To create favicon hash, run:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

import requests
import mmh3
import codecs
def perform_get_request_with_insecure_and_redirects(url: str):
response = requests.get(url, verify=False, allow_redirects=True, timeout=15)
return response
def get_favicon_url(url: str):
return f"{url}/favicon.ico"
def process_url_and_get_favicon_hash(url: str):
favicon_url = get_favicon_url(url)
response perform_get_request_with_insecure_and_redirects(favicon_url)
favicon = codecs.encode(response.content, "base64")
_hash = mmh3.hash(favicon)
_hash = str(_hash)
return _hash
if __name__ == "__main__":
url = "https://www.baidu.com"
icon_hash = process_url_and_get_favicon_hash(url)
print(f"icon hash for url '{url}':", icon_hash)

You can use favicon hash in Shodan like: http.favicon.hash:<favicon_hash>

In ZoomEye like: iconhash:"<favicon_hash>"

https://github.com/bellingcat/telegram-phone-number-checker

To find these search engines, google for “telegram search engine”, optionally with specific domain like “github.com”, “reddit.com”, “medium.com”.

Available search engines:

https://www.telegramdb.org

https://xtea.io/ts_en.html

https://groupda.com/tgme/

https://telemetryapp.io

https://cse.google.com/cse?q=+&cx=006368593537057042503:efxu7xprihg (Telegago)

https://lyzem.com/

https://tgstat.com/en/search

https://tgdev.io/tme/

https://sssoou.com

https://teleteg.com

https://lyzem.com/

https://intelx.io/tools?tab=telegram

https://kribrum.io/

https://telemetr.me/all_posts/

https://cse.google.com/cse?cx=006368593537057042503%3Aig4r3rz35qi#gsc.tab=0 (Commentogram)

https://www.telegram-groups.com/

https://telegramchannels.me/

https://tlgrm.ru/channels/

Available telegram search engine bots:

https://t.me/tgdb_bot

https://ttttt.me/SearcheeBot

https://t.me/teletegbot

https://t.me/ScadsBot

Telegram related resources:

https://taiha.dev/technology/telegram-search-engines/

https://github.com/ItIsMeCall911/Awesome-Telegram-OSINT

https://medium.com/@ibederov_en/telegram-search-engines-fc8d9c1cc1a6

https://medium.com/@teletegofficial/how-to-search-telegram-groups-and-channels-a-comprehensive-guide-b0dfc3898d35

https://www.quora.com/How-do-I-find-Telegram-groups-channels-by-keywords-and-tags-Most-of-the-time-many-channels-are-not-shown-in-search

You can directly use Google as telegram search engine, like indexed part of Telegram itself site:t.me, and on external aggregators, for example site:tgstat.ru or site:telemetr.me

Reference:

https://wiki.freecad.org/FreeCAD_Scripting_Basics

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

import Part
doc = FreeCAD.ActiveDocument
# list all objects
all_objects = doc.Objects
# list all names
all_object_names = [it.Name for it in all_objects]
# get object by name
obj = doc.getObject("myObjectName")
# get vertex point
vertex_point = obj.Shape.Vertexes[0].Point
# create new line
new_line = Part.makeLine((-200, -200, 0), (200, 200, 0))
# insert the line
Part.show(new_line)
# recompute the document
doc.recompute()

Draw squares within specific bounds:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

margin = 15
# Define the dimensions of the square area
x_min = -210.134 + margin
x_max = -84.134 - margin
y_min = -140.0997 + margin
y_max = -14.0997 - margin
z = 0
# Define the number of squares in each row and column
num_squares = 10
# Calculate the side length of each square
x_length = (x_max - x_min) / num_squares
y_length = (y_max - y_min) / num_squares
margin_portion = 0.17
hole_portion = 1 - 2 * margin_portion
# Create the squares
for i in range(num_squares):
for j in range(num_squares):
x_start = x_min + i * x_length + x_length * margin_portion
y_start = y_min + j * y_length + y_length * margin_portion
square_points = [
(x_start, y_start, z),
(x_start + x_length * hole_portion, y_start, z),
(x_start + x_length * hole_portion, y_start + y_length * hole_portion, z),
(x_start, y_start + y_length * hole_portion, z),
(x_start, y_start, z), # to make it closed
]
square = Part.makePolygon(square_points)
Part.show(square)

Draw circles with specific bounds:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

margin = 15
# Define the dimensions of the square area
x_min = -210.134 + margin
x_max = -84.134 - margin
y_min = -140.0997 + margin
y_max = -14.0997 - margin
z = 0
# Define the number of circles in each row and column
num_circles = 10
# Calculate the side length of each circle
x_length = (x_max - x_min) / num_circles
y_length = (y_max - y_min) / num_circles
margin_portion = 0.17
radius_portion = 0.5 - margin_portion
radius = x_length * radius_portion
direction = App.Vector(0, 0, 1)
# Create the squares
for i in range(num_circles):
for j in range(num_circles):
x_center = x_min + i * x_length + x_length * 0.5
y_center = y_min + j * y_length + y_length * 0.5
circle = Part.makeCircle(radius, App.Vector(x_center, y_center, 0), direction)
Part.show(circle)

View history CPU usage statistics

First install sysstat package, then run sar -u

Typically, if one wants to detect port somehow dropped by cloud service providers like AWS, the flag -sS or SYN stealth scan shall be enough.

