Offensive Security has released an official version of Kali Linux for Raspberry Pi 4, the last (and most powerful) version of the compact computer board, released just two weeks ago with a 1.5 GHz 64-bit quad-core ARM Cortex-A72 processor and 4GB of RAM.
During the first phase of a penetration test, especially when the test is performed in blackbox mode, is really important to gather correct informations from company websites and employees social accounts.
python sqliv.py --help
usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]
-h, --help show this help message andexit-d D SQL injection dork
-e E search engine [Google only for now]
-p P number of websites to look forin search engine
-t T scan target website
-r reverse domain
Some usage examples
1. Multiple domain scanning with SQLi dork
it simply search multiple websites from given dork and scan the results one by one
python sqliv.py -d <SQLIDORK>-e <SEARCHENGINE>
python sqliv.py -d "inurl:index.php?id="-e google
2. Targetted scanning
can provide only domain name or specifc url with query params
if only domain name is provided, it will crawl and get urls with query
WPSeku is a Black-box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
What is a Black-box scanner?
Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from the outside-in, with little or no prior knowledge of the application’s internal workings. Essentially, black-box testing takes an approach similar to that of a real attacker.
Do you know Wifite? It’s a great wifi auditing tool, designed for use with pentesting distributions of Linux, such as Kali Linux, Pentoo, BackBox and any Linux distributions with wireless drivers patched for injection (so the script appears to also operate with Ubuntu 11/10, Debian 6, and Fedora 16).
The developer, Derv82, has recently released a new version of the tool, Wifite 2, designed entirely for the latest version of Kali Rolling release, with the support for the latest versions of Aircrack-ng suite, wash, reaver, tshark and cowpatty.
The new tool maintains the same interface and command line argument of the previous, but introduces a lot of changes:
Lots of files instead of “one big script”.
Cleaner process management — No longer leaves processes running in the background.
UX: Target access points are refreshed every second instead of every 5 seconds.
UX: Displays realtime Power level (in db) of currently-attacked target
So, the updated feature list is:
Reaver Pixie-Dust attack (--pixie) (The attack works by exploiting weaknesses in the generation of the E-S1 and E-S2 nonces which are used to produce the enrollee hash)
Reaver WPS PIN attack (--reaver) (A brute force attack against WPS registrar PINs in order to recover WPA/WPA2 passphrases)
WPA handshake capture (--no-reaver)
Validates handshakes against pyrit, tshark, cowpatty, and aircrack-ng
Various WEP attacks (replay, chopchop, fragment, etc)
5Ghz support for wireless cards that support 5ghz (use -5 option)
Stores cracked passwords and handshakes to the current directory, with metadata about the access point (via --crackedcommand).
Decloaks hidden access points when channel is fixed (use -c <channel> option)
Provides commands to crack captured WPA handshakes (via --crack command)
As usual, installation is very simple:
git clone https://github.com/derv82/wifite2.git cd wifite2 ./Wifite.py