recentpopularlog in

whip_lash : recon   31

amass — Automated Attack Surface Mapping | Daniel Miessler
amass is a powerful tool that helps both attackers and defenders improve their game. It’s possible to find one-off tools that might do some of these functions better, but such tools often decay quickly into obsolescence.

It’s quite nice to have a solid, well-organized tool that can do most of what we need from a single place.
amass  recon  pentest  tool 
7 weeks ago by whip_lash
GitHub - nikallass/sharesearch: Samba, NFS shares spider and grepper
Favorite tweet:

Need privilege escalation? Have access to SMB and NFS shares? Automate looking for credentials!

1) pip3 install -r requirements.txt
sudo apt-get install cifs-utils
2) git clone https://t.co/oG040moAQT
3) python3 https://t.co/PiA2r24vU4 -p all -w -v -H hosts.lst -C creds.lst pic.twitter.com/7kvsSeNs1D

— Paul Seekamp (@nullenc0de) March 2, 2019
smb  windows  pentest  shares  recon 
march 2019 by whip_lash
GitHub - thewhiteh4t/pwnedOrNot: Find Passwords for Compromised Email Accounts
haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script
email  recon  osint  credentialstuffing 
january 2019 by whip_lash
Google Hacking Diggity Project – Bishop Fox
Sometimes, the best defense is a good offense. Bishop Fox’s attack tools for Google Hacking level the playing field by allowing our clients to find information disclosures and exposed vulnerabilities before others do. Arm yourself with our arsenal of attack tools that leverage Google, Bing, and other popular search engines.
osint  recon  search  tools 
january 2019 by whip_lash
linuz/Sticky-Keys-Slayer: Scans for accessibility tools backdoors via RDP
Establishes a Remote Destop session (RDP) with the specified hosts and sends key presses to launch the accessibility tools within the Windows Login screen. stickyKeysSlayer.sh will analyze the console and alert if a command prompt window opens up. Screenshots will be put into a folder ('./rdp-screenshots' by default) and screenshots with a cmd.exe window are put in a subfolder ('./rdp-screenshots/discovered' by default). stickyKeysSlayer.sh accepts a single host or a list of hosts, delimited by line and works with multiple hosts in parallel.
pentest  rdp  scanner  osint  recon 
october 2018 by whip_lash
ustayready/CredKing: Password spraying using AWS Lambda for IP rotation
Easily launch a password spray using AWS Lambda across multiple regions, rotating IP addresses with each request.
recon  passwords  spraying 
august 2018 by whip_lash
vysec/DomLink: A tool to link a domain with registered organisation names and emails, to other domains.
DomLink is a tool that uses a domain name to discover organisation name and associated e-mail address to then find further associated domains.

This is useful for bug bounty and red team engagements where you need to discover more domains associated with the target.
recon  dns  pentest 
july 2018 by whip_lash
presidentbeef/brakeman: A static analysis security vulnerability scanner for Ruby on Rails applications
Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
rails  ruby  analysis  git  recon  pentest 
july 2018 by whip_lash
PyCQA/bandit: Bandit is a tool designed to find common security issues in Python code.
Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report.
git  recon  pentest  python  analysis 
july 2018 by whip_lash
appsecco/bugcrowd-levelup-subdomain-enumeration: This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
cheatsheet.pdf - cheat sheet on the sub-domain enumeration techniques covered in the talk
cloudflare_enum.py - A script to do DNS enumeration using Cloudflare service
crt_psql.sh - Extract sub-domains for a given domain using crt.sh postgres interface
esoteric_subdomain_enumeration_techniques.pdf - Slides from the talk
subdomain_enum_censys.py - Extract sub-domains for a given domain using Censys.io API
subdomain_enum_crtsh.py - Extract sub-domains for a given domain using crt.sh RSS feed
subdomain_wordlist.txt - A collection of sub-domain names(around 3 million)
dns  recon  enumeration  pentest 
july 2018 by whip_lash
dafthack/PowerMeta: PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retri
PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta.
recon  pentest 
april 2018 by whip_lash

Copy this bookmark:





to read