Best Hacking Tools Of 2017: Nessus Vulnerability Scanner

Nessus Vulnerability Scanner

Developed by Tenable Network Security, this tool is one of the most popular vulnerability scanners on he market. Tenable provides different versions, depending on your needs: Nessus Home, Nessus Professional, Nessus Manager, and Nessus Cloud.

You can use Nessus to scan multiple types of vulnerabilities that include remote access flaw detection, misconfiguration alert, denial of services against TCP/IP stack, preparation of PCI DSS audits, malware detection, sensitive data searches, etc. Nessus can also call a popular external tools.

Nessus is supported by a variety of platforms including Windows, Mac OS, and popular Linux distributions like Debian, Ubuntu, Kali Linux, etc.

You can get more information and download the Nessus Home (free) tool here. The commercial version is available here.

Best Hacking Tools Of 2017: ADBrute

Password- SeniorDBA

If you have an Active Directory environment, you want to make it as secure as possible. ADBrute allows you to test the security of your Active Directory users. When a users network account of a domain user expires or when the user account is locked due to incorrect login attempts, the domain administrator may reset the password to the default password based on company policy. If your users do not change their password after it has been reset by the administrator, it creates a major security hole in your security.

A malicious user could easily use the default password to login into the victim’s user accounts, delete, read and send mails or access other resources on the network.

ADBrute is simple to use:

  1. Run ADBrute.
  2. Enter the name of the domain controller and valid login credentials to connect to the Active Directory. The user can be any user on the domain.
  3. Click on Login and wait till the entire user list for your organization is populated from the AD.
  4. You can double click on a User to view additional information.
  5. Enter the default password for your organization and press the start button.
  6. Sit back until the program scans and enumerates users who use the default password.
  7. You can export both the lists, the entire user list as well as the weak user list to three different file formats, .csv, .txt and .xls.

You can get more information and download the tool here.

Best Hacking Tools Of 2017: Metasploit

Metasploit - SeniorDBA

So people might know Metasploit as collection of exploit tools, but it is really an infrastructure that you can use to build your own custom tools. This very popular free cybersecurity tool will help you locate vulnerabilities on multiple platforms. With more than 200,000 users and contributors, Metasploit will help you to get insights and information about the weaknesses on your systems.

You can get more information and download the tool here.

Windows Run Commands

Windows Run Command - SeniorDBA

The Windows Run command is used to open an application or document whose path is known. It functions more or less like a single-line command line interface. It can help abbreviate the process of accessing a specific utility or application without having to navigate other menus or select from utility features.

Windows Run commands:

