https://github.com/jpillora/chisel
Chisel — bu TCP/UDP asosidagi tunnelling vosita bo'lib, Go dasturlash tilida yozilgan va HTTP orqali SSH yordamida ma'lumotlarni transport qilish uchun ishlatiladi. Chisel firewall cheklovlari bo'lgan muhitda client va server o'rtasida tunnel aloqasini yaratish uchun ishlatiladi.
#Pivoting #Chisel
Chisel — bu TCP/UDP asosidagi tunnelling vosita bo'lib, Go dasturlash tilida yozilgan va HTTP orqali SSH yordamida ma'lumotlarni transport qilish uchun ishlatiladi. Chisel firewall cheklovlari bo'lgan muhitda client va server o'rtasida tunnel aloqasini yaratish uchun ishlatiladi.
#Pivoting #Chisel
https://rastamouse.me/
RastaMouse writes excellent content on Red-Teaming, C2 infrastructure, pivoting, payloads, etc. (He even made a Pro Lab to showcase those things!)
RastaMouse writes excellent content on Red-Teaming, C2 infrastructure, pivoting, payloads, etc. (He even made a Pro Lab to showcase those things!)
Rasta Mouse
Blog
https://posts.specterops.io/offensive-security-guide-to-ssh-tunnels-and-proxies-b525cbd4d4c6
SpecterOps has written a great post covering SSH Tunneling and the use of proxies over a multitude of protocols. It's a must-read for anyone looking to know more about the subject and would make a handy resource to have during an engagement.
SpecterOps has written a great post covering SSH Tunneling and the use of proxies over a multitude of protocols. It's a must-read for anyone looking to know more about the subject and would make a handy resource to have during an engagement.
SpecterOps
Blog - SpecterOps
Your new best friend: Introducing BloodHound Community Edition!
Free TryHackMe Access
If you’re unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsibly—do not change or delete any settings or information.
Agar kimdir o'rganmoqchi bo'lsa lekin Premium sotib olishga sharaoiti bo'lmasa. Bemalol foydalanishi mumkin ammo yuqorida yozilgan qoidalarga amal qilgan holda.
If you’re unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsibly—do not change or delete any settings or information.
Agar kimdir o'rganmoqchi bo'lsa lekin Premium sotib olishga sharaoiti bo'lmasa. Bemalol foydalanishi mumkin ammo yuqorida yozilgan qoidalarga amal qilgan holda.
🔥5
XSS from javascript hidden params
assetfinder *.com | gau | egrep -v '(.css|.svg)' | while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Z0-9]+" | sed -e 's,'var','"$url"?',g' -e 's/ //g' | grep -v '.js' | sed 's/.*/&=xss/g'); echo -e "\e[1;33m$url\n\e[1;32m$vars"
OSINT | Утилиты для поиска данных в сети TOR
1. TorBot — удобный Onion краулер. Собирает адреса и названия страниц с кратким описанием, получает адреса электронной почты с сайтов, проверяет, активны ли ссылки, и сохраняет отчеты в JSON. Может быть запущен в Docker
2. VililantOnion – Onion краулер с поддержкой поиска по ключевым словам
3. Katana-ds – Python-инструмент для автоматизации поиска с использованием Google Dorks и с поддержкой TOR
4. OnionSearch – скрипт Python3 для автоматизации поиска в зоне .onion через общедоступные сервисы
5. Devils Eye – это инструмент OSINT для поиска в Darkweb. Не требует установки TOR. Также может искать в сети I2P
#Tools #Tor #I2P #OSINT #Onion
1. TorBot — удобный Onion краулер. Собирает адреса и названия страниц с кратким описанием, получает адреса электронной почты с сайтов, проверяет, активны ли ссылки, и сохраняет отчеты в JSON. Может быть запущен в Docker
