Tsunami: Google publishes a modular security scanning framework

The folks over at Google have recently open sourced a modular security scanning framework called Tsunami. Right now it uses nmap and ncrack as it’s core underlying tools, but they built it in a modular fashion that makes integrating other tools easier and they also are focused on having no false positives which tends to be the Achilles’ heel of most vulnerability scanners.

Links:

Two SDR dedicated Linux distros

I guess one of the benefits of being on lockdown is that security engineers have a lot of free time on their hands to create new Linux distributions and in this case there are two new Linux distros that have been developed focusing on software defined radios.

    • DragonOS – DragonOS LTS an out-of-the-box Lubuntu 18.04 based x86_64 operating system for anyone interested in software defined radios. All source installed software is located in the /usr/src directory while the remaining software was installed by package managers. This is a brief summary of the software included, while not complete, it covers the bigger named packages and some of the drivers installed for the various supported SDRs such as the HackRF One, RTL-SDR, and LimeSDR. This distro includes the following SDR related tools: Universal Radio Hacker, GNU Radio, Aircrack-ng, GQRX, Kalibrate-hackrf, wireshare, gr-gsm, rtl-sdr, HackRF, IMSI-catcher, Zenmap, inspectrum, qspectrumanalyzer, LTE-Cell-Scanner, CubicSDR, Limesuite, ShinySDR, SDRAngel, SDRTrunk, Kismet, BladeRF
    • Gorizont-rtlsdr – This distribution contains only RTL2832U chipset family rtl_sdr drivers and modules, and concentrates on providing terrestial HF/VHF/UHF signal processing and portable DAB+ reception with the cheapest and most available equipment. No other devices are supported. This distribution is intended for experimentation and legal listening purposes only. NOTE: No TETRA or similar trunked system decoders are included in this distribution for legal reasons.

Microsoft Windows Subsystem for Linux 2

In May of 2019 Microsoft (MS) released a major update for Windows Subsystem for Linux (WSL). The original WSL used parts of Hyper-V to run a full on Linux distro, such as Ubuntu or Kali. This May MS released WSL 2 which greatly enhanced both the capabilities and speed of this subsystem. They haven’t really publicized it’s release very well which is why I’m making a post to promote it. Next time you play a CTF instead of using a Kali VM try out WSL 2 with Kali installed!

Links:

FireEye’s Commando VM: The first offensive Windows distro

At first I could only laugh at the fact that someone had bothered making a Windows pentesting distribution, but upon closer inspection it is well suited for taking advantage of the Windows Remote Management (WinRM) capabilities that are shipping with all modern day Windows distributions. This means you can remotely control any Windows machine in the domain if you have the right credentials. Since Microsoft introduced Windows Subsystem for Linux v2 (WSL2) you now have the ability to run Kali on a Windows system, but it still has issues interfacing with proprietary Windows protocols like what WinRM uses. It includes core tools such as Covenant, nmap, Wireshark, etc. I will post the GitHub link to the Hacker Tools page.

Links:

New MitM Framework: Xerosploit

This is a script built on top of nmap and Bettercap that allows for new modules to be written in Ruby. It comes with the ability to modify HTML over the wire to inject malicious JavaScript, an iframe, or other forms of client-side web attacks. It also emulates the Metasploit interface to make it easier for pentesters to learn this tool. I have also put this on the Hacker Tools page as well.

Links:

HomePwn – Swiss Army Knife for Pentesting of IoT Devices

I just found a new Internet of Things (IoT) testing framework called HomePwn. It boasts the following features:

    • Bluetooth Low-Energy (BLE)
    • WiFi
    • Near Field Communication (NFC)
    • Simple Service Discovery Protocol (SSDP)
    • Multicast Domain Name System (MDNS)
    • Xiaomi device support
    • SmartTV support
    • Metasploit-like command line interface

Here’s a link to the GitHub repo and I have also put this tool on the Hacker Tools page as well: http://bit.ly/378i0z1