A tool to help identify hash types

Have you ever gotten password hashes and didn’t know what hashing algorithm generated it? There is now an open-source tool to help cyber security professionals to identify hashes called “Name That Hash.” It supports the identification of over 3000 hash formats.

Links

Tool Release: SSHPry v2.0

Blackhat Ethical Hacking released an update to their open-source tool called SSHPry. SSHPry is a tool that allows users to “Spy & Control on SSH Connected client’s TTY” This version added multiple features:

    1. Control of target’s TTY
    2. Built-In Keylogger
    3. Console-Level phishing
    4. Record & Replay previous sessions

Links

New release of Responder supports being a rouge WinRM server

Everyone’s favorite MitM tool for exploiting Windows network just got updated so it can act as a rogue Windows Remote Management (WinRM) to capture admin network credentials. The latest and greatest version now has these features:

    1. Built-in WinRM Auth server (new!)
    2. Built-in SMB Auth server.
    3. Built-in MSSQL Auth server.
    4. Built-in HTTP Auth server.
    5. Built-in HTTPS Auth server.
    6. Built-in LDAP Auth server.
    7. Built-in DCE-RPC Auth server.
    8. Built-in FTP, POP3, IMAP, SMTP Auth servers.
    9. Built-in DNS server.
    10. Built-in WPAD Proxy Server.
    11. Browser Listener
    12. Fingerprinting
    13. ICMP Redirect
    14. Rogue DHCP

Links

Ncap 1.30 Officially Released

The Nmap Project is pleased to release Npcap Version 1.30 at
https://npcap.org. We hope Nmap and Wireshark users will be especially
happy with the raw WiFi improvements, since you tend to be particularly
savvy about low-level network inspection. It turns out that some of the
issues we thought were caused by lower level hardware drivers were actually
bugs in our driver. Oops! But at least that means we can fix them
ourselves, and we did. This release also includes substantial performance
improvements, especially for applications which repeatedly call
pcap_findalldevs(). That has been a sore point in the past, so Dan Miller
went in and restructured the whole system for better performance. Wireshark
starts up noticeably faster. Memory allocations were also optimized by
replacing GlobalAlloc() calls with the modern HeapAlloc() system. You can
read about all the improvements in this and previous Npcap releases at
https://npcap.org/changelog.

Links

Popular Adblocker extension found to be malicious

Nano Adblocker and Nano Defender is installed in 300,000 web browsers was abandoned by it’s author Hugo Xu because he lacked time to maintain it.  The new authors, according to uBlock Origin developer Raymond Hill, introduced malicious code that will “…surreptitiously upload your browsing data in a remotely configurable way. Remotely configurable means that there was no need to update the extensions to modify the list of websites whose data would be stolen. In fact, the list of websites is unknown at this time as it was remotely configured. There are many reports of users’ Instagram accounts being affected, however.

Link: