https://www.blackhatethicalhacking.com/tools/sarenka/
Ever been surprised during a pen test or red team attack? This tool might help you become better aware of your exposure(s): SARENKA is an Open Source Intelligence (OSINT) tool that helps you obtain and understand your attack surface by gathering information from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/). It scrapes data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has database where CVEs are mapped to CWE. Returning data about the local machine – local installed software (from Windows Registry), local network information (python libraries, popular cmd commands). The application has also simple tools like hash calculator, shannon entropy calculator and very simple port scanner. In Red-Teaming, sometimes reveals the presence of sensitive documents, and information that an organization/person had no idea was there, so, it can play a crucial role in your Pen Test process in the early stages that will help you determine and decide the way to conduct your own red team attack plan. |
Author: <see article>
These links serve as tributes to those who have written them. Please find contributor details in the links provided Archives
April 2024
Categories |