Termux ID: Distribution -->

    Social Items

Home / Distribution


Kali Linux 2017.3 released, which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable improvements:
In addition to the new kernel and all of the updates and fixes we pull from Debian, we have also updated our packages for Reaver, PixieWPS, Burp Suite, Cuckoo, The Social Engineering Toolkit, and more. Take a look at the Kali Changelog to see what else has been updated in this release, or read on to see what else is new.

New Tool Additions

Since our last release in September, we’ve added four new tools to the distribution, most of which focus on the always-lucrative open source information gathering. These new tools are not included in the default installation but after an ‘apt update’, you can check out and install the ones that interest you. We, of course, think they’re all interesting and hope you do as well.

InSpy

InSpy is a small but useful utility that performs enumeration on LinkedIn and can find people based on job title, company, or email address.
root@kali:~# apt update && apt -y install inspy
root@kali:~# inspy --empspy /usr/share/inspy/wordlists/title-list-large.txt google

InSpy 2.0.3

2017-11-14 14:04:47 53 Employees identified
2017-11-14 14:04:47 Birkan Cara Product Manager at Google
2017-11-14 14:04:47 Fuller Galipeau Google
2017-11-14 14:04:47 Catalina Alicia Esrat Account Executive at Google
2017-11-14 14:04:47 Coplan Pustell Recruiter at Google
2017-11-14 14:04:47 Kristin Suzanne Lead Recruiter at Google
2017-11-14 14:04:47 Baquero Jahan Executive Director at Google
2017-11-14 14:04:47 Jacquelline Bryan VP, Google and President of Google.org
2017-11-14 14:04:47 Icacan M. de Lange Executive Assistant at Google
...

CherryTree

The oft-requested CherryTree has now been added to Kali for all of your note-taking needs. CherryTree is very easy to use and will be familiar to you if you’ve used any of the “big-name” note organization applications.
root@kali:~# apt update && apt -y install cherrytree


Sublist3r

Sublist3r is a great application that enables you to enumerate subdomains across multiple sources at once. It has integrated the venerable SubBrute, allowing you to also brute force subdomains using a wordlist.
root@kali:~# apt update && apt -y install sublist3r
root@kali:~# sublist3r -d google.com -p 80 -e Bing

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la

[-] Enumerating subdomains now for google.com
[-] Searching now in Bing..
[-] Total Unique Subdomains Found: 46
[-] Start port scan now for the following ports: 80
ads.google.com - Found open ports: 80
adwords.google.com - Found open ports: 80
analytics.google.com - Found open ports: 80
accounts.google.com - Found open ports: 80
aboutme.google.com - Found open ports: 80
adssettings.google.com - Found open ports: 80
console.cloud.google.com - Found open ports: 80
...

OSRFramework

Another excellent OSINT tool that has been added to the repos is OSRFramework, a collection of scripts that can enumerate users, domains, and more across over 200 separate services.
root@kali:~# apt update && apt -y install osrframework
root@kali:~# searchfy.py -q "dookie2000ca"

  ___  ____  ____  _____                                            _
 / _ \/ ___||  _ \|  ___| __ __ _ _ __ ___   _____      _____  _ __| | __
| | | \___ \| |_) | |_ | '__/ _` | '_ ` _ \ / _ \ \ /\ / / _ \| '__| |/ /
| |_| |___) |  _ <|  _|| | | (_| | | | | | |  __/\ V  V / (_) | |  |   <
 \___/|____/|_| \_\_|  |_|  \__,_|_| |_| |_|\___| \_/\_/ \___/|_|  |_|\_

                Version:      OSRFramework 0.17.2
                Created by:   Felix Brezo and Yaiza Rubio, (i3visio)



searchfy.py Copyright (C) F. Brezo and Y. Rubio (i3visio) 2014-2017

This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For additional info,
visit https://www.gnu.org/licenses/agpl-3.0.txt

2017-11-14 14:54:52.535108  Starting search in different platform(s)... Relax!

    Press  to stop...

2017-11-14 14:55:04.310148  A summary of the results obtained are listed in the following table:

Sheet Name: Profiles recovered (2017-11-14_14h55m).
+---------------------------------+---------------+------------------+
|           i3visio_uri           | i3visio_alias | i3visio_platform |
+=================================+===============+==================+
| http://github.com/dookie2000ca  | dookie2000ca  | Github           |
+---------------------------------+---------------+------------------+
| http://twitter.com/dookie2000ca | dookie2000ca  | Twitter          |
+---------------------------------+---------------+------------------+

2017-11-14 14:55:04.327954  You can find all the information collected in the following files:
    ./profiles.csv

2017-11-14 14:55:04.328012  Finishing execution...

Total time used:    0:00:11.792904
Average seconds/query:  11.792904 seconds

Did something go wrong? Is a platform reporting false positives? Do you need to
integrate a new one and you don't know how to start? Then, you can always place
an issue in the Github project:
    https://github.com/i3visio/osrframework/issues
Note that otherwise, we won't know about it!

Massive Maltego Metamorphosis

One of our favourite applications in Kali has always been Maltego, the incredible open-source information gathering tool from Paterva, and the equally incredible Casefile. These two applications had always been separate entities (get it?) but as of late September, they are now combined into one amalgamated application that still allows you to run Maltego Community Edition and Casefile, but now it also works for those of you with Maltego Classic or Maltego XL licenses. As always, the tools perform wonderfully and look great doing it.




Kali Linux 2017.3 Release - The Best Penetration Testing Distribution


Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind.

It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools.

Details

Security

Parrot Security includes a full arsenal of security oriented tools to perform penetration tests, security audits and more. With a Parrot usb drive in your pocket you will always be sure to have all you need with you.

Privacy

Parrot includes by default TOR, I2P, anonsurf, gpg, tccf, zulucrypt, veracrypt, truecrypt, luks and many other tecnologies designed to defend your privacy and your identity.

Development

If you need a comfortable environment with updated frameworks and useful libraries already installed, Parrot will amaze you as it includes a full development-oriented environment with some powerful editors and IDEs pre-installed and many other tools installable from our repository.

Features

System Specs
  • Debian GNU/Linux 9 (stretch)
  • Custom hardened Linux 4.8 kernel
  • Rolling release updates
  • Powerful worldwide mirror servers
  • High hardware compatibility
  • Community-driven development
  • free(libre) and open source project

Cryptography

Parrot includes many cryptographic softwares which are extremely useful when it comes to protect your confidential data and defend your privacy.

Parrot includes several cryptographic front-ends to work both with symmetric and asymmetric encryption, infact it natively supports volumes encryption with LUKS, TrueCrypt, VeraCrypt and the hidden TrueCrypt/VeraCrypt volumes with nested algorythms support.

The whole system can be installed inside an encrypted partition to protect your computer in case of theft.

Another swiss army knife of your privacy is GPG, the GNU Privacy Guard, an extremely powerful PGP software that lets you create a private/public pair of keys to apply digital signatures to your messages and to allow other people to send you encrypted messages that only your private key can decrypt, in can also handle multiple identities and subkeys, and its power resides in its ring of trust as PGP users can sign each other's keys to make other people know if a digital identity is valid or not.

Even our software repository is digitally signed by GPG, and the system automatically verifies if an update was altered or compromised and it refuses to upgrade or to install new software if our digital signature is not found or not valid.

Privacy

Your privacy is the most valuable thing you have in your digital life and the whole Parrot Team is exaggeratedly paranoid when it comes to users privacy, infact our system doesn't contain tracking systems, and it is hardened in deep to protect users from prying eyes.

Parrot has developed and implemented several tricks and softwares to achieve this goal, and AnonSurf is one of the most important examples, it is a software designed to start TOR and hijack all the internet traffic made by the system through the TOR network, we have also modified the system to make it use DNS servers different from those offered by your internet provider.

Parrot also includes torbrowser, torchat and other anonymous services, like I2P, a powerful alternative to TOR.

Programming

The main goal of an environment designed by hackers for hackers is the possibility to change it, adapt it, transform it and use it as a development platform to create new things, this is why Parrot comes out of the box with several tools for developers such as compilers, disassemblers, IDEs, comfortable editors and powerful frameworks.

Parrot includes QTCreator as its main C, C++ and Qt framework. Another very useful tool is Geany, a lightweight and simple IDE which supports a huge amount of programming languages, while we also include Atom, the opensource editor of the future developed by GitHub, and many compilers and interpreters with their most important libraries are pre-installed and ready to use.


And of course many other editors, development softwares and libraries are available through our software repository where we keep all the development tools always updated to their most cutting edge but reliable version.

