Cobalt Strike persistence kit (StayKit)
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type.
https://github.com/0xthirteen/StayKit
#статьи_ссылки_scripts
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type.
https://github.com/0xthirteen/StayKit
#статьи_ссылки_scripts
GitHub
GitHub - 0xthirteen/StayKit: Cobalt Strike kit for Persistence
Cobalt Strike kit for Persistence. Contribute to 0xthirteen/StayKit development by creating an account on GitHub.
🔥4
SpoolSystem
SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.
It uses internal Cobalt Strike APIs not usually exposed to aggressor scripting to achieve seamless execution as SYSTEM without creating any new process or relying on shellcode injection.
https://github.com/itm4n/PrintSpoofer
SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.
It uses internal Cobalt Strike APIs not usually exposed to aggressor scripting to achieve seamless execution as SYSTEM without creating any new process or relying on shellcode injection.
https://github.com/itm4n/PrintSpoofer
GitHub
GitHub - itm4n/PrintSpoofer: Abusing impersonation privileges through the "Printer Bug"
Abusing impersonation privileges through the "Printer Bug" - itm4n/PrintSpoofer
DumpsterDiver
Tool can analyze big volumes of data and find some "secrets" in the files (passwords and hardcoded password, SSH, Azure and AWS keys etc)
Uncompress archived files, support regular expressions and advanced search rules.
https://github.com/securing/DumpsterDiver
Tool can analyze big volumes of data and find some "secrets" in the files (passwords and hardcoded password, SSH, Azure and AWS keys etc)
Uncompress archived files, support regular expressions and advanced search rules.
https://github.com/securing/DumpsterDiver
Forwarded from OSIntOps News
Week in OSINT #2022- 21 - sector035 - Exif Viewers
Since Jeffrey's Exif Viewer has been offline for some time, some people needed to go look for other solutions. On Twitter Kirby Plessas asked for some tips, and got some helpful replies, especially looking for solutions when you aren't able to install any local software, like Phil Harvey's ExifTool. Even tho it's probably the best local tool out there, there are some other possibilities.
Extensions and Add-ons
InVID/WeVerify: Chrome extension
EXIF Viewer Pro: Chrome extension
Exif Viewer: Firefox add-on
Online Solutions
Exifdata.com (Tip!)
CyberChef recipe (bit buggy, doesn't always work)
Forensically (use the 'Meta Data' option)
There are of course multiple extensions, add-ons or websites, but I simply can't add them all here. Do be weary that some browser extensions only show some basic information (like Exif Viewer Classic), unless you specify the exact fields you want to view.
A small word of warning, since I want to stress that you should always be careful using third party tools. Especially when you're trying to find metadata inside images, that may not be indexed by a search engine, or are somewhat sensitive. Because you don't know whether the other party saves them, or process them in some way you don't want to. In that case, I'd strongly recommend saving or emailing the images for later examination via a local tool.
Since Jeffrey's Exif Viewer has been offline for some time, some people needed to go look for other solutions. On Twitter Kirby Plessas asked for some tips, and got some helpful replies, especially looking for solutions when you aren't able to install any local software, like Phil Harvey's ExifTool. Even tho it's probably the best local tool out there, there are some other possibilities.
Extensions and Add-ons
InVID/WeVerify: Chrome extension
EXIF Viewer Pro: Chrome extension
Exif Viewer: Firefox add-on
Online Solutions
Exifdata.com (Tip!)
CyberChef recipe (bit buggy, doesn't always work)
Forensically (use the 'Meta Data' option)
There are of course multiple extensions, add-ons or websites, but I simply can't add them all here. Do be weary that some browser extensions only show some basic information (like Exif Viewer Classic), unless you specify the exact fields you want to view.
A small word of warning, since I want to stress that you should always be careful using third party tools. Especially when you're trying to find metadata inside images, that may not be indexed by a search engine, or are somewhat sensitive. Because you don't know whether the other party saves them, or process them in some way you don't want to. In that case, I'd strongly recommend saving or emailing the images for later examination via a local tool.
Twitter
kirbstr
A new #OSINT question for you all: Jeffreys Image Metadata Viewer is down (and I get why- victim of its own popularity). Which is your next favorite go-to with a web interface? Something easy for beginners? Nothing I know was as easy, accessible, and straightforward.…
Image recognition and reverse image search products power applications that make your images searchable.
https://tineye.com/
https://tineye.com/
👍1
europol_invest_bitcoin.pdf
5.4 MB
Interpol Methodology for Investigating Cryptocurrencies (Bitcoin) EN
👍3
Guidelines to Digital Forensics First Responders_V7.pdf
3.1 MB
Interpol Methodology for digital forensics
🔥3
INTERPOL_DFL_GlobalGuidelinesDigitalForensicsLaboratory.pdf
1.5 MB
Interpol Methodology Digital Forensics Laboratory
👍3
NIST INTERPOL standard v6.00.01.pdf
4.8 MB
INTERPOL Implementation for Data Format for
the Interchange of Fingerprint, Facial and
Biometric Information
the Interchange of Fingerprint, Facial and
Biometric Information
👍5
By the way i got interpols pdf with google dorks like "filetype:pdf inurl:interpol.int"
Google dorks are usefull often
Google dorks are usefull often
🔥5
Let it be😁
Pill Identifier
How to know which pill drug is pictured or accidentally found on the floor of your home?
