IP Tools To quickly get information about IP Address's, Web Pages and DNS records - Crips

This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records.

Menu

• Whois lookup
• Traceroute
• DNS Lookup
• Reverse DNS Lookup
• GeoIP Lookup
• Port Scan
• Reverse IP Lookup
• INSTALL & UPDATE
• Exit

Whois lookup
Determine the registered owner of a domain or IP address block with the whois tool.

Traceroute
Using mtr an advanced traceroute tool trace the path of an Internet connection.

DNS Lookup
Find DNS records for a domain, results are determined using the dig DNS tool

Reverse DNS Lookup
Find Reverse DNS records for an IP address or a range of IP addresses.

GeoIP Lookup
Find the location of an IP address using the GeoIP lookup location tool.

Port Scan
A simple TCP Port Scan to quickly determine the status of an Internet facing service or firewall.

Reverse IP Lookup
Discover web hosts sharing an IP address with a reverse IP lookup.

INSTALL & UPDATE
To install the tools directly in the system and get new update directly using terminal

Installation Linux
[✓] git clone https://github.com/Manisso/Crips.git
[✓] cd Crips && python Crips.py
[◉] 0 : INSTALL & UPDATE
[◉] -> 0
[✓] press 0
[✓] Congratulation Crips is Installed !

Installation Windows 
[✔] Download Python 2.7
[✓] Download Crips
[✓] Extract Crips into Desktop
[◉]Open CMD and type the following commands:
[✓] $cd Desktop/Crips-master/
[✓] $python crips.py

Download Crips

Read More

Bluetooth Security Testing Suite - BlueMaho v090417

BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices. It is freeware, opensource, written on python, uses wxPyhon. It can be used for testing BT-devices for known vulnerabilities and major thing to do - testing to find unknown vulns. Also it can form nice statistics.

1.2. What it can do? (features)

• scan for devices, show advanced info, SDP records, vendor etc
• track devices - show where and how much times device was seen, its name changes
• loop scan - it can scan all time, showing you online devices
• alerts with sound if new device found
• on_new_device - you can spacify what command should it run when it founds new device
• it can use separate dongles - one for scaning (loop scan) and one for running tools or exploits
• send files
• change name, class, mode, BD_ADDR of local HCI devices
• save results in database
• form nice statistics (uniq devices by day/hour, vendors, services etc)
• test remote device for known vulnerabilities (see exploits for more details)
• test remote device for unknown vulnerabilities (see tools for more details)
• themes! you can customize it

1.3. What tools and exploits it consist of?

• tools:
• atshell.c by Bastian Ballmann (modified attest.c by Marcel Holtmann)
• bccmd by Marcel Holtmann
• bdaddr.c by Marcel Holtmann
• bluetracker.py by smiley
• carwhisperer v0.2 by Martin Herfurt
• psm_scan and rfcomm_scan from bt_audit-0.1.1 by Collin R. Mulliner
• BSS (Bluetooth Stack Smasher) v0.8 by Pierre Betouin
• btftp v0.1 by Marcel Holtmann
• btobex v0.1 by Marcel Holtmann
• greenplaque v1.5 by digitalmunition.com
• L2CAP packetgenerator by Bastian Ballmann
• obex stress tests 0.1
• redfang v2.50 by Ollie Whitehouse
• ussp-push v0.10 by Davide Libenzi
• exploits/attacks:
• Bluebugger v0.1 by Martin J. Muench
• bluePIMp by Kevin Finisterre
• BlueZ hcidump v1.29 DoS PoC by Pierre Betouin
• helomoto by Adam Laurie
• hidattack v0.1 by Collin R. Mulliner
• Mode 3 abuse attack
• Nokia N70 l2cap packet DoS PoC Pierre Betouin
• opush abuse (prompts flood) DoS attack
• Sony-Ericsson reset display PoC by Pierre Betouin
• you can add your own tools by editing 'exploits/exploits.lst' and 'tools/tools.lst'

