Danderspritz, NSA post-exploitation tool, has some interesting reconnaissance
scripts, which were used in covert operati
ꓘamerka has new cool features, right now you can search for Flickr and Instagram
photos, printers and cameras from Shoda
Script creates map with cameras based on your geolocation or exact address. It
uses Shodan API to find cameras, Geopy to
I wrote a script, which takes domain, IP or email address as input and search it
in various services like: Whois, Revers
In November, last year, GAO (Government Accountability Office) and ATF (The
Bureau of Alcohol, Tobacco, Firearms and Exp
This analysis was done in cooperation with Thomas (@securityimpacts
[https://twitter.com/securityimpacts]). Check out hi
As a proof of concept, I wrote script which abuses social media in order to send
commands to infected machines, i.e bots
Looking for malware or command and control servers? I wrote a script named Daily
dose of malware, which gather informati
I would like to show how misconfigured rsync protocol can lead to data breach or
compromise company and how to secure yo
Originally published on October 29th, 2017
TL;DR
With help of AWS3dump and my poor coding skills I found database backu
I wrote a script in Go, which queries Shodan database based on given list of
organizations. Next, I retrieve all bug bou
When I’m looking for new target on Hackerone I’m always paying attention to
numbers of resolved reports and wonder if hi
I have made scripts and tools related to OSINT, OPSEC and bug bounting for
myself and thought it is not worth sharing, u