Pompem - Exploit and Vulnerability Finder

Pompem is an open source tool that is designed to automate the search for exploit and vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database. See instruction below on how to use Pompem.

1. git clone https://github.com/rfunix/Pompem.git

2. cd Pompem 

3. pip install -r requirements.txt

4. python2 pompem.py 

5. Example of how to use:

python2 pompem.py -s Wordpress

python2 pompem.py -s Joomla --html

python2 pompem.py -s "Internet Explorer,joomla,wordpress" --html

python2 pompem.py -s FortiGate --txt

python2 pompem.py -s ssh,ftp,mysql

Read More

Becoming a hacker or penetration tester

Introduction

Hi and welcome newbie hackers. A lot of people has asked me "How can I become a hacker". So today I am going to put together a post answering this question for many of you guys out there who do not know how to start. There are a lot of ways to become "a hacker", penetration tester, or security professional, or whatever you want to call it at the end of the day you are using your skill to gain access into a system such as a computer, a software, or hardware so to me its all boiled down to hacking. Different people have different names for hacking because it is related to ethics. For example, Blackhat hackers are the people who hack into systems without permission in order to gain benefit for themselves such as money. Whitehat hackers who are also known as penetration testers are the one who has permission to gain access into a system. Whitehat hackers are also known as "Ethical Hackers". Lastly we have Greyhat hacker who is kind of in between. Greyhat hacker hacks into a system without authorization but they don't do it to steal or gain any benefits from it, they hack simply to either have fun doing it or did it so they can report the flaw.

To learn how to hack you must have the desire to know how something works. For example, if you want to hack into someone's computer you must understand the type of operating system they are running, the application they have installed on their computer and the version of those applications. And to obtain this information you must know how to perform reconnaissance which is the information gathering stage. Information gather is the most important stage during penetration testing because it gives you an idea of how to approach the system. If you have no idea what the system is running or the type of applications it has it will be extremely hard to find out the kind of vulnerabilities it has, and if you don't know the type of vulnerabilities the system has it will be almost impossible to hack it. Another thing you must understand is networking, so if you are new to networking I recommend taking some courses in networking before diving into hacking because without knowing at least what is an IP address, a MAC address, protocol rules, firewall, operating system, port number etc. it is extremely difficult to hack anything.

What hacking is:

It is also extremely important that you know what hacking is. Hacking is using methods, and tools, in order to steal a personal identity and hopefully be able to access whatever it is that you are trying to access that, belongs to that person in which you are trying to hack. Personal identity can include username, password, social security number, pin, account number, etc.

What hacking is not:

Hacking is NOT recovery, and what I mean by that is you cannot use hacking as a way to recover a lost account such as Facebook, Email, etc. Although there are some circumstances where recovery can be used to obtain the password but even that is very difficult these days because there is simply too much verification processes a person must go through in order to obtain the password. But even if the attacker is able to recover the password, he must go through the information gathering stage in order to find out the flaw in the recovery process. You should never use hacking as a way to recover a lost account because a lost account does not have enough information to even begin hacking. For example, if I am trying to get back into my Facebook account and I lost the email, phone number and the password, it is next to IMPOSSIBLE to get it back and I cannot attempt to hack my own account because I do not have the required information. Some people asked me to hack their account and get it back for them and when I ask them for the email they say they don't know it. That is like saying "I want to go back to my country but I don't know where I came from", which makes absolutely no sense.

Five phases of hacking:

There are five phases of hacking which is extremely important to understand for anyone that wants to become a hacker.

• Reconnaissance
• Scanning
• Gaining Access
• Maintaining Access
• Covering Tracks

Reconnaissance - This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Address Range, Network, DNS records, etc.

Scanning - It involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attacks such as computer names, IP addresses, and user accounts.

Gaining Access - After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Phase 1 and Phase 2. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. Examples include stack-based buffer overflows, denial of service (DoS), and session hijacking. These topics will be discussed in later chapters. Gaining access is known in the hacker world as owning the system.

Maintaining Access - Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.

Covering Tracks - Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.

