Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Stars: ✭ 10,451 (+8756.78%)

Mutual labels: hacking, cybersecurity

Kill Router

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Stars: ✭ 57 (-51.69%)

Mutual labels: hacking, shodan

Osint San

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.

Stars: ✭ 99 (-16.1%)

Mutual labels: cybersecurity, shodan

Aura Botnet

A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.

Stars: ✭ 95 (-19.49%)

Mutual labels: hacking, cybersecurity

Keye

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Stars: ✭ 101 (-14.41%)

Mutual labels: hacking, pentest

Virtualseccons

An ongoing list of virtual cybersecurity conferences.

Stars: ✭ 113 (-4.24%)

Mutual labels: hacking, cybersecurity

Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Stars: ✭ 1,136 (+862.71%)

Mutual labels: hacking, pentest

Shellpop

Pop shells like a master.

Stars: ✭ 1,279 (+983.9%)

Mutual labels: hacking, pentest

Dr0p1t Framework

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Stars: ✭ 1,132 (+859.32%)

Mutual labels: hacking, pentest

Cve 2019 0604

cve-2019-0604 SharePoint RCE exploit

Stars: ✭ 91 (-22.88%)

Mutual labels: hacking, pentest

Hacker Container

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Stars: ✭ 105 (-11.02%)

Mutual labels: hacking, pentest

Pythem

pentest framework

Stars: ✭ 1,060 (+798.31%)

Mutual labels: hacking, pentest

Slowloris

Asynchronous Python implementation of SlowLoris DoS attack

Stars: ✭ 51 (-56.78%)

Mutual labels: hacking, cybersecurity

View All Similar Projects ➔

Shodan Dorks

Dorks for shodan.io website. Taken from publicly available sources.

Shodan

Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters.

Basic Shodan Filters

city:

Find devices in a particular city.
city:"Bangalore"

country:

Find devices in a particular country.
country:"IN"

geo:

Find devices by giving geographical coordinates.
geo:"56.913055,118.250862"

hostname:

Find devices matching the hostname.
server: "gws" hostname:"google"

net:

Find devices based on an IP address or /x CIDR.
net:210.214.0.0/16

os:

Find devices based on operating system.
os:"windows 7"

port:

Find devices based on open ports.
proftpd port:21

before/after:

Find devices before or after between a given time.
apache after:22/02/2009 before:14/3/2010

Citrix:

Find Citrix Gateway.
title:"citrix gateway"

Wifi Passwords:

Helps to find the cleartext wifi passwords in Shodan. html:"def_wirelesspassword"

Surveillance Cams:

With username:admin and password: :P NETSurveillance uc-httpd

Fuel Pumps connected to internet:

No auth required to access CLI terminal. "privileged command" GET

Windows RDP Password:

But may contain secondary windows auth "\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00"

Mongo DB servers:

It may give info about mongo db servers and dashboard "MongoDB Server Information" port:27017 -authentication

FTP servers allowing anonymous access:

Complete Anon access "220" "230 Login successful." port:21

Jenkins:

Jenkins Unrestricted Dashboard x-jenkins 200

Hacked routers:

Routers which got compromised hacked-router-help-sos

Open ATM:

May allow for ATM Access availability NCR Port:"161"

Telnet Access:

NO password required for telnet access. port:23 console gateway

Misconfigured Wordpress Sites:

The wp-config.php if accessed can give out the database credentials. http.html:"* The wp-config.php creation script uses this file"

Hiring:

Find sites hiring. "X-Recruiting:"

Android Root Bridge:

Find android root bridges with port 5555. "Android Debug Bridge" "Device" port:5555

Etherium Miners:

Shows the miners running ETH. "ETH - Total speed"

Tesla Powerpack charging Status:

Helps to find the charging status of tesla powerpack. http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2

YOU CAN ALSO COMBINE FILTERS TO MAKE INTO ADVANCED FILTERS FOR QUICK RECON.

Please create a pull request if you want to contribute.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 118

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