Sherlock – Find Usernames Across Social Networks

Find usernames across social networks InstallationNOTE: Python 3.6 or higher is required.# clone the repo$ git clone https://github.com/sherlock-project/sherlock.git# change the working directory to sherlock$ cd sherlock# install python3 and python3-pip if not exist# install the requirements$ pip3 install -r requirements.txtUsage$ python3 sherlock.py –helpusage: sherlock.py [-h] [–version] [–verbose] [–rank] [–folderoutput FOLDEROUTPUT] [–output OUTPUT] [–tor] [–unique-tor] [–csv] [–site SITE_NAME] [–proxy PROXY_URL] [–json JSON_FILE] USERNAMES [USERNAMES …]Sherlock: Find Usernames Across Social Networks (Version 0.6.4)positional arguments: USERNAMES One or more usernames to check with social networks.optional arguments: -h, –help show this help message and exit –version Display version information and dependencies. –verbose, -v, -d, –debug Display extra debugging information and metrics. –rank, -r Present websites ordered by their Alexa.com global rank in popularity. –folderoutput FOLDEROUTPUT, -fo FOLDEROUTPUT If using multiple usernames, the output of the results will be saved at this folder. –output OUTPUT, -o OUTPUT If using single username, the output of the result will be saved at this file. –tor, -t Make requests over TOR; increases runtime; requires TOR to be installed and in system path. –unique-tor, -u Make requests over TOR with new TOR circuit after each request; increases runtime; requires TOR to be installed and in system path. –csv Create Comma-Separated Values (CSV) File. –site SITE_NAME Limit analysis to just the listed sites. Add multiple options to specify more than one site. –proxy PROXY_URL, -p PROXY_URL Make requests over a proxy. e.g. socks5://127.0.0.1:1080 –json JSON_FILE, -j JSON_FILE Load data from a JSON file or an online, valid, JSON file. –print-found Prints only found messages. Errors, and invalid username errors will not appear.For example, run python3 sherlock.py user123, and all of the accounts found will be stored in a text file with the username (e.g user123.txt).Docker NotesIf you have docker installed you can build an image and run this as a container.docker build -t mysherlock-image .Once the image is built sherlock can be invoked by running the following:docker run –rm mysherlock-image user123The optional –rm flag removes the container filesystem on completion to prevent cruft build-up. See https://docs.docker.com/engine/reference/run/#clean-up—rmOne caveat is the text file that is created will only exist in the container so you will not be able to get at that.Or you can simply use “Docker Hub" to run sherlock:docker run theyahya/sherlock user123Adding New SitesPlease look at the Wiki entry on adding new sites to understand the issues.TestsIf you are contributing to Sherlock, then Thank You!Before creating a pull request with new development, please run the tests to ensure that all is well. It would also be a good idea to run the tests before starting development to distinguish problems between your environment and the Sherlock software.The following is an example of the command line to run all the tests for Sherlock. This invocation hides the progress text that Sherlock normally outputs, and instead shows the verbose output of the tests.$ python3 -m unittest tests.all –buffer –verboseNote that we do currently have 100% test coverage. Unfortunately, some of the sites that Sherlock checks are not always reliable, so it is not uncommon to get response errors.Download Sherlock

Link: http://feedproxy.google.com/~r/PentestTools/~3/eSJru-TKuEE/sherlock-find-usernames-across-social.html