Ask the right question to get the right answer

When seeking help, it is important to ask the right question before you can get the right answer and what I meant by this is some people ask me "How do I hack Facebook" well, you cannot hack Facebook, at least not with available information on the Internet and plus it would not be very smart to attack Facebook directly just to get one person's account besides, Facebook doesn't spend millions of dollars into security so that you can hack it using available information and tools on the Internet. So instead of asking "How do I hack Facebook" try asking "What kind of methods or tools can I use to hack someone's Facebook account".

Now that you have an idea on how to become a hacker you can start from the beginning and pick up some books or course in different technology topics. I recommend starting out with understanding the ins and outs of Microsoft Windows, then move into Linux and Mac. After you understand the foundation of the operating systems and how each work, start studying networking, and the Linux command line. Once you understand Linux command line you can start using Kali to perform simple hacks and move on to the more advanced stuff like scripting and exploit development.

Read More

Imago - Image Forensics

Imago is an image forensics tool that allows the user to extract information about an image. This tool works well if you have a lot of images and need to compare them to each other. Imago allows you to extract the evidence into a CSV file or in an SQLite database. If in a JPEG EXIF are present GPS coordinates, Imago can extract the longitude and latitude and it can convert them to degrees and to retrieve relevant information like city, nation, zip code. Imago offers also the possibility to calculate Error Level Analysis and to detect nudity these functionalities are in BETA.

How to use Imago:

1. Open a terminal and type in pip install imago

2. imago

3. imago -i /root/Desktop -o /root/Desktop/ -x -s -t jpeg -d all

where:

-i /root/Desktop - is the base directory, where Imago will search for files

-o /root/Desktop - the output directory where Imago will save the CSV file, with the extracted metadata

-x - Imago will extract EXIF metadata.

-s - the temporary SQLite database will not be deleted after the processing.

-t jpeg - imago will search only for jpeg images.

-d all - imago will calculate md5, sha256, sha512 for the jpeg images.

Read More

Ghidra Software Reverse Engineering Framework

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of process instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra plug-in components and/or scripts using Java or Python.

In support of NSA's Cybersecurity mission, Ghidra was built to solve scaling and teaming problems on complex SRE efforts, and to provide a customizable and extensible SRE research platform. NSA has applied Ghidra SRE capabilities to a variety of problems that involve analyzing malicious code and generating deep insights for SRE analysts who seek a better understanding of potential vulnerabilities in networks and systems.

Download Ghidra

Read More

Th3inspector - Information Gathering Tool

Th3inspector is an information gathering tool that can be used to quickly gather information about a website or domain. This tool is useful for preparing attacks on a website by obtaining the IP address, the location of the server, email address, who owns the domain etc.

To run Th3inspector follow the instruction below.

1. Turn on your Kali machine, open a terminal and execute the following command

git clone https://github.com/Moham3dRiahi/Th3inspector.git

2. cd Th3inspector

3. chmod +x install.sh &&./install

4. Th3inspector

5. Now just type in the number next to the option you wish to use and press Enter. Now type in the URL of the website and press Enter and Th3inspector will start gathering information on that domain.

Read More

Hacking WiFi Network with Fluxion

Fluxion is a WiFi tool that allows you to crack or phish for WiFi password. See instruction below on how to install and run it.

1. Turn on your Kali machine, open a terminal and execute the following command:

git clone https://github.com/wi-fi-analyzer/fluxion.git

2. cd fluxion

3. bash fluxion.sh

4. If you see a list of Not installed items just go ahead and install it by using the apt-get command. (See below)

apt-get install isc-dhcp-server
apt-get install hostapd
apt-get install lighttpd
apt-get install php-cgi

 5. Once you are done with installing all 4 of the packages on step 4, you can restart Fluxion with the command bash fluxion.sh and it should work. 

6. From here just follow the on-screen instruction to start hacking WiFi network.

Read More

SocialBox

SocialBox is a bruteforce attack framework that aims to bruteforce social media accounts such as Facebook, Twitter, Gmail, and Instagram. In order to use this tool, you must have a dictionary word list. You can generate your own wordlist by using Kali Crunch tool or you can download one simply by searching for one on torrent site. To start using SocialBox follow the instruction below.

