Homebrew: How to install exploit tools on macOS

0 Comments

We’ll guide you via the process of using Homebrew package manager to install security tools on macOS to take advantage of vulnerabilities found in your Apple company equipment.

homebrew-logo-new.jpg

Image: Homebrew

More about Apple

In this follow-up towards the installing security tools on macOS via Homebrew series , we’ll be looking at different applications that can be utilized to exploit any vulnerabilities that have been found after performing an evaluation using scanning tools to figure out what—if any—issues exist.  

While some pentesters discover this as the fun part associated with the project, exploiting the vulnerabilities found to see how the particular devices respond and react to attacks, it’s important to not let the particular fun factor related to this component of the campaign to overtake the true purpose of this particular phase: To verify the information retrieved during the assessment phase is accurate.

SEE:   Cybersecurity: Let’s get tactical (free PDF)   (TechRepublic)

This is another step along the particular way to completing a successful transmission testing engagement. Otherwise, it may be incorrect, and likely your own supervisors and clients is going to be none too happy with you pertaining to providing misinformation; and potentially making their IT department go upon a wild goose chase to correct problems that were never there in order to begin with.

Using the identified vulnerabilities and attempting to exploit them will quantify your findings and provide conclusive evidence that the line-item is usually not merely a false positive, but a true positive, then one of the items that can be presented in your final statement to stakeholders for remediation. The particular tools identified below will permit pentesters to do just that will by being able to leverage potential exploits against the vulnerabilities assessed.

Armitage

According to the Armitage website, it can be “a scriptable red team cooperation tool for Metasploit. ” This works by essentially providing the common workspace to assess viable targets by recommending possible intrusions and providing access to post-exploitation features. Additionally, it provides the ability for teams to talk about information inside the workspace.

brew install armitage

Bettercap v2

Not to be confused with the legacy and no longer backed v1, Bettercap v2 is a good extensible framework used to focus on wired and wireless networks associated with all types: Ethernet, Wi-Fi, Bluetooth, and wireless devices, for example key pad and mice, with a quantity of pre-installed tools that probe, monitor, catch, and manipulate traffic.

brew install bettercap

SEE:   Homebrew: How to set up reconnaissance tools on macOS   (TecheRepublic)

ClusterD

This open-source toolkit focuses specifically on attacking application servers simply by automating the reconnaissance and exploitation phases on six different program server platforms. With additional support always being added, ClusterD may also leverage API for adding new platforms and exploits to the particular program.

brew set up clusterd

Commix

Short for command injection exploiter, this automated tool will be used to test web-based applications in order to both find and exploit vulnerabilities. Based on Python , the program supports cross-platform use and is available as being a package in other standalone security toolkits or as a module in testing frameworks.

brew install commix

Frogger2

This is definitely a  script that enumerates and automates hopping VLANs by sniffing network traffic and extracting the particular tags to identify VLAN IDs to exploit VLAN-hopping vulnerabilities inside network equipment.

make install frogger

Beginning

This tool is definitely used to control physical memory by exploiting PCI-based DMA and can attack over hardware interfaces this kind of as FireWire and Thunderbolt, intended for example. It works by carrying out both intrusive and non-intrusive assaults via DMA on computers that are live.  

brew install inception

SEE:   Methods to install common safety tools via Homebrew on a Mac   (TechRepublic)

Metaploit Framework (MSF)

This is one of the most popular exploitation tools in the pentester’s arsenal. Metasploit is actually a framework that allows customers to link to a data source of known exploits to automate the exploitation process against vulnerable clients. But MSF is much more than that: It furthermore offers information-gathering tools and weeknesses plugins, as well as the development environment that allows to get the creation of modules that encompass writing one’s own exploits.

brew install metasploit

Oracle Database Attacking Tool (ODAT)

One more open-source tool, this one can be used to remotely test the security of databases running on the Oracle platform. It can become used to find SIDs plus credentials, escalate privileges, or implement commands against the system.

brew install odat

Panoptic

This particular is a Python script that uses the path traversal weeknesses to automate the process associated with locating and retrieving log and configuration files on target products.  

brew install panoptic

Responder

The application has many built-in authentication servers to test and take advantage of a number of Windows-based services. Some of the common solutions are SMB, MSSQL, and DNS, combined with poisoning capabilities, among many other tools to setup man-in-the-middle (MITM) and spoofing attacks.

brew install responder

SQLMap

This open-source testing tool automates the buying database servers based on Structured Query Language (SQL). It detects and exploits injection vulnerabilities in addition to fully supporting a large host of database server types via fingerprinting, data fetching, accessing host file systems, and performing out-of-band connections.

brew install sqlmap

Wifite2

This is the second version of the Python-based script for auditing wireless networks. Wifite2 sets itself apart from various other, more robust wireless tools simply by fully automating the process, making use of all known methods for acquiring hashes from access points, and cracking the passphrase associated with encrypted wireless networks.

brew install wifite

Yersinia

Another tool that is regularly included within other security-focused toolkits, this one is designed to take advantage of identified weaknesses in different network methods to scrutinize the security associated with a network and exploit any issues found, using such typical protocols as Spanning Tree Process (STP), Cisco Discovery Protocol (CDP), and VLAN Trunking Protocol (VTP) just to name a couple of.  

brew install yersinia

Also see