Request Command
Quick Access To C: drive  \
Open the current user’s home folder  .
Open up the Users folder  ..
Open Documents Folder documents
Open Videos folder videos
Open Downloads Folder downloads
Open Favorites Folder favorites
Open Recent Folder recent
Open Recent Folder logoff
Open Pictures Folder pictures
Windows Sideshow control.exe /name Microsoft.WindowsSideshow
Windows CardSpace control.exe /name Microsoft.cardspace
Windows Anytime Upgrade WindowsAnytimeUpgradeui
Taskbar and Start Menu control.exe /name Microsoft.TaskbarandStartMenu
Troubleshooting control.exe /name Microsoft.Troubleshooting
User Accounts control.exe /name Microsoft.UserAccounts
Adding a new Device devicepairingwizard
Add Hardware Wizard hdwwiz
Advanced User Accounts netplwiz
Advanced User Accounts azman.msc
Backup and Restore sdclt
Bluetooth File Transfer fsquirt
Calculator calc
Certificates certmgr.msc
Change Computer Performance Settings systempropertiesperformance
Change Data Execution Prevention Settings systempropertiesdataexecutionprevention
Change Data Execution Prevention Settings printui
Character Map charmap
ClearType Tuner cttune
Color Management colorcpl
Command Prompt cmd
Component Services comexp.msc
Component Services dcomcnfg
Computer Management compmgmt.msc
Computer Management compmgmtlauncher
Connect to a Network Projector netproj
Connect to a Projector displayswitch
Control Panel control
Create A Shared Folder Wizard shrpubw
Create a System Repair Disc recdisc
Credential Backup and Restore Wizard credwiz
Data Execution Prevention systempropertiesdataexecutionprevention
Date and Time timedate.cpl
Default Location locationnotifications
Device Manager devmgmt.msc
Device Manager hdwwiz.cpl
Device Pairing Wizard devicepairingwizard
Diagnostics Troubleshooting Wizard msdt
Digitizer Calibration Tool tabcal
DirectX Diagnostic Tool dxdiag
Disk Cleanup cleanmgr
Disk Defragmenter dfrgui
Disk Management diskmgmt.msc
Display dpiscaling
Display Color Calibration dccw
Display Switch displayswitch
DPAPI Key Migration Wizard dpapimig
Driver Verifier Manager verifier
Ease of Access Center utilman
EFS Wizard rekeywiz
Event Viewer eventvwr.msc
Fax Cover Page Editor fxscover
File Signature Verification sigverif
Font Viewer fontview
Game Controllers joy.cpl
Getting Started gettingstarted
IExpress Wizard iexpress
Getting Started irprops.cpl
Install or Uninstall Display Languages lusrmgr
Internet Explorer iexplore
Internet Options inetcpl.cpl
iSCSI Initiator Configuration Tool iscsicpl
Language Pack Installer lpksetup
Local Group Policy Editor gpedit.msc
Local Security Policy secpol.msc
Local Users and Groups lusrmgr.msc
Location Activity locationnotifications
Magnifier magnify
Malicious Software Removal Tool mrt
Manage Your File Encryption Certificates rekeywiz
Math Input Panel mip
Microsoft Management Console mmc
Microsoft Support Diagnostic Tool msdt
Mouse main.cpl
NAP Client Configuration napclcfg.msc
Narrator narrator
Network Connections ncpa.cpl
New Scan Wizard wiaacmgr
Notepad notepad
ODBC Data Source Administrator odbcad32
ODBC Driver Configuration odbcconf
On-Screen Keyboard osk
Paint mspaint
Pen and Touch tabletpc.cpl
