Sunday, August 30, 2020

SubOver - A Powerful Subdomain Takeover Tool


Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.

Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
  • dnspython
  • colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -h

Usage
python subover.py -l subdomains.txt -o output_takeovers.txt
  • -l subdomains.txt is the list of target subdomains. These can be discovered using various tool such as sublist3r or others.
  • -o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)
  • -t 20 is the default number of threads that SubOver will use. (Optional)
  • -V is the switch for showing verbose output. (Optional, Default=False)

Currently Checked Services
  • Github
  • Heroku
  • Unbounce
  • Tumblr
  • Shopify
  • Instapage
  • Desk
  • Tictail
  • Campaignmonitor
  • Cargocollective
  • Statuspage
  • Amazonaws
  • Cloudfront
  • Bitbucket
  • Squarespace
  • Smartling
  • Acquia
  • Fastly
  • Pantheon
  • Zendesk
  • Uservoice
  • WPEngine
  • Ghost
  • Freshdesk
  • Pingdom
  • Tilda
  • Wordpress
  • Teamwork
  • Helpjuice
  • Helpscout
  • Cargo
  • Feedpress
  • Freshdesk
  • Surge
  • Surveygizmo
  • Mashery
Count : 36

FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com

Your tool sucks!
Yes, you're probably correct. Feel free to:
  • Not use it.
  • Show me how to do it better.

