Friday, August 28, 2020

OWASP Announcement

🕬  OWASP Announcement:


The OWASP Foundation has been chosen to be 1 of 50 Open Source Organizations to participate in the inaugural year of the Google Season of Docs program.

The goal of Season of Docs is to provide a framework for technical writers and open source projects to work together towards the common goal of improving an open source project's documentation. For technical writers who are new to open source, the program provides an opportunity to gain experience in contributing to open source projects. For technical writers who're already working in open source, the program provides a potentially new way of working together. Season of Docs also gives open source projects an opportunity to engage more of the technical writing community.

We would like to thank the OWASP members that donate their time and knowledge as administrators and mentors. It would not be possible if not for these individuals:
Spyros, Fabio, and Konstantinos 




More information

posted by a Confidential Source @ 8/28/2020   0 comments

Fluxion - Set Up Fake AP, Fake DNS, And Create Captive Portal To Trick Users Into Giving You Their Password





Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.
If you need quick help, fluxion is also avaible on gitter. You can talk with us on Gitter or on Discord.

 Installation
Read here before you do the following steps.
Download the latest revision
git clone --recursive git@github.com:FluxionNetwork/fluxion.git
Switch to tool's directory
cd fluxion
Run fluxion (missing dependencies will be auto-installed)
./fluxion.sh
Fluxion is also available in arch
cd bin/arch
makepkg
or using the blackarch repo
pacman -S fluxion

 Changelog
Fluxion gets weekly updates with new features, improvements, and bugfixes. Be sure to check out the changelog here.

 How it works
  • Scan for a target wireless network.
  • Launch the Handshake Snooper attack.
  • Capture a handshake (necessary for password verification).
  • Launch Captive Portal attack.
  • Spawns a rogue (fake) AP, imitating the original access point.
  • Spawns a DNS server, redirecting all requests to the attacker's host running the captive portal.
  • Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.
  • Spawns a jammer, deauthenticating all clients from original AP and lureing them to the rogue AP.
  • All authentication attempts at the captive portal are checked against the handshake file captured earlier.
  • The attack will automatically terminate once a correct key has been submitted.
  • The key will be logged and clients will be allowed to reconnect to the target access point.
  • For a guide to the Captive Portal attack, read the Captive Portal attack guide

 Requirements
A Linux-based operating system. We recommend Kali Linux 2 or Kali rolling. Kali 2 & rolling support the latest aircrack-ng versions. An external wifi card is recommended.

 Related work
For development I use vim and tmux. Here are my dotfiles

 Credits
  1. l3op - contributor
  2. dlinkproto - contributor
  3. vk496 - developer of linset
  4. Derv82 - @Wifite/2
  5. Princeofguilty - @webpages and @buteforce
  6. Photos for wiki @http://www.kalitutorials.net
  7. Ons Ali @wallpaper
  8. PappleTec @sites
  9. MPX4132 - Fluxion V3

 Disclaimer
  • Authors do not own the logos under the /attacks/Captive Portal/sites/ directory. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research.
  • The usage of Fluxion for attacking infrastructures without prior mutual consent could be considered an illegal activity, and is highly discouraged by its authors/developers. It is the end user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.

 Note
  • Beware of sites pretending to be related with the Fluxion Project. These may be delivering malware.
  • Fluxion DOES NOT WORK on Linux Subsystem For Windows 10, because the subsystem doesn't allow access to network interfaces. Any Issue regarding the same would be Closed Immediately

 Links
Fluxion website: https://fluxionnetwork.github.io/fluxion/
Discord: https://discordapp.com/invite/G43gptk
Gitter: https://gitter.im/FluxionNetwork/Lobby




