XSS where you can inject the payload within the image file name and alert!.

𝙇𝙞𝙣𝙠:
https://twitter.com/thecybertix/status/1658343842943496192?t=oDKM3yzg1SgmXFxPjIoLGA&s=19

𝐑𝐞𝐝 𝐓𝐞𝐚𝐦 𝐓𝐨𝐨𝐥𝐬 🔥

🔴 RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/

🔴 INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV

🔴 DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C

🔴 COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk

🔴 CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz

🔴 PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q

🔴 DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ

🔴 PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB

🔴 LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs

🔴 EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ

#redteam #cybersecurity #penetrationtesting #security #ethicalhacking #tools

Is using same password everywhere safe | Password Security

New YouTube video uploaded now. Soon, more amazing coming soon especially for OSINT lovers once we reaches 200subs.

youtu.be/q97UuYWhSv8

#osint #privacy #security #infosec #cybersec #opsec #cybersecurity

OSINT OPS Episode 1 | The Secret Behind Ransomwares

A new podcast styled video, give your feedback if you would like to see videos in this style by liking and commenting on the video.

We have some really good topics about ransomware which we think everyone should know.

https://youtu.be/1aHautvb1Wk?si

#cybersec #infosec #ransomware #privacy #security

Check if your email has been breached -

#osint #opsec #privacy #security #infosec #cybersec

https://haveibeenpwned.com/
https://www.breachdirectory.org/
https://leak-lookup.com/ (unverified)
https://snusbase.com/ (unverified)
https://dehashed.com/
https://intelx.io/
https://leakpeek.com/
https://search.0t.rocks/
https://monitor.firefox.com/

Join @osintambition for more.

The only OSINT tool you will ever need (ALL in one OSINT Tool)

https://youtu.be/Aj0sWUvGbEY

Join @osintambition for more.

#osint #privacy #security #infosec #cybersec #opsec

Linux Distribution for #OSINT

Credit: @cybdetective

1. OSINTUX
https://www.osintux.org/
2. BackBox
https://www.backbox.org/
3. OSINTBox
https://github.com/Dimaslg/osintBOX
4. CSI Linux
https://csilinux.com/
5. ArchStrike
https://archstrike.org/
6. Offen Osint
https://github.com/Double2Sky/OffenOsint
7. Huron Osint
https://github.com/HuronOsint/OsintDistro
8. Septor Linux
https://septor.sourceforge.io/
9. Pentoo Linux
https://www.pentoo.ch/
10. Tsurugi Linux
https://tsurugi-linux.org/downloads.php
11. TraceLabs OSINT VM. : https://www.tracelabs.org/initiatives/osint-vm

Join @osintambition for more.
#osint #cybersec #infosec #security

ScrapedIn -
A tool to scrape LinkedIn without API restrictions for data reconnaissance

https://github.com/dchrastil/ScrapedIn

Detailed video with demo is coming soon on YouTube.

Join @osintambition for more.

#osint #osinf #cyber #infosec #linkedin #privacy #security

This new Email OSINT tools is amazing | OSINT Industries Alternative

https://youtu.be/qDRyDmWjDeU

Show some love on this video.
Like, share and subscribe.

Join @osintambition for more.

#osint #opsec #emailosint #phonenumberosint #privacy #security #socmint

Top 7 Websites to check if your data has been leaked online | Breach Data | Email OSINT

https://youtu.be/Ef6J0haava8

#osint #privacy #security #infosec #cybersec #opsec
#email #emailosint

Like, share and subscribe.

Join @osintambition for more.

New blog in OSINT Ambition

OSINT: Revealing the digital identity of an invitation link creator on telegram by @ManuelBot59

https://publication.osintambition.org/osint-revealing-the-digital-identity-of-an-invitation-link-creator-on-telegram-de88b747c046

Join @osintambition for more.

#osint #socmint #telegramosint #infosec #cybersec #privacy #security #opsec