Sign in to follow this
Followers
0
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. pagodo (Passive Google Dork) – Automate Google Hacking Database scraping
The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py.
What are Google Dorks?
The awesome folks at Offensive Security maintain the Google Hacking Database (GHDB) found here: https://www.exploit-db.com/google-hacking-database. It is a collection of Google searches, called dorks, that can be used to find potentially vulnerable boxes or other juicy info that is picked up by Google’s search bots.
Changelog v2.3.1
Added switches to optionally provide a file name for both text and JSON output. Thank you @cgeopapa for #68
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Get vulnerable websites using google dorking.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Google’s Threat Analysis Group (TAG) has confirmed that Android users around the world are being targeted by the Alien spyware family, which is commercial spyware. Tracking shows that the malware family is an advanced malware family developed by Cytrox Technologies of the Republic of North Macedonia in the Balkans of Southeastern Europe. The company primarily sells it to certain national government agencies or groups backed by those government agencies for the purpose of hacking and spying on targeted Android users. In essence, this is no different from the Pegasus spyware launched by the Israeli commercial spyware company NSO, except that the Alien spyware is for Android.
Hidden Content
Give reaction to this post to see the hidden content. Analysis shows that the Alien spyware family mainly exploits zero-day vulnerabilities and certain known outdated flaws, and is mainly spread by email. For example, after the email of the target user is known, a phishing email is sent to induce the user to click on the link, and the Predator virus can be automatically loaded after clicking.
The organization that launched the attack uses a short-link system. When a user clicks, the virus will be loaded for the first time, and then they will jump to the website mentioned in the phishing email to confuse the user. The three campaigns identified by Google’s threat analysis team belong to the Alien malware family, and there are currently dozens of Android users under attack. Obviously, this is also a targeted attack, and the attacker will only carry out targeted attacks after selecting the target. Google writes:
Analysis revealed that the Alien malware family has features such as audio recording, hiding apps, stealing user data, and turning on microphones for monitoring. Zero-day vulnerabilities that have been discovered by Google will be fixed soon, but for most Android users, there is no way to update the system in time to fix it. In particular, many of the vulnerabilities exploited by the malware are outdated, meaning they have long been fixed by Google but the OEM has not sent an update to the user. This makes the security of the Android system very weak, because many outdated vulnerabilities have been published long ago, and virtually any attacker can exploit the vulnerabilities. Google reminded that users should not click on links in unknown emails, and users should double-check the sender to ensure that the email is safe before clicking on the link.
-