Pineapple-MK7-REST-Client – WiFi Hacking Workflow With Pineapple Mark 7 API

PINEAPPLE MK7 REST CLIENT The leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks analyze vulnerable and misconfigured devices. @HAK5 Author:: TW-D Version:: 1.0.2 Copyright:: Copyright (c) 2021 TW-D License:: Distributes under the same terms as Ruby Doc:: https://docs.hak5.org/hc/en-us/articles/360049854174-WiFi-Pineapple-Mark-VII-REST-API Requires:: ruby >= 2.7.0, rest-client 2.1.0 gem and PineappleRead More

Social-Analyzer – API And Web App For Analyzing And Finding A Person Profile Across +300 Social Media Websites (Detections Are Updated Regularly)

An API for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation. The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0Read More

Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine

An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYS_API_ID and CENSYS_API_SECRET environment variables. $ censys configCensys API ID: XXXCensys API Secret: XXXSuccessfully authenticatedRead More

RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI/Swagger specification, RESTler analyzes its entire specification, and then generates and executes tests that exercise the service through its REST API.Read More

MacC2 – Mac Command And Control That Uses Internal API Calls Instead Of Command Line Utilities

MacC2 is a macOS post exploitation tool written in python that uses Objective C calls or python libraries as opposed to command line executions. The client is written in python2, which though deprecated is still being shipped with base Big Sur installs. It is possible down the road that Apple will remove python2 (or pythonRead More

SwiftyInsta – Instagram Unofficial Private API Swift

Instagram offers two kinds of APIs to developers. The Instagram API Platform (extremely limited in functionality and close to being discontinued), and the Instagram Graph API for Business and Creator accounts only. However, Instagram apps rely on a third type of API, the so-called Private API or Unofficial API, and SwiftyInsta is an iOS, macOS,Read More

Bbrecon – Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon (bbrecon) is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet “safe harbor” attack surface, excluding out-of-scope targets.It comes with an ergonomic CLI and Python library.This repository holds the CLI and Python library. Please see the website for moreRead More

Intel Owl – Analyze Files, Domains, IPs In Multiple Ways From A Single API At Scale

Do you want to get threat intelligence data about a file, an IP or a domain?Do you want to get this kind of data from multiple sources at the same time using a single API request?You are in the right place!This application is built to scale out and to speed up the retrieval of threatRead More

Commit Stream – OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API

commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time.OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code (filter by email domain) Identify repositories belonging to an individual (filterRead More

Git-Hound v1.1 – GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System

A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research. Corporate and Bug Bounty Hunter use cases are outlined below.Features GitHub/Gist code searching. This enablesRead More

X