HackGit

2022-07-16 14:14:00 ​​PCICrash

PCIDriverKit PoC for CVE-2022-26763 (exec arbitrary code w/ system privileges).

https://github.com/zhuowei/PCICrash

Research:
https://worthdoingbadly.com/coretrust/ Открыть/Комментировать

2022-07-16 12:11:00 HackRF One + Portapack H2 Mayhem.

The HackRF is an exceptionally capable software defined radio (SDR) transceiver, but naturally you need to connect it to a computer to actually do anything with it. So the PortaPack was developed to turn it into a stand-alone device with the addition of a touchscreen LCD, a few buttons, and a headphone jack. With all the hardware in place, it’s just a matter of installing a firmware capable enough to do some proper RF hacking on the go.

Enter MAYHEM, an evolved fork of the original PortaPack firmware that the developers claim is the most up-to-date and feature packed version available. Without ever plugging into a computer, this firmware allows you to receive, decode, and re-transmit a dizzying number of wireless protocols. From firing off the seating pagers at a local restaurant to creating a fleet of phantom aircraft with spoofed ADS-B transponders, MAYHEM certainly seems like it lives up to the name.

Detailed blog post about installing and using MAYHEM on the HackRF/PortaPack, complete with a number of real-world examples that show off just a handful of possible applications for the project. Jamming cell phones, sending fake pager messages, and cloning RF remotes is just scratching the surface of what’s possible.

Example of use: exploitation of a Honda vulnerability Honda's Remote Keyless System (CVE-2022-27254)

Buy online:
https://ali.ski/tvBZB

#hackrf #radio #sdr #spoofing Открыть/Комментировать

2022-07-16 11:11:03 URLHunter

A recon tool that allows searching on URLs that are exposed via shortened services.

https://github.com/utkusen/urlhunter Открыть/Комментировать

2022-07-16 11:11:02 ​​Terra

OSINT Tool on Twitter and Instagram.

Install it and write your login/password in credentials
Launch (python3 terra.py )
Type command "followers emails"
Wait. Long time.
Get list of users's followers emails (from bio)

https://github.com/xadhrit/terra

414 views08:11

Открыть/Комментировать

2022-07-16 11:11:01 ​​PDFCrack

An Advanced tool to Crack Any Password Protected PDF file. A very user friendly script especially for noob hackers.

Features:
Crack Any PDF password protected file with different Techniques.
This script will install required tool automatically.
U can Use Your Own Custom Wordlist in order to crack password.
Also U can Use Default wordlist as well as own wordlist in Hash Attack.
Very Fast To Crack Any Password Protected File.
More Features will be added in Future IA!

https://github.com/machine1337/pdfcrack Открыть/Комментировать

2022-06-24 11:11:04 ​​LinkFinder

LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing.

Resulting in new testing ground, possibility containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions.

These are responsible for finding:
Full URLs (https://example.com/)
Absolute URLs or dotted URLs (/* or ../*)
Relative URLs with at least one slash (text/test.php)
Relative URLs without a slash (test.php)

https://github.com/GerbenJavado/LinkFinder

@HackGit Открыть/Комментировать

2022-06-24 11:11:03 ​​interactsh

Interactsh is an open-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions.

Features:
DNS/HTTP(S)/SMTP(S)/LDAP Interaction
CLI / Web / Burp / ZAP / Docker client
AES encryption with zero logging
Automatic ACME based Wildcard TLS w/ Auto Renewal
DNS Entries for Cloud Metadata service
Self-Hosted Interactsh Server
Multiple domain support (self-hosted)
NTLM/SMB/FTP/RESPONDER Listener (self-hosted)
Wildcard / Protected Interactions (self-hosted)
Customizable Payload Length (self-hosted)
Custom SSL Certificate (self-hosted)

https://github.com/projectdiscovery/interactsh

@HackGit Открыть/Комментировать

2022-06-24 11:11:02 ​​ChainWalker

ChainWalker is a smart contract scraper which uses RCP/IPC calls to extract the information. A small tool that can help us find contracts, extract the EVM code, and disassemble the opcodes. It allows us to select specific blocks or even specific contract balances.

Features:
cross-platform
concurrent and fast
It doesn't require 3rd party API
downloads contract EVM
disassemble EVM to opcode

https://github.com/0xsha/ChainWalker

Research:
https://0xsha.io/blog/lets-walk-on-the-chains-creating-a-smart-contract-crawler

@HackGit Открыть/Комментировать

2022-06-24 11:11:01 ​​SecretFinder

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files.

It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything on js files.

https://github.com/m4ll0k/SecretFinder

@HackGit Открыть/Комментировать

2022-06-24 11:11:00 ​​All about bug bounty

These are my bug bounty notes that I have gathered from various sources, you can contribute to this repository too!

https://github.com/daffainfo/AllAboutBugBounty

@HackGit Открыть/Комментировать