Thursday, September 1, 2016

TODAY WE ARE SETTING A GAME...

ConfigGenerator

The ConfigGen utility can be used as an aid in setting the device configuration fuse settings.
Unzip the utility and place the file ConfigGen.exe in a directory of your choice. The software uses the MPASM '8bit_device.info' file as the source of its information, and can be set to use the MPASM, MPASMX, or Swordfish copy.
Config Generator Software
Make sure the software is pointing to the MPASM, MPASMX, or Swordfish Bin installation folder. If it is not, use the 'Change Folder...' button to point to the location of the file '8bit_device.info'. For MPLAB this is typically "C:\Program Files\Microchip\MPASM Suite" and for MPLABX it's "C:\Program Files\Microchip\MPLABX\mpasmx". Next, press the 'Load File' button. This will open the .info file and build a list of all PIC18 devices contained in it. Select your desired device from the 'Device' dropdown list and it will display all of the config fuses and their default settings.
Clicking the 'Setting' column for a config entry will show a dropdown list with all of the valid selections for that fuse.
When all config settings have been made, click the 'Generate' button and the program will generate source code with all of your selections (the 'Comments' checkbox will remove the descriptions and just leave the settings, if desired).
Selecting 'Copy to Clipboard' will dump the output window contents into the Windows clipboard, which you can then paste into a file using a text editor or the Swordfish IDE using 'Edit | Paste' (or Ctrl-V).
The 'Set Defaults' button will change all the settings back to the defaults provided in the .info file, with the exception of 'XINST', 'DEBUG', 'LVP', and 'IOL1WAY' (if present for the selected device). The program always sets these off.

BlackArch Linux Complete Tools List

BlackArch Linux Complete Tools List

https://www.blackarch.org/tools.html 

 

Packages that actively seeks vulnerable exploits in the wild. More of an umbrella group for similar packages.

