.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Debotnet : Tool For Controlling Windows 10’s Privacy-Related Settings
Debotnet is a free and portable tool for controlling Windows 10's many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up a new computer or update a current setup for my...
OWASP Threat Dragon Desktop
Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other development lifecycle tools. There is a good overview of threat modeling and risk assessment from OWASP, and...
Cloudtopolis : Cracking Hashes In The Cloud For Free
Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended (and also, free!). Requirements Have 1 Google account (at least). Installation Cloudtopolis installation is carried out in two phases: Phase 1 Access Google Cloud Shell from the following link: https://ssh.cloud.google.com/cloudshell/editor?hl=es&fromcloudshell=true&shellonly=true Then, run the following commands inside this terminal: wget https://raw.githubusercontent.com/JoelGMSec/Cloudtopolis/master/Cloudtopolis.sh chmod +x Cloudtopolis.sh ./Cloudtopolis.sh Phase 2 Access...
Colabcat – Running Hashcat On Google Colab With Session Backup And Restore
Colabcat is a tool used to run hashcat on Google colab with session backup and restore. Usage Go to the link below to open a copy of the colabcat.ipynb file in Google Colab: https://colab.research.google.com/github/someshkar/colabcat/blob/master/colabcat.ipynbClick on Runtime, Change runtime type, and set Hardware accelerator to GPU.Go to your Google Drive and create a directory called dothashcat, with a hashes subdirectory where you...
CorsMe : Cross Origin Resource Sharing MisConfiguration Scanner
A CorsMe misconfiguration scanner tool based on golang with speed and precision in mind ! Misconfiguration type this scanner can check for Reflect Origin checksPrefix MatchSuffix MatchNot Esacped DotsNullThirdParties (Like => github.io, repl.it etc.)Taken from Chenjj's github repoSpecialChars (Like => "}","(", etc.)See more in Advanced CORS Exploitation Techniques How to Install? $ go get -u github.com/shivangx01b/CorsMe Usage Single Url echo "https://example.com" | ./CorsMe Multiple...
Sifter : OSINT, Recon & Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewall, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface...
Hmmcookies – Grab Cookies From Firefox, Chrome & Opera
Hmmcookies is a tool used to grab cookies from Firefox, Chrome, Opera using a shortcut file (bypass UAC). Install git clone https://github.com/thelinuxchoice/hmmcookies cd hmmcookies bash hmmcookies.sh Disclaimer Usage of HMMCOOKIES for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any...
Business Secure: How AI is Sneaking into our Restaurants
Prior to pandemic days, the restaurant industry talked of computers that might end up taking over their daily responsibilities. They’d joke about how a kiosk can communicate orders to the kitchen, much like they can. Well, now that we live in a global world that will be reluctant to dine with others, a shift in how we eat at...
InQL : A Burp Extension For GraphQL Security Testing
InQL is a security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. InQL Stand-Alone CLI Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata information for: Queries, mutations, subscriptionsIts fields and argumentsObjects and custom object types InQL can inspect...
Token Breaker : JSON RSA To HMAC & None Algorithm Vulnerability POC
Token Breaker is focused on 2 particular vulnerability related to JWT tokens. None AlgorithmRSAtoHMAC Refer to this link about insights of the vulnerability and how an attacker can forge the tokens Try out this vulnerability here TheNone Usage Usage: TheNone.py -t TOKENTokenBreaker: 1.TheNoneAlgorithmOptional Arguments:-h, --help show this help message and exitRequired Arguments:-t TOKEN, --token TOKENJWT Token valueExample Usage: python TheNone.py -t Output $ ./TheNone.py...