1.4. Requirements

• OS (tested with Debian 4.0 Etch / 2.6.18)
• python (python 2.4 http://www.python.org)
• wxPython (python-wxgtk2.6 http://www.wxpython.org)
• BlueZ (3.9/3.24) http://www.bluez.org
• Eterm to open tools somewhere, you can set another term in 'config/defaul.conf' changing the value of 'cmd_term' variable. (tested with 1.1 ver)
• pkg-config(0.21), 'tee' used in tools/showmaxlocaldevinfo.sh, openobex, obexftp
• libopenobex1 + libopenobex-dev (needed by ussp-push)
• libxml2, libxml2-dev (needed by btftp)
• libusb-dev (needed by bccmd)
• libreadline5-dev (needed by atshell.c)
• lightblue-0.3.3 (needed by obexstress.py)
• hardware: any bluez compatible bluetooth-device

1.5. Configuration

1. all configuration is in 'config' dir.
2. for using bluemaho propertly you need to build tools and exploits. check if you satisfy 'requirements' for bluemaho. then run 'build.sh'. if you see 'Building complete!' message, than all went OK. if not - try to play around requirements.
3. 'default.conf' is a default configuration file, you can edit it if you need to change some options, path to files and commands used by bluemaho, theme etc. by default you don't need to change it if you do all from 'requirements' chapter. but, please, view it, for example just for setting 'user_location' variable for defining you location, which will be used for tracking function.
4. 'themes' - directory with themes for bluemaho GUI. You can set path to default theme with 'theme' variable in 'default.conf'

1.6. Run and use

You can run BlueMaho typing in console 'bluemaho.py'. For verbose output in console (and redirecting std_err and std_out) run 'bluemaho.py -v'. it saves founded devices to 'bluemaho.log' by default, you can change it in 'config/defaul.conf'. enjoy! 

Download BlueMaho

Read More

A Penetration Testing Framework - Fsociety Hacking Tools Pack

A Penetration Testing Framework , you will have evry script that a hacker needs

Menu

• Information Gathering
• Password Attacks
• Wireless Testing
• Exploitation Tools
• Sniffing & Spoofing
• Web Hacking
• Private Web Hacking
• Post Exploitation
• INSTALL & UPDATE

Information Gathering :

• Nmap
• Setoolkit
• Port Scanning
• Host To IP
• wordpress user
• CMS scanner
• XSStracer
• Dork - Google Dorks Passive Vulnerability Auditor
• Scan A server's Users

Password Attacks :

• Cupp
• Ncrack

Wireless Testing :

• reaver
• pixiewps

Exploitation Tools :

• Venom
• sqlmap
• Shellnoob
• commix
• FTP Auto Bypass
• jboss-autopwn

Sniffing & Spoofing :

• Setoolkit
• SSLtrip
• pyPISHER
• SMTP Mailer

Web Hacking :

• Drupal Hacking
• Inurlbr
• Wordpress & Joomla Scanner
• Gravity Form Scanner
• File Upload Checker
• Wordpress Exploit Scanner
• Wordpress Plugins Scanner
• Shell and Directory Finder
• Joomla! 1.5 - 3.4.5 remote code execution
• Vbulletin 5.X remote code execution
• BruteX - Automatically brute force all services running on a target
• Arachni - Web Application Security Scanner Framework

Private Web Hacking

• Get all websites
• Get joomla websites
• Get wordpress websites
• Control Panel Finder
• Zip Files Finder
• Upload File Finder
• Get server users
• SQli Scanner
• Ports Scan (range of ports)
• ports Scan (common ports)
• Get server Info
• Bypass Cloudflare

Post Exploitation

• Shell Checker
• POET
• Phishing Framework

Install Me

• Install Directly On System (Only For Linux & Mac System )
• Update instantly When There are New Update

Installation Linux
[✓] git clone https://github.com/Manisso/fsociety.git
[✓] cd fsociety && python fsociety.py
[◉] 0 : INSTALL & UPDATE
[◉] -> 0
[✓] press 0
[✓] Congratulation Fsociety is Installed !