1. Turn on your Kali machine, open a terminal and execute the following command.

git clone https://github.com/TunisianEagles/SocialBox.git

2. cd SocialBox

3. chmod +x SocialBox.sh

4. bash SocialBox.sh

5. Now pick an option. For this example, I will go with option 1 which is Facebook. Then I will type in the email to my Facebook account. On the next line, I will specify the path to my dictionary word list. Now press Enter and watch SocialBox bruteforce the account.

Read More

Searching for CCTV Camera in Termux

1. Open your Termux app and execute the following command

git clone https://github.com/kancotdiq/ipcs

2. Now type in cd ipcs to change the directory to the ipcs directory

3. Now give yourself execute permission by typing in chmod +x scan.py and press Enter

4. Now we can run the tool by typing in python2 scan.py and press Enter

5. Now choose the country you wish to search for the cameras. Type in the number next to the country and press Enter

6. Now type in any number that is less than or equal to the number that is displayed for List page. For example, if your List page is 877 you can type in 877 or any number that is less. After that just press Enter and if there is any CCTV camera available it will display the IP address and the port number to access that camera.

7. Now type open a browser and type in the IP address with the port number shown on your phone and you will be able to access the camera.

Note that this is not a hacking tool, it only helps you to locate some of these CCTV cameras throughout the world. Some of these cameras required username and password to log in and some of them do not. However, with this tool, you can at least know how to locate the cameras and if you are creative, you can use other tools to obtain the username and password.

Read More

Tracking people with Trape

Trape is a tool that you can use to track people activity online. This tool can also be used to perform a phishing attack and steal credential or combine this tool with Metasploit to inject a payload into the victim's computer by generating a payload with Metasploit and use this tool to send the executable file to the victim's computer so it can be executed.

To run Trape follow the instruction below.

1. Turn on your Kali machine, open a terminal and execute the following command

git clone https://github.com/boxug/trape.git

2. cd trape

3. python trape.py -h OR python trape.py

Note: After you execute this command and the system is giving an error try this executing this command:

pip install -r requirements.txt. Let it finish its thing and you should be able to run Trape again. Trape might ask you to register an account with ngrok, if it does go ahead and do that. After you are done with registering an account with ngrok get the key and put it into Trape. After that, you will also need to get a Google maps API key. This is completely optional if you want to track the victim's laptop location using Google Maps, but if you don't want that information then you don't have to get it.

Also, note that if you are using the python trape.py -h you will see a screen like below

And if you use the command python trape.py you will see a screen like this

Whatever command you decided to use in the end, it all works the same. I preferred using the command python trape.py simply because the tool will tell me exactly what I need to put in.

Now if you are using the command without the -h all you have to do is follow the on-screen instruction to start attacking. But if you are using the command python trape.py -h than you will have to follow the usage command to setup Trape to work the way you want.

Example: python trape.py -u www.google.com -p 80 where www.google.com can be any website you want and 80 can be any port number you want, I just decided to choose Google and port 80 for this tutorial.

After you are done setting up your URL and port number, Trape will give you a link to send to the victim, a link for you to access the control panel and an Access key which you will need to copy and paste into the password box at the control panel login page to access the control panel.

Use your Access Key at the screen like the one below and click SIGN IN

From here all you have to do is wait for the victim to click on your link and you can use the control panel to track his or her computer.

If you are still confused about anything above just watch the video below. 

Read More

BlackEye - Social Engineering Tool

BlackEye is a Social Engineering tool with 30 different built-in templates you can use. Follow the instruction below to start using BlackEye

1. Turn on your Kali machine

2. Open a terminal and type in the following command

git clone https://github.com/thelinuxchoice/blackeye

3. cd blackeye

4. bash blackeye.sh

5. Once you opened the tool, just follow the on-screen instruction to use it.

Note: If you want to use this over WAN or the Internet you must setup port forwarding. You can learn that here

Read More

Hijacker

Hijacker is an all in one WiFi hacking tool made for Android. Your Android device must meet all of the requirement below in order to run this App successfully.

1. Your device must have Android 5.0 or above 

2. Your device must be rooted, meaning it must have SuperSU installed

3. You must have a firmware that supports Monitor Mode for your wireless card.

Once your device met all of the requirement above, use the link below to download the Hijacker APK file and install it on to your Android device and you can start cracking WiFi with your phone or tablet.

Click here to download the APK file.

Read More