Related links


  1. Pentest Tools Website Vulnerability
  2. Hacker Tools For Mac
  3. Wifi Hacker Tools For Windows
  4. Black Hat Hacker Tools
  5. Beginner Hacker Tools
  6. Pentest Tools For Ubuntu
  7. Pentest Tools Nmap
  8. Hackers Toolbox
  9. Hacking Tools Free Download
  10. Hacker Tools Github
  11. Hacker Tools Free Download
  12. Pentest Tools Kali Linux
  13. Pentest Tools Apk
  14. Pentest Tools Nmap
  15. Pentest Tools For Ubuntu
  16. Physical Pentest Tools
  17. Tools For Hacker
  18. Hack Tools
  19. Best Pentesting Tools 2018
  20. Pentest Tools Bluekeep
  21. Hacker Search Tools
  22. Hack Tools For Games
  23. Hacker Tools Software
  24. Hacking Tools For Games
  25. Pentest Tools Url Fuzzer
  26. Pentest Tools Android
  27. Hacker Tools Github
  28. Pentest Tools Online
  29. Hacker Hardware Tools
  30. Pentest Tools For Mac
  31. Hacking Tools Download
  32. Hack Apps
  33. Pentest Tools Tcp Port Scanner
  34. Tools For Hacker
  35. Hacking Tools Name
  36. Ethical Hacker Tools
  37. Pentest Tools Download
  38. Pentest Tools Bluekeep
  39. Pentest Tools For Android
  40. Nsa Hack Tools
  41. Hak5 Tools
  42. Kik Hack Tools
  43. Hacker Tools Online
  44. Tools For Hacker
  45. Best Hacking Tools 2020
  46. Hacker Tools 2019
  47. Hack Tools For Games
  48. Pentest Tools Website Vulnerability
  49. Game Hacking
  50. Termux Hacking Tools 2019
  51. Pentest Tools Open Source
  52. Pentest Tools Tcp Port Scanner
  53. How To Hack
  54. Free Pentest Tools For Windows
  55. Hack Tools Github
  56. Github Hacking Tools
  57. Hacker Tools Apk
  58. Pentest Tools Subdomain
  59. Hacking Tools Usb
  60. Hacker Tools
  61. Hack Tool Apk
  62. Pentest Tools Framework
  63. Wifi Hacker Tools For Windows
  64. Pentest Tools Nmap
  65. Underground Hacker Sites
  66. Top Pentest Tools
  67. Hack Tools Mac
  68. Pentest Tools
  69. Hack Tools For Games
  70. Hack Tools
  71. Hack Tools For Games
  72. Pentest Tools Subdomain
  73. Pentest Tools Nmap
  74. Underground Hacker Sites
  75. Blackhat Hacker Tools
  76. Hacking Tools Hardware
  77. Hacker Tools Apk
  78. Pentest Box Tools Download
  79. Pentest Tools Kali Linux
  80. Hack Apps
  81. Underground Hacker Sites
  82. Pentest Tools For Android
  83. Hacking Tools For Kali Linux
  84. Tools Used For Hacking
  85. How To Make Hacking Tools
  86. Hacker Tools
  87. Hack Tools For Windows
  88. Pentest Tools For Android
  89. Hacking Tools Online
  90. Nsa Hacker Tools
  91. Hacking Tools And Software
  92. Best Hacking Tools 2019
  93. Beginner Hacker Tools
  94. Pentest Tools Website Vulnerability
  95. Hacking Tools 2019
  96. Hacking Tools Usb
  97. Ethical Hacker Tools
  98. Pentest Tools Android
  99. Hacker Tools Windows
  100. Pentest Tools Website
  101. Pentest Tools Tcp Port Scanner
  102. Hack Tools For Ubuntu
  103. Hacking Tools
  104. Computer Hacker
  105. Pentest Tools Review
  106. Wifi Hacker Tools For Windows
  107. Hack Tools Github
  108. Hacking Tools 2019
  109. New Hacker Tools
  110. Blackhat Hacker Tools
  111. Hack Tool Apk
  112. How To Make Hacking Tools
  113. Hacker Tools Github
  114. New Hacker Tools
  115. Hacker Tools Github
  116. Underground Hacker Sites
  117. Pentest Tools Android
  118. Tools Used For Hacking
  119. Tools Used For Hacking
  120. Hacking Tools 2020
  121. Tools Used For Hacking
  122. Kik Hack Tools
  123. Hacking Tools For Windows 7
  124. Pentest Tools Bluekeep
  125. Hack Tools Pc
  126. Hack Apps

posted by a Confidential Source @ 8/28/2020   0 comments

RenApp: The Ultimate File Renaming App



Are you tired of managing your tens of thousands of files like jpgs, pngs, or others and you want a way to manage them as quick as possible then RenApp is solution for all problem.
RenApp lets you change names of many files of a particular type to a common name with added numbering. So no more time wasting in file management just four clicks and your files will be ordered.

Beside that RenApp can clean your folders and subfolders from backup files of .bak or .*~ extension. Removing backup files in order to make space available manually is a tedious work and can take lots of time but why do it that we've got RenApp just locate the folder and click remove it'll remove them all from that folder and its subfolders. 

Some of the features of RenApp are as:
  •    Rename files to a common name.
  •    Rename files of different extensions to a common name in one shot
  •    Remove backup files from folder and subfolders.
R  RenApp is free and Opensource, written in Python with QT interface. Check out the source code at sourceforge.


Related news

posted by a Confidential Source @ 8/28/2020   0 comments