulnerabilities. Hackazon also requires detailed testing of strict workflows, like shopping carts,that are commonly used in business applications.

Features

• REST Support - http://www.w3.org/2001/sw/wiki/REST
• GWT Support - http://www.gwtproject.org
• AJAX and Standard HTTP Requests are Supported

Technical Details

• PHP Version – 5.4
• PHP Framework – http://phpixie.com/
• JS – http://jquery.com/ & http://knockoutjs.com/
• CSS – http://getbootstrap.com/
• DB – MySQL 5.5 with InnoDB Support
• Web Server – Apache 2.0

Additional Information

• Wiki
• CyberSecology Blog: Hackazon Test Site Review

Installation

1. Checkout the code
2. Set DOCUMENT_ROOT directory to /web. Make sure that htaccess and REWRITE support is enabled.
3. Copy /assets/config/db.sample.php to /assets/config/db.php
4. Change settings for DB connection in the /assets/config/db.php
5. Open http://yoursitename/install

Code structure:

• ROOT
• assets
• classes
• database
• modules
• vendor
• web

Download Hackazon

Read More

Intercepting Proxy - The Pappy Proxy

The Pappy (Proxy Attack Proxy Proxy) Proxy is an intercepting proxy for performing web application security testing. Its features are often similar, or straight up rippoffs from Burp Suite. However, Burp Suite is neither open source nor a command line tool, thus making a proxy like Pappy inevitable. The project is still in its early stages, so there are bugs and only the bare minimum features, but it should be able to do some cool stuff soon


Installation

Pappy supports OS X and Linux (sorry Windows). Installation requires pip or some other command that can handle a setup.py with requirements. Once the requirements are installed, you can check that it installed correctly by running pappy -l to start the proxy.


$ git clone --recursive https://github.com/roglew/pappy-proxy.git
$ cd pappy-proxy
$ pip install.


Quickstart

Pappy projects take up an entire directory. Any generated scripts, exported responses, etc. will be placed in the current directory so it’s good to give your project a directory of its own. To start a project, do something like:

$ mkdir test_project
$ cd test_project 
$ pappy
Copying default config to directory
Proxy is listening on port 8000
itsPappyTime> exit
$ ls
data.db      project_config.json
$ 

And that’s it! The proxy will by default be running on port 8000 and bound to localhost . You can modify the port/interface in config.json. You can list all your intercepted requests with ls, view a full request with vfq <reqid> or view a full response with vfs <reqid>. Right now, the only command to delete requests is filter_prune which deletes all the requests that aren’t in the current context (look at the sections on the context/filter strings for more information on that).

Documentation

Download The Pappy Proxy

Read More

Documentary - DEFCON And Movie The Algorithm

If you have not seen , be sure to check these two great tips !
The documentary titled DEFCON : The Documentary , was launched in 2013 and focuses on the world of hacking conference, which celebrated its 20th anniversary in 2012. The film follows the four days of the twentieth edition of the conference, events and people ( participants and staff) , and covers the history and philosophy behind the success of DEFCON .

The movie ALGORITHM : The Hacker Movie , has as its protagonist a freelance computer hacker who breaks into a secret contractor of the US government and downloads a program. He then must choose between his own curiosity and the lives of your friends.



By OffensiveSec

Read More

Documentary Prohibited - BBC About The REDE ESGOTO (Globo)

A Rede Globo, também conhecida como Rede Bobo, Rede Lobo, Rede Glóbulo, Rede Esgoto, Rede GloBosta, GloBobagem, GloBobeira, Vênus Platinada e Toda Poderosa, é uma emissora de TV que é dos mesmos donos da Grécia e possui 99% das ações no Brasil, apesar de que todas as ações brasileiras são originadas dessa peste, além de possuírem propriedade patenteada da mente de cada Brasileiro.

Eles são quem fazem o Jornal Nacional, programa apresentadas por dois engomadinhos que ganham rios de dinheiro com mensagens subliminares.

São donos de outros países sem muita importância, como a Nicarágua, onde até pouco tempo atrás os chipanzés escritores de novelas eram amestrados, mas como esse foram substituídos por ratos de laboratório, a Nicarágua foi transformada em um camarim para o Faustão, visto que o seu antigo camarim ocupava todo o Projac.

Source: Internet

By OffensiveSec 

Read More

Well come to the planet earth

Well come to the planet earth

Este planeta é lindo! Mas não passa de um grande pasto para ovelhas e gados, que são controlados há muito tempo pelas mesmas linhagens sanguíneas de pastores ou donos da fazenda.

Devido à isso, pessoas evoluidas, mentalmente, psiquicamente, espiritualizadas de uma maneira sutil e sem doutrinas, mentes abertas e etc...

Estes não são bem vindos aqui são considerados divergentes e forças ocultas que aqui imperam, sempre dão um jeito de isolá-los, muitas vezes através de doenças mentais.

Em geral esses já nasceram despertos desde suas origens, vem aqui pagar penitência e com a missão de ajudar, em geral não conseguem, preferem observar e não se expor. 
Bem vindo a terra!

Source: Peter Fiuza.

By OffensiveSec

Read More

Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

- Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts.

- Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices.

- Data-mine popular social media websites and evade modern anti-virus.






By Offensive Sec

Read More

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.

This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG . We thank Compass for the nice collaboration and support during our bachelor thesis.

Features

The extension is divided in two parts. A SAML message editor and a certificate management tool.

Message Editor

Features of the SAML Raider message editor:

• Sign SAML Messages
• Sign SAML Assertions
• Remove Signatures
• Edit SAML Message
• Preview eight common XSW Attacks
• Execute eight common XSW Attacks
• Send certificate to SAMl Raider Certificate Management
• Undo all changes of a SAML Message
• Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile
• Supported Bindings: POST Binding, Redirect Binding, SOAP Binding

Certificate Management

Features of the SAML Raider Certificate Management:

• Import X.509 certificates (PEM and DER format)
• Import X.509 certificate chains
• Export X.509 certificates (PEM format)
• Delete imported X.509 certificates
• Display informations of X.509 certificates
• Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)
• Export private keys (traditional RSA Key PEM Format)
• Cloning X.509 certificates
• Cloning X.509 certificate chains
• Create new X.509 certificates
• Editing and self-sign existing X.509 certificates

Installation

Manual Installation

Start the Burp Suite and click at the Extender tab on Add . Choose the SAML Raider JAR file to install the extension.

Installation from BApp Store

The easy way to install SAML Raider is using the BApp Store. Open Burp and click in the Extender tab on the BApp Store tab. Select SAML Raider and hit the Install button to install our extension.
Don't forget to rate our extension with as many stars you like.

Usage

To test SAML environments more comfortable, you could add a intercept rule in the proxy settings. Add a new rule which checks if a Parameter Name SAMLResponse is in the request. We hope the usage of our extension is mostly self explaining.

Development

Build

Clone the repository and build the JAR file using Maven:

$ mvn install  

Use the JAR file in target/saml-raider-1.0-SNAPSHOT-jar-with-dependencies.jar as a Burp extension.

Run SAML Raider inside Eclipse

To start the Extension directly from Eclipse, import the Repository into Eclipse. Note that the Eclipse Maven Plugin m2e is required.
Place the Burp Suite JAR file into the lib folder and add the Burp JAR as a Library in the Eclipse Project ( Properties → Build Path → Libraries ).
Open the Burp JAR under Referenced Libraries in the Package Explorer and right click in the Package burp on StartBurp.class and select Run As... → Java Application to start Burp and load the Extension automatically.

Debug Mode

To enable the Debug Mode, set the DEBUG Flag in the Class Flags from the Package helpers to true . This will write all output to the SAMLRaiderDebug.log logfile and load example certificates for testing.

Test with fake SAML Response

To send a SAML Response to Burp, you can use the script samltest in the scripts/samltest directory. It sends the SAML Response from saml_response to Burp ( localhost:8080 ) and prints out the modified response from our plugin.

Download Samlraider

Read More

New World Order - Como a Nova Ordem Mundial quer nos eliminar.

COMO A NOVA ORDEM MUNDIAL QUER NOS ELIMINAR 

Rastros químicos no céu, vacinas, alimentos transgênicos e comida industrializada. Eis as armas da Nova Ordem Mundial para levar a cabo seu plano de redução populacional. 

O genocídio hoje, é muito mais discreto. A elite global faz com que sejamos nossos próprios carrascos. Veja neste vídeo a estratégia eugênica a que estamos sendo submetidos e como estamos nos comportando, exatamente como programado.


Source: Oculto Revelado

By OffensiveSec

Read More

Rogue Wi-Fi - Access Point Attack WiFi-Pumpkin

WiFi-Pumpkin is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snooping on the traffic. can be used to capture of credentials of unsuspecting users by either snooping the communication by phishing.


Installation

 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 chmod +x installer.sh

 ./installer.sh --install


Features

º Rouge Wi-Fi Access Point
º Deauth Clients AP
º Probe Request Monitor
º DHCP Starvation Attack
º Crendentials Monitor
º Windows Update Attack
º Templates phishing
º Partial bypass HSTS
º Dump credentials phishing
º Support airodump scan
º Support mkd3 deauth
º beef hook support
º Report Logs html
º Mac Changer
º ARP Posion
º DNS Spoof

Plugins

º net-creds
º dns2proxy
º sslstrip

     Download WiFi-Pumpkin

Read More