OSINT Earth
OSINT Earth is a pioneering platform that serves as your comprehensive directory of public record lookup resources from all around the world.
osint.earth
#cybersecurity #OSINT
OSINT Earth is a pioneering platform that serves as your comprehensive directory of public record lookup resources from all around the world.
osint.earth
#cybersecurity #OSINT
Do you need to find social media accounts?
Alfred scans social platforms and helps you to find accounts based on inputs.
https://github.com/Alfredredbird/alfred
@Alfredredbird1
#OSINT #tool #investigation #SOCMINT #intelligence #CTI #infosec #cybersecurity #python
Alfred scans social platforms and helps you to find accounts based on inputs.
https://github.com/Alfredredbird/alfred
@Alfredredbird1
#OSINT #tool #investigation #SOCMINT #intelligence #CTI #infosec #cybersecurity #python
GitHub
GitHub - Alfredredbird/tookie-osint: Tookie is a advanced OSINT information gathering tool that finds social media accounts basedโฆ
Tookie is a advanced OSINT information gathering tool that finds social media accounts based on inputs. - Alfredredbird/tookie-osint
List of Useful Resources for Pentesters and Hackers
Hacking manuals:
โช๏ธ http://www.ehacking.net/
โช๏ธ http://www.securitytube.net/
โช๏ธ http://www.hacking-tutorial.com/
โช๏ธ https://www.offensive-security.com/
โช๏ธ http://breakthesecurity.cysecurity.org/
โช๏ธ http://www.spacerogue.net/wordpress/
โช๏ธ https://www.youtube.com/user/Hak5Darren
โช๏ธ https://www.youtube.com/user/sansinstitute
โช๏ธ https://vimeo.com/channels/fullscopesecurity
โช๏ธ http://www.kalitutorials.net/2013/08/kali-linux.html
โช๏ธ https://www.youtube.com/user/DEFCONConference
โช๏ธ https://en.wikibooks.org/wiki/Metasploit/VideoTutorials
Antiviruses:
โช๏ธ http://fuckingscan.me/
โช๏ธ http://v2.scan.majyx.net/
โช๏ธ http://nodistribute.com/
โช๏ธ http://www.file2scan.net/
โช๏ธ https://t.me/hackingtipp
โช๏ธ http://anubis.iseclab.org/
โช๏ธ https://anonscanner.com/
โช๏ธ http://virusscan.jotti.org/it
โช๏ธ https://www.virustotal.com/nl/
Services for working with IP:
โช๏ธ http://ip-api.com/
โช๏ธ http://ipaddress.com
โช๏ธ http://whatstheirip.com
โช๏ธ http://www.whatismyip.com/
โช๏ธ https://t.me/hackingtipp
โช๏ธ http://www.ip2location.com/demo
โช๏ธ http://www.my-ip-neighbors.com/
โช๏ธ http://freegeoip.net/static/index.html
โช๏ธ http://www.ip-adress.com/ipaddresstolocation/
Anonymity check:
โช๏ธ https://ipleak.net/
โช๏ธ https://www.dnsleaktest.com/
โช๏ธ https://diafygi.github.io/webrtc-ips/
Hacking manuals:
โช๏ธ http://www.ehacking.net/
โช๏ธ http://www.securitytube.net/
โช๏ธ http://www.hacking-tutorial.com/
โช๏ธ https://www.offensive-security.com/
โช๏ธ http://breakthesecurity.cysecurity.org/
โช๏ธ http://www.spacerogue.net/wordpress/
โช๏ธ https://www.youtube.com/user/Hak5Darren
โช๏ธ https://www.youtube.com/user/sansinstitute
โช๏ธ https://vimeo.com/channels/fullscopesecurity
โช๏ธ http://www.kalitutorials.net/2013/08/kali-linux.html
โช๏ธ https://www.youtube.com/user/DEFCONConference
โช๏ธ https://en.wikibooks.org/wiki/Metasploit/VideoTutorials
Antiviruses:
โช๏ธ http://fuckingscan.me/
โช๏ธ http://v2.scan.majyx.net/
โช๏ธ http://nodistribute.com/
โช๏ธ http://www.file2scan.net/
โช๏ธ https://t.me/hackingtipp
โช๏ธ http://anubis.iseclab.org/
โช๏ธ https://anonscanner.com/
โช๏ธ http://virusscan.jotti.org/it
โช๏ธ https://www.virustotal.com/nl/
Services for working with IP:
โช๏ธ http://ip-api.com/
โช๏ธ http://ipaddress.com
โช๏ธ http://whatstheirip.com
โช๏ธ http://www.whatismyip.com/
โช๏ธ https://t.me/hackingtipp
โช๏ธ http://www.ip2location.com/demo
โช๏ธ http://www.my-ip-neighbors.com/
โช๏ธ http://freegeoip.net/static/index.html
โช๏ธ http://www.ip-adress.com/ipaddresstolocation/
Anonymity check:
โช๏ธ https://ipleak.net/
โช๏ธ https://www.dnsleaktest.com/
โช๏ธ https://diafygi.github.io/webrtc-ips/
OPSWAT Academy
Cybersecurity Academy - Start for Free
Join the cybersecurity academy shaping the future. Get certified in Critical Infrastructure Protection (CIP) & boost your career in cybersecurity. Start today!
If you are preparing or want to prepare for the OSCP certification, I have a great cheat sheet suggestionโ๏ธ๐ You should definitely add it to your bookmarks.๐ค๐ป๐ธ
Credit: @syr0_ ๐๐๐ป
Repo: github.com/0xsyr0/OSCP
#CyberSecurity #OSCP #CheatSheet #redteam #Guide #CareerGrowth
Credit: @syr0_ ๐๐๐ป
Repo: github.com/0xsyr0/OSCP
#CyberSecurity #OSCP #CheatSheet #redteam #Guide #CareerGrowth
Automatically extract URL and IP endpoints from Android app to a txt file using apk2url
Fast and useful tool for pentesters, bug bounty hunters, or malware analyst
github.com/n0mi1k/apk2url
Fast and useful tool for pentesters, bug bounty hunters, or malware analyst
github.com/n0mi1k/apk2url
GitHub
GitHub - n0mi1k/apk2url: An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling - n0mi1k/apk2url
20 Essential tools for Blue Teams
1. Nmap
2. OpenVAS
3. OSSEC
4. Security Onion
5. Metasploit Framework
6. OpenSSH
7. Wireshark
8. Kali Linux
9. Nikto
10. Yara 11. Arkime (formerly Moloch)
12. ZEEK (formerly Bro-IDS)
13. Snort
14. OSQuery
15. GRR - Google Rapid Response
16. ClamAV
17. Velociraptor
18. ELK Stack | Elastic Stack
19. Sigma | SIEM Signatures
20. MISP | Threat Intelligence Sharing Platform
1. Nmap
2. OpenVAS
3. OSSEC
4. Security Onion
5. Metasploit Framework
6. OpenSSH
7. Wireshark
8. Kali Linux
9. Nikto
10. Yara 11. Arkime (formerly Moloch)
12. ZEEK (formerly Bro-IDS)
13. Snort
14. OSQuery
15. GRR - Google Rapid Response
16. ClamAV
17. Velociraptor
18. ELK Stack | Elastic Stack
19. Sigma | SIEM Signatures
20. MISP | Threat Intelligence Sharing Platform
100 web vulnerabilities, categorized into various types:
Injection Vulnerabilities:
1. SQL Injection (SQLi)
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Remote Code Execution (RCE)
5. Command Injection
6. XML Injection
7. LDAP Injection
8. XPath Injection
9. HTML Injection
10. Server-Side Includes (SSI) Injection
11. OS Command Injection
12. Blind SQL Injection
13. Server-Side Template Injection (SSTI)
Broken Authentication and Session Management:
14. Session Fixation
15. Brute Force Attack
16. Session Hijacking
17. Password Cracking
18. Weak Password Storage
19. Insecure Authentication
20. Cookie Theft
21. Credential Reuse
Sensitive Data Exposure:
22. Inadequate Encryption
23. Insecure Direct Object References (IDOR)
24. Data Leakage
25. Unencrypted Data Storage
26. Missing Security Headers
27. Insecure File Handling
Security Misconfiguration:
28. Default Passwords
29. Directory Listing
30. Unprotected API Endpoints
31. Open Ports and Services
32. Improper Access Controls
33. Information Disclosure
34. Unpatched Software
35. Misconfigured CORS
36. HTTP Security Headers Misconfiguration
XML-Related Vulnerabilities:
37. XML External Entity (XXE) Injection
38. XML Entity Expansion (XEE)
39. XML Bomb
Broken Access Control:
40. Inadequate Authorization
41. Privilege Escalation
42. Insecure Direct Object References
43. Forceful Browsing
44. Missing Function-Level Access Control
Insecure Deserialization:
45. Remote Code Execution via Deserialization
46. Data Tampering
47. Object Injection
API Security Issues:
48. Insecure API Endpoints
49. API Key Exposure
50. Lack of Rate Limiting
51. Inadequate Input Validation
Insecure Communication:
52. Man-in-the-Middle (MITM) Attack
53. Insufficient Transport Layer Security
54. Insecure SSL/TLS Configuration
55. Insecure Communication Protocols
Client-Side Vulnerabilities:
56. DOM-based XSS
57. Insecure Cross-Origin Communication
58. Browser Cache Poisoning
59. Clickjacking
60. HTML5 Security Issues
Denial of Service (DoS):
61. Distributed Denial of Service (DDoS)
62. Application Layer DoS
63. Resource Exhaustion
64. Slowloris Attack
65. XML Denial of Service
Other Web Vulnerabilities:
66. Server-Side Request Forgery (SSRF)
67. HTTP Parameter Pollution (HPP)
68. Insecure Redirects and Forwards
69. File Inclusion Vulnerabilities
70. Security Header Bypass
71. Clickjacking
72. Inadequate Session Timeout
73. Insufficient Logging and Monitoring
74. Business Logic Vulnerabilities
75. API Abuse
Mobile Web Vulnerabilities:
76. Insecure Data Storage on Mobile Devices
77. Insecure Data Transmission on Mobile Devices
78. Insecure Mobile API Endpoints
79. Mobile App Reverse Engineering
IoT Web Vulnerabilities:
80. Insecure IoT Device Management
81. Weak Authentication on IoT Devices
82. IoT Device Vulnerabilities
Web of Things (WoT) Vulnerabilities:
83. Unauthorized Access to Smart Homes
84. IoT Data Privacy Issues
Authentication Bypass:
85. Insecure "Remember Me" Functionality
86. CAPTCHA Bypass
Server-Side Request Forgery (SSRF):
87. Blind SSRF
88. Time-Based Blind SSRF
Content Spoofing:
89. MIME Sniffing
90. X-Content-Type-Options Bypass
91. Content Security Policy (CSP) Bypass
Business Logic Flaws:
92. Inconsistent Validation
93. Race Conditions
94. Order Processing Vulnerabilities
95. Price Manipulation
96. Account Enumeration
97. User-Based Flaws
Zero-Day Vulnerabilities:
98. Unknown Vulnerabilities
99. Unpatched Vulnerabilities
100. Day-Zero Exploits
Injection Vulnerabilities:
1. SQL Injection (SQLi)
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Remote Code Execution (RCE)
5. Command Injection
6. XML Injection
7. LDAP Injection
8. XPath Injection
9. HTML Injection
10. Server-Side Includes (SSI) Injection
11. OS Command Injection
12. Blind SQL Injection
13. Server-Side Template Injection (SSTI)
Broken Authentication and Session Management:
14. Session Fixation
15. Brute Force Attack
16. Session Hijacking
17. Password Cracking
18. Weak Password Storage
19. Insecure Authentication
20. Cookie Theft
21. Credential Reuse
Sensitive Data Exposure:
22. Inadequate Encryption
23. Insecure Direct Object References (IDOR)
