Kali
GHunt is an OSINT tool to extract information from any Google Account using an email. It can currently extract: Owner’s name Last time the profile was edited Google ID If the account is a Hangouts Bot Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.) Possible YouTube channel Possible other usernames Public photos (P) Phones …
Continue reading “GHunt : Tool To Extract Information From Google Account”
Create a VPS on Google Cloud Platform or Digital Ocean easily to use Offensive Docker and launch the assessments to the targets. Requirements Terraform installed (Version used: v0.13.0) Ansible installed (Version used: 2.9.12) SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage Clone the repository git clone –depth 1 https://github.com/aaaguirrep/offensive-docker-vps.git vps …
PaGoDo goal is to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py. What are Google Dorks? The awesome folks at Offensive …
Continue reading “Pagodo : Automate Google Hacking Database Scraping And Searching”
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database). …
Continue reading “uDork : Tool That Uses Advanced Google Search Techniques”
SiteDorks is a tool used to search Google, Bing, Yahoo or Yandex for a search term with different websites. A default list is already provided, which contains Github, Gitlab, Surveymonkey, Trello etc etc. Currently, a default list of 241 dorkable websites is available. Current categories on file are: analysis(10) cloud(35) code(38) comm(27) companies(3) docs(36) edu(3) …
Continue reading “SiteDorks : A Search Term With Different Websites”
Colabcat is a tool used to run hashcat on Google colab with session backup and restore. Usage Go to the link below to open a copy of the colabcat.ipynb file in Google Colab: https://colab.research.google.com/github/someshkar/colabcat/blob/master/colabcat.ipynb Click on Runtime, Change runtime type, and set Hardware accelerator to GPU. Go to your Google Drive and create a directory …
Continue reading “Colabcat – Running Hashcat On Google Colab With Session Backup And Restore”
Fast Google Dorks Scan is a script to enumerate web-sites using Google dorks. Usage example: ./FGDS.sh megacorp.one Version: 0.035, June 07, 2020 Features Looking for the common admin panel Looking for the widespread file types Path traversal Prevent Google banning Also Read – Jshole : A JavaScript Components Vulnerability Scanner Screenshot
uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database). You …
GCPBucketBrute is a script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. This script (optionally) accepts GCP user/service account credentials and a keyword. Then, a list of permutations will be generated from that keyword which will then be used to scan for the …
Continue reading “GCPBucketBrute : A Script To Enumerate Google Storage Buckets”
Tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don’t want to go through the trouble of setting this up …
Continue reading “Tarnish : A Chrome Extension Static Analysis Tool”
