I have decided to learn and have fun with a new tool called the Bash Bunny by Hak5. I have decided to create a series of posts dedicated to this learning journey. In this introductory post, I’ll explain what the Bash Bunny is. It looks like a normal USB device with an LED and a switch on it.
In the first cURL post, I wrote about how to download files using cURL. I recently got an opportunity to work with forms using cURL. In this post, I will describe about how I used cURL to send a POST request to page containing a form. The objective was to obtain the response from the server after submitting a form.
For long, penetration testers and security enthusiasts have been using tools that are natively built around the linux platform.
Ghidra is a Software Reverse Engineering (SRE) framework developed by the National Security Agency which was announced during the RSA 2019 conference. NSA has made the tool available as an open source software allowing and accepting contributions from the community. Its functionality is similar to other reverse engineering softwares such as IDA, Binary Ninja, Capstone etc.
Crunch is a wordlist generator useful for password cracking. Sometimes, you don’t want to use large precomputed wordlists and instead you may want to create your own. Crunch is your solution! It is a small but powerful command line tool allowing you to specify the criteria for the wordlists and generate it for you.
Sublist3r is an information gathering tool written in python for subdomain enumeration. This tool uses OSINT or Open Source Intelligence to gather information from various search engines such as Google, Yahoo, Baidu, Bing and so on. The tools is available on GitHub which can be setup by cloning the git repository as below:
cURL doesn’t stand for command line URL tool but it is one of the tools available for transferring of files seamlessly through the terminal. cURL is considered an abbreviation for Client URL Request Library. cURL supports multiple network protocols allowing to access files through HTTP(S), FTP(S), SCP to name a few.
A great application for newcomers as well as for the experienced to learn more about various cryptographic protocols and algorithms. CrypTool provides an intuitive graphical interface to play around with various settings of any cryptographic algorithm. Using the tool, one can understand the importance of key length and choice of characters for any encryption scheme.