Tool count: 23
BlackArch recon
Name Version Description Homepage
api-dnsdumpster 29.f8cce1f Unofficial Python API for http://dnsdumpster.com/.
basedomainname 0.1 Tool that can extract TLD (Top Level Domain), domain extensions (Second Level Domain + TLD), domain name, and hostname from fully qualified domain names.
bing-ip2hosts 0.4 Enumerates all hostnames which Bing has indexed for a specific IP address.
catnthecanary 7.e9184fe An application to query the canary.pw data set for leaked data.
cutycapt 10 A Qt and WebKit based command-line utility that captures WebKit's rendering of a web page.
dnsbrute 2.b1dc84a Multi-theaded DNS bruteforcing, average speed 80 lookups/second with 40 threads.
dnsenum 1.2.4.2 Script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
dnsrecon 0.8.9 Python script for enumeration of hosts, subdomains and emails from a given domain using google.
dnsspider 0.8 A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
dnstracer 1.9 Determines where a given DNS server gets its information from, and follows the chain of DNS servers
dnswalk 2.0.2 A DNS debugger
domain-analyzer 0.8.1 Finds all the security information for a given domain name.
dradis 3.0.0.rc1 An open source framework to enable effective information sharing.
enum4linux 0.8.9 A tool for enumerating information from Windows and Samba systems.
facebot 23.57f6025 A facebook profile and reconnaissance system.
fbid 11.b8106f8 Show info about the author by facebook photo url.
flashlight 107.39594b5 Automated Information Gathering Tool for Penetration Testers.
geoedge 0.2 This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool).
githack 6.b83a744 A `.git` folder disclosure exploit.
gitminer 29.e25f339 Tool for advanced mining for content on Github.
goodork 2.2 A python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line.
goofile 1.5 Command line filetype search
goog-mail 1.0 Enumerate domain emails from google.
gwtenum 7.f27a5aa Enumeration of GWT-RCP method calls.
halcyon 0.1 A repository crawler that runs checksums for static files found within a given git repository.
hasere 1.0 Discover the vhosts using google and bing.
idswakeup 1.0 A collection of tools that allows to test network intrusion detection systems.
intrace 1.5 Traceroute-like application piggybacking on existing TCP connections
ircsnapshot 94.cb02a85 Tool to gather information from IRC servers.
ivre 1027.1b9acae Network recon framework.
kacak 1.0 Tools for penetration testers that can enumerate which users logged on windows system.
lanmap2 127.1197999 Passive network mapping tool.
lbd 20130719 Load Balancing detector
ldapenum 0.1 Enumerate domain controllers using LDAP.
lft 3.76 A layer four traceroute implementing numerous other features.
linux-exploit-suggester 32.9db2f5a A Perl script that tries to suggest exploits based OS version number.
loot 51.656fb85 Sensitive information extraction tool.
machinae 61.67b9725 A tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
mdns-recon 7.cf67423 An mDNS recon tool written in Python.
metagoofil 1.4b An information gathering tool designed for extracting metadata of public documents
missidentify 1.0 A program to find Win32 applications.
monocle 1.0 A local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network.
nasnum 5.df5df19 Script to enumerate network attached storages.
necromant 3.acbc448 Python Script that search unused Virtual Hosts in Web Servers.
neglected 8.68d02b3 Facebook CDN Photo Resolver.
netdiscover 0.3 An active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks.
netmask 2.4.3 Helps determine network masks
nipper 0.11.7 Network Infrastructure Parser
nsec3walker 20101223 Enumerates domain names using DNSSEC
ntp-ip-enum 0.1 Script to pull addresses from a NTP server using the monlist command. Can also output Maltego resultset.
osinterator 3.8447f58 Open Source Toolkit for Open Source Intelligence Gathering.
parsero 81.e5b585a A robots.txt audit tool.
quickrecon 0.3.2 A python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
recon-ng 4.8.1 A full-featured Web Reconnaissance framework written in Python.
revipd 5.2aaacfb A simple reverse IP domain scanner.
ripdc 0.2 A script which maps domains related to an given ip address or domainname.
sctpscan 34.4d44706 A network scanner for discovery and security.
shard 1.5 A command line tool to detect shared passwords.
simplyemail 505.159429f Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com.
sipi 10.10f087f Simple IP Information Tools for Reputation Data Analysis.
smbcrunch 5.23ea4cc 3 tools that work together to simplify reconaissance of Windows File Shares.
smtp-user-enum 1.2 Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO.
sn1per 116.58c25c7 Automated Pentest Recon Scanner.
spfmap 8.a42d15a A program to map out SPF and DKIM records for a large number of domains.
spiderfoot 2.7.0 The Open Source Footprinting Tool.
spoofcheck 16.8cce591 Simple script that checks a domain for email protections.
ssl-hostname-resolver 1 CN (Common Name) grabber on X.509 Certificates over HTTPS.
subdomainer 1.2 A tool designed for obtaining subdomain names from public sources.
sysdig 0.11.0 Open source system-level exploration and troubleshooting tool
theharvester 53.0f9a670 Python tool for gathering e-mail accounts and subdomain names from different public sources (search engines, pgp key servers).
tilt 90.2bc2ef2 An easy and simple tool implemented in Python for ip reconnaissance, with reverse ip lookup.
tinfoleak 3.6469eb3 Get detailed information about a Twitter user activity.
traceroute 2.1.0 Tracks the route taken by packets over an IP network
treasure 6.a91d52b Hunt for sensitive information through githubs code search.
twofi 2.0 Twitter Words of Interest.
vbrute 1.11dda8b Virtual hosts brute forcer.
waldo 28.a33de7a A lightweight and multithreaded directory and subdomain bruteforcer implemented in Python.
websearch 1.cce2384 Search vhost names given a host range. Powered by Bing..
whatweb 4188.f467aa2 Next generation web scanner that identifies what websites are running.
windows-exploit-suggester 26.493f96a This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target.
zgrab631.bb14ac8Grab banners (optionally over TLS).                                                                                                                                                                                                        

http://bt3gl.github.io/black-hat-python-infinite-possibilities-with-the-scapy-module.html 

 Black Hat Python: Infinite possibilities with the Scapy Module

This is a review about one of my favorites libraries in Python: Scapy, which is a very powerful packet manipulation resource.
Scapy is able to forge and decode packets of several protocols, send and capture them, match requests and replies, and much more. It can be used to handle most network tasks such as scanning, tracerouting, probing, attacks, network discovery, to name a few.
Before we start, make sure you have Scapy in your machine:
$ pip install scapy
You can test the installation firing up Scapy iteratively. For example, these are some useful functions:
$ scapy
Welcome to Scapy (2.2.0)
>>> ls()    ---> list protocols/layers
>>> lsc()   ---> list commands
>>> conf    ---> Display configurations
>>> help(sniff)     --> Help for a specific command
This post is divided as the following:

this is no news anyway...I have a passaport...uses a PIC....

How can I display a URL as an image in an excel cell?

How to convert website URL to QR Code online

HOW TO CONVERT URL TO QR CODE?

Just follow these easy steps:
1. Go to a URL code generator such as Scanova
2. Enter the website URL in the given field and click on Create my QR Code







how to make a qr code

Man in the Rain