Sometime early last month, I made a post about OSRFramework which was version 0.16.8. A new version of this open sources research framework was released at the recently concluded BlackHat 2017 conference. To be precise, it was released on Wednesday, July 26 in the OSINT Arsenal category and was versioned as OSRFramework 0.17.0. Read more about UPDATE: OSRFramework 0.17.0 BlackHat Arsenal Version!
As the title suggests, OSRFramework is an open source research framework that helps you glean data from multiple sources. This information can be most helpful in multiple OSINT engagements where you are trying to get as much information about a target - user, domain, phone number, DNS lookups, information leaks research, deep web search etc. Read more about OSRFramework: The Open Sources Research Framework!
Since my initial post about the DataSploit Framework was about v0.9, an update was made and a new version was released. This post is an attempt at mentioning the changes made to the tool. Read more about UPDATE: DataSploit Framework Version 1.0!
My last post was about PowerMeta, which launches Google & Bing search queries to download files from a target domain and performs EXIF analysis on them. This method gives us an insight into the different "actors" on the domain. However, if you want more information about the domain, check out DataSploit. Read more about DataSploit: An Open Source OSINT Assistant!
There are exploitation frameworks and then there is Metasploit. Though it has a few modules targeted towards embedded devices, it is your "general purpose" framework. If you are looking at a comprehensive embedded devices/router exploitation framework you now have RouterSploit! Read more about RouterSploit: The Metasploit For Routers!
A lot many good things are being done in Docker. Jackhammer is another good example of this. The authors have gone ahead and put almost everything you would need for vulnerability assessment and vulnerability management, dockerized it, made it an all-in-one tool and put it up for us to use! A few other security related docker projects can be found here. Read more about Jackhammer: A Vulnerability Assessment Collaboration Tool!
I stumbled upon this tool when trying to find more Docker security projects - Cameradar. You can use this tool post exploitation just for the fun, or use it in your own network and check for unauthorized CCTV installations. You can also use it to test the security of your existing camera setup. Read more about Cameradar: Hack RTSP CCTV Cameras!