Security Videos

Entries in dns (2)


Automater updates

So as many of you have may have noticed, I have updated Automater a few times over the last couple of months to address some specific issues and add some functionality. The changelog is as follows:

[+] Modifed Robtex data pull to match sites new formatting
[+] Added Virustotal search for the hash function
[+] Added HTTP Proxy support. Will pull OS default proxy settings.
[+] Modified some variables for consistency 
[+] Added comments
[-] Removed JoeBox from hash search
[+] Fixed FortiGuard rating https://github.com/1aN0rmus/TekDefense/issues/10
[+] Display help when no arguments are given https://github.com/1aN0rmus/TekDefense/issues/8
[+] Added Hash Search functionality https://github.com/1aN0rmus/TekDefense/issues/7
[+] Sources for Hash search are VxVault, ThreatExpert, JoeSandBox, and Minotaur
[+] Modified regex in Robtex function to pick up "A" records that were being missed.
[+] Alienvault reputation data added by guillermogrande.  Thank you!
[+] Changed output style to @ViolentPython style
[+] Fixed IPVoid and URLVoid result for new regexes
[+] Fixed form submit for IP's and URLs that were not previously scanned

So in short, it now has proxy support, pulls data from a few new places and will now take hashes as well. Don't worry we are not done with Automater though, I have a lot more planned.

Automater was the tool I wrote to learn basic python. As this was my first python project I made a lot of rookie mistakes. The code works and does what it is supposed to do, but it is sloppy and not optimized in the least. With that in mind, I plan to work on the next mjor release which will be a complete re-write of Automater from the ground up. Doing this should hopefully give us a more stable and extensible product.

See usage, installation, and download instructions at http://www.tekdefense.com/automater/


TekTip ep6 - Passive Information Gathering with TheHarvester

The Harvester: Created by Edge-Security
Default BT Location: /pentest/enumeration/theharvester
theharvester is a great passive information gathering tool that is immensly helpful in blind pentests.  
Notable options
-d: for the domain
-f: export to html/xml
-c: DNS bruteforce
-n: Reverse DNS query
-l: limit the number of results
-b: Where to search
** "-b all" does not actually include all sources.
./theharvester.py -d tekdefense.com -l 100 -n -b all
./theharvester.py -d securitytube.net -l 100 -n -b linkedin