URLextractor – Information Gathering and Website Reconnaissance

Information gathering & website reconnaissanceUsage: ./extractor http://www.hackthissite.org/Tips:Colorex: put colors to the ouput pip install colorex and use it like ./extractor http://www.hackthissite.org/ | colorex -g “INFO" -r "ALERT"Tldextract: is used by dnsenumeration function pip install tldextractFeatures:IP and hosting info like city and country (using FreegeoIP)DNS servers (using dig)ASN, Network range, ISP name (using RISwhois)Load balancer testWhois for abuse mail (using Spamcop)PAC (Proxy Auto Configuration) fileCompares hashes to diff coderobots.txt (recursively looking for hidden stuff)Source code (looking for passwords and users)External links (frames from other websites)Directory FUZZ (like Dirbuster and Wfuzz – using Dirbuster) directory list)URLvoid API – checks Google page rank, Alexa rank and possible blacklistsProvides useful links at other websites to correlate with IP/ASNOption to open ALL results in browser at the endChangelog to version 0.2.0:[Fix] Changed GeoIP from freegeoip to ip-api[Fix/Improvement] Remove duplicates from robots.txt[Improvement] Better whois abuse contacts (abuse.net)[Improvement] Top passwords collection added to sourcecode checking[New feature] Firt run verification to install dependencies if need[New feature] Log file[New feature] Check for hostname on log file[New feature] Check if hostname is listed on Spamaus Domain Blacklist[New feature] Run a quick dnsenumeration with common server namesChangelog to version 0.1.9:Abuse mail using lynx istead of curlTarget server name parsing fixedMore verbose about HTTP codes and directory discoveryMD5 collection for IP fixedLinks found now show unique URLs from array[New feature] Google results[New feature] Bing IP check for other hosts/vhosts[New feature] Opened ports from Shodan[New feature] VirusTotal information about IP[New feature] Alexa Rank information about $TARGET_HOSTRequirements:Tested on Kali light mini AND OSX 10.11.3 with brewsudo apt-get install bc curl dnsutils libxml2-utils whois md5sha1sum lynx openssl -yConfiguration file:CURL_TIMEOUT=15 #timeout in –connect-timeoutCURL_UA=Mozilla #user-agent (keep it simple)INTERNAL=NO #YES OR NO (show internal network info)URLVOID_KEY=your_API_key #using API from http://www.urlvoid.com/FUZZ_LIMIT=10 #how many lines it will read from fuzz fileOPEN_TARGET_URLS=NO #open found URLs at the end of scriptOPEN_EXTERNAL_LINKS=NO #open external links (frames) at the end of scriptFIRST_TIME=YES #if first time check for dependeciesDownload URLextractor

Link: http://feedproxy.google.com/~r/PentestTools/~3/yeRbR31P73k/urlextractor-information-gathering-and.html

PhoneInfoga – Advanced Information Gathering & OSINT Tool For Phone Numbers

PhoneInfoga is one of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with very good accuracy. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.FeaturesCheck if phone number exists and is possibleGather standard information such as country, line type, and carrierOSINT footprinting using external APIs, Google Hacking, phone books & search enginesCheck for reputation reports, social media, disposable numbers and moreScan several numbers at onceUse custom formatting for more effective OSINT reconnaissanceAutomatic footprinting on several custom formatsDownload PhoneInfoga

Link: http://www.kitploit.com/2019/06/phoneinfoga-advanced-information.html

RecScanSec – Reconnaisance Scanner Security

RecScanSec made for reconnaisance Scanner and information gathering with an emphasis on simplicity.It will do everything from.FeaturesInformation Security HeadersWAF AnalyzerInformation DisclosureBanner GrabbingUrl CrawlHTML Form DetectorPort ScannerGet SSL InformationSubdomain EnumerationHost MapperUrl Fuzzing & sensitive dirall results scanned will be saved in the output directoryRequirementsasyncioclickrequestscolorlogbs4tldextractUsage & Installation$ apt-get install python3 nmap$ pip3 install -r requirements.txt$ python3 RecScanSec.py http://target.co.liUsage: RecScanSec.py [OPTIONS] TARGETOptions: –version Show the version and exit. –timeout INTEGER Seconds to wait before timeout connections –proxy TEXT if Use a proxy ex: 0.0.0.0:8888 if with auth 0.0.0.0:8888@user:password –cookies TEXT if use cookie comma separated cookies to add the requestex: PHPSESS:123,kontol:True –no-url-fuzzing do not fuzz url –update Check For Update –help Show this message and exit. ScreenshotInfoSupport For Python Version: 3.7RecScanSec Version: 1.0By: 407 Authentic Exploit Codename: JaxBCDDownload RecScanSec

