Search Results for "hosts"

bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.

These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find...

...This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! MongoDB listens on a port different to default one. Server only accepts connections from whitelisted hosts / networks. MongoDB HTTP status interface is not accessible on port 28017. MongoDB is not exposing its version number. MongoDB version is newer than 2.4. TLS/SSL encryption is enabled. Authentication is enabled. SCRAM-SHA-1 authentication method is enabled.

...Using this we can reach different subnet hosts from our pentest machine, which was only accessible from the compromised machine.

DenyHost works to automatically block brute-force attacks against the secure shell service. It does this by scanning log files for failed login attempts and blocking remote hosts which have made too many failed connections. Please note this project has merged with The DenyHosts project on GitHub. Current development and releases can be found on the DenyHosts GitHub page: https://github.com/denyhosts/denyhosts The files hosted here on SourceForge are for legacy purposes only and should be considered out of date.

cSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.Once cSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing ( with common protocols dissection ), real time traffic manipulation, etc, etc .

...A tool developed at Universidad Tecnologica Nacional (Argentina). It detects attacks and it responses with isolation attacks. It's supposed to be on the same network of the protected hosts. It must be capable to see all the traffic. It's a basic IPS with a self defense module. So it can prevents future attacks from the same hosts, which is identified by its mac address.

SpoofyR2 is a VB.NET tool which allows you to jump in an existing network connection between 2 hosts (man-in-the-middle). For example you are able to manipulate some network-traffic like a dns-request.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembl