TIPS WORLD

GitGot – Semi-automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets

GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it WorksDuring search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users can blacklist files by filename, repository name, username, or […]

TIPS WORLD

Git-Hound – Find Exposed Keys Across GitHub Using Code Search Keywords

A pattern-matching, batch-catching secret snatcher. This project is intended to be used for educational purposes. Git Hound makes it easy to find exposed API keys on GitHub using pattern matching, targetted querying, and a scoring system.Usageecho “tillsongalloway.com” | python git-hound.py or python git-hound.py –subdomain-file subdomains.txt We also offer a number of flags to target specific […]

Cryptography Linux TIPS WORLD

Parrot Security 4.7 – Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while surfing the net. Documentation User Guide Getting Started […]

Android Linux TIPS WORLD

Kali NetHunter App Store – The New Android Store Dedicated to Free Security Apps

The Kali NetHunter App Store is a one-stop-shop for security relevant Android applications. It is the ultimate alternative to the Google Play store for any Android device, whether rooted or not, NetHunter or stock. If you are after any security application for your Android device, the NetHunter Store will be the place to get it. […]

Linux TIPS WORLD

Userrecon v1.1.0 – Recognition Usernames In 187 Social Networks

Find usernames in 187 social networks. Installation Install dependencies (Debian/Ubuntu): sudo apt install python3 python3-pip Install with pip3: sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.gituserrecon-py –help Building from SourceClone this repository, and: git clone https://github.com/decoxviii/userrecon-py.git ; cd userrecon-pysudo -H pip3 install -r requirements.txtpython3 setup.py buildsudo python3 setup.py install UpdateTo update this tool to the latest version, run: […]

CVE VULNERABILITIES

Vuln: GNOME gvfs CVE-2019-12795 Local Authorization Bypass Vulnerability

GNOME gvfs CVE-2019-12795 Local Authorization Bypass Vulnerability Bugtraq ID: 108741 Class: Configuration Error CVE: CVE-2019-12795 Remote: No Local: Yes Published: Jun 11 2019 12:00AM Updated: Jun 11 2019 12:00AM Credit: The vendor reported this issue. Vulnerable: GNOME gvfs 1.41.2GNOME gvfs 1.41GNOME gvfs 1.40.1GNOME gvfs 1.40GNOME gvfs 1.38.2GNOME gvfs 1.38GNOME gvfs 1.30GNOME gvfs 1.0 Not Vulnerable: […]

CVE VULNERABILITIES

Vuln: Squid CVE-2019-13345 Multiple Cross Site Scripting Vulnerabilities

Squid CVE-2019-13345 Multiple Cross Site Scripting Vulnerabilities Bugtraq ID: 109095 Class: Input Validation Error CVE: CVE-2019-13345 Remote: Yes Local: No Published: May 27 2019 12:00AM Updated: Jul 19 2019 04:00AM Credit: PAZ Vulnerable: Squid Squid 4.0.17Squid Squid 4.0.16Squid Squid 4.0.8Squid Squid 4.0.6Squid Squid 4.0.5Squid Squid 4.0.4Squid Squid 4.7Squid Squid 4.6Squid Squid 4.5Squid Squid 4.4Squid Squid […]

TIPS WORLD

Brute_Force – BruteForce Gmail, Hotmail, Twitter, Facebook & Netflix

Install : pip install proxylistpip install mechanize Usage: BruteForce Gmail Attack python3 Brute_Force.py -g [email protected] -l File_listpython3 Brute_Force.py -g [email protected] -p Password_Single BruteForce Hotmail Attack python3 Brute_Force.py -t [email protected] -l File_listpython3 Brute_Force.py -t [email protected] -p Password_Single BruteForce Twitter Attack python3 Brute_Force.py -T Account_Twitter -l File_listpython3 Brute_Force.py -T Account_Twitter -l File_list -X proxy-list.txt BruteForce Facebook Attack […]

Linux TIPS WORLD

Detect It Easy – Program For Determining Types Of Files For Windows, Linux And MacOS

Detect It Easy, or abbreviated “DIE” is a program for determining types of files. “DIE” is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS. Many programs of the kind (PEID, PE tools) allow to use third-party signatures. Unfortunately, those signatures scan only bytes by the pre-set […]

TIPS WORLD

Shellsum – A Defense Tool – Detect Web Shells In Local Directories Via Md5Sum

A defense tool – detect web shells in local directories via md5sum Features Fast speed Lightweight Big database Tabled output Usages Install git clone https://github.com/ManhNho/shellsum.gitchmod 755 -R shellsum/cd shellsum/pip install -r requirements.txt Run python shellsum.py ToDo Smooth output Export file report Modularization Bigger database References https://github.com/tennc/webshell Download Shellsum