m8r0wn / Crosslinked
Licence: gpl-3.0
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Stars: ✭ 223
Programming Languages
Projects that are alternatives of or similar to Crosslinked
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+936.77%)
Mutual labels: osint, pentest-tool, enumeration
Amass
In-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+2717.94%)
Mutual labels: osint, enumeration
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+142.6%)
Mutual labels: osint, pentest-tool
Ldap search
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-65.02%)
Mutual labels: pentest-tool, enumeration
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+2095.96%)
Mutual labels: pentest-tool, pentest-scripts
Bugcrowd Levelup Subdomain Enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+130.04%)
Mutual labels: osint, enumeration
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+203.59%)
Mutual labels: pentest-tool, pentest-scripts
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+65.92%)
Mutual labels: osint, enumeration
Eggshell
iOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+476.68%)
Mutual labels: pentest-tool, pentest-scripts
Erodir
A fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-57.85%)
Mutual labels: pentest-tool, enumeration
Burpsuite Xkeys
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-35.43%)
Mutual labels: osint, pentest-tool
Nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+102.24%)
Mutual labels: pentest-tool, enumeration
Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+101.79%)
Mutual labels: pentest-tool, pentest-scripts
Yasuo
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+131.84%)
Mutual labels: pentest-tool, pentest-scripts
Censys Subdomain Finder
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (+80.27%)
Mutual labels: osint, pentest-tool
Kaboom
A tool to automate penetration tests
Stars: ✭ 322 (+44.39%)
Mutual labels: pentest-tool, pentest-scripts
Tidos Framework
The Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+478.48%)
Mutual labels: osint, enumeration
Enumdb
Relational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-25.11%)
Mutual labels: pentest-tool, enumeration
CrossLinked
CrossLinked simplifies the processes of searching LinkedIn to collect valid employee names when performing password spraying or other security testing against an organization. Using similar search engine scraping capabilities found in tools like subscraper and pymeta, CrossLinked will find valid employee names and help format the data according to the organization's account naming convention. Results will be written to a 'names.txt' file in the current directory for further testing.
Setup
git clone https://github.com/m8r0wn/crosslinked
cd crosslinked
pip3 install -r requirements.txt
Examples
python3 crosslinked.py -f '{first}.{last}@domain.com' company_name
python3 crosslinked.py -f 'domain\{f}{last}' -t 45 -j 0.5 company_name
Usage
-h, --help show this help message and exit
-t TIMEOUT Timeout [seconds] for search threads (Default: 25)
-j JITTER Jitter for scraping evasion (Default: 0)
-o OUTFILE Change name of output file (default: names.txt
-f NFORMAT Format names, ex: 'domain\{f}{last}', '{first}.{last}@domain.com'
-s, --safe Only parse names with company in title (Reduces false positives)
-v Show names and titles recovered after enumeration
Additions
Two additional scripts are included in this repo to aid in generating potential username and password files:
-
pwd_gen.py- Generates custom password lists using words and variables defined at the top of the script. Perform number/letter substitutions, append special characters, and more. Once configured, run the script with no arguments to generate a 'passwords.txt' output file. -
user_gen.py- Generates custom usernames using inputs from firstname.txt and lastname.txt files, provided at the command line. Format is defined similiar to crosslinked.py and will be written to 'users.txt'.
python3 user_gen.py -first top100_firstnames.txt -last top100_lastnames.txt -f "domain\{f}{last}"
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].