After a post focused on Android, another list of tools useful for penetration testing and reverse engineering of iOS applications.
Also all this tools are OSS and freely available.

And some suggestion to hardening your buckets!

Cybersecurity firm Immunity Inc. decided to sell a BlueKeep exploit module capable of full remote code execution as part of its penetration testing toolkit.

This list of tools is really useful both in penetration testing on an Android application and in reverse engineering of a suspicious application.
All tools are OSS and freely available: so, enjoy!

Months ago, I published a post about Flare VM, a project by Fireeye/Mandiant researcher focused on the creation of a Windows-based security distribution for malware analysis.

Recently, Fireeye released a similar project: another windows-based distribution, but this time dedicated to penetration testing and red teaming, named Command VM.

Offensive Security has released an official version of Kali Linux for Raspberry Pi 4, the last (and most powerful) version of the compact computer board, released just two weeks ago with a 1.5 GHz 64-bit quad-core ARM Cortex-A72 processor and 4GB of RAM.

How attackers can exploit Group Policy Preferences file in order to discover passwords?
And how SysAdmins can mitigate this vulnerability?

…using a small python script!

During the first phase of a penetration test, especially when the test is performed in blackbox mode, is really important to gather correct informations from company websites and employees social accounts.

Continue…

SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities.

It uses known dorks in order to find vulnerable URLs.

Features

1. multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo
2. targetted scanning by providing specific domain (with crawling)
3. reverse domain scanning

Installation

1. Resolve some dependencies:
   pip install bs4 termcolor google

2. Clone the git repository:
   git clone https://github.com/Hadesy2k/sqliv.git
3. Start python setup:
   sudo python2 setup.py -i

Quick reference

python sqliv.py --help

usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]

optional arguments:
  -h, --help  show this help message and exit
  -d D        SQL injection dork
  -e E        search engine [Google only for now]
  -p P        number of websites to look for in search engine
  -t T        scan target website
  -r          reverse domain

Some usage examples

1. Multiple domain scanning with SQLi dork

• it simply search multiple websites from given dork and scan the results one by one

python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>  
python sqliv.py -d "inurl:index.php?id=" -e google

2. Targetted scanning

• can provide only domain name or specifc url with query params
• if only domain name is provided, it will crawl and get urls with query
• then scan the urls one by one

python sqliv.py -t <URL>  
python sqliv.py -t www.example.com  
python sqliv.py -t www.example.com/index.php?id=1

3. Reverse domain and scanning

• do reverse domain and look for websites that hosted on same server as target url

python sqliv.py -t <URL> -r

More information and downloads

• Official GitHub repository: https://github.com/Hadesy2k/sqliv