Installation Windows
[✔] Download python 2.7
[✓] Download fsociety
[✓] Extract fsociety into Desktop
[◉]Open CMD and type the following commands:
[✓] $cd Desktop/fsociety-master/
[✓] $python fsociety.py

Use

Download Fsociety

Read More

Automatic installation and configuration of DNSCrypt - dnscrypt-autoinstall

A script for installing and automatically configuring DNSCrypt on Linux-based systems.

Description

DNSCrypt is a protocol for securing communications between a client and a DNS resolver by encrypting DNS queries and responses. It verifies that responses you get from a DNS provider have actually been sent by that provider, and haven't been tampered with.

This script will automatically and securely set up DNSCrypt as a background service that runs at system startup using DNSCrypt-proxy, the libsodium cryptography library, and the DNSCrypt service provider of your choice. The script also has options that allow you to change the service provider at any time, turn off DNSCrypt to use regular unencrypted DNS, as well as uninstall DNSCrypt.

Installation
The script supports recent Red Hat-based (CentOS, Fedora, Scientific Linux), Debian-based (Debian, Ubuntu, Linux Mint) distributions and OpenSUSE.

Note	Scripts with sysvinit support were moved to the "legacy" branch (CentOS 6, Debian 7, Ubuntu < 16.04)

wget https://raw.githubusercontent.com/simonclausen/dnscrypt-autoinstall/master/dnscrypt-autoinstall
chmod +x dnscrypt-autoinstall
su -c ./dnscrypt-autoinstall

Supported providers
Providers are retrieved from the latest published dnscrypt-resolvers.csv (github.com/jedisct1), with a fallback to those included with the DNSCrypt installation.

Troubleshooting
If the install fails at a particular stage and the script mentions DNSCrypt is already configured, use the forcedel argument to force an uninstallation:

./dnscrypt-autoinstall.sh forcedel

Download dnscrypt-autoinstall

Read More

A Tool to Generate Various Ways to Do a Reverse Shell - ReverShellGenerator

A tool to generate various ways to do a reverse shell.

Usage example

Reverse Shell fonts
http://bernardodamele.blogspot.com.br/2011/09/reverse-shells-one-liners.html
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

Download ReverShellGenerator

Read More

Website Vulnerability Scanner & Auto Exploiter - XAttacker

XAttacker is a Website Vulnerability Scanner & Auto Exploiter developed by Mohamed Riahi

Installation

git clone https://github.com/Moham3dRiahi/XAttacker.git

Auto Cms Detect

• [1] WordPress :
• [+] Adblock Blocker
• [+] WP All Import
• [+] Blaze
• [+] Catpro
• [+] Cherry Plugin
• [+] Download Manager
• [+] Formcraft
• [+] levoslideshow
• [+] Power Zoomer
• [+] Gravity Forms
• [+] Revslider Upload Shell
• [+] Revslider Dafece Ajax
• [+] Revslider Get Config
• [+] Showbiz
• [+] Simple Ads Manager
• [+] Slide Show Pro
• [+] WP Mobile Detector
• [+] Wysija
• [+] InBoundio Marketing
• [+] dzs-zoomsounds
• [+] Reflex Gallery
• [+] Creative Contact Form
• [+] Work The Flow File Upload
• [+] WP Job Manger
• [+] PHP Event Calendar
• [+] Synoptic
• [+] Wp Shop
• [+] Content Injection
• [2] Joomla
• [+] Com Jce
• [+] Com Media
• [+] Com Jdownloads
• [+] Com Fabrik
• [+] Com Jdownloads Index
• [+] Com Foxcontact
• [+] Com Ads Manager
• [+] Com Blog
• [+] Com Users
• [+] Com Weblinks
• [+] mod_simplefileupload
• [3] DruPal
• [+] Add Admin
• [4] PrestaShop
• [+] columnadverts
• [+] soopamobile
• [+] soopabanners
• [+] Vtermslideshow
• [+] simpleslideshow
• [+] productpageadverts
• [+] homepageadvertise
• [+] homepageadvertise2
• [+] jro_homepageadvertise
• [+] attributewizardpro
• [+] 1attributewizardpro
• [+] AttributewizardproOLD
• [+] attributewizardpro_x
• [+] advancedslider
• [+] cartabandonmentpro
• [+] cartabandonmentproOld
• [+] videostab
• [+] wg24themeadministration
• [+] fieldvmegamenu
• [+] wdoptionpanel
• [+] pk_flexmenu
• [+] pk_vertflexmenu
• [+] nvn_export_orders
• [+] megamenu
• [+] tdpsthemeoptionpanel
• [+] psmodthemeoptionpanel
• [+] masseditproduct
• [5] Lokomedia
• SQL injection

