tools

2024-04-23
Evm Emulation, Abi To Api

Read More

2023-10-04
Cpu/Gpu Temperature Monitor

we’ve got archey4, a cross-platform sysinfo gather tool, with info on temperature monitor tools

macos

osx-core-temp for old intel macs

apple_sensors and smctemp for m1 and newer macs

place this under /opt/homebrew/bin/osx-cpu-temp to run archey4 with cpu temperature:

1
2
3
#!/bin/bash
smctemp -c

windows

coretemp

linux

psensor

Read More

2022-12-12
Download/Collect Info Of Hack Tools

what to do when chatgpt is not for everyone?

general introduction

this is about information gathering, so you might learn how to scrape AI models, AI notebooks, tutorials, code snippets from websites/search engines/social media as well.

given the name of the hack tool, you may not be able to tell what the tool is (written in python? hosted on github? online tool?) and you want to use search engine to find possible entries. you may take snapshots on these pages and index them.

if the hack tool is linked to some website/manual, you can index the website. if you find it inside some package index or package manager, you will know how to install the package.

you may miss the wiki, forum, tutorials. you know where to get them.

here are few sources where you can learn things from:

darknet.org.uk where you learn hacking and hack tools

null byte in wonderhowto

you also have brew sdkman macport pkgsrc chocolatey scoop winget snap portage conda flatpak rpm urpm yum cargo dnf indexes and more to scrape. maybe it is time to improve your searching skill? (select few web domains you want to learn things from, then perform the query, still you have to deal with keywords generation and site selection)

cyborg hawx linux, backtrack linux may join the parade.

for language specific package indexs, we have hackage CPAN CRAN crates.io and more (where are package indexes for C C++ Pascal BASIC assembly lisp prolog lua and more? visit awesomeopensource then use combined topics to find package managers for c and more. you also have libraries.io to monitor libraries across all package managers). just check tuna mirror site and get a view on that. you may want a network directory traversal tool akin to find in local filesystem, without downloading anything “binary” but just logging all possible urls for you to inspect. (with file size)

after all these information collecting, you must categorize them (topic modelling), retrieve info when needed (semantic searching? recommendation? dialog based GPT?). you may find many things not obviously a hack tool but in general fit well into specific needs.

with all packages being scraped, you need to deduplicate it a little bit, either by name or homepage.

case specific

github

repo named with “awesome” means this is a collection of handpicked resources

you will find github links on web, social media, instant messaging and forums

Scraper scrape popular github repositories every day

gitsuggest recommend github repos

How to Use the GitHub API to List Repositories

PyGithub use python to automate github api v3

if you want all README pages on github, you first need to collect all github repo urls. you may also collect info on github repos (OSINT). you can retrieve all repos link to given user with github api (quota limited). you can search github on github or search engine with some juicy/promising keywords then collect repo name, username, keywords, repeat the search.

there are few github repo archives avaliable for download. the github archive program packed many repos to arctic, the list is called Greatest Hits

gharchive provides many websites for monitoring github repos, though stopped archiving since 2016

kali, parrot

kali tool list pages

1
2
3
4
curl https://en.kali.tools/all/ > kali_tools_all.html # more tags, more categories, the same as blackarch?
curl https://www.kali.org/tools/ > kali_official.html
curl https://en.kali.tools/ > pentest_tools_with_name.html

kali meta page on web

kali meta page on package index

kali package index

notice kali official “offsec” provides training courses and materials as apt packages. the list:

1
2
3
4
5
6
7
8
9
10
11
offsec-awae/kali-rolling 2021.1.2 amd64
Resources for OffSec's AWAE/WEB-300
offsec-awae-python2/kali-rolling 2021.1.2 amd64
Python 2 resources for OffSec's AWAE/WEB-300
offsec-exp301/kali-rolling 2021.1.2 amd64
Resources for OffSec's WUMED/EXP-301
offsec-pen300/kali-rolling 2021.1.2 amd64
Resources for OffSec's ETBD/PEN-300
offsec-pwk/kali-rolling 2021.1.2 amd64
Resources for OffSec's PWK2/PEN-200

these two OSes are for pentesting, using apt as package manager. but parrot does not provide tool introductions.

get all package names:

1
2
apt list

you can retrieve package information in apt command, like:

1
2
apt show <package_name>

you will get homepage link and package description

if you want package dependencies you will also have it.

using apt one can retrieve package infos with simple command. find main metapackages like parrot-tools-full (parrot) and kali-linux-everything (kali) first, then retrieve dependency trees.

parrotos has index.db which you can retrieve info from there, or “Packages” for general debian package index, or anything you think is metadata.

chocolatey

note: deprecated since v2.0, can only be used to list local packages

1
2
choco list

blackarch

blackarch is based on archlinux, which has both official repo and user provided packages repo (AUR). the syntax is almost the same for pacman and yaourt to retrieve all available info of packages.

maybe you want to retrieve package information with pacman.

list all package information just like apt, description, dependencies, homepage and more.

1
2
pacman -Si

use some parser?

for aur repos, use yay or yaourt.

1
2
yaourt -Si

you may use dependencies to deduce relationship between packages, use description, man pages, wiki, manual and tutorials to understand the usage of packages.

download main blackarch tool list:

1
2
curl https://www.blackarch.org/tools.html > tools.html

alpine

alpine linux is able to download man page alone without installing package

1
2
apk list -I | sed -rn '/-doc/! s/([a-z-]+[a-z]).*/\1/p' | awk '{ print system("apk info \""$1"-doc\" > /dev/null") == 0 ? $ "-doc" : "" }' | xargs apk add

pypi/pip

i remember you have scraped tsinghua pypi index, containing many python tools.

retrieve python package info as json:

https://pypi.org/