5 matches found
Your cloud? My cloud now
A true story on taking over a client’s Azure tenant via a successful phish. TL;DR A tempting phish got lots of users to disclose their passwords, and a lack of training resulted in the victims accepting the Microsoft push-based multi-factor authentication. This resulted in gaining access to Slack...
reNgine - An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in...
Sifter 7.4 - OSINT, Recon & Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...
Sifter - A OSINT, Recon And Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...
goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain
When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material. What this tool does, is enumerate S3 bucket names using common patterns I have identifi...