Use a special online identifier that suggests possible variations based on colour, shape and imprint.
https://webmd.com/pill-identification/default.htm
Pill Identifier
How to know which pill drug is pictured or accidentally found on the floor of your home?
Use a special online identifier that suggests possible variations based on colour, shape and imprint.
https://webmd.com/pill-identification/default.htm
🔥3👍2
Forwarded from OSIntOps News
Week in OSINT #2022- 23 - sector035 - CCTV Locations
Link: https://cctv.masspirates.org/
On the TOCP Discord I saw a message by 'BroquePicker' about CCTV cameras. The website of the Pirate Party provides a map where about 160.000 private cameras, sometimes with open feeds, and other CCTV cameras that are mapped by OpenStreetMap are plotted on a map. Via this website you can easily search within an area of interest for cameras that might be interesting for an investigation. One interesting thing I found was that some cameras have a mapillary key. To view the camera within Mapillary, take that key and browse to the following URL to view that location on Mapillary:
Link: https://cctv.masspirates.org/
On the TOCP Discord I saw a message by 'BroquePicker' about CCTV cameras. The website of the Pirate Party provides a map where about 160.000 private cameras, sometimes with open feeds, and other CCTV cameras that are mapped by OpenStreetMap are plotted on a map. Via this website you can easily search within an area of interest for cameras that might be interesting for an investigation. One interesting thing I found was that some cameras have a mapillary key. To view the camera within Mapillary, take that key and browse to the following URL to view that location on Mapillary:
https://mapillary.com/map/im/{key}
This is especially useful in areas where Google StreetView doesn't have much coverage, for instance in Germany.👍5
Forwarded from Molfar про OSINT
OSINT-інструменти: ідентифікація людини за номером телефону
X-ray – сервіс, який, окрім пошуку за номером телефона, може шукати за соцмережами або електронною поштою. Перші три пошуки безкоштовні, а пошук росіян безплатний взагалі. До речі, частіше за все ми використовуємо саме X-ray.
GetContact або TrueCaller – напевно, немає людей, які жодного разу не чули про GetContact – найпопулярніший додаток для встановлення абонента за номером телефону – або для того, щоб подивитись, як ви підписані в контактах інших людей. TrueCaller – це аналог GetContact для західних країн. Окрім встановлення абонента, має можливість блокувати спам-повідомлення, а також виконує функцію месенджера.
SignalHire – розширення для браузера, яке допомагає знайти контакти людини за її соцмережами або ім’ям. Позиціонує себе як сервіс для рекрутерів та hr-менеджерів. З аналогічних сервісів зверніть увагу на Rocket Reach та HolaConnect.
#OSINTtools
Molfar
X-ray – сервіс, який, окрім пошуку за номером телефона, може шукати за соцмережами або електронною поштою. Перші три пошуки безкоштовні, а пошук росіян безплатний взагалі. До речі, частіше за все ми використовуємо саме X-ray.
GetContact або TrueCaller – напевно, немає людей, які жодного разу не чули про GetContact – найпопулярніший додаток для встановлення абонента за номером телефону – або для того, щоб подивитись, як ви підписані в контактах інших людей. TrueCaller – це аналог GetContact для західних країн. Окрім встановлення абонента, має можливість блокувати спам-повідомлення, а також виконує функцію месенджера.
SignalHire – розширення для браузера, яке допомагає знайти контакти людини за її соцмережами або ім’ям. Позиціонує себе як сервіс для рекрутерів та hr-менеджерів. З аналогічних сервісів зверніть увагу на Rocket Reach та HolaConnect.
#OSINTtools
Molfar
👍6
Voice changers
there are a huge number of services for changing voice online. They can be used for voice messaging and recording anonymous podcasts.
https://voicechanger.io
https://myvoicemod.com
https://media.io/voice-changer-online.html
https://lingojam.com/FemaletoMaleVoiceChanger
https://voice-changer.org
there are a huge number of services for changing voice online. They can be used for voice messaging and recording anonymous podcasts.
https://voicechanger.io
https://myvoicemod.com
https://media.io/voice-changer-online.html
https://lingojam.com/FemaletoMaleVoiceChanger
https://voice-changer.org
Myvoicemod
Free Voice Changer & Modulator - Prank Your Friends online
Change your voice in fun and amazing ways with myvoicemod! Our funny voice changer will make magic at any place you are.
👍2🤯1