Category: Penetration Testing

All about Penetration Testing!

OSINT

A Swiss Army Knife for OSINT

Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. What Belati can do? Whois(Indonesian TLD Support) Banner Grabbing Subdomain Enumeration Service Scanning for all Subdomain Machine Web Appalyzer Support DNS mapping / Zone Scanning Mail Harvester from Website & Search Engine Mail Harvester from MIT PGP …

Burp, Penetration Testing

Stunnel and Burp Pro

Stunnel Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs’ code. Its architecture is optimized for security, portability, and scalability (including load-balancing), making it suitable for large deployments. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled …

C/C++, Hacking, Post-Exploitation, RedTeaming

HTTP – Get the external IP address in C

The following code snippets is from Post-recon project. This project is a work in progress. Please visit GitHub for the full source code, in this post I will just point out the most interesting parts. Get Public IP address (HTTP)   {…}   #define PUBLIC_IP_URL "http://ipecho.net/plain"   {…}   int LibCurl::GetPublicIPv4Address(char **ip, const char *userAgent, …

C/C++, Hacking, Post-Exploitation, Programming

Generating a unique machine id

The following code snippets is from Post-recon project. This project is a work in progress. You can check Github for the full source code, here I will just point out the most interesting parts. Current source code Generate computer unique ID Architecture Windows OS version Cpu Gpu is admin? MotherBoard Chassis Type Username PC name …

Penetration Testing

Debugging Telegram

Debug Mode To enable debug mode, type debugmode in the settings page of Telegram desktop and confirm it. Log files * /home/username/.TelegramDesktop/log.txt * /home/user/.TelegramDesktop/DebugLogs/tcp_xx_xx.txt * /home/user/.TelegramDesktop/DebugLogs/mtp_xx_xx.txt * /home/user/.TelegramDesktop/DebugLogs/log_xx_xx.txt To disable the debug mode, type in debugmode again. Burp Proxy Intercept * Open Telegram settings -> Advanced settings -> Connection type -> HTTP with custom http-proxy. …

OWASP, Penetration Testing

OWASP Secure Headers

OWASP Secure Headers Project involves setting headers from the server is easy and often doesn’t require any code changes. Once set, they can restrict modern browsers from running into easily preventable vulnerabilities. OWASP Secure Headers Project intends to raise awareness and use of these headers. – https://www.owasp.org/index.php/OWASP_Secure_Headers_Project Response Headers * HTTP Strict Transport Security (HSTS) …

Penetration Testing

Exploits – Advisories

Offensive Security’s Exploit Database Archive The Exploit Database – ultimate archive of Exploits, Shellcode, and Security Papers. Packet Storm Security Exploits and Advisories A list of exploits, advisories, tools and more. Securityfocus Vulnerabilities Search for vulnerabilities. National Vulnerability Database NVD is the U.S. government repository of standards based vulnerability management data represented using the Security …

OSINT

OSINT – Part 3

Information gathering types Passive During passive information gathering you should never send any type of traffic directly to the target. Passive I.G. allows the greatest amount of anonymity. Active During active information gathering you are sending requests to remote services and receiving responses based on the service type. This method includes, but is not limited …

OSINT

OSINT – Github Dorks

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of Github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pentesting of systems. GitHub …