Changelog

Parrot 3.9 is now ready, and it includes some important new features that were introduced to make the system more secure and reliable.
The most important feature is the new sandbox system, introduced to protect many applications from 0day attacks out of the box. The sandbox is based on firejail, a suid program which is very easy to configure and customize to protect many critical applications in a quick and effective way (if an application does not work as expected, customize the corresponding firejail profile to be more permissive).

Parrot Security 3.9 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind


wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.
The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being calculated for each detected CMS and its versions. Each detected CMS is displayed along with the most probable version(s) of it. The score calculation is based on weights and the amount of "hits" for a given checksum.
wig also tries to guess the operating system on the server based on the 'server' and 'x-powered-by' headers. A database containing known header values for different operating systems is included in wig, which allows wig to guess Microsoft Windows versions and Linux distribution and version.

Requirements
wig is built with Python 3, and is therefore not compatible with Python 2.

Installation
wig can be run from the command line or installed with distuils.

Command line
$ python3 wig.py example.com

Usage in script
Install with
$ python3 setup.py install
and then wig can be imported from any location as such:
>>>> from wig.wig import wig
>>>> w = wig(url='example.com')
>>>> w.run()
>>>> results = w.get_results()

How it works
The default behavior of wig is to identify a CMS, and exit after version detection of the CMS. This is done to limit the amount of traffic sent to the target server. This behavior can be overwritten by setting the '-a' flag, in which case wig will test all the known fingerprints. As some configurations of applications do not use the default location for files and resources, it is possible to have wig fetch all the static resources it encounters during its scan. This is done with the '-c' option. The '-m' option tests all fingerprints against all fetched URLs, which is helpful if the default location has been changed.

Help Screen
usage: wig.py [-h] [-l INPUT_FILE] [-q] [-n STOP_AFTER] [-a] [-m] [-u] [-d]
              [-t THREADS] [--no_cache_load] [--no_cache_save] [-N]
              [--verbosity] [--proxy PROXY] [-w OUTPUT_FILE]
              [url]

WebApp Information Gatherer

positional arguments:
  url              The url to scan e.g. http://example.com

optional arguments:
  -h, --help       show this help message and exit
  -l INPUT_FILE    File with urls, one per line.
  -q               Set wig to not prompt for user input during run
  -n STOP_AFTER    Stop after this amount of CMSs have been detected. Default:
                   1
  -a               Do not stop after the first CMS is detected
  -m               Try harder to find a match without making more requests
  -u               User-agent to use in the requests
  -d               Disable the search for subdomains
  -t THREADS       Number of threads to use
  --no_cache_load  Do not load cached responses
  --no_cache_save  Do not save the cache for later use
  -N               Shortcut for --no_cache_load and --no_cache_save
  --verbosity, -v  Increase verbosity. Use multiple times for more info
  --proxy PROXY    Tunnel through a proxy (format: localhost:8080)
  -w OUTPUT_FILE   File to dump results into (JSON)

Example of run:
$ python3 wig.py example.com

wig - WebApp Information Gatherer


Redirected to http://www.example.com
Continue? [Y|n]:
Scanning http://www.example.com...
_____________________________________________________ SITE INFO _____________________________________________________
IP                        Title                                                                                      
256.256.256.256           PAGE_TITLE                                 
                                                                                                                     
______________________________________________________ VERSION ______________________________________________________
Name                      Versions                                               Type                                
Drupal                    7.38                                                   CMS                                 
nginx                                                                            Platform                            
amazons3                                                                         Platform                            
Varnish                                                                          Platform                            
IIS                       7.5                                                    Platform                            
ASP.NET                   4.0.30319                                              Platform                            
jQuery                    1.4.4                                                  JavaScript                          
Microsoft Windows Server  2008 R2                                                OS                                  
                                                                                                                     
_____________________________________________________ SUBDOMAINS ____________________________________________________
Name                      Page Title                                             IP                                  
http://m.example.com:80   Mobile Page                                            256.256.256.257                     
https://m.example.com:443 Secure Mobil Page                                      256.256.256.258                     
                                                                                                                     
____________________________________________________ INTERESTING ____________________________________________________
URL                       Note                                                   Type                                
/test/                    Test directory                                         Interesting                         
/login/                   Login Page                                             Interesting                         
                                                                                                                     