Video

Usage

Short Form	Long Form	Description
-l	--list	websites list

Example
if you have list websites run tool with this command line

perl XAttacker.pl -l list.txt

if you don't have list websites run the tool with this command

perl XAttacker.pl

For coloring in windows Add This Line

use Win32::Console::ANSI;

Version
Current version is 2.1 What's New
• Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload
• GS-Dorker
• speed up
• Bug fixes
version 2.0
• speed up
• Bug fixes
version 1.9
• Bug fixes

Download XAttacker

Read More

Wireshark Crash Course - Tutorial

Description

Wireshark is the most widely used network capture and protocol analyzer on the market. It is used by IT and Network administrators to troubleshoot network connectivity issues and by Network Security analysts to dissect network attacks. This free and open source application is so widely used in the industry because it works. It is cross platform, meaning that it runs on Windows, Mac, Linux and FreeBSD.
This course is an introduction to the application and goes over the basics to get you started capturing and analyzing network traffic. It will build your base by explaining the theory behind how networks work and then get you in to real world applications of the software.
In this course you will learn:

• The basics of how networks operate
• How to capture traffic on wireshark
• How to use display and capture filters
• How to use command line wireshark to work with large packet captures

Who is the target audience?

• Network Administrators
• System Administrators
• IT Security Analysts 

Type: Course 
Language: English 
Number of videos: 24
Year: 2015
Format: MP4 
Size: 675 MB
Password: offsec 

Download Wireshark Crash Course

Read More

Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan - GhostInTheNet

Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan.

Properties:

• Network Invisibility
• Network Anonymity
• Protects from MITM/DOS
• Transparent
• Cross-platform
• Minimalistic

Dependencies:

• Linux 2.4.26+ - will work on any Linux-based OS, including Whonix and RaspberryPI
• BASH - the whole script
• root privileges - for kernel controlling

Limitations:

• You can still be found with VLAN logs if using ethernet or by triangulation/broadcast if using WiFi
• MAC spoofing won't work if appropriate mitigations has been taken, like DAI or sticky MAC
• Might be buggy with some CISCO switches
• Not suitable for production servers

How it works
The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN.
Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality.
Patching of such a widely used standard is a practically impossible task.
A very simple, but at the same time effective solution is to disable ARP and NDP responses on an interface and be very cautious with broadcasting.
Considering the varieties of implementations, this means that anyone in the network wouldn't be able to communication with such host, only if the host is willing it-self.
The ARP/NDP cache will be erased quickly afterwards.
Here is an example schema:

A >>> I need MAC address of B >>> B

A <<< Here it is <<< B

A <<< I need MAC address of A <<< B

A >>> I'm not giving it >>> B

To increase privacy, it's advised to spoof the MAC address, which will provide a better concealment.
All this is possible using simple commands in Linux kernel and a script that automates it all.

Analysis
No ARP/NDP means no connectivity, so an absolute stealth and obscurity on the network/link layer.
This protects from all possible DOSes and MITMs (ARP, DNS, DHCP, ICMP, Port Stealing) and far less resource consuming like ArpON.
Such mitigation implies impossibility of being scanned (nmap, arping).
Besides, it doesn't impact a normal internet or LAN connection on the host perspective.
If you're connecting to a host, it will be authorised to do so, but shortly after stopping the communication, the host will forget about you because, ARP/NDP tables won't stay long without a fresh request.
Regarding the large compatibility and cross-platforming, it's very useful for offsec/pentest/redteaming as well.
You see everyone, but nobody sees you, you're a ghost.
Mitigation and having real supervision on the network will require deep reconfiguration of OSes, IDPSes and all other equipement, so hardly feasible.

