Security
Headlines
HeadlinesLatestCVEs

Tag

#golang

QueenSono - Golang Binary For Data Exfiltration With ICMP Protocol

<p><a href="https://1.bp.blogspot.com/-p5_2_IEv9P8/YUuqKRcI1rI/AAAAAAAAvSg/hsnZHGNuRTEP9G-_v8lbWCSQYvVXbj3XQCNcBGAsYHQ/s1350/QueenSono_2_qssono-trunc.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="571" data-original-width="1350" height="270" src="https://1.bp.blogspot.com/-p5_2_IEv9P8/YUuqKRcI1rI/AAAAAAAAvSg/hsnZHGNuRTEP9G-_v8lbWCSQYvVXbj3XQCNcBGAsYHQ/w640-h270/QueenSono_2_qssono-trunc.gif" width="640" /></a></p><div><br /></div> <p style="text-align: left;"> QueenSono tool only relies on the fact that ICMP protocol isn't monitored. It is quite common. It could also been used within a system with basic ICMP inspection (ie. frequency and content length watcher). Try to imitate <a href="https://github.com/ytisf/PyExfil" rel="nofollow" target="_blank" title="PyExfil">PyExfil</a> (and others) with the idea that the target machine does not necessary have python installed (so provide a binary could be useful)</p...

kitploit
#golang#Pentest#Pentest Tool#Python#QueenSono#Remote
DNSTake - A Fast Tool To Check Missing Hosted DNS Zones That Can Lead To Subdomain Takeover

<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-LGMSUcdo2JM/YUK0T3V-wmI/AAAAAAAAumU/6VQzYIHfowQkYRjUfQivB78oB7xET-I8QCNcBGAsYHQ/s1218/DNSTake.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="307" data-original-width="1218" height="162" src="https://1.bp.blogspot.com/-LGMSUcdo2JM/YUK0T3V-wmI/AAAAAAAAumU/6VQzYIHfowQkYRjUfQivB78oB7xET-I8QCNcBGAsYHQ/w640-h162/DNSTake.png" width="640" /></a></div><p><br /></p> <p>A fast tool to check missing hosted DNS zones that can lead to subdomain takeover.</p> <br /><span style="font-size: large;"><b>What is a DNS takeover?</b></span><br /> <p>DNS takeover <a href="https://www.kitploit.com/search/label/vulnerabilities" target="_blank" title="vulnerabilities">vulnerabilities</a> occur when a subdomain (subdomain.example.com) or domain has its authoritative nameserver set to a provider (e.g. AWS Route 53, Akamai, Microsoft Azure, etc.) but the ho...