_______________________________________________ PLATFORM OBSERVATIONS _______________________________________________
Platform                  URL                                                    Type                                
ASP.NET 2.0.50727         /old.aspx                                              Observation                         
ASP.NET 4.0.30319         /login/                                                Observation                         
IIS 6.0                   http://www.example.com/templates/file.css              Observation                         
IIS 7.0                   https://www.example.com/login/                         Observation                         
IIS 7.5                   http://www.example.com                                 Observation                         
                                                                                                                     
_______________________________________________________ TOOLS _______________________________________________________
Name                      Link                                                   Software                            
droopescan                https://github.com/droope/droopescan                   Drupal                              
CMSmap                    https://github.com/Dionach/CMSmap                      Drupal                              
                                                                                                                     
__________________________________________________ VULNERABILITIES __________________________________________________
Affected                  #Vulns                                                 Link                                
Drupal 7.38               5                                                      http://cvedetails.com/version/185744
                                                                                                                     
_____________________________________________________________________________________________________________________
Time: 11.3 sec            Urls: 310                                              Fingerprints: 37580


wig - WebApp Information Gatherer


The Rekall Framework is a completely open collection of tools, implemented in Python under the Apache and GNU General Public License, for the extraction and analysis of digital artifacts computer systems.
The Rekall distribution is available from: http://www.rekall-forensic.com/
Rekall should run on any platform that supports Python
Rekall supports investigations of the following 32bit and 64bit memory images:
  • Microsoft Windows XP Service Pack 2 and 3
  • Microsoft Windows 7 Service Pack 0 and 1
  • Microsoft Windows 8 and 8.1
  • Microsoft Windows 10
  • Linux Kernels 2.6.24 to 4.4.
  • OSX 10.7-10.12.x.
Rekall also provides a complete memory sample acquisition capability for all major operating systems (see the tools directory).

Quick start
Rekall is available as a python package installable via the pip package manager. To install it, first create a virtal env, switch to it and then install rekall:
$ virtualenv  /tmp/MyEnv
New python executable in /tmp/MyEnv/bin/python
Installing setuptools, pip...done.
$ source /tmp/MyEnv/bin/activate
$ pip install --upgrade setuptools pip wheel
$ pip install rekall-agent rekall
For windows, Rekall is also available as a self contained installer package. Please check the download page for the most appropriate installer to use Rekall-Forensic.com
To install from this git repository you will need to use pip --editable and follow the correct order of installation (otherwise pip will pull released dependencies which might be older):
$ virtualenv  /tmp/MyEnv
New python executable in /tmp/MyEnv/bin/python
Installing setuptools, pip...done.
$ source /tmp/MyEnv/bin/activate
$ pip install --upgrade setuptools pip wheel
$ git clone https://github.com/google/rekall.git rekall
$ pip install --editable rekall/rekall-lib
$ pip install --editable rekall/rekall-core
$ pip install --editable rekall/rekall-agent
$ pip install --editable rekall
On Windows you will need to install the Microsoft Visual C compilers for python (for more info see this blog post http://rekall-forensic.blogspot.ch/2015/09/installing-rekall-on-windows.html)

History
In December 2011, a new branch within the Volatility project was created to explore how to make the code base more modular, improve performance, and increase usability. The modularity allowed Volatility to be used in GRR, making memory analysis a core part of a strategy to enable remote live forensics. As a result, both GRR and Volatility would be able to use each other's strengths.
Over time this branch has become known as the "scudette" branch or the "Technology Preview" branch. It was always a goal to try to get these changes into the main Volatility code base. But, after two years of ongoing development, the "Technology Preview" was never accepted into the Volatility trunk version.
Since it seemed unlikely these changes would be incorporated in the future, it made sense to develop the Technology Preview branch as a separate project. On December 13, 2013, the former branch was forked to create a new stand-alone project named "Rekall.” This new project incorporates changes made to streamline the codebase so that Rekall can be used as a library. Methods for memory acquisition and other outside contributions have also been included that were not in the Volatility codebase.
Rekall strives to advance the state of the art in memory analysis, implementing the best algorithms currently available and a complete memory acquisition and analysis solution for at least Windows, OSX and Linux.

More documentation
Further documentation is available at http://www.rekall-forensic.com/


Rekall v1.7 - Forensic and Incident Response Framework


Exploit Pack has been designed by an experienced team of software developers and exploit writers to automate processes so penetration testers can focus on what's really important. The threat. This blend of software engineers and subject matter experts provides an unique advantage by combining technical know-how with true insight into the problem set, resulting in more efficient solutions for cyber security surveillance.