HowTo
You can execute the script after the connection to the network or just before:

sudo GhostInTheNet.sh on eth0

This will activate the solution until reboot.
If you want to stop it:

sudo GhostInTheNet.sh off eth0

Of course, you will have to make the script executable in the first place:

chmod u+x GhostInTheNet.sh

Notes
ARP/NDP protocol can be exploited for defensive purpose.
Now your Poisontap is literally undetectable and your Tails is even more anonymous.
You should learn some stuff about IPv6.

Download GhostInTheNet

Read More

A Framework For NoSQL Scanning and Exploitation - NoSQL Exploitation Framework 2.0

A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander.

Added Features:

• First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra
• Support For NoSQL WebAPPS
• Added payload list for JS Injection,Web application Enumeration.
• Scan Support for Mongo,CouchDB and Redis
• Dictionary Attack Support for Mongo,Cocuh and Redis
• Enumeration Module added for the DB's,retrieves data in db's @ one shot.
• Currently Discover's Web Interface for Mongo
• Shodan Query Feature
• MultiThreaded IP List Scanner
• Dump and Copy Database features Added for CouchDB
• Sniff for Mongo,Couch and Redis

Change Log V2.0:

• Modularised approach, Now comes with Configuration file, tweak to your customization
• Multithreaded dictionary attacks,file enumeration
• Support for Heuristic based Redis remote file enumeration,Added Redis System enumeration
• Now select Databases depending upon options -d "Database" -t "table" -d "Dump"
• Improved Scan Support for Mongo,CouchDB,Redis,Cassandra and H-Base
• Improved dump feature
• Bug fixes

Installation

• Install Pip, sudo apt-get install python-setuptools;easy_install pip
• pip install -r requirements.txt
• python nosqlframework.py -h (For Help Options)

Installation on Mac/Kali

• Removed the scapy module by default for mac. So this should run by default. If you need to sniff run the script and then continue.
• Run installformac-kali.sh directly
• python nosqlframework.py -h (For Help Options)

Installing Nosql Exploitaiton Framework in Virtualenv

• virtualenv nosqlframework
• source nosqlframework/bin/activate
• pip install -r requirements.txt
• nosqlframework/bin/python nosqlframework.py -h (For Help Options)
• deactivate (After usage)

Sample Usage

nosqlframework.py -ip localhost -scan
nosqlframework.py -ip localhost -dict mongo -file b.txt
nosqlframework.py -ip localhost -enum couch
nosqlframework.py -ip localhost -enum redis
nosqlframework.py -ip localhost -clone couch

Download NoSQL Exploitation Framework 2.0

Read More

Detect And Bypass Web Application Firewalls And Protection Systems - WhatWaf

Features

• Ability to run on a single URL with the -u/--url flag
• Ability to run through a list of URL's with the -l/--list flag
• Ability to detect over 40 different firewalls
• Ability to try over 20 different tampering techniques
• Ability to pass your own payloads either from a file or from the terminal
• Payloads that are guaranteed to produce at least one WAF triggering
• Ability to bypass firewalls using both SQLi techniques and cross site scripting techniques
• Ability to run behind Tor
• Ability to run behind multiple proxy types (socks4, socks5, http, https)
• Ability to use a random user agent, personal user agent, or custom default user agent
• More to come...

Installation
Installing whatwaf is super easy, all you have to do is the following:
Have Python 2.7, Python 3.x compatibility is being implemented soon:

sudo -s << EOF
git clone https://github.com/ekultek/whatwaf.git
cd whatwaf
chmod +x whatwaf.py
pip2 install -r requirements.txt
./whatwaf.py --help

Proof of concept
First we'll run the website through WhatWaf and figure out which firewall protects it (if any):

Next we'll go to that website and see what the page looks like:

Hmm.. that doesn't really look like Cloudflare does it? Let's check what the HTTP headers server and cookies say:

And finally, lets try one of the bypasses that it tells us to try:

Demo vídeo

Download WhatWaf

Read More