This short post is about FBID, an open source tool in Python that helps you get more information about a user based on just a Facebook renamed photo or a link to the actual photo. The tool is pretty simple to understand and does not have as many dependencies either, requiring only re, sys, json and urllib2 Python libraries.This tool will come in handy for forensic investigators who are able to get only the image URL in the perpetrators history or for any one who has a photo saved from Read more about [SHORT POST] FBID: Information From Facebook Photo ID!
My last post was about PowerMeta, which launches Google & Bing search queries to download files from a target domain and performs EXIF analysis on them. This method gives us an insight into the different "actors" on the domain. However, if you want more information about the domain, check out DataSploit. Read more about DataSploit: An Open Source OSINT Assistant!
My previous post was about FOCA, which hasn't been updated for long yet is a good enough tool. This post is about an open source tool - PowerMeta, which has a subset of features of the former. Read more about PowerMeta: Powerful Metadata Extractor!
There are a few tools OSINT tools that I wrote about in the old PenTestIT blog that I still remember. FOCA is one of them and it has only gotten better with time and has a lot of features and plugins since I last looked at it. Read more about FOCA: Fingerprinting & Organisation with Collected Archives!
This short post is about HatCloud, an open source tool coded in Ruby that helps you find the IP addresses of websites that are protected by CloudFlare. You know why would you need the real IP addresses right?The tool is quiet simple, needs just net/http, open-uri, json, socket and optparse. It leverages CrimeFlare to get the IP address behind CloudFlare and then uses ipinfo.io to get more information about the IP address. It sends a HTTP POST with your input via the cfS parameter Read more about HatCloud: Identify CloudFlare Protected IP Addresses!
Process injection is an old technique used for hiding code execution, avoiding detection and bypassing security solutions by injecting into whitelisted processes. This is a short post about InjectProc, an open source project that demonstrates the following common process injection techniques:DLL injection: Works by opening the target process, allocates space and then write code into the remote process, finally to execute the remote code using CreateRemoteThread. Process replacement: Read more about [SHORT POST] InjectProc: Process Injection Techniques!
There are exploitation frameworks and then there is Metasploit. Though it has a few modules targeted towards embedded devices, it is your "general purpose" framework. If you are looking at a comprehensive embedded devices/router exploitation framework you now have RouterSploit! Read more about RouterSploit: The Metasploit For Routers!