24. Data Leakage
25. Unencrypted Data Storage
26. Missing Security Headers
27. Insecure File Handling
Security Misconfiguration:
28. Default Passwords
29. Directory Listing
30. Unprotected API Endpoints
31. Open Ports and Services
32. Improper Access Controls
33. Information Disclosure
34. Unpatched Software
35. Misconfigured CORS
36. HTTP Security Headers Misconfiguration
XML-Related Vulnerabilities:
37. XML External Entity (XXE) Injection
38. XML Entity Expansion (XEE)
39. XML Bomb
Broken Access Control:
40. Inadequate Authorization
41. Privilege Escalation
42. Insecure Direct Object References
43. Forceful Browsing
44. Missing Function-Level Access Control
Insecure Deserialization:
45. Remote Code Execution via Deserialization
46. Data Tampering
47. Object Injection
API Security Issues:
48. Insecure API Endpoints
49. API Key Exposure
50. Lack of Rate Limiting
51. Inadequate Input Validation
Insecure Communication:
52. Man-in-the-Middle (MITM) Attack
53. Insufficient Transport Layer Security
54. Insecure SSL/TLS Configuration
55. Insecure Communication Protocols
Client-Side Vulnerabilities:
56. DOM-based XSS
57. Insecure Cross-Origin Communication
58. Browser Cache Poisoning
59. Clickjacking
60. HTML5 Security Issues
Denial of Service (DoS):
61. Distributed Denial of Service (DDoS)
62. Application Layer DoS
63. Resource Exhaustion
64. Slowloris Attack
65. XML Denial of Service
Other Web Vulnerabilities:
66. Server-Side Request Forgery (SSRF)
67. HTTP Parameter Pollution (HPP)
68. Insecure Redirects and Forwards
69. File Inclusion Vulnerabilities
70. Security Header Bypass
71. Clickjacking
72. Inadequate Session Timeout
73. Insufficient Logging and Monitoring
74. Business Logic Vulnerabilities
75. API Abuse
Mobile Web Vulnerabilities:
76. Insecure Data Storage on Mobile Devices
77. Insecure Data Transmission on Mobile Devices
78. Insecure Mobile API Endpoints
79. Mobile App Reverse Engineering
IoT Web Vulnerabilities:
80. Insecure IoT Device Management
81. Weak Authentication on IoT Devices
82. IoT Device Vulnerabilities
Web of Things (WoT) Vulnerabilities:
83. Unauthorized Access to Smart Homes
84. IoT Data Privacy Issues
Authentication Bypass:
85. Insecure "Remember Me" Functionality
86. CAPTCHA Bypass
Server-Side Request Forgery (SSRF):
87. Blind SSRF
88. Time-Based Blind SSRF
Content Spoofing:
89. MIME Sniffing
90. X-Content-Type-Options Bypass
91. Content Security Policy (CSP) Bypass
Business Logic Flaws:
92. Inconsistent Validation
93. Race Conditions
94. Order Processing Vulnerabilities
95. Price Manipulation
96. Account Enumeration
97. User-Based Flaws
Zero-Day Vulnerabilities:
98. Unknown Vulnerabilities
99. Unpatched Vulnerabilities
100. Day-Zero Exploits
OSINT tools for Offensive Security
https://github.com/wddadk/Offensive-OSINT-Tools
#osint #privacy #security #socmint #infosec #cybersec #redteam #offsec #recon #pentesting
https://github.com/wddadk/Offensive-OSINT-Tools
#osint #privacy #security #socmint #infosec #cybersec #redteam #offsec #recon #pentesting
GitHub
GitHub - wddadk/Offensive-OSINT-Tools: OffSec OSINT Pentest/RedTeam Tools
OffSec OSINT Pentest/RedTeam Tools. Contribute to wddadk/Offensive-OSINT-Tools development by creating an account on GitHub.
