GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → elcuervo → Tangalanga

elcuervo / Tangalanga

Licence: gpl-3.0
Tangalanga: the Zoom conference scanner hacking tool

Programming Languages

go
31211 projects - #10 most used programming language

Labels

hackinghacking-toolzoom

Projects that are alternatives of or similar to Tangalanga

Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+879.66%)
Mutual labels:  hacking, hacking-tool
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-20.34%)
Mutual labels:  hacking, hacking-tool
Stegcloak
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐
Stars: ✭ 2,379 (+908.05%)
Mutual labels:  hacking, hacking-tool
Phonia
Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (-6.36%)
Mutual labels:  hacking, hacking-tool
Awesome Ctf Cheatsheet
CTF Cheatsheet
Stars: ✭ 204 (-13.56%)
Mutual labels:  hacking, hacking-tool
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-31.36%)
Mutual labels:  hacking, hacking-tool
Mouse
Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (-21.19%)
Mutual labels:  hacking, hacking-tool
Wifi Passview
An open source batch script based WiFi Passview for Windows!
Stars: ✭ 157 (-33.47%)
Mutual labels:  hacking, hacking-tool
Whatcms
CMS Detection and Exploit Kit based on Whatcms.org API
Stars: ✭ 205 (-13.14%)
Mutual labels:  hacking, hacking-tool
Awesome Hacking Lists
Project transferred to: https://github.com/taielab/awesome-hacking-lists
Stars: ✭ 203 (-13.98%)
Mutual labels:  hacking, hacking-tool
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+1075.85%)
Mutual labels:  hacking, hacking-tool
Tool X
Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other Linux based systems. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions.
Stars: ✭ 3,361 (+1324.15%)
Mutual labels:  hacking, hacking-tool
T14m4t
Automated brute-forcing attack tool.
Stars: ✭ 160 (-32.2%)
Mutual labels:  hacking, hacking-tool
Redteam Hardware Toolkit
🔺 Red Team Hardware Toolkit 🔺
Stars: ✭ 163 (-30.93%)
Mutual labels:  hacking, hacking-tool
Zeebsploit
web scanner - exploitation - information gathering
Stars: ✭ 159 (-32.63%)
Mutual labels:  hacking, hacking-tool
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-22.88%)
Mutual labels:  hacking, hacking-tool
Oxidtools
200 TOOLS BY 0XID4FF0X FOR TERMUX
Stars: ✭ 143 (-39.41%)
Mutual labels:  hacking, hacking-tool
Instagram Hacker
This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!
Stars: ✭ 156 (-33.9%)
Mutual labels:  hacking, hacking-tool
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-19.49%)
Mutual labels:  hacking, hacking-tool
Blackhat Arsenal Tools
Official Black Hat Arsenal Security Tools Repository
Stars: ✭ 2,639 (+1018.22%)
Mutual labels:  hacking, hacking-tool
View All Similar Projects ➔

Tangalanga

Zoom Conference scanner.

This scanner will check for a random meeting id and return information if available.

Install

First try to see if there's any prebaked version for the date: https://github.com/elcuervo/tangalanga/releases.

This versions already have a token ready to use.

Either way you can find the Windows, Linux and Mac version on Releases https://github.com/elcuervo/tangalanga/releases.

Download, uncompress and enjoy.

Usage

This are all the possible flags:

tangalanga \
    -token=user-token \   # [default: env TOKEN]  user token to use.

    -colors=false \       # [default: true]    enable/disable colors
    -censor=true \        # [default: false]   censors output
    -output=history \     # [default: stdout]  write found meetings to file
    -debug=true \         # [default: false]   show all the attmpts
    -tor=true \           # [default: false]   enable tor connection (will use default socks proxy)
    -hidden=true \        # [default: false]   enable embedded tor connection (only linux)
    -rate=7 \             # [default: ncpu]    overwrite the default worker pool

    -proxy=socks5://... \ # [default: socks5://127.0.0.1:9150]   proxy url to use

Tokens

Unfortunately I couldn't find the way the tokens are being generated but the core concept is that the zpk cookie key is being sent during a Join will be usable for ~24 hours before expiring. This makes trivial to join several known meetings, gether some tokens and then use them for the scans.

Tokens can be sniffed after a join attempt to a meeting. This means that to "fish" a token you'll need a setup that can sniff traffic and also spoof certificates.

Using Wireshark, Charles or any other of the ssl-proxying-capable tools out there will do the trick.

TOR (only linux)

Tangalanga has a tor runtime embedded so it can connect to the onion network and run the queries there instead of exposing your own ip.

For any other system I recommend a VPN

Why the bizarre name?

This makes reference to a famous 80s/90s personality in the Rio de la Plata. Doctor Tangalanga who loved to do phone pranks.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].