RSS Security

πŸ”’
❌ About FreshRSS
There are new articles available, click to refresh the page.
☐ β˜† βœ‡ KitPloit - PenTest & Hacking Tools

Terraguard - Create And Destroy Your Own VPN Service Using WireGuard

By: Zion3R β€”


This project's goal is to be simple to create and destroy your own VPN service using WireGuard.


Prerequisites
  • Terraform >= 1.0.0
  • Ansible >= 2.10.5

How to Deploy

Terraform

Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start a process.

Select your cloud provider AWS, DigitalOcean and open the directory

You can change the region or key name in the variable.tf

  • Initialize Terraform
terraform init
  • Plan our modifications
terraform plan ">
sudo terraform plan
  • Apply the changes
sudo terraform apply
  • For Digital Ocean you need to declare your token(do_token) in variable.tf or command line:
sudo terraform plan -var "do_token=value"
sudo terraform apply -var "do_token=value"

Tests - Checking the IP
  • Test the connection without VPN
curl ipinfo.io/ip
  • Start VPN
sudo systemctl start [email protected]
  • Test the connection with VPN
curl ipinfo.io/ip

Cleanup
  • Just run:
sudo terraform destroy

Cloud Providers
  • AWS
  • Digital Ocean
  • GCP
  • OCI

Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues.


Roadmap
  • Work
  • Linux client(Debian, RedHat and Arch base)
  • Terraform to deploy server on AWS
  • Mac client
  • Add other cloud providers

Author

ο‘€
JoΓ£o Freire

☐ β˜† βœ‡ KitPloit - PenTest & Hacking Tools

Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once

By: Zion3R β€”


Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once.


Purpose

Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because it could validate the directories using specific-word or 2 words at once and the results will more accurate.


It will help you to find:
  • Web administrator/login panel
  • Credential in some paths
  • Third-party token
  • Etc

Installation
git clone https://github.com/xchopath/pathprober
cd pathprober/

Requirements
pip3 install -r requirements.txt

Support
  • Multiple URL targets (in a file separated by newline) or single URL target
  • Multiple paths (in a file separated by newline) or single path
  • 1 word or 2 words (filter)
  • Save valid results to another file
  • Multi-threading

Sample usage

Multiple target, multiple path, and multiple words:

python3 pathprober.py -T target.txt -P path.txt -w "APP_NAME" -w2 "DB_PASSWORD"

Single target, multiple path, and single word:

python3 pathprober.py -t https://redacted.com/ -P path.txt -w "APP_NAME"

Multiple target, single path, multiple words, and save output to file:

python3 pathprober.py -T target.txt -p /.env -w "APP_NAME" -w2 "TWILIO" -o output.txt

Need more help?
bash:~/pathprober$ python3 pathprober.py --help

___ ____ ___ _ _ ___ ____ ____ ___ ____ ____
|__] |__| | |__| |__] |__/ | | |__] |___ |__/
| | | | | | | | \ |__| |__] |___ | \
Probe HTTP pathname filtered by words

usage: pathprober.py [-h] [-t https://example.com] [-p pathname] [-T target.txt] [-P path.txt] [-w Word] [-w2 Word] [-o output.txt]

PathProber - Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

optional arguments:
-h, --help show this help message and exit
-t https://example.com
Single website target
-p pathname Single pathname
-T target.txt Multiple target separated by newline
-P path.txt Multiple pathname separated by newline
-w Word A word that you want to find in a path
-w2 Word A secon d word that you want to find in a path
-o output.txt Save the results to file

Contributors


☐ β˜† βœ‡ KitPloit - PenTest & Hacking Tools

In0ri - Defacement Detection With Deep Learning

By: Zion3R β€”


In0ri is a defacement detection system utilizing a image-classification convolutional neural network.


Introduction

When monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numericalize the image before passing it onto the classifier. The core of the classifier is a convolutional neural network that is trained to detect the defacement of a website. If the monitored website is indeed, defaced, In0ri will send out warnings via email to the user.


Requirement
  • Python3 (version >=3.6)
  • Docker
  • Docker-compose

Installation

Cloning the repository
git clone https://github.com/J4FSec/In0ri.git
cd In0ri

Configuring email credentials to send notifications and agent keys from

Edit the file FlaskApp/sendEmail.py

EMAIL_ADDRESS = "[email protected]"
EMAIL_PASSWORD = "$uper$ecurePa$$word"

Configure Telegram notification

Edit the file chatbot.py

CHAT_ID= 'foo' # Channel ID to send notifications to
TOKEN = 'bar' # Bot token retrieved from @BotFather

Starting In0ri
docker-compose up -d

Usage

There's two ways to deploy and using In0ri:

  • Running off crontab by periodically visiting the url.
  • Internal agent running off the web server

First Method: URL Check

Visit the WebUI on https://<serverIP>:8080/ and click on "Register" then fill in the form and submit it.


Second Method: Internal Agent

Visit the WebUI on https://<serverIP>:8080/ and click on "Register" then fill in the form and submit it.

Click on "Create Agent" then fill in the form and check your email for the Agent's key.

On the web server that you wants to be monitored by In0ri, download the Agent folder from Github repository

Installing the required packages for the internal Agent

python3 -m pip install watchdog
python3 -m pip install requests

Edit the file config.json in the same folder as agent

nano config.json

A key is sent to your email after registering the Agent on the WebUI rootPath is the root directory of the web application that you want to be monitored exludePath are the subfolders that you wants excluded from the scans apiServer is the URL to the API server of In0ri serverIP is the IP of the API server of In0ri

{
"id":"01",
"key":"123123123",
"rootPath":"/var/www/html",
"excludePath":"",
"apiServer":"http://<serverIP>:8088/checkdeface"
}

And run the Agent:

python3 agent.py

References

Model training is handled by Shu


Authors

In0ri is built by Echidna with the help of Cu64 and Klone.


Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.



❌