People Near Me collab.cpl
Performance Monitor perfmon.msc
Performance Options systempropertiesperformance
Phone and Modem telephon.cpl
Phone Dialer dialer
Power Options powercfg.cpl
Presentation Settings presentationsettings
Print Management printmanagement.msc
Printer Migration printbrmui
Printer User Interface printui
Private Character Editor eudcedit
Problem Steps Recorder psr
Programs and Features appwiz.cpl
Protected Content Migration dpapimig
Region and Language intl.cpl
Registry Editor regedit
Registry Editor 32 regedt32
Remote Access Phonebook rasphone
Remote Desktop Connection mstsc
Resource Monitor resmon
Resultant Set of Policy rsop.msc
SAM Lock Tool syskey
Screen Resolution desk.cpl
Securing the Windows Account Database syskey
Services services.msc
Set Program Access and Computer Defaults computerdefaults
Share Creation Wizard shrpubw
Shared Folders fsmgmt.msc
Snipping Tool snippingtool
Sound mmsys.cpl
Sound recorder soundrecorder
SQL Server Client Network Utility cliconfg
Sticky Notes stikynot
Stored User Names and Passwords credwiz
Sync Center mobsync
System Configuration msconfig
System Configuration Editor sysedit
System Information msinfo32
System Properties sysdm.cpl
System Properties (Advanced Tab) systempropertiesadvanced
System Properties (Computer Name Tab) systempropertiescomputername
System Properties (Hardware Tab) systempropertieshardware
System Properties (Remote Tab) systempropertiesremote
System Properties (System Protection Tab) systempropertiesprotection
System Restore rstrui
Task Manager taskmgr
Task Scheduler taskschd.msc
Trusted Platform Module (TPM) Management tpm.msc
User Account Control Settings useraccountcontrolsettings
Utility Manager utilman
Version Reporter Applet winver
Volume Mixer sndvol
Windows Action Center wscui.cpl
Windows Activation Client slui
Windows Anytime Upgrade Results windowsanytimeupgraderesults
Windows CardSpace infocardcpl.cpl
Windows Disc Image Burning Tool isoburn
Windows DVD Maker dvdmaker
Windows Easy Transfer migwiz
Windows Explorer explorer
Windows Fax and Scan wfs
Windows Features optionalfeatures
Windows Firewall firewall.cpl
Windows Firewall with Advanced Security wf.msc
Windows Journal journal
Windows Media Player wmplayer
Windows Memory Diagnostic Scheduler mdsched
Windows Mobility Center mblctr
Windows Picture Acquisition Wizard wiaacmgr
Windows PowerShell powershell
Windows PowerShell ISE powershell_ise
Windows Remote Assistance msra
Windows Repair Disc recdisc
Windows Script Host wscript
Windows Update wuapp
Windows Update Standalone Installer wusa
Version Windows winver
WMI Management wmimgmt.msc
WordPad write
XPS Viewer xpsrchvw
Import to Windows Contacts wabmig
Tablet PC Input Panel tabtip
Windows Contacts wab
Windows Firewall with Advanced Security wf
Windows Help and Support winhlp32
Windows Script Host wscript
WMI Tester wbemtest
Access Screen Resolution page desk.cpl
Access Mouse properties main.cpl
Access Windows Action Center wscui.cpl
Access Network Adapters ncpa.cpl
Access Power Option powercfg.cpl
Access the Programs and Features Window appwiz.cpl
Access the System Properties sysdm.cpl
Access the Windows Firewall firewall.cpl

