Google Hacking Database

The Google Hacking Database (GHDB) is a collection of search queries that use Google’s search syntax in creative ways to uncover vulnerabilities, exposed databases, login portals with default credentials, sensitive files, and other information that might not be intended for public access. All contained Dorks are categorized in several categories:

Tor install and usage (Arch based distro)

Install and configuration $ yay -S tor nyx torsocks torbrowser-launcher $ sudo systemctl status tor $ ss -nlt Usage Torify a command $ wget -qO –; echo x1x1.y1y1.z1z1.t1t1 $ torsocks wget -qO –; echo x2x2.y2y2.z2z2.t2.t2 $ sudo systemctl stop tor$ torsocks wget -qO –; echo Torify a shell $ source torsocks on Tor mode activated. Every command will be torified for this shell. $ wget -qO –

Nuclei v3 is here

Last week nuclei was uptated to v3. This is a summary of the Nuclei v3 new features: Project discovery blog post with the full description can be found here: Note: By the time I uploaded my systems it has been released Nuclei v3.0.1 fixing some issues introduced with v3.0The full changelog can be checked here:…v3.0.1 $ nuclei –up $ nuclei –version  

Rengine 2.0 has finally arrived

After some waiting, Rengine 2.0 is here and it comes with many changes: New additions overview: Install $ git clone$ edit .env(Remember to change the Postgres password) $ sudo ./ The first clean installation try gave these issues. Then tried the same migration fix I needed for the old reNgine version. $ docker-compose -f docker-compose.yml exec web python3 migrate After that, a second installation attempt everything was fine.

OWASP Juice Shop

According to its Github description: OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! It can be a very helpful tool to learn and practice your hacking

Anew: Yet Another Useful Tool for your scripts

Anew is a handy tool created by Tomnomnom for appending lines to a file while ensuring that duplicates are not added, making it useful for scripting and data processing tasks. Install go install -v Help Usage (Examples from its Github)

SpiderFoot: Your Ultimate OSINT Companion

According its Github description, SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. Uses SpiderFoot is a versatile tool that serves both offensive and defensive

A new discovery: SimpleHTTPserver

SimpleHTTPserver is a go enhanced version of the well known python simplehttpserver with in addition a fully customizable TCP server, both supporting TLS.It will be a handy tool during your pentests. Installing go install -v Help simplehttpserver -h Flag Description Example -listen Configure listening ip:port (default simplehttpserver -listen -path Fileserver folder (default current directory) simplehttpserver -path /var/docs -verbose Verbose (dump request/response, default false) simplehttpserver -verbose -tcp TCP

«Inventory» by Trickiest: Simplifying Bug Bounty Success

In the ever-changing world of cybersecurity, bug bounty hunters play a crucial role in finding and fixing software vulnerabilities. They boost security for organizations and protect users from potential threats. To be the first in the hunt for vulnerabilities, you need the right tools and resources, and that’s where the Trickiest’s «Inventory» project comes in. Uncomplicated Bug Hunting Trickiest’s «Inventory» goes beyond being a simple repository. It’s a specialized toolkit

Project Discovery – Fuzzing Templates

Project Discovery has many amazing tools and useful repositories. Nuclei is one of the tools used daily and one of the best template lists for nuclei usage is Nuclei-Templates. Besides that awesome template collection, it exists that could help to find that finding is hiding with Nuclei-Templates. According to its description: Fuzzing templates are used with nuclei scanner which powers the actual scanning engine. This repository contains various fuzzing templates for the