Tag: web spidering

PreEx: Pre-Exploitation Intelligence Gathering

I have recently been working on PreEx, a pre-exploitation intelligence gathering program.

PreEx

My goal with PreEx is to make it easier to gather all the information necessary in order to launch a targeted attack. In combination with other tools such as Tuoni and Cryptan, PreEx can be used to better fingerprint targets and carry out attacks more efficiently.

The use of this tool is to be limited to testing purposes under legal authority.

The current version of PreEx is version 0.

Current capabilities:
* Organization email addresses
* Organization hostnames-IPs
* Target Phone numbers
* Employee social media profiles
* Target Social media profiles
* Current and past addresses
* DNS information
* Registered domain holder information
* SNMP device enumeration
* Samba device enumeration

Future capabilities:
* Relevant contacts
* Events to attend
* Locations visited
* Interests
* Operating System used
* Software used

More functionalities and capabilities will be added in the future.

 

 

Tuoni Web Attacking Program and Cryptan Cryptography Suite

I have been working on two public projects in Python.

The first, Tuoni, is a web attacking program.

Tuoni currently has the following capabilities:

  • Shellshock attack
  • Directory fuzzer
  • Session hijacker
  • Get robots.txt file
  • Test file upload ability
  • Whois lookups
  • Zone transfers
  • Web spidering
  • Banner grabbing

The second, Cryptan, is a cryptography suite.

Cryptan currently has the following capabilities:

* Format conversion: Hex, Ascii, Decimal, Octal, Binary
* XOR Encryption/Decryption
* Caesar Cipher Encryption/Decryption
* Caesar Cipher Brute-force Decryption
* Single Byte XOR Decryption
* Single Character XOR Detection & Decryption
* Repeating-Key XOR (Vigenere) Decryption
* AES-ECB Detection
* AES-ECB Decryption
* PKCS#7 Padding
* AES-CBC Decryption

Tuoni is a great tool for the first stages of information gathering. With it, you can discover directories, test for the ability of uploading files (which can lead to uploading a reverse shell), and also attempt a shellshock attack and session hijacking.

Cryptan is a great tool for your cryptography needs. Most wargames and capture the flags include cryptography challenges that involve Cryptan’s functionalities in one way or another. For real-life testing, most devices actually have very basic cryptography implementations, so Cryptan can easily decrypt whatever it is they are trying to encrypt.

These are open-ended projects. There is still much to add. As is, they work great.