If you need more help, there is a lot of information out there on this subject.

Microsoft Open-Source and Cross Platform Development

.Net Framework - SeniorDBA

The Microsoft .Net framework has been around for about 14 years. While C#, C++, VB.NET, and F# seem to be the most supported and used languages to build .NET applications, there are close to 50 languages that are supported by the .NET framework.

In 2014, Microsoft moved to open-source .NET by introducing .NET Core. Most of the .NET components (compilers, languages, libraries, and tools) are now open-source and available in Github.

The new open-source component of .NET is named .NET Corevand has even more developers embracing what Microsoft is doing with .NET and the associated programming languages. Microsoft has acquired Xamarin and its products so developers can now use C# to build Android, iOS, and Windows mobile apps.

Is now the time to seriously consider the Microsoft .Net framework for your development?

Managing Active Directory with PowerShell

PowerShell - SeniorDBA

There are plenty of maintenance tasks that take a significant amount of time to manually perform. They are often avoided or left undone because there are usually more important tasks that must be completed using the limited resources available to the IT technicians.

In this article by Luca Sturlese, we see how many of these maintenance tasks can be completed using PowerShell scripts.

Inactive Users:

#requires -version 2
<#
.SYNOPSIS
  Find and manage inactive Active Directory users.
.DESCRIPTION
  This script allows you to specify the criteria required to identify inactive users within your AD environment. This script also allows
  for the management of found users. Management of users includes one or more of the following options:
    - Reporting
    - Disabling Users
    - Deleting Users
.PARAMETER SearchScope
  Optional. Determines the search scope of what type of user you would like to include in the inactive user search. Options available are:
   - All                        : Default option. All user types including all standard users, service accounts and never logged on accounts.
   - OnlyInactiveUsers          : Only standard user accounts. This option excludes service accounts and never logged on accounts.
   - OnlyServiceAccounts        : Only server accounts. This option excludes standard user accounts and never logged on accounts.
   - OnlyNeverLoggedOn          : Only never logged on accounts. This option excludes standard user accounts and service accounts.
   - AllExceptServiceAccounts   : All user account types excluding service accounts.
   - AllExceptNeverLoggedOn     : All user account types excluding never logged on accounts.
   Note: If not specified, the default search scope is All (i.e. all user accounts, service accounts and never logged on accounts).
.PARAMETER DaysInactive
  Optional. The number of days a user account hasn't logged into the domain for in order to classify it as inactive. The default option is 90
  days, which means any user account that hasn't logged into the domain for 90 days or more is considered inactive and therefore managed by this
  script.
.PARAMETER ServiceAccountIdentifier
  Optional. The username prefix or postfix that is used to indetify a service account from a standard user account. The default option is 'svc'.
  Determining whether an account is a service account is useful in order to be able to include or exclude service accounts from the search scope.
  Note: For more information see the help information on the parameter SearchScope. 
  Example: All accounts with the prefix or postfix of svc (e.g. svc-MyAccount or MyAccount-svc) are identified as service accounts and can
  therefore be included or exclueded from the search scope.
.PARAMETER ReportFilePath
  Optional. This is the location where the report of inactive users will be saved to. If this parameter is not specified, the default location the
  report is saved to is C:\InactiveUsers.csv.
  Note: When specifying the file path, you MUST include the file name with the extension of .csv. Example: 'C:\MyReport.csv'.
.PARAMETER DisableUsers
  Optional. If this parameter is specified, this script will disable the inactive users found based on the search scope specified.
  Note: If this parameter is not specified, then by default this script WILL NOT disable any inactive users found.
.PARAMETER DeleteUsers
  Optional. If this parameter is specified, this script will delete the inactive users found based on the search scope specified.
  Note: If this parameter is not specified, then by default this script WILL NOT delete any inactive users found.
.INPUTS
  None.
.OUTPUTS
  Report of inactive users found. See ReportFilePath parameter for more information.
.NOTES
  Version:        1.0
  Author:         Luca Sturlese
  Creation Date:  16.07.2016
  Purpose/Change: Initial script development
.EXAMPLE
  Execution of script using default parameters. Default execution performs reporting of inactive AD user only, not disabling or deleting any accounts.
  By default the report is saved in C:\.
  .\Find-ADInactiveUsers.ps1
.EXAMPLE
  Reporting and disabling all user accounts, except never logged on accounts. Storing the report in C:\Reports.
  .\Find-ADInactiveUsers.ps1 -SeachScope AllExceptNeverLoggedOn -ReportFilePath 'C:\Reports\DisabledUsers.csv' -DisableUsers
.EXAMPLE
  Find & delete all inactive users (not service accounts) that haven't logged in for the last 30 days. Include never logged on accounts in this search.
  .\Find-ADInactiveUsers.ps1 -SeachScope AllExceptServiceAccounts -DaysInactive 30 -DeleteUsers
.EXAMPLE
  Delete all user accounts that have never been logged into. Store the report in C:\Reports.
  .\Find-ADInactiveUsers.ps1 -SeachScope OnlyNeverLoggedOn -ReportFilePath 'C:\Reports\NotLoggedOnAccounts.csv' -DeleteUsers
#>

#---------------------------------------------------------[Script Parameters]------------------------------------------------------

Param (
  [Parameter(Mandatory = $false)][string][ValidateSet('All', 'OnlyInactiveUsers', 'OnlyServiceAccounts', 'OnlyNeverLoggedOn', 'AllExceptServiceAccounts', 'AllExceptNeverLoggedOn')]$SearchScope = 'All',
  [Parameter(Mandatory = $false)][int]$DaysInactive = 90,
  [Parameter(Mandatory = $false)][string]$ServiceAccountIdentifier = 'svc',
  [Parameter(Mandatory = $false)][string]$ReportFilePath = 'C:\InactiveUsers.csv',
  [Parameter(Mandatory = $false)][switch]$DisableUsers = $false,
  [Parameter(Mandatory = $false)][switch]$DeleteUsers = $false
)

#---------------------------------------------------------[Initialisations]--------------------------------------------------------

#Set Error Action to Silently Continue
$ErrorActionPreference = 'SilentlyContinue'

#Import Modules & Snap-ins
Import-Module ActiveDirectory

#----------------------------------------------------------[Declarations]----------------------------------------------------------

#Set Inactive Date:
$InactiveDate = (Get-Date).Adddays(-($DaysInactive))

