Information Gathering and Reconnaissance Tools

28Jan

lsassy

By 0x1 Reconnaissance-tools, Shodan, Recon, Automate, Comments

Extract credentials from lsass remotely

Author : Pixis

Active Directory Windows

In this post

» Introduction
» CrackMapExec
» Mimikatz module
» Manual method : Procdump
» Limits & Improvements
» CrackMapExec module
» New tools
» Conclusion

11Jan

AttackSurfaceMapper

By 0x1 Reconnaissance-tools, Shodan, Recon, Automate, Comments

Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and passive lookups, Other IPs of the same network block owner, IPs that have multiple domain names pointing to them and so on.

Once the target list is fully expanded it performs passive reconnaissance on them, taking screenshots of websites, generating visual maps, looking up credentials in public breaches, passive port scanning with Shodan and scraping employees from LinkedIn.

04Jan

Kamerka GUI

By 0x1 Reconnaissance-tools, Shodan, Recon, Comments

ꓘamerka GUI

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.

23Aug

AIL Framework

By 0x1 Framework, Leaks, Analyse, Information-gathering, Comments

AIL framework - Framework for Analysis of Information Leaks

AIL is a modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible and can be extended to support other functionalities to mine or process sensitive information (e.g. data leak prevention).