2. VililantOnion – Onion краулер с поддержкой поиска по ключевым словам
3. Katana-ds – Python-инструмент для автоматизации поиска с использованием Google Dorks и с поддержкой TOR
4. OnionSearch – скрипт Python3 для автоматизации поиска в зоне .onion через общедоступные сервисы
5. Devils Eye – это инструмент OSINT для поиска в Darkweb. Не требует установки TOR. Также может искать в сети I2P
#Tools #Tor #I2P #OSINT #Onion
OSINT Funnel Methodology by twitter.com/0SINTr
STAGE 1: Search Engines
STAGE 2: Specialized Tools
STAGE 3: Social Avenues
STAGE 4: Data Breaches
STAGE 5: Dark Web
Github repo with tips and tools for each stage:
https://github.com/0SINTr/ofm
#OSINT
STAGE 1: Search Engines
STAGE 2: Specialized Tools
STAGE 3: Social Avenues
STAGE 4: Data Breaches
STAGE 5: Dark Web
Github repo with tips and tools for each stage:
https://github.com/0SINTr/ofm
#OSINT
Top 21 Wi-Fi Hacking Tools
01. Aircrack-ng
02. Kismet
03. Reaver
04. Fern WiFi Cracker
05. Wifite
05. Airgeddon
07. Fluxion
08. Bully
09. InSSIDer
10. Ghost Phisher
11. CoWPAtty
12. Bettercap
13. Pixiewps
14. Pyrit
15. MDK4
16. AirSnort
17. WiFiPhisher
18. Yersinia
19. WiFi Pumpkin
20. Evil Twin Attack Framework
21. Macchanger
#CyberSecurity #Hacking #Wireless #WIFI #Pentesting
01. Aircrack-ng
02. Kismet
03. Reaver
04. Fern WiFi Cracker
05. Wifite
05. Airgeddon
07. Fluxion
08. Bully
09. InSSIDer
10. Ghost Phisher
11. CoWPAtty
12. Bettercap
13. Pixiewps
14. Pyrit
15. MDK4
16. AirSnort
17. WiFiPhisher
18. Yersinia
19. WiFi Pumpkin
20. Evil Twin Attack Framework
21. Macchanger
#CyberSecurity #Hacking #Wireless #WIFI #Pentesting
Telegram Сегодня разбираю с вами знаковую тему проведения OSINT-исследований в мессенджере Telegram. Поговорим об источниках, позволяющих идентифицировать пользователей (об идентификации каналов расскажу отдельно):
├@userinfobot (Find ID)
├@CheckID_AIDbot (Find ID)
├@username_to_id_bot (Find ID)
├checker (Phone Checker)
├@TgAnalyst_bot (Find Phone)
├eyeofgod (Find Phone)
├@anonimov_bot (Find Phone)
├@maigret_osint_bot (Find Nickname)
├whatsmyname (Find Nickname)
├mail (Find Name)
├search4faces (Find Photo)
├findclone (Find Photo)
├yandex (Find Photo)
├@telesint_bot (Find Chats)
├@tgscanrobot (Find Chats)
├TelegramScraper (Chats Parser)
├TeleParser (Chats Parser)
├TG-Parser (Chats Parser)
├commentgram (Find Messages)
├telegago (Find Messages)
├@locatortlrm_bot (Check Location)
├telegram-nearby (Check Location)
├@FindStickerCreatorBot (Sticker Author)
├canarytokens (Check IP)
└iplogger (Check IP)
#OSINT #Telegram
├@userinfobot (Find ID)
├@CheckID_AIDbot (Find ID)
├@username_to_id_bot (Find ID)
├checker (Phone Checker)
├@TgAnalyst_bot (Find Phone)
├eyeofgod (Find Phone)
├@anonimov_bot (Find Phone)
├@maigret_osint_bot (Find Nickname)
├whatsmyname (Find Nickname)
├mail (Find Name)
├search4faces (Find Photo)
├findclone (Find Photo)
├yandex (Find Photo)
├@telesint_bot (Find Chats)
├@tgscanrobot (Find Chats)
├TelegramScraper (Chats Parser)
├TeleParser (Chats Parser)
├TG-Parser (Chats Parser)
├commentgram (Find Messages)
├telegago (Find Messages)
├@locatortlrm_bot (Check Location)
├telegram-nearby (Check Location)
├@FindStickerCreatorBot (Sticker Author)
├canarytokens (Check IP)
└iplogger (Check IP)
#OSINT #Telegram