Link: http://feedproxy.google.com/~r/PentestTools/~3/oiNIb-2z3TU/recscansec-reconnaisance-scanner.html

VulnX – CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector

Vulnx is a cms and vulnerabilites detection, an intelligent auto shell injector, fast cms detection of target and fast scanner and informations gathering like subdomains, ipaddresses, country, org, timezone, region, ans and more …Instead of injecting shell and checking it works like all the other tools do, vulnx analyses the response with and recieve if shell success uploaded or no. vulnx is searching for urls with dorks.FeaturesDetect cms (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia)Target informations gatheringsTarget Subdomains gatheringMulti-threading on demandChecks for vulnerabilitesAuto shell injectorExploit dork searcherExploitsJoomlaCom Jce Com Jwallpapers Com Jdownloads Com Weblinks Com Fabrik Com Jdownloads IndexCom Foxcontact Com Blog Com Users Com Ads Manager Com SexycontactformCom Media Mod_simplefileuploadCom Facileforms WordPressSimple Ads Manager InBoundio Marketing WPshop eCommerce Synoptic Showbiz Pro Job Manager Formcraft PowerZoom Download Manager CherryFramework Catpro Blaze SlideShow Wysija-Newsletters DrupalAdd Admin Drupal BruteForcer Drupal Geddon2 PrestaShopattributewizardpro columnadverts soopamobile pk_flexmenu pk_vertflexmenu nvn_export_orders megamenu tdpsthemeoptionpanel psmodthemeoptionpanelmasseditproduct blocktestimonialsoopabannersVtermslideshow simpleslideshow productpageadverts homepageadvertisehomepageadvertise2jro_homepageadvertiseadvancedslider cartabandonmentpro cartabandonmentproOldvideostab wg24themeadministrationfieldvmegamenu wdoptionpanel OpencartOpencart BruteForceAvailable command line optionsREAD VULNX WIKIusage: vulnx [options] -u –url url target to scan -D –dorks search webs with dorks -o –output specify output directory -t –timeout http requests timeout -c –cms-info search cms info[themes,plugins,user,version..] -e –exploit searching vulnerability & run exploits -w –web-info web informations gathering -d –domain-info subdomains informations gathering -l, –dork-list list names of dorks exploits –threads number of threadsDockerVulnX can be launched in docker.$ git clone https://github.com/anouarbensaad/VulnX.git$ cd VulnX$ docker build -t vulnx ./docker/$ docker run -it –name vulnx vulnx:latest -u http://exemple.commake a local volume to view the results into a logfile$ docker run -it –name vulnx -v “$PWD/logs:/VulnX/logs" vulnx:latest -u http://exemple.comInstall VulnX$ git clone https://github.com/anouarbensaad/VulnX.git$ cd VulnX$ chmod + x install.sh$ ./install.shNow run vulnxexample command with options : settimeout=3 , cms-gathering = all , -d subdomains-gathering , run –exploitsvulnx -u http://example.com –timeout 3 -c all -d -w –exploitexample command for searching dorks : -D or –dorks , -l –list-dorksvulnx –list-dorks return table of exploits name. vulnx -D blaze return urls found with blaze dorkVulnX Wiki • How To Use • Compatibility Download VulnX

Link: http://feedproxy.google.com/~r/PentestTools/~3/ARM75rpuTUo/vulnx-cms-and-vulnerabilites-detector.html

OSIF – Open Source Information Facebook

OSIF is an accurate facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to (only me), Sensitive information about residence, date of birth, occupation, phone number and email address.Installation$ pkg update upgrade$ pkg install git python2$ git clone https://github.com/ciku370/OSIF$ cd OSIFSetup$ pip2 install -r requirements.txtRunning$ python2 osif.pyScreenshotif you are confused how to use it, please type ‘help’ to display the help menu[Warn] please turn off your VPN before using this program !!![Tips] do not overuse this program !!!Download OSIF

