Sign in to follow this
Followers
0
Exploits Tor Browser 7.0.8 Information Disclosure
By
1337day-Exploits, in Updated Exploits
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Stealer Checker - Get information from RedLine logs
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
This script uses “WafW00f” to detect the WAF in the first step.
This script uses “Sublist3r” to scan subdomains.
This script uses “waybacktool” to check in the waybackmachine.
Features
URL fuzzing and dir/file detection
Test backup/old file on all the files found (index.php.bak, index.php~ …)
Check header information
Check DNS information
Check whois information
User-agent random or personal
Extract files
Keep a trace of the scan
Check @mail in the website and check if @mails leaked
CMS detection + version and vulns
Subdomain Checker
Backup system (if the script stopped, it take again in the same place)
WAF detection
Add personal prefix
Auto-update script
Auto or personal output of scan (scan.txt)
Check Github
Recursive dir/file
Scan with an authentication cookie
Option –profil to pass profil page during the scan
HTML report
Work it with py2 and py3
Add option rate-limit if the app is unstable (–timesleep)
Check-in waybackmachine
Response error to WAF
Check if DataBase firebaseio exists and is accessible
Automatic threads depending on the response to a website (and reconfig if WAF is detected too many times). Max: 30
Search S3 buckets in the source code page
Testing bypass of waf if detected
Testing if it’s possible scanning with “localhost” host
Changelog v2.1
New: Option -nfs (not first step) to pass the first recon steps
Fixed: Any bug with the download file and bypass forbidden when differents options
New: Google cse search (buckets…)
New: Add LICENSE & PyPI version and stats
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Anubis, a subdomain enumerator, and information gathering tool.
It collates data from a variety of sources to provide one of the most comprehensive tools for subdomain enumeration. It pulls subdomains from public sources, indexed search results, and AnubisDB, a centralized, open API for subdomains.
It is able to identify all key servers behind the domains and output any IPs of interest. For instance, running the same command as above with the -p flag gives us all the unique resolved IP addresses, which allows a security researcher to get a more comprehensive idea of the scope of their target.
It is also able to extract information from less used, but potentially rewarding avenues, including DNSSEC subdomain lists and Zone Transfers.
Changelog v1.1.3
Fix DNSSEC and Nmap scans
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
This script uses “WafW00f” to detect the WAF in the first step.
This script uses “Sublist3r” to scan subdomains.
This script uses “waybacktool” to check in the waybackmachine.
Features
URL fuzzing and dir/file detection
Test backup/old file on all the files found (index.php.bak, index.php~ …)
Check header information
Check DNS information
Check whois information
User-agent random or personal
Extract files
Keep a trace of the scan
Check @mail in the website and check if @mails leaked
CMS detection + version and vulns
Subdomain Checker
Backup system (if the script stopped, it take again in the same place)
WAF detection
Add personal prefix
Auto-update script
Auto or personal output of scan (scan.txt)
Check Github
Recursive dir/file
Scan with an authentication cookie
Option –profil to pass profil page during the scan
HTML report
Work it with py2 and py3
Add option rate-limit if the app is unstable (–timesleep)
Check-in waybackmachine
Response error to WAF
Check if DataBase firebaseio exists and is accessible
Automatic threads depending on the response to a website (and reconfig if WAF is detected too many times). Max: 30
Search S3 buckets in the source code page
Testing bypass of waf if detected
Testing if it’s possible scanning with “localhost” host
Changelog v2.0 beta
Redefining priorities/tasks
New: Display the current bypass number during a scan (“CB:”)
New: Easter egg for Xmas 🙂
Updated: Fix any bugs
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. HackBrowserData
hack-browser-data is an open-source tool that could help you decrypt data[passwords|bookmarks|cookies|history] from the browser. It supports the most popular browsers on the market and runs on Windows, macOS, and Linux.
Changelog v0.3.7
Feature
feat: add Yandex browser for macOS and Windows by @moonD4rk 0f2a541
feat: add CocCoc browser for macOS and Windows by @moonD4rk a9f36d6
Fix bugs
Optimize the Chinese version of README by @lc6464 in #88
Add ciphertext length check in AES decryption by @SignorMercurio in #92
chore(deps): bump github.com/tidwall/gjson from 1.6.0 to 1.9.3 by @dependabot in #101
Hidden Content
Give reaction to this post to see the hidden content.
-