Further info can be collected once the port has been confirmed open.

1. -sS (TCP SYN Scan):

• This flag instructs Nmap to perform a TCP SYN scan, also known as a half-open scan. It sends SYN packets to the target ports and analyzes the responses to determine which ports are open, closed, or filtered.

2. -sT (TCP Connect Scan):

• This flag tells Nmap to perform a TCP connect scan, in which Nmap completes the full TCP three-way handshake to determine the state of the target ports.

3. -sU (UDP Scan):

• This flag enables Nmap to perform a UDP scan, used to identify open UDP ports on the target system. UDP scans can be slower than TCP scans due to the stateless nature of the UDP protocol.

4. -p (Port Specification):

• The -p flag allows you to specify which ports to scan. You can specify individual ports, ranges of ports, or combination of both. For example, -p 1-1000 scans ports 1 through 1000.

5. -A (Aggressive Scan):

• The -A flag enables OS detection, version detection, script scanning, and traceroute. It’s a comprehensive option that provides detailed information about the target.

6. -O (Enable OS Detection):

• This flag instructs Nmap to attempt to determine the operating system running on the target host based on various characteristics observed during the scan.

7. -v (Verbose Output):

• The -v flag increases the verbosity of Nmap’s output, providing more detailed information about the scan process.

8. -T (Timing Template):

• The -T flag allows you to specify the timing template for the scan. Options range from 0 (paranoid) to 5 (insane), affecting the speed and aggressiveness of the scan.

9. -O (Output to File):

• The -o flag allows you to specify the output format and destination for the scan results. For example, -oN scan_results.txt saves the output in normal format to a file named scan_results.txt.

Mine Filecoin on Hacked Systems

Usually it takes little effort to upload arbitrary files and data to target server than directly getting shell access. This means you can use it as remote storage for mining Filecoin.

To minimize delay you may consider installing the miner to target server but this also exposes your info and make yourself traceable. You may consider upload encrypted version of file in order to cover up your intent.

You can design a custon virtual filesystem which utilizes multiple backups and ranking system for selecting providers and storing data reliably.

Similarly you can mask your intent significantly by breaking down your miner source code into multiple parts, only delegate the most computational intensive part to the remote machine and offload the upload part to other lightweight servers.

You can use WASM for building web miners.

awvs

https://github.com/iSafeBlue/TrackRay

https://github.com/kelvinBen/AppInfoScanner

https://github.com/wwong99/pentest-notes

https://github.com/hmaverickadams/Beginner-Network-Pentesting

https://github.com/xiaoy-sec/Pentest_Note

https://github.com/bollwarm/SecToolSet

site:github.com 京峰内部武器库

site:github.com 护网

virus sample and source code

vx underground

you need to engage with hackers, either by reaching out directly, joining hacker groups or setting up honeypot and collect attack vectors

rockyou2009 rockyou2021 rockyou2024 password leak

x-recon

https://getodin.com

https://getodin.com/community

put huge database csv (1GB+ client data, confidential info) into ram filesystem, then search it with rg.

use leaked credentials to query search engine, mask these credentials and collect common keywords, practices finding unknown credentials.

