Tutoriales

SpiderFoot: Your Ultimate OSINT Companion

According its Github description, SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. https://github.com/smicallef/spiderfoot Uses SpiderFoot is a versatile tool that serves both offensive and defensive

Adding BlackArch Linux Repositories to Your Arch-based System

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 2872 tools. BlackArch Linux is compatible with existing Arch installs.  BlackArch Linux can be installed as a single distro using their ISOs and it is also compatible with existing/normal Arch installations. In this case it will act as an unofficial user repository. In this post we will cover the process of adding BlackArch repositories to

A new discovery: SimpleHTTPserver

SimpleHTTPserver is a go enhanced version of the well known python simplehttpserver with in addition a fully customizable TCP server, both supporting TLS.It will be a handy tool during your pentests. Installing go install -v github.com/projectdiscovery/simplehttpserver/cmd/simplehttpserver@latest Help simplehttpserver -h Flag Description Example -listen Configure listening ip:port (default 127.0.0.1:8000) simplehttpserver -listen 127.0.0.1:8000 -path Fileserver folder (default current directory) simplehttpserver -path /var/docs -verbose Verbose (dump request/response, default false) simplehttpserver -verbose -tcp TCP

Testing Docker WordPress environment

Next few days I will enjoying some holidays and I wanted to play a bit with WordPress security. The first step is a testing environment to avoid messing with my own production WordPress.One of the easiest ways is a local environment using Docker. In this post, I will describe the steps to create a new WordPress installation where you will be able to test everything you need. I will be

Project Discovery – Fuzzing Templates

Project Discovery has many amazing tools and useful repositories. Nuclei is one of the tools used daily and one of the best template lists for nuclei usage is Nuclei-Templates. Besides that awesome template collection, it exists that could help to find that finding is hiding with Nuclei-Templates. According to its description: Fuzzing templates are used with nuclei scanner which powers the actual scanning engine. This repository contains various fuzzing templates for the

Feroxbuster – content discovery tool

According its description: Feroxbuster is a simple, fast, recursive content discovery tool written in Rust. Install ❯ curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/main/install-nix.sh | bash -s $HOME/.local/bin Useful options Target selection: Composite settings: Proxy settings: Request settings: Request filters: Response filters: Client settings: Scan settings: Dynamic collection settings: Output settings: Update settings: Usage examples ❯ ./feroxbuster -u https://ginandjuice.shop/ -w ~/tools/SecLists/Discovery/Web-Content/raft-medium-directories.txt -s 200

The Clipboard Project

The Clipboard Project is an advanced clipboard manager tool for your terminal that provides a seamless way to store and access your copied items, allowing you to manage and organize your clipboard history effortlessly. Install $ curl -sSL https://github.com/Slackadays/Clipboard/raw/main/install.sh | sh Configuration This application has support for multiple languages that will modify the usage of the application itself.Instead $ cb copy fileName for copying a file into the cliboard, if

Getting Started with Virtual Environments in Python

Virtual environments are an essential tool for Python developers to manage dependencies and isolate projects. In this article, we will explore the basics of virtual environments and how to use them effectively. What are Virtual Environments? Virtual environments are isolated Python environments that allow you to install and manage dependencies for a particular project without affecting other projects or the system Python installation. Each virtual environment has its own Python

Pdtm by Project Discovery

Project Discovery is an open-source software company that builds tools for cybersecurity.They are under nuclei, subfinder, httpx, katana or naabu. Recently they have published pdtm.Pdtm is a simple and easy-to-use golang based tool for managing open-source projects from ProjectDiscovery. Install go1.19 is required to install successfully pdtm. $ go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest Usage $ pdtm –help $ pdtm if needed add your bin go path to the config file located in:

Chaos bug bounty recon data API

Bug bounty programs offer a unique opportunity for security researchers to test and identify vulnerabilities in applications and systems, all while earning rewards for their efforts. However, with so many programs available, it can be challenging for researchers to find new targets and prioritize their efforts effectively. This is where the Chaos Bug Bounty Recon Data API from Project Discovery can be incredibly helpful. The Chaos Bug Bounty Recon Data