Link: http://www.kitploit.com/2019/05/osif-open-source-information-facebook.html

ReconT – Reconnaisance / Footprinting / Information Disclosure

Recon-Tool made for reconnaissance and information gathering with an emphasis on simplicity.It will do everything from.FeaturesInformation Security HeadersWAF DetectorBanner Grabbing Phone NumberCredit Card NumberEmailUS Social Security NumberUrl Crawl Dom Paramter UrlInternal Dynamic ParamterExternal Dynamic ParamterInternal LinkExternal LinkPort ScannerSubdomain EnumerationRequirementsclickrequestscolorlogbs4tldextractUsage & Installation$ apt-get install python3 nmap$ pip3 install -r requirements.txt$ python3 reconT.py http://target.co.li$ python reconT.py –helpUsage: reconT.py [OPTIONS] TARGETOptions: –timeout INTEGER Seconds to wait before timeout connections –proxy TEXT if Use a proxy ex: 0.0.0.0:8888if with auth 0.0.0.0:8888@user:password –cookies TEXT if use cookie comma separated cookies to add the requestex: PHPSESS:123,kontol=True –help Show this message and exit. InfoSupport For Python Version: 3.xReconT Version: 0.1By: 407 Authentic Exploit Codename: JaxBCDDownload ReconT

Link: http://feedproxy.google.com/~r/PentestTools/~3/cODwkrYCciM/recont-reconnaisance-footprinting.html

Osmedeus – Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.How to useIf you have no idea what are you doing just type the command below or check out the Advanced Usage./osmedeus.py -t example.comInstallationgit clone https://github.com/j3ssie/Osmedeuscd Osmedeus./install.shThis install only focus on Kali linux, check more install on Wiki pageFeaturesSubdomain Scan.Subdomain TakeOver Scan.Screenshot the target.Basic recon like Whois, Dig info.Web Technology detection.IP Discovery.CORS Scan.SSL Scan.Headers Scan.Port Scan.Vulnerable Scan.Seperate workspaces to store all scan output and details logging.REST API.React Web UI.Slack notifications.DemoScreenshotsContact@j3ssiejjjDownload Osmedeus

Link: http://feedproxy.google.com/~r/PentestTools/~3/62_7K6wE8Hk/osmedeus-fully-automated-offensive_27.html

Zeebsploit – Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hackingsearching for web information andscanning vulnerabilities of a webInstallation & Usageapt-get install gitgit clone https://github.com/jaxBCD/Zeebsploit.gitcd Zeebsploitchmod +x install./installpython3 zeebsploit.pytype ‘help’ for show modulesand follow instructionModules[Main modules]+———-+——————————-+| Modules | Description |+———-+——————————-+| Exploit | Exploitation Modules || Scanners | Scanners Modules || infoga | information Gathering Modules |+———-+——————————-+[Exploit Modules]+—————————+————————————————–+| Modules | Description |+—————————+————————————————–+| wp content injection | wordpress content injection version 4.7 or 4.7.1 || wp revslider | wordpress plugin revslider remote file upload || wp learndash | wordpress leardash remote file upload || wp swhobiz | wordpress plugin showbiz remote file upload || joomla com fabrik | joomla component fabrik file upload || joomla manager get config | joomla component manager auto get config || joomla jdownload | joomla component jdownloads remote file upload || joomla | Joomla ads manager component auto shell upload || apache struts rce | CVE: 2017-5638 – Apache Struts2 S2-045 || | remote command execution || drupal8 rce | drupal version 8 remote command execution || dvr cam leak credential | TBK DVR4104 / DVR4216 || | – Credentials Leak (Get User and password || webdav file upload | Nothing || —More— | Coming Soon the following version |+—————————+————————————————–+[Scanner Module]+——————–+—————————————-+| Modules | Description |+——————–+—————————————-+| subdomain scanner | Scan Subdomain for Web || sqli scanner | Scan Sql Injection Vulnerability || xss scanner | Scan XSS Injection Vulnerability || lfi scanner | Local File Includes Scanner etc/passwd || admin login finder | Scan Admin Login page || directory scanner | scan directory on web us e dirhunt || subdomain takeover | scan type subdomain takeover || —More— | Coming Soon the following version |+——————–+—————————————-+[Information Gathering]+——————–+——————————————+| Modules | Description |+——————–+——————————————+| cms detector | a tool for detecting cms on a web || port scanner | Scan Open Port use Nmap || information header | response header information || ip geolocation | detect the location of an ip or host || email searcher | searching email from web || traceroute | to show the route the package has pas sed || robot.txt detector | Scan Robot.txt from Web || header information | Response Header Checker || whois lookup | looking for registered users or || | recipients of Internet resource rights || —More— | Coming Soon the following version |+——————–+——————————————+Join Team : [Click This]Contact : [Contact]Download Zeebsploit