web security tutorials

https://portswigger.net/web-security

https://websec.readthedocs.io/zh/latest/

pentest tools

https://pentestbox.org/

https://github.com/mahyarx/pentest-tools

https://github.com/arch3rpro/pentesttools

https://github.com/gwen001/pentest-tools

query: google dorks site:github.com minecraft dorks shodan dorks censys dorks

https://github.com/CorrieOnly/google-dorks

https://github.com/Ishanoshada/GDorks

1
2

site:github.com poc exp.py

https://github.com/Veraxy00/Shiro-EXP

https://github.com/ATonysan/poc-exp

https://github.com/hi-unc1e/POC-T

https://github.com/ycdxsb/PocOrExp_in_Github

https://github.com/knownsec/pocsuite3

https://github.com/midisec/pocsuite-poc

https://github.com/Cuerz/PoC-ExP

https://github.com/wy876/POC

https://github.com/tr0uble-mAker/POC-bomber

https://github.com/zhzyker/exphub

https://github.com/zhzyker/vulmap

https://github.com/zhzyker/dismap

https://github.com/chaitin/xray

https://github.com/We5ter/Scanners-Box

https://github.com/Tuhinshubhra/CMSeeK

https://github.com/EntySec/Ghost

https://github.com/n0tr00t/Beebeeto-framework

https://github.com/WooYun/TangScan

https://github.com/BugScanTeam/BugScan-Doc

https://github.com/WangYihang/Exploit-Framework

https://github.com/orleven/Tentacle

https://github.com/claroty/opcua-exploit-framework

https://github.com/ronin-rb/ronin

https://github.com/PentestinGxRoot/pysploit

https://github.com/torque59/Nosql-Exploitation-Framework

https://github.com/sullo/nikto

https://github.com/HavocFramework/Havoc

https://github.com/EmpireProject/EmPyre

https://github.com/reverse-shell/routersploit

https://github.com/dark-lbp/isf

https://github.com/beefproject/beef

https://github.com/enaqx/awesome-pentest

https://poc-library.readthedocs.io/en/release/QuickStart.html

https://github.com/topics/exploitation-framework

https://pypi.org/project/pocsuite3

https://pypi.org/project/pocx

gdb assistant

https://github.com/pgosar/ChatGDB

pentest framework in python or ruby:

https://github.com/topics/penetration-testing-framework

https://github.com/topics/pentesting-python

https://github.com/qsecure-labs/overlord

https://github.com/OWASP/Nettacker

https://github.com/AlaBouali/bane

https://github.com/m4n3dw0lf/PytheM

https://github.com/skavngr/rapidscan

https://pypi.org/project/shellfire/

https://pypi.org/project/lockdoor/

https://pypi.org/project/getsploit/

https://pypi.org/project/sploitscan/

https://pypi.org/project/pyExploitDb/

exploit tutorials

https://pypi.org/project/exploit-bianxie-xilie-jiaocheng-1-11/

https://pypi.org/project/windows-exploit-kaifa-jiaocheng-massimiliano-tomassoli/

Cybersec collections:

https://cybersectools.com/

https://github.com/trustedsec/ptf

AI Red teaming and network attack simulated environments:

https://github.com/yyzpiero/RL4RedTeam

https://github.com/Jjschwartz/NetworkAttackSimulator

search for blackhat gpt, blackhat tools etc.

https://github.com/friuns2/BlackFriday-GPTs-Prompts

https://github.com/Sajibekanti/1000-blackhat-tools

https://ollama.com/jimscard/blackhat-hacker

https://github.com/blackhatethicalhacking/Bug_Bounty_Tools_and_Methodology

all about privileges escalation scripts

haipy detects over 500+ hash types, which is a Python port of haiti

Cyberonix is a cybersecurity resource hub, containing a wide range of hacktool info.

HackerGPT which needs non-temporary email for registration.

Port scanning websites and self-hosted services:

https://alternativeto.net/software/shodan/

Many pentesting models and datasets are released on huggingface. Query words are: pentest 0dai

0dAI has published a series of models and is available on ollama.

Tutorial on how to use it:

https://notluken.github.io/running-0dai-in-ollama.html

It may worth while to collect tool manuals, tutorials, books, security blog posts, and train your custom AI upon them. It works best to let AI interacts with and learns from both simulated and real world environments.

But always remember hacking is an adversarial and highly competitive activity. It involves both high level and low level knowledge and expertise.

Always keep your knowledge base up to date in order to make use of latest vulnerabilities.

Agent hacking tools:

https://github.com/aress31/burpgpt

https://github.com/ipa-lab/hackingBuddyGPT

https://github.com/H4K6/PentestGPT

https://github.com/fr0gger/Awesome-GPT-Agents

https://github.com/GreyDGL/PentestGPT

https://github.com/luijait/DarkGPT

https://github.com/Hacker-GPT/HackerGPT-2.0

https://github.com/Sergio-F20/GPT-FastPentest

https://github.com/tenable/awesome-llm-cybersecurity-tools

https://github.com/Armur-Ai/Auto-Pentest-GPT-AI

Exploit query tools

https://github.com/msd0pe-1/cve-maker

https://pypi.org/project/puncia/

PoC collection (search for proof-of-concept in github for more)

https://github.com/nomi-sec/PoC-in-GitHub

https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC

https://github.com/DSO-Lab/pocscan

https://github.com/xinyisleep/pocscan

https://github.com/erevus-cn/pocscan

https://github.com/vulscanteam/vulscan

Query dorks

https://github.com/humblelad/Shodan-Dorks

https://github.com/RevoltSecurities/ShodanX

Nuclei and templates

https://github.com/projectdiscovery/nuclei

https://github.com/0xmaximus/final_freaking_nuclei_templates

https://github.com/Ostorlab/KEV

Popular topics

https://github.com/topics/0day

GPT-4 can now exploit 1day CVE.

https://github.com/shadow1ng/fscan

Fcitx setup

Fcitx contains google-pinyin, which is the most reliable Chinese input method of all times.

You need to configure it after installation like described here.

If all methods failed, please consider use tools like systemd or “Session and Startup” to force running command fcitx after startup.

• pytract

• simular

• pyrevm

• pyevm

• viem

• hardhat

• titanoboa

• TypeChain

• eth-sdk

• ethereum-abi-types-generator

Use sorcery

1
2
3
4

import sorcery
a,b,c = 1,2,3
mydict = sorcery.dict_of(a,b,c)

Related question