Category: News

From github.com

Shodanfy.py is a tool to get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!)

# python3 shodanfy.py <ip> [OPTIONS] 
e.g:
    python3 shodanfy.py 111.111.111.111 
    python3 shodanfy.py 111.111.111.111 --getports
    python3 shodanfy.py 111.111.111.111 --getvuln
    python3 shodanfy.py 111.111.111.111 --getinfo
    python3 shodanfy.py 111.111.111.111 --getmoreinfo
    python3 shodanfy.py 111.111.111.111 --getbanner
    python3 shodanfy.py 111.111.111.111 --getports --getvuln
    python3 shodanfy.py 111.111.111.111 --proxy 127.0.0.1:8080
# support pipeline, --stdin option is required..
# echo "<ip>" or cat ips.txt | python3 shodanfy.py --stdin [OPTIONS]
e.g:
    echo "111.111.111.111"|python3 shodanfy.py --stdin 
    echo "111.111.111.111"|python3 shodanfy.py --stdin --proxy 127.0.0.1:8080
    echo "111.111.111.111"|python3 shodanfy.py --stdin --getvuln 
    cat ips.txt|python3 shodanfy.py --stdin --getports
    dig google.com +short A | grep -oi '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | python3 shodanfy.py --stdin --geports

Read more…

From gbhackers.com

A Vulnerability Scanning Tools is one of the essential tools in IT departments Since vulnerabilities pop up every day and thus leaving a loophole for the organization.

The Vulnerability scanning tools helps in detecting security loopholes with the application, operating systems, hardware and network systems.

Hackers are actively looking for these loopholes to use them for their advantage. Vulnerabilities inside a network need to be identified and fixed immediately to leave your attackers at bay.

Read more…

From helpnetsecurity.com

We have all seen the carefully prepared statement. A cyber incident has occurred, we are investigating but please do not worry since no data has left our network. Perhaps we will also see the obligatory inclusion of a ‘sophisticated’ threat actor by way of explanation as to how the company protecting our data was able to be compromised.

Read more…

From gbhackers.com

A new browser extension published dubbed Behave! that warns the user if the website tries to perform a port scan or launch DNS based attacks.

The web sites port scanning issue came into light after a script found on the eBay website that performs local port scans on a user computer to check for remote access.

The port scanning conducted by LexisNexis’ ThreatMetrix fraud protection script that used to detect fraudulent purchases.

Read more…

From securityaffairs.co

Experts spotted recent samples of the Snake ransomware that were isolating the infected systems while encrypting files to avoid interference.

Experts from cybersecurity firm Deep Instinct recently spotted some sample of theSnake ransomware (also known as EKANS) were observed isolating the infected systems to encrypt files without interference.

Read more…

From securityaffairs.co

A few days after the disclosure of the vulnerability in the F5 Networks BIG-IP product. F5 Networks has recently addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product.

The BIG-IP product is an application delivery controller (ADC), it is used by government agencies and major business, including banks, services providers and IT giants like Facebook, Microsoft and Oracle.

Read more…

From kitploit.com

oGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.

Installation
You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it:

go build GoGhost.go

Read more…