Lucene search
K

812 matches found

Kitploit
Kitploit
added 2020/12/03 11:30 a.m.62 views

JSFScan.sh - Automation For Javascript Recon In Bug Bounty

Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your...

7.5AI score
Exploits0References1
The Hacker News
The Hacker News
added 2020/12/02 12:8 p.m.39 views

Experts Uncover 'Crutch' Russian Malware Used in APT Attacks for 5 Years

Cybersecurity researchers today took the wraps off a previously undocumented backdoor and document stealer that has been deployed against specific targets from 2015 to early 2020. Codenamed "Crutch" by ESET researchers, the malware has been attributed to Turla aka Venomous Bear or Snake, a...

7.3AI score
Exploits0
FireEye
FireEye
added 2020/11/19 12:0 a.m.382 views

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

7.1AI score
Exploits0References16
Kitploit
Kitploit
added 2020/11/15 11:30 a.m.69 views

FinalRecon v1.1.0 - The Last Web Recon Tool You'll Need

FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping...

7AI score
Exploits0References1
ICS
ICS
added 2020/11/03 12:0 p.m.22 views

Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure...

10AI score
Exploits0References41
The Hacker News
The Hacker News
added 2020/11/03 11:49 a.m.29 views

New Kimsuky Module Makes North Korean Spyware More Powerful

A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" aka Black Banshee or Thallium and believed to be...

Exploits0
Kitploit
Kitploit
added 2020/11/02 11:30 a.m.33 views

PowerZure - PowerShell Framework To Assess Azure Security

For a list of functions, their usage, and more, check outhttps://powerzure.readthedocs.io What is PowerZure? PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both...

7.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/10/29 9:15 p.m.45 views

Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals

The boozy names might sound like the kind of thing conjured up in a frat-house common room, but malware families Kegtap, Singlemalt and Winekey are being used to gain initial network access in potentially lethal ransomware attacks on healthcare organizations in the midst of a global pandemic,...

0.2AI score
Exploits0References14
Microsoft Secure
Microsoft Secure
added 2020/10/12 11:0 a.m.49 views

Trickbot disrupted

As announced today, Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations. Microsoft worked with telecommunications providers around the world to disrupt key Trickbot infrastructure. As a result, operators will no longer be able to use...

8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/10/06 4:54 p.m.21 views

DDoS Attacks Grow More Sophisticated as Imperva Mitigates Largest Attack

Only a few months ago Imperva reported mitigating against two of the largest DDoS attacks of 2020. However, in the past few weeks we’ve observed a rise in the number of DDoS attacks against our customers where both the volume of attacks and their level of intensity have increased significantly. O...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/10/03 11:30 a.m.28 views

Asnap - Tool To Render Recon Phase Easier By Providing Updated Data About Which Companies Owns Which Ipv4 Or Ipv6 Addresses

Asnap aims to render recon phase easier by providing regularly updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning. █████╗ ███████╗███╗ ██╗ █████╗ ██████╗ ██╔══██╗██╔════╝████╗ ██║██╔══██╗██╔══██╗...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2020/09/28 8:30 p.m.55 views

NERVE - Network Exploitation, Reconnaissance & Vulnerability Engine

NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services. It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans, and operates in black-box mode...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/09/24 8:47 p.m.303 views

Feds Hit with Successful Cyberattack, Data Stolen

A federal agency has suffered a successful espionage-related cyberattack that led to a backdoor and multistage malware being dropped on its network. The U.S. Cybersecurity and Infrastructure Security Agency CISA issued an alert on Thursday, not naming the agency but providing technical details of...

7.5CVSS2AI score0.99999EPSS
Exploits22References3
ThreatPost
ThreatPost
added 2020/09/02 10:0 a.m.56 views

China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks

A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher. Researchers discovered the new malware being distributed over the past six months through two separate campaigns. The first, in March, targeted...

0.2AI score
Exploits0References16
Kitploit
Kitploit
added 2020/09/01 9:30 p.m.5445 views

Killchain - A Unified Console To Perform The "Kill Chain" Stages Of Attacks

What is “Kill Chain”? From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target. Reconnaissance...

7.4AI score
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2020/08/27 4:0 p.m.31 views

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe the affected network’s...

0.7AI score
Exploits0
Kitploit
Kitploit
added 2020/08/09 12:30 p.m.113 views

Evine - Interactive CLI Web Crawler

Evine is a simple, fast, and interactive web crawler and web scraper written in Golang. Evine is useful for a wide range of purposes such as metadata and data extraction, data mining, reconnaissance and testing. Follow the project on Twitter. Install From Binary Pre-build binary releases are also...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2020/07/28 12:30 p.m.26 views

Intelspy - Perform Automated Network Reconnaissance Scans

Perform automated network reconnaissance scans to gather network intelligence. IntelSpy is a multi-threaded network intelligence spy tool which performs automated enumeration of network services. It performs live hosts detection scans, port scans, services enumeration scans, web content scans,...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/07/27 12:30 p.m.141 views

HawkScan - Security Tool For Reconnaissance And Information Gathering On A Website

Security Tool for Reconnaissance and Information Gathering on a website. python 2.x & 3.x This script use "WafW00f" to detect the WAF in the first step https://github.com/EnableSecurity/wafw00f This script use "Sublist3r" to scan subdomains https://github.com/aboul3la/Sublist3r This script use...

7.4AI score
Exploits0References5
Kitploit
Kitploit
added 2020/07/26 1:0 p.m.28 views

reNgine - An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in...

6.9AI score
Exploits0References11
Rows per page
Query Builder