Under Utilized Tools/Resources #1

Many resources, especially web apps/sites used for OSINT come and go as I've mentioned before. However there is one resource I discovered a few years ago and still exists. It is a unique resource but still useful. It's useful for OSINT or just to monitor trends in blackhat circles, but rarely will you find something … Continue reading Under Utilized Tools/Resources #1

Best Tool for Pentesting Android Applications

This is just a love post for Drozer It is metasploit console-ish CLI framework to hack Android Applications. Attach this with Qark, Frida and Burp Suite and you're well on your way to having a good toolset to attack Android Apps. I'll make an upcoming post with a more complete list of tools I use … Continue reading Best Tool for Pentesting Android Applications

Best Android Apps for Pentesting and Hacking

There are many apps that run on Android so I'll probably make a few of these posts. That said, the first and best resource isn't actually one app but an overlay to the Android OS. This is Kali NetHunter. I suggest buying a play edition phone (bootloader unlocked and open to be rooted) then you … Continue reading Best Android Apps for Pentesting and Hacking

Technique, Tool and Lecture #9

Technique: Basic one liner to clean masscan output cat masscan-output | cut -d ' ' -f4,6 This will return something like this Tool: Drozer - https://labs.f-secure.com/tools/drozer/ Awesome extensive attack framework for Android Apps (Must have) Lecture: Not super technical but very interesting Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev https://www.youtube.com/watch?v=6Chp12sEnWk&t=784s Check out … Continue reading Technique, Tool and Lecture #9

Who are you?!

Security Researcher Security Researcher... I have to say, since the rise of Bug Bounties, The self-proclaimed title of Security Researcher has gotten less and less popular Here is something I realized years ago... A little background, at this time, I had used some tools, I had used BackTrack and then Kali, I have monitored trends … Continue reading Who are you?!

Technique, Tool and Lecture #8

Technique: One line dash loop for running CLI tools on Kali for IP in $(cat ~/Desktop/target); do nikto -host $IP >> ~/Desktop/nitko-output; done; Tool: Nikto Lecture: Drinking from the caffeine firehose we know as shodan   https://www.youtube.com/watch?v=5cWck_xcH64   Check out all the entries of this series! Technique Tool and Lecture #14 Technique Tool and Lecture … Continue reading Technique, Tool and Lecture #8