Godehashed – Tool That Uses The Dehashed.Com API To Search For Compromised Assets

A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a CSV for further analysis. Dehashed API You must supply the tool an api key. See apikey_template.txt for example. Installation To install the tool in CLI run the following command. Your $GOPATH must already be set.Read More

Darkdump – Search The Deep Web Straight From Your Terminal

Darkdump is a simple script written in Python3.9 in which it allows users to enter a search term (query) in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump wraps up the darksearch.io API. Installation git clone https://github.com/josh0xA/darkdump cd darkdump python3 -m pip install -r requirements.txt python3Read More

ATMMalScan – Tool for Windows which helps to search for malware traces on an ATM during the DFIR process

ATMMalScan is a commandline tool for Windows operating systems version 7 and higher, which helps to search for malware traces on an ATM during the DFIR process. This tool examines the running processes of a system, as well as the hard disk, depending on the specified file path. To scan a system, a user withRead More

MetaFinder – Search For Documents In A Domain Through Google

Search For Documents In A Domain Through Google. The Objective Is To Extract Metadata. Installing dependencies: > git clone https://github.com/Josue87/MetaFinder.git> cd MetaFinder> pip3 install -r requirements.txt Usage python3 metafinder.py -t domain.com -l 20 [-v] Parameters: t: Specifies the target domain. l: Specify the maximum number of results to be searched. v: Optional. It is usedRead More

Token-Hunter – Collect OSINT For GitLab Groups And Members And Search The Group And Group Members’ Snippets, Issues, And Issue Discussions For Sensitive Data That May Be Included In These Assets

Collect OSINT for GitLab groups and members and search the group and group members’ snippets, issues, and issue discussions for sensitive data that may be included in these assets. The information gathered is intended to compliment and inform the use of additional tools such as TruffleHog or GitRob, which search git commit history using aRead More

Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine

An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYS_API_ID and CENSYS_API_SECRET environment variables. $ censys configCensys API ID: XXXCensys API Secret: XXXSuccessfully authenticatedRead More

Fawkes – Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)

Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options -q, –query – Dork that will be used in the search engine. -r, –results – Number of results brought by the search engine. -s, –start-page – Home page of search results. -t, –timeout – TimeoutRead More

OnionSearch – A Script That Scrapes Urls On Different .Onion Search Engines

OnionSearch is a Python3 script that scrapes urls on different “.onion” search engines. Prerequisite Python 3  Currently supported Search engines ahmia darksearchio onionland notevil darksearchenginer phobos onionsearchserver torgle onionsearchengine tordex tor66 tormax haystack multivac evosearch deeplink ️ Installation With PyPI pip3 install onionsearch With Github git clone https://github.com/megadose/OnionSearch.gitcd OnionSearch/python3 setup.py install  Usage Help:Read More

Apk-Medit – Memory Search And Patch Tool On Debuggable Apk Without Root & Ndk

Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can beRead More

PwnedPasswordsChecker – Search (Offline) If Your Password (NTLM Or SHA1 Format) Has Been Leaked (HIBP Passwords List V5)

PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences. You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here Once the list is downloadedRead More