Get an ISO/VM with Exploit Pack

Get an ISO or a VM with Exploit Pack already installed: Exploit Pack comes pre-installed in several Linux distributions, but our all time favorite is BlackArch, get it here: https://blackarch.org/downloads.html

Get/Update using GIT

After you install git in your desired platform, windows, osx, linux then you can simply run the following commands: To get Exploit Pack:
$ git clone https://github.com/juansacco/exploitpack.git
To update to the latest release: Navigate into Exploit Pack folder and run this command
$ git pull

Documentation

Please check our javadocs included under the folder with that name, also check our online guide, pdfs and the information all over the internet about this tool, feel free to make comments, integrate with our community and have fun!

Known issues:

Using Exploit Pack could produce addiction Prolonged periods of time using this tool could produce network mayhem or even dead In case of intoxication ( using Exploit Pack under Windows ) please call your doctor immediately.

 Installation notes:

 Windows:

 Download and install Java 8 from Oracle:
Depending on your platform you have to choose between Windows Java SE Java 8 for 32 bits or Java 8 for 64 bits After you have installed Java 8 in your system, get Exploit Pack from the official site, uncompress and double click ExplotPack.jar, if that does not work, try from a console using this command: "java -jar ExploitPack.jar"

 Linux:
Under any Linux distribution that supports DEB packages like Ubuntu, Debian, Kali, etc. you can run the following commands to install Java 8 from an official repository Copy and paste the following in a terminal window:
echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" >> /etc/apt/sources.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" >> /etc/apt/sources.list
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EEA14886
sudo apt-get update
sudo apt-get install oracle-java8-installer

Then, get Exploit Pack trough GIT or download it from the official website. After that run it from a terminal using the following command: "java -jar ExploitPack.jar"

 OSX:

Download and install Java 8 for OSX 32/64 bits from Oracle: OSX Java 8 32/64 bits After you have Java 8 installed in your Mac, download Exploit Pack, uncompress and double click ExploitPack.jar to run it or from a console: "java -jar ExploitPack.jar"

BUILD OUTPUT DESCRIPTION

When you build an Java application project that has a main class, the IDE automatically copies all of the JAR files on the projects classpath to your projects dist/lib folder. The IDE also adds each of the JAR files to the Class-Path element in the application JAR files manifest file (MANIFEST.MF).

To run the project from the command line, go to the dist folder and type the following:
java -jar "ExploitPack.jar"
To distribute this project, zip up the dist folder (including the lib folder) and distribute the ZIP file.

Notes:

  • If two JAR files on the project classpath have the same name, only the first JAR file is copied to the lib folder.
  • Only JAR files are copied to the lib folder.
  • If the classpath contains other types of files or folders, these files (folders) are not copied.
  • If a library on the projects classpath also has a Class-Path element specified in the manifest,the content of the Class-Path element has to be on the projects runtime path.
  • To set a main class in a standard Java project, right-click the project node in the Projects window and choose Properties. Then click Run and enter the class name in the Main Class field. Alternatively, you can manually type the class name in the manifest Main-Class element.

Exploit Pack - Penetration Testing Framework


Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly.

It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system.

Changes

New features

  • Added support for PPPoE and dial-up Internet connections.
  • Installed BookletImposer to convert linear PDF documents into booklets, and vice-versa.
  • Added GNOME Screen Keyboard to replace Florence, the previous virtual keyboard, which had many issues.

Upgrades and changes

  • Tails releases Upgrade Linux to 4.12.12. This should improve the support for newer hardware, especially NVIDIA Maxwell graphics card.
  • Upgrade Thunderbird from 45.8 to 52.3.

User experience

  • Require a 8 GB USB stick to install Tails. 4 GB USB sticks that are already installed can still be upgraded.
  • Tails Installer now detects when the target USB stick has Tails installed already and automatically proposes to upgrade. This made possible to remove the initial splash screen.

Security

  • Disable Bluetooth to protect against the BlueBorne attack. #14655
  • Increase the randomization of ASLR to the maximum. #11840
  • Deny access to the D-Bus service of Pidgin to prevent other applications to access and modify its configuration. #14612.

Fixed problems

  • Fix the import of secret OpenPGP keys in Password and Keys. #12733
For more details, read our changelog.

Known issues

None specific to this release.

See the list of long-standing issues.


Tails 3.2 - Live System to Preserve Your Privacy and Anonymity

Subscribe to: Posts (Atom)