Parsero - reads the Robots.txt file of a web server

Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn’t be indexed. For example, “Disallow: /portal/login” means that the content on www.example.com/portal/login it’s not allowed to be indexed by crawlers like Google, Bing, Yahoo… This is the way the administrator have to not share sensitive or private information with the search engines.

But sometimes these paths typed in the Disallows entries are directly accessible by the users without using a search engine, just visiting the URL and the Path, and sometimes they are not available to be visited by anybody… Because it is really common that the administrators write a lot of Disallows and some of them are available and some of them are not, you can use Parsero in order to check the HTTP status code of each Disallow entry in order to check automatically if these directories are available or not.

Also, the fact the administrator write a robots.txt, it doesn’t mean that the files or directories typed in the Dissallow entries will not be indexed by Bing, Google, Yahoo… For this reason, Parsero is capable of searching in Bing to locate content indexed without the web administrator authorization. Parsero will check the HTTP status code in the same way for each Bing result.

Source: https://github.com/behindthefirewalls/Parsero

You can get all the latest info about Parsero from http://www.behindthefirewalls.com/search/?q=parsero

Installing

There are three ways to install Parsero easily.

By using setup.py script

sudo setup.py install

By using pip3

sudo apt-get install python3-pip
sudo pip3 install parsero

In Kali Linux

sudo apt-get update
sudo apt-get install parsero

How to install Compiz in ubuntu 15.04

Compiz is a compositing manager, which means that it enhances the overall user interaction by adding fancy effects to your windows, from drop shadows to awesome desktop effects like the Desktop Cube or the Expo view.
Compiz can also be a window manager, which means that it is the software between you and your desktop apps. It enables you to move or resize windows, to switch workspaces, to switch windows easily (using alt-tab or so), and so on

sudo apt-get install compiz compizconfig-settings-manager compiz-plugins

How to Enable Flash Support On Browsers in ubuntu 15.04

For Ubuntu 32 bit & 64 bit: To be able to watch some videos and see flash website in your browser (Firefox/Chrome), you need to install flash plugin, go to Ubuntu Software Center and search word “flash” and install it.

Alternatively enter the following command to install flash plugins.

sudo apt-get install flashplugin-installer

A-PDF WAV to MP3 v1.0.0 Buffer Overflow

This module exploits a buffer overflow in A-PDF WAV to MP3 v1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

exploit : exploit/windows/fileformat/a_pdf_wav_to_mp3

msf > use exploit/windows/fileformat/a_pdf_wav_to_mp3 msf exploit(a_pdf_wav_to_mp3) > show targets
...targets...
msf exploit(a_pdf_wav_to_mp3) > set TARGET <target-id>
msf exploit(a_pdf_wav_to_mp3) > show options
...show and set options...
msf exploit(a_pdf_wav_to_mp3) > exploit

Windows Gather Enum User MUICache metasploit module

This module gathers information about the files and file paths that logged on users have executed on the system. It also will check if the file still exists on the system. This information is gathered by using information stored under the MUICache registry key. If the user is logged in when the module is executed it will collect the MUICache entries by accessing the registry directly. If the user is not logged in the module will download users registry hive NTUSER.DAT/UsrClass.dat from the system and the MUICache contents are parsed from the downloaded hive.

Module : post/windows/gather/enum_muicache

msf > use post/windows/gather/enum_muicache 
msf post(enum_muicache) > sessions
         ...sessions...
msf post(enum_muicache) > set SESSION <session-id>
msf post(enum_muicache) > show options
        ...show and set options...
msf post(enum_muicache) > run

How to install Metasploit in ubuntu

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.
The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.

Click here to download metasploit for ubuntu

How to Install Aircrack ng in Ubuntu

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.

In fact, Aircrack-ng is a set of tools for auditing wireless networks.

install  commands

1 - sudo apt-get install build-essential
2 - sudo apt-get install libssl-dev
3 - wget http://download.aircrack-ng.org/aircrack-ng-1.1.tar.gz

4 - In the aircrack-ng-1.1 directory there is a file called common.mak, use your favorite editor to open the file and scroll down till you see the following line:

CFLAGS ?= -g -W -Wall -Werror -O3

Delete the -Werror variable, so that the line now looks like the following. Save and exit.

CFLAGS ?= -g -W -Wall -O3

5 - make
6 - make install

How to install Nessus Vulnerability Scanner in Ubuntu

Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools.

Click here to Download Nessus for Ubuntu

route analysis with 0trace.sh in Kali Linux

0trace.sh is a shell script written by Michal Zalewski. It is a reconnaissance / firewall bypassing tool that enables hop enumeration ("traceroute") within an established TCP connection, such as a HTTP or SMTP session. This is opposed to sending stray packets, as traceroute-type tools usually do. In case of a successful scan, 0trace provides useful additional servers for the penetration tester.

VIDEO TUTORIAL : 

How to install screenlets in ubuntu/linux

Screenlets are small owner-drawn applications (written in Python) that can be described as "the virtual representation of things lying/standing around on your desk". Sticky notes, clocks, rulers, ... the possibilities are endless.

The goal of the Screenlets base-classes is to simplify the creation of fully themable mini-apps that each solve basic desktop-work-related needs and generally improve the usability and eye-candy of the modern composited Linux-desktop.

Features:

• Real applications, no HTML-"widgets"
• Easy to use, easy to develop
• Full compositing support
• Works with any composited X desktop (compiz, xfce4, ...)
• Works also on non-composited desktop
• Included ability to apply themes (SVG, PNG or mixed)
• Fully scalable when using SVGs
• Embedded drag&drop-support
• Automated storing of options (using ini or GConf)
• Controllable through customizable D-Bus service
• Can be used together with compiz' widget-plugin to create a Dashboard-like feature as seen on OS X
• Uses Cairo and GTK2 for drawing and windowing

VIDEO TUTORIAL : 

How to run screenlets as root in ubuntu/linux

Reflective DLL Injection Metasploit Module

 

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) file loader. It can then govern, with minimal interaction with the host system and process, how it will load and interact with the host.

Injection works from Windows NT4 up to and including Windows 8, running on x86, x64 and ARM where applicable.

Download  : Reflective DLL Injection Exploit

VIDEO TUTORIAL : 

Windows Manage Memory Payload Injection

This module will inject a payload into memory of a process. If a payload isn't selected, then it'll default to a reverse x86 TCP meterpreter. If the PID datastore option isn't specified, then it'll inject into notepad.exe instead.

Exploit : exploit/windows/local/payload_inject

VIDEO :  
 

How to Clear bash history

Command : history -cw

How to put 3D effects on window in Ubuntu

 VIDEO :

Windows SYSTEM Escalation via KiTrap0D

This module will create a new session with SYSTEM privileges via the KiTrap0D exlpoit by Tavis Ormandy. If the session is use is already elevated then the exploit will not run. The module relies on kitrap0d.x86.dll, and is not supported on x64 editions of Windows.

exploit : exploit/windows/local/ms10_015_kitrap0d

Targets : Windows 2K SP4 - Windows 7 (x86)

Win32ksys elevation of privilege vulnerability

win32k.sys is kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability." 

 Vulnerable system : windows XP SP3,windows 2003 SP2,Windows 7 SP1,Windows 2008 32bit and Windows 2008 R2 SP1 64bit

Click Here to Get exploit