Best websites to learn System Design
1. DesignGuru - bit.ly/3pMiO8g
2. ByteByteGo - bit.ly/3P3eqMN
3. Exponent - bit.ly/3cNF0vw
4. Udemy - bit.ly/3vFNPid
5. Educative - bit.ly/3Mnh6UR
5. ZTM - bit.ly/3YpWu4q
1. DesignGuru - bit.ly/3pMiO8g
2. ByteByteGo - bit.ly/3P3eqMN
3. Exponent - bit.ly/3cNF0vw
4. Udemy - bit.ly/3vFNPid
5. Educative - bit.ly/3Mnh6UR
5. ZTM - bit.ly/3YpWu4q
Top 5 OSINT sources for Pentesting and Bug Bounties
SecurityTrails ๐ securitytrails.com
Shodan ๐ shodan.io
Censys ๐ censys.com
IntelligenceX ๐ intelx.io
BuiltWith ๐ builtwith.com
Shared by @cybertrickzone
SecurityTrails ๐ securitytrails.com
Shodan ๐ shodan.io
Censys ๐ censys.com
IntelligenceX ๐ intelx.io
BuiltWith ๐ builtwith.com
Shared by @cybertrickzone
Media is too big
VIEW IN TELEGRAM
Support Script Link:-https://adrinolinks.com/FDMiz
Script Link:-https://greasyfork.org/en/scripts/455330-freeship
JOIN:-@CyberSleuthhacking
JOIN:-@CybersleuthNetworks
Please open Telegram to view this post
VIEW IN TELEGRAM
Sales Page:-https://athleanx.com/wolverine-workout
Download Link:-https://t.me/Cybersleuthpacks/495/497
โช๏ธShare & Support usโช๏ธ
JOIN:-@CyberSleuthhacking
JOIN:-@CybersleuthNetworks
Please open Telegram to view this post
VIEW IN TELEGRAM
25 Best Hacking Movies For Cybersecurity Enthusiasts [2023 List]
Hello my good fellas. Let's get rid of midweek tension. ๐
The world of cybersecurity is an exciting subject to deal with in the cinema. It's also a way to learn new concepts that you didn't know about the computer world. Yes, itโs not only โMatrixโ and โHackersโ.
1. WarGames (1983)
2. The Net (1995)
3. Matrix (1999)
4. Blackhat (2015)
5. Snowden (2016)
6. Jason Bourne (2016)
7. Ghost in the Shell (2017)
8. Sneakers (1992)
9. Hackers (1995)
10. Pirates of Silicon Valley (1999)
11. Takedown (2000)
12. Antitrust (2001)
13. Swordfish (2001)
14. Hacker (2016)
15. Live Free or Die Hard (2007)
16. Skyfall (2012)
17. The Frauds (1993)
18. The Matrix Reloaded (2003)
19. The Girl with the Dragon Tattoo (2009)
20. The Great Hack (2019)
21. The Conversation (1974)
22. The Italian Job (1969)
23. The I.T. Crowd (2006) (T.V. Series)
24. Mr. Robot (2015) (T.V. Series)
25. The Social Network (2010)
Please enjoy. ๐ฉ
#CyberSecurity #Recreation
Hello my good fellas. Let's get rid of midweek tension. ๐
The world of cybersecurity is an exciting subject to deal with in the cinema. It's also a way to learn new concepts that you didn't know about the computer world. Yes, itโs not only โMatrixโ and โHackersโ.