Link: http://feedproxy.google.com/~r/PentestTools/~3/9xaMRbIv1Dk/zeebsploit-web-scanner-exploitation.html

Zeebsploit – Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hackingsearching for web information andscanning vulnerabilities of a webInstallation & Usageapt-get install gitgit clone https://github.com/jaxBCD/Zeebsploit.gitcd Zeebsploitchmod +x install./installpython3 zeebsploit.pytype ‘help’ for show modulesand follow instructionModules[Main modules]+———-+——————————-+| Modules | Description |+———-+——————————-+| Exploit | Exploitation Modules || Scanners | Scanners Modules || infoga | information Gathering Modules |+———-+——————————-+[Exploit Modules]+—————————+————————————————–+| Modules | Description |+—————————+————————————————–+| wp content injection | wordpress content injection version 4.7 or 4.7.1 || wp revslider | wordpress plugin revslider remote file upload || wp learndash | wordpress leardash remote file upload || wp swhobiz | wordpress plugin showbiz remote file upload || joomla com fabrik | joomla component fabrik file upload || joomla manager get config | joomla component manager auto get config || joomla jdownload | joomla component jdownloads remote file upload || joomla | Joomla ads manager component auto shell upload || apache struts rce | CVE: 2017-5638 – Apache Struts2 S2-045 || | remote command execution || drupal8 rce | drupal version 8 remote command execution || dvr cam leak credential | TBK DVR4104 / DVR4216 || | – Credentials Leak (Get User and password || webdav file upload | Nothing || —More— | Coming Soon the following version |+—————————+————————————————–+[Scanner Module]+——————–+—————————————-+| Modules | Description |+——————–+—————————————-+| subdomain scanner | Scan Subdomain for Web || sqli scanner | Scan Sql Injection Vulnerability || xss scanner | Scan XSS Injection Vulnerability || lfi scanner | Local File Includes Scanner etc/passwd || admin login finder | Scan Admin Login page || directory scanner | scan directory on web us e dirhunt || subdomain takeover | scan type subdomain takeover || —More— | Coming Soon the following version |+——————–+—————————————-+[Information Gathering]+——————–+——————————————+| Modules | Description |+——————–+——————————————+| cms detector | a tool for detecting cms on a web || port scanner | Scan Open Port use Nmap || information header | response header information || ip geolocation | detect the location of an ip or host || email searcher | searching email from web || traceroute | to show the route the package has pas sed || robot.txt detector | Scan Robot.txt from Web || header information | Response Header Checker || whois lookup | looking for registered users or || | recipients of Internet resource rights || —More— | Coming Soon the following version |+——————–+——————————————+Join Team : [Click This]Contact : [Contact]Download Zeebsploit

Link: http://feedproxy.google.com/~r/PentestTools/~3/RZKskKnsCFU/zeebsploit-web-scanner-exploitation_10.html