#-----------------------------------------------------------[Functions]------------------------------------------------------------

Function Find-Accounts {
  Param ()

  Begin {
    Write-Host "Finding inactive user accounts based on search scope specified [$SearchScope]..."
  }

  Process {
    Try {
      #Set Service Account Identifier
      $ServiceAccountIdentifier = '*' + $ServiceAccountIdentifier + '*'

      Switch ($SearchScope) {
        'All' {
          $global:Results = Get-ADUser -Filter { (LastLogonDate -lt $InactiveDate -or LastLogonDate -notlike "*") -and (Enabled -eq $true) } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        'OnlyInactiveUsers' {
          $global:Results = Get-ADUser -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true -and SamAccountName -notlike $ServiceAccountIdentifier } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        'OnlyServiceAccounts' {
          $global:Results = Get-ADUser -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true -and SamAccountName -like $ServiceAccountIdentifier } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        'OnlyNeverLoggedOn' {
          $global:Results = Get-ADUser -Filter { LastLogonDate -notlike "*" -and Enabled -eq $true } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        'AllExceptServiceAccounts' {
          $global:Results = Get-ADUser -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true -and SamAccountName -notlike $ServiceAccountIdentifier -or LastLogonDate -notlike "*" } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        'AllExceptNeverLoggedOn' {
          $global:Results = Get-ADUser -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true } -Properties LastLogonDate | Select-Object @{ Name="Username"; Expression = {$_.SamAccountName} }, Name, LastLogonDate, DistinguishedName
        }

        Default {
          Write-Host -BackgroundColor Red "Error: An unknown error occcurred. Can't determine search scope. Exiting."
          Break
        }
      }
    }

    Catch {
      Write-Host -BackgroundColor Red "Error: $($_.Exception)"
      Break
    }

    End {
      If ($?) {
        Write-Host 'Completed Successfully.'
        Write-Host ' '
      }
    }
  }
}

Function Create-Report {
  Param ()

  Begin {
    Write-Host "Creating report of inactive users in specified path [$ReportFilePath]..."
  }

  Process {
    Try {
      #Check file path to ensure correct
      If ($ReportFilePath -notlike '*.csv') {
        $ReportFilePath = Join-Path -Path $ReportFilePath -ChildPath '\InactiveUsers.csv'
      }

      # Create CSV report
      $global:Results | Export-Csv $ReportFilePath -NoTypeInformation
    }

    Catch {
      Write-Host -BackgroundColor Red "Error: $($_.Exception)"
      Break
    }
  }

  End {
    If ($?) {
      Write-Host 'Completed Successfully.'
      Write-Host ' '
    }
  }
}

Function Disable-Accounts {
  Param ()

  Begin {
    Write-Host 'Disabling inactive users...'
  }

  Process {
    Try {
      ForEach ($Item in $global:Results){
        Disable-ADAccount -Identity $Item.DistinguishedName
        Write-Host "$($Item.Username) - Disabled"
      }
    }

    Catch {
      Write-Host -BackgroundColor Red "Error: $($_.Exception)"
      Break
    }
  }

  End {
    If ($?) {
      Write-Host 'Completed Successfully.'
      Write-Host ' '
    }
  }
}

Function Delete-Accounts {
  Param ()

  Begin {
    Write-Host 'Deleting inactive users...'
  }

  Process {
    Try {
      ForEach ($Item in $global:Results){
        Remove-ADUser -Identity $Item.DistinguishedName -Confirm:$false
        Write-Host "$($Item.Username) - Deleted"
      }
    }

    Catch {
      Write-Host -BackgroundColor Red "Error: $($_.Exception)"
      Break
    }
  }

  End {
    If ($?) {
      Write-Host 'Completed Successfully.'
      Write-Host ' '
    }
  }
}

#-----------------------------------------------------------[Execution]------------------------------------------------------------

Find-Accounts
Create-Report

If ($DisableUsers) {
  Disable-Accounts
}

If ($DeleteUsers) {
  Delete-Accounts
}

There are several more example scripts available here.