1. WarGames (1983)
2. The Net (1995)
3. Matrix (1999)
4. Blackhat (2015)
5. Snowden (2016)
6. Jason Bourne (2016)
7. Ghost in the Shell (2017)
8. Sneakers (1992)
9. Hackers (1995)
10. Pirates of Silicon Valley (1999)
11. Takedown (2000)
12. Antitrust (2001)
13. Swordfish (2001)
14. Hacker (2016)
15. Live Free or Die Hard (2007)
16. Skyfall (2012)
17. The Frauds (1993)
18. The Matrix Reloaded (2003)
19. The Girl with the Dragon Tattoo (2009)
20. The Great Hack (2019)
21. The Conversation (1974)
22. The Italian Job (1969)
23. The I.T. Crowd (2006) (T.V. Series)
24. Mr. Robot (2015) (T.V. Series)
25. The Social Network (2010)
Please enjoy. ๐ฉ
#CyberSecurity #Recreation
Best AI tools to Generate anything in 2023:
Write Anything โ writesonic.com
Generate Website - durable.co
Solve Anything โ chat.openai.com
Generate Art โ midjourney.com/home
Generate Code โ replit.com
Generate PPTs โ slidesai.io
Generate Video โ synthesia.io
Generate Music โ soundraw.io
Generate TikToks โ fliki.ai
Generates Avatars โ starryai.com/starrytars
Edit Pictures โ remini.ai
Edit Videos โ pictory.ai
Summarise Notes โ wordtune.com
Write Anything โ writesonic.com
Generate Website - durable.co
Solve Anything โ chat.openai.com
Generate Art โ midjourney.com/home
Generate Code โ replit.com
Generate PPTs โ slidesai.io
Generate Video โ synthesia.io
Generate Music โ soundraw.io
Generate TikToks โ fliki.ai
Generates Avatars โ starryai.com/starrytars
Edit Pictures โ remini.ai
Edit Videos โ pictory.ai
Summarise Notes โ wordtune.com
Forwarded from Cybertix
๐๐๐ด ๐ง๐๐ฝ๐ฒ: LDAP Injection
๐ฅโจ
๐๐ถ๐ป๐ธ:https://youtube.com/shorts/oocycbJVbmM?si=GHWzSQhR70z5zT9g
๐ฅโจ
๐๐ถ๐ป๐ธ:https://youtube.com/shorts/oocycbJVbmM?si=GHWzSQhR70z5zT9g
YouTube
LDAP Injection #coding #cybersecurity #bug #informationsecurity #technology #computersecurity #hack
๐๐ฑ๐ค๐๐ฃ ๐ค๐๐ง ๐ช๐ค๐๐ข๐๐ฃ๐๐ฉ๐ : ๐ด๐๐๐๐๐จ๐๐ฅ๐ https://whatsapp.com/channel/0029VaA7sQ6KLaHx1kHh533H๐ด๐๐๐ก๐๐๐๐๐https://t.me/thecybertixBug ...
Udemy - Design your own USB Rubber Ducky Ethical Hacking tool
Download Link:- https://mega.nz/file/8FgXlKDR#EJP0B_hCHUkCKc3qs-qRElTdVHeXBR6RqQ5nHM6eXwo
Download Link:- https://mega.nz/file/8FgXlKDR#EJP0B_hCHUkCKc3qs-qRElTdVHeXBR6RqQ5nHM6eXwo
A Penetration Testing Framework created for H@ยขkers / Pentester / Bug HunterWeb Pentest ๐งโ๐ป๐
Information Gathering:
Banner Grab
Whois
Traceroute
DNS Record
Reverse DNS Lookup
Zone Transfer Lookup
Port Scan
Admin Panel Scan
Subdomain Scan
CMS Identify
Reverse IP Lookup
Subnet Lookup
Extract Page Links
Directory Fuzz (NEW)
File Fuzz (NEW)
Shodan Search (NEW)
Shodan Host Lookup (NEW)
Web Application Attack: (NEW)
Wordpress
Auto SQL Injection
Generator:
Deface Page
Password Generator
Text To Hash
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone https://github.com/cr4shcod3/pureblood
$ cd pureblood
$ chmod +x *
$ pip install -r requirements.txt
Run :
$ python2 pureblood.py
Now select your option, this tool will guide you ๐ซ
Information Gathering:
Banner Grab
Whois
Traceroute
DNS Record
Reverse DNS Lookup
Zone Transfer Lookup
Port Scan
Admin Panel Scan
Subdomain Scan
CMS Identify
Reverse IP Lookup
Subnet Lookup
Extract Page Links
Directory Fuzz (NEW)
File Fuzz (NEW)
Shodan Search (NEW)
Shodan Host Lookup (NEW)
Web Application Attack: (NEW)
Wordpress
Auto SQL Injection
Generator:
Deface Page
Password Generator
Text To Hash
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone https://github.com/cr4shcod3/pureblood
$ cd pureblood
$ chmod +x *
$ pip install -r requirements.txt
Run :
$ python2 pureblood.py
Now select your option, this tool will guide you ๐ซ