Contact
Twitter: @Ice3man543

Credits


Read more


  1. Hacking Tools Name
  2. Hak5 Tools
  3. Easy Hack Tools
  4. Hack Tools Mac
  5. Hacker Tools For Mac
  6. Pentest Tools Kali Linux
  7. Kik Hack Tools
  8. Hacker Hardware Tools
  9. Hacker Tools Linux
  10. Hacking Tools Online
  11. Top Pentest Tools
  12. Hackrf Tools
  13. Hacker Tools 2019
  14. Kik Hack Tools
  15. Pentest Tools Windows
  16. Hacker Hardware Tools
  17. Hacking Tools And Software
  18. Hacker Tools For Windows
  19. Pentest Reporting Tools
  20. Hacker Tools For Pc
  21. New Hack Tools
  22. Hack Tools For Mac
  23. Hacker Techniques Tools And Incident Handling
  24. Hacking Tools For Games
  25. Termux Hacking Tools 2019
  26. Pentest Tools Website
  27. Pentest Tools Android
  28. Hack App
  29. What Are Hacking Tools
  30. Hacker Tools Linux
  31. Game Hacking
  32. Hack Tools Github
  33. Hacker Tools Hardware
  34. Hacker Tools Linux
  35. New Hack Tools
  36. Hacking Tools For Mac
  37. Hacker Tools Software
  38. Hacks And Tools
  39. Ethical Hacker Tools
  40. Pentest Tools Url Fuzzer
  41. Pentest Reporting Tools
  42. Hacker Tools Hardware
  43. Hacking Tools Kit
  44. Hackers Toolbox
  45. Pentest Tools Framework
  46. Pentest Tools Port Scanner
  47. Hack Website Online Tool
  48. Hacks And Tools
  49. Hack Tools For Games
  50. Nsa Hacker Tools
  51. Hacker
  52. Pentest Reporting Tools
  53. Tools 4 Hack
  54. Hacker Security Tools
  55. Hack Tools For Mac
  56. Hacking Tools Windows
  57. Computer Hacker
  58. Hacker Tools 2020
  59. Hacking Tools Windows
  60. Free Pentest Tools For Windows
  61. Computer Hacker
  62. Bluetooth Hacking Tools Kali
  63. Pentest Tools Framework
  64. What Are Hacking Tools
  65. Hack Tool Apk
  66. Hacker Tools Apk
  67. Hacker Security Tools
  68. Pentest Box Tools Download
  69. Wifi Hacker Tools For Windows
  70. Hacking Tools
  71. Hack App
  72. Bluetooth Hacking Tools Kali
  73. Hacking Tools Hardware
  74. Pentest Tools Tcp Port Scanner
  75. Hack Website Online Tool
  76. Tools 4 Hack
  77. Hack Tools Download
  78. Top Pentest Tools
  79. Nsa Hack Tools
  80. Pentest Tools Review
  81. Bluetooth Hacking Tools Kali
  82. Nsa Hacker Tools
  83. Hack Tools 2019
  84. Hacker Tools Apk
  85. Pentest Tools Website Vulnerability
  86. Pentest Tools Website Vulnerability
  87. Underground Hacker Sites
  88. Tools Used For Hacking
  89. Hacker Techniques Tools And Incident Handling
  90. Hacking Tools Github
  91. Tools 4 Hack
  92. Kik Hack Tools
  93. Pentest Tools Tcp Port Scanner
  94. Free Pentest Tools For Windows
  95. Hacking Tools Online
  96. Kik Hack Tools
  97. Hacking Tools For Mac
  98. Hacker Tools Github
  99. New Hack Tools
  100. Hacker Tools Online
  101. Pentest Tools Free
  102. Bluetooth Hacking Tools Kali
  103. Pentest Tools Windows
  104. Hack Tools Download
  105. Hacker Tools Online
  106. Hacking App
  107. Pentest Tools Review
  108. Hacker Tools Software
  109. Hacking Tools Mac
  110. Hacker Hardware Tools
  111. Hacking Tools Free Download
  112. Hacking Tools 2020
  113. New Hack Tools
  114. Hack Tool Apk
  115. Hackrf Tools
  116. Termux Hacking Tools 2019
  117. New Hacker Tools
  118. Pentest Tools Alternative
  119. Hack Tool Apk
  120. What Are Hacking Tools
  121. Hacker Tools Free
  122. Hacker Tools Free
  123. Hacker Tools Apk
  124. Pentest Tools Free
  125. Pentest Tools Windows
  126. Pentest Tools Github
  127. Hacking Tools Download
  128. Hacker Hardware Tools
  129. Hacking Tools For Windows 7
  130. Hacking Tools Windows
  131. Pentest Reporting Tools
  132. Hack App
  133. Hacker Tools Apk
  134. Hacker
  135. Hacker Tools Hardware
  136. Pentest Tools For Mac
  137. New Hacker Tools
  138. Easy Hack Tools
  139. Best Pentesting Tools 2018
  140. Hack Tools Online
  141. Hacker Tools List
  142. Best Pentesting Tools 2018
  143. Hacking Tools Usb
  144. Pentest Tools
  145. Game Hacking
  146. Wifi Hacker Tools For Windows
  147. Hacking Tools For Windows Free Download
  148. Pentest Tools
  149. Free Pentest Tools For Windows
  150. Hacker Tools Free Download
  151. Hacking Tools Download
  152. Bluetooth Hacking Tools Kali
  153. Pentest Tools Find Subdomains
  154. Hacker Tools Hardware
  155. Pentest Tools Open Source
  156. Hacker Tools Linux
  157. Hacking Tools For Windows 7
No comments:

Steghide - A Beginners Tutorial




All of us want our sensitive information to be hidden from people and for that we perform different kinds of things like hide those files or lock them using different softwares. But even though we do that, those files  attractive people to itself as an object of security. Today I'm going to give you a slight introduction to what is called as Steganography. Its a practice of hiding an informational file within another file like you might have seen in movies an image has a secret message encoded in it. You can read more about Steganography from Wikipedia.

In this tutorial I'm going to use a tool called steghide, which is a simple to use Steganography tool and I'm running it on my Arch Linux. What I'm going to do is simply encode an image with a text file which contains some kind of information which I don't want other people to see. And at the end I'll show you how to decode that information back. So lets get started:

Requirements:
1. steghide
2. a text file
3. an image file

After you have installed steghide, fire up the terminal and type steghide



It will give you list of options that are available.

