The folks that run the website RTL-SDR have a comprehensive list of all the software defined radio (SDR) software, both commercial and free. That list can be found here:
I’ve decided to centralize the default password lists for multiple vendors. I’m making this a sticky post and will update this list when as I find these types of sites:
* http://bit.ly/2S6SToW – NETGEAR Default Password List
* http://bit.ly/2S37j9u – Linksys Default Password List
* http://bit.ly/2S3gPJV – D-Link Default Password List
* http://bit.ly/2S8KWzJ – Cisco Default Password List
* http://bit.ly/2S37FwQ – Default Router Usernames and Passwords (multiple vendors)
* http://bit.ly/2HrgT3O – Telnet, MySQL and other Linux and Windows service passwords courtesy of n0tazombie.
I have identified the following CTF labs which are 24/7 and most if not all are free:
- 24/7 CTF: https://247ctf.com/ (Added 11/7/2019)
- Immersive Labs: https://immersivelabs.online
- pwnable.xyz (good for people new to CTF): https://pwnable.xyz/
- 365 CSAW: https://365.csaw.io
- CTF101: https://ctf101.org/
- Shellter Hacking Express: https://shellterlabs.com/en/contests/
- Backdoor: https://backdoor.sdslabs.co/
- ShellWePlayAGame?: https://shellweplayagame.org/
- RootMe: https://www.root-me.org/?lang=en
- OverTheWire: https://overthewire.org/wargames/
- Virginia Cyber Range: https://portal.virginiacyberrange.net/
- Hack The Box: https://www.hackthebox.eu/
- FuzzyLand: https://fuzzy.land/
- Hacking Lab: https://www.hacking-lab.com/index.html
To everyone that made me aware of these thank you!
While I was on Twitter the other day I stumbled across a new malware scanner for Windows executables. It looks through the various sections looking for known signatures, checks the hashes with VirusTotal, does entropy checks on the sections, pulls out strings of interest such as paths, registry keys, imports, etc. I will also add this tool the the “Hacker Tools” page.
GitHub Link: http://bit.ly/36saRtf
I found an article posted to Twitter regarding a new technique for how to inject Meterpreter directly into memory and will bypass Windows Defender. Windows Defender has been slowly upping their game over the past year and previous techniques that did work have stopped working with Windows Defender.
Link to the article: http://bit.ly/38wuAtq
Black Hills Information Security just published a great blog post for anyone interested in software defined radios (SDRs). It links to other tutorials that he found while working with a car key fob and how he used GNU Radio paired with a HackRF One to capture and replay the signal back to the receiver. This is a good read for anyone interested in doing working with SDRs.
BHIS Blog Post: http://bit.ly/3467czI
Many of you are probably already familiar with what Responder does. It takes advantages of protocols such as LLMNR to spoof responses to Windows auto proxy discovery. Black Hills Information Security has just published a blog post on how to disable LLMNR. This protocol has no security, is a broadcast layer 2 protocol and was designed to be used for DNS resolution when there is no DNS server in the network. Nice right? It is also how Windows performs it’s proxy discovery since Windows Vista and it can be spoofed from any node on the broadcast domain. This has been used by hackers to send the user to a proxy server they control to steal user credentials for websites such as online banking and also exploit the browser itself.
BHIS Blog Post: http://bit.ly/2RHtBAZ
You can read more about China’s “Great Cannon” here: http://bit.ly/34awInD
Offensive Security, the company that is behind Kali Linux, has just released a new version of Kali Linux they are calling 2019.4. This recent release includes the usual updates to their tools, changes the default window manage from Gnome to XFCE, inclusion of PowerShell for Linux and other minor tweaks but it also has a new mode that was introduced that they are calling “UnderCover Mode” which changes the Kali desktop to look like Windows 10. This is great if you are trying to do penetration testing in a public place or at the client facility.
Black Hills Information Security posted all the videos for their talks held at this years Wild West Hackin’ Fest.
You can find them here: http://bit.ly/2RnuChe
Black Hills Information Security just published an article with a lot of living off the land techniques for pentesting and red teaming. Turns out there is a lot you can do on modern day Windows systems such as decode Base64 data using “certutil.exe” and writing data to the clipboard using “clip.exe”.
Full BHIS article: http://bit.ly/32Y54JD
Finally some competition for recon-ng! This tool will collect and aggregate data from the following sources:
- Hosts/Ports using data from Spyse, Zoomeye and nmap.
- Subdomains using data from Sublist3r, FindSubDomains, Harvester and Findomain
- SSL Certificates using data from CertDB and cert.sh
- DNS using data from DnsDumpster and DNStable
- WHOIS using data from who.is, ASlookup and Domain Tools
- Email using data from Hunter
GitHub repo can be found here: http://bit.ly/2KAPjCj