Swissknife – Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag

The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual Studio Marketplace Currently available scripts Base64 decode Base64 encode Binary To Text Bip39 Mnemonic CSV to Markdown Count characters Count words Crypto currency value Date to Timestamp Eliptic Curve Key Pair Generate Password HTML EncodeRead More

SharpHound3 – C# Data Collector For The BloodHound Project

Get SharpHound The latest build of SharpHound will always be in the BloodHound repository here Compile Instructions SharpHound is written using C# 9.0 features. To easily compile this project, use Visual Studio 2019. If you would like to compile on previous versions of Visual Studio, you can install the Microsoft.Net.Compilers nuget package. Building the projectRead More

Procrustes – A Bash Script That Automates The Exfiltration Of Data Over Dns In Case We Have A Blind Command Execution On A Server Where All Outbound Connections Except DNS Are Blocked

A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. The script currently supports sh, bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime.exec). Unstaged:    Staged:   For its operations,Read More

Gitlab-Watchman – Monitoring GitLab For Sensitive Data Shared Publicly

GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally. Features It searches GitLab for internally shared projects and looks at: Code Commits Wiki pages Issues Merge requests Milestones For the following data: GCP keys and service account files AWS keys Azure keys and serviceRead More

Linux-Chrome-Recon – An Information Gathering Tool Used To Enumerate All Possible Data About An User From Google-Chrome Browser From Any Linux Distribution

“linux-chrome-recon” is a Information gathering tool used to enumerate all possible data about an user from Google-Chrome browser from any Linux distribution Intro 1.Loots possible data from Google-Chrome 2.Launches HTTP Server on /tmp directory (Usefull) 3.Simple script to receive data from Victim(One time run) 4.Clears the /tmp data when server is closed… Files retrieved :Read More

Token-Hunter – Collect OSINT For GitLab Groups And Members And Search The Group And Group Members’ Snippets, Issues, And Issue Discussions For Sensitive Data That May Be Included In These Assets

Collect OSINT for GitLab groups and members and search the group and group members’ snippets, issues, and issue discussions for sensitive data that may be included in these assets. The information gathered is intended to compliment and inform the use of additional tools such as TruffleHog or GitRob, which search git commit history using aRead More

Exif-Gps-Tracer – A Python Script Which Allows You To Parse GeoLocation Data From Your Image Files Stored In A dataset

A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google Maps Prerequisite To run this script fluently , (1) You should have Google Maps API (2) You should enable Map JavaScript API in Console To getRead More

Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place

SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is to gathering infromation from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/). It scraps data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has database where CVEs are mapped to CWE. ItRead More

N1QLMap – The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks via CURL. More information can be found here: https://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-injection-in-a-nosql-database. Usage Help usage: n1qlMap.py [-h] [-r REQUEST] [-k KEYWORD] [–proxy PROXY] [–validatecerts] [-v] (-d | -ks DATASTORE_URL | -e KEYSPACE_ID | -q QUERY | -c [ENDPOINTRead More

X