Now say I have a file with the name of myblogpassword.txt which contains the login password of my blog and I want to encode that file into an Image file with the name of arch.jpg so that I can hide my sensitive information from the preying eyes of my friends. In order to do that I'll type the following command in my terminal:

steghide embed -ef myblogpassword.txt -cf arch.jpg



here steghide is the name of the program
embed flag is used to specify to steghide that we want to embed one file into another file
-ef option is used to specify to steghide the name (and location, in case if its in some other directory) of the file that we want to embed inside of the another file, in our case its myblogpassword.txt
-cf option is used to specify the name (and location, in case if its in some other directory) of the file in which we want to embed our file, in our case its an image file named arch.jpg

After typing the above command and hitting enter it will prompt for a password. We can specify a password here in order to password protect our file so that when anyone tries to extract our embedded file, they'll have to supply a password in order to extract it. If you don't want to password protect it you can just simply hit enter.

Now myblogpassword.txt file is embedded inside of the image file arch.jpg. You'll see no changes in the image file except for its size. Now we can delete the plain password text file myblogpassword.txt.

In order to extract the embedded file from the cover file, I'll type following command in the terminal:

steghide extract -sf arch.jpg -xf myblogpass.txt



here steghide is again name of the program
extract flag specifies that we want to extract an embedded file from a stego file
-sf option specifies the name of the stego file or in other words the file in which we embedded another file, in our case here its the arch.jpg file
-xf option specifies the name of the file to which we want to write our embedded file, here it is myblogpass.txt
(remember you must specify the name of file with its location if its somewhere else than the current directory)

After typing the above command and hitting enter, it will prompt for a password. Supply the password if any or otherwise just simply hit enter. It will extract the embedded file to the file named myblogpass.txt. Voila! you got your file back but yes the image file still contains the embedded file.

That's it, very easy isn't it?

It was a pretty basic introduction you can look for other things like encrypting the file to be embedded before you embed it into another file and so on... enjoy :)

Related posts
No comments:

DEFINATION OF HACKING

DEFINATION OF HACKING

Hacking is an attempt to exploit a  computer system vulnerabilities or a private network inside a computer to gain unauthorized acess.
Hacking is identifying and exploiting weakness in computer system and/ or computer networks for finding the vulnerability and loopholes.

Related links


  1. Tools Used For Hacking
  2. Best Hacking Tools 2019
  3. Underground Hacker Sites
  4. Pentest Tools Tcp Port Scanner
  5. Hacking Tools Windows
  6. Pentest Tools Github
  7. Hacker Tools List
  8. Hacking Tools 2020
  9. Hacking Tools Free Download
  10. Game Hacking
  11. Pentest Tools Bluekeep
  12. Nsa Hack Tools
  13. Hack Tools Mac
  14. Hack Tools Mac
  15. Hacking Tools Free Download
  16. Pentest Tools For Mac
  17. Black Hat Hacker Tools
  18. Termux Hacking Tools 2019
  19. Hacker Tools Hardware
  20. Pentest Tools For Mac
  21. Install Pentest Tools Ubuntu
  22. Hacking Tools For Windows
  23. Hacker Tools Linux
  24. Hacking Tools Usb
  25. Nsa Hacker Tools
  26. Hacking Tools Pc
  27. Hacker Hardware Tools
  28. Pentest Tools Framework
  29. Android Hack Tools Github
  30. Hack Tools Online
  31. Termux Hacking Tools 2019
  32. Hack Tools Online
  33. Pentest Tools Nmap
  34. Wifi Hacker Tools For Windows
  35. Tools 4 Hack
  36. What Are Hacking Tools
  37. Pentest Tools Subdomain
  38. Pentest Tools Apk
  39. Hacker Tools Free
  40. Hacking Tools For Windows Free Download
  41. Hackers Toolbox
  42. How To Make Hacking Tools
  43. Hacker Techniques Tools And Incident Handling
  44. Hacker Tools Github
  45. Pentest Tools Linux
  46. Hack Tools For Mac
  47. Hacking Tools Usb
  48. Pentest Reporting Tools
  49. Hack Tool Apk No Root
  50. Hacker Hardware Tools
  51. Pentest Box Tools Download
  52. Best Hacking Tools 2019
  53. Install Pentest Tools Ubuntu
  54. Hack Tools Download
  55. Pentest Tools
  56. Hack Tools Mac
  57. Nsa Hack Tools
  58. Hacker Techniques Tools And Incident Handling
  59. Hacker Tools Apk Download
  60. Hack Tools Online
  61. Hacker Tools Github
  62. Hacker Tools Linux
  63. Pentest Recon Tools
  64. Hacking Tools Download
  65. Hack And Tools
  66. Hacker Tools Software
  67. How To Make Hacking Tools
  68. Hacker Tools For Windows
  69. Pentest Tools Open Source
  70. How To Hack
  71. Hacking Tools Windows
  72. What Are Hacking Tools
  73. Pentest Tools Subdomain
  74. Hack Tools
  75. Hacking Tools Windows
  76. Hacking Tools And Software
  77. Tools Used For Hacking
  78. Hacking Tools For Windows Free Download
  79. Hack Tools Pc
  80. Underground Hacker Sites
  81. Top Pentest Tools
  82. Hacker Tools Free
  83. Hacker Tools Free
  84. Ethical Hacker Tools
  85. Ethical Hacker Tools
  86. Hacking Tools And Software
  87. Hacking Tools Hardware
  88. What Are Hacking Tools
  89. Pentest Tools Open Source
  90. Hacker Tools Apk Download
  91. Pentest Tools Website
  92. New Hack Tools
  93. Pentest Tools Subdomain
  94. How To Hack
  95. Hacking Tools For Kali Linux
  96. Hacker Tools Hardware
  97. Pentest Tools For Windows
  98. Easy Hack Tools
  99. Hacking Tools Github
  100. How To Make Hacking Tools
  101. Hack Tool Apk No Root
  102. Hacking Tools For Windows
  103. Hacking App
  104. Hack Tool Apk
  105. Pentest Tools Subdomain
  106. Best Hacking Tools 2020
  107. Hack Tool Apk
  108. Pentest Tools Linux
  109. Pentest Recon Tools
  110. Pentest Tools Download
  111. Tools For Hacker
  112. Hacker Tool Kit
  113. Hacking Tools
  114. Hackrf Tools
  115. Blackhat Hacker Tools
  116. Pentest Tools Free
  117. Hak5 Tools
  118. Hack Tools For Mac
  119. Hacking Tools 2020
  120. Hacking Tools Online
  121. Nsa Hacker Tools
  122. Hacking Tools Pc
  123. Hacker Tools Apk Download
  124. Hacking Tools Download
  125. Hacks And Tools
  126. Hacker Tools Github
  127. Pentest Tools For Android
  128. Black Hat Hacker Tools
  129. Hack Tools 2019
  130. Hack Tools For Ubuntu
  131. Hacking Tools Hardware
  132. Hacker Tools For Ios
  133. Hacker Tools Windows
  134. Hacking Tools Name
  135. Pentest Tools Subdomain
  136. Hack Tools Github
  137. Hacking Tools Online
  138. Pentest Tools Find Subdomains
  139. Hacking Tools Download
  140. Hack Rom Tools
  141. Github Hacking Tools
  142. Black Hat Hacker Tools
  143. Hacker Tools 2020
  144. Nsa Hacker Tools
  145. Pentest Tools Url Fuzzer
No comments:

Saturday, August 29, 2020

Video Archives Of Security Conferences And Workshops


Just some links for your enjoyment

List of security conferences in 2014

Video archives:



AIDE (Appalachian Institute of Digital Evidence)


Blackhat
Botconf
Bsides
Chaos Communication Congress
Defcon
Derbycon
Digital Bond's S4x14
Circle City Con
GrrCON Information Security Summit & Hacker Conference
Hack in the box HITB
InfowarCon
Ruxcon
Shmoocon
ShowMeCon
SkyDogCon
TakeDownCon
Troopers
Heidelberg Germany
Workshops, How-tos, and Demos

Special thanks to  Adrian Crenshaw for his collection of videos
Related posts
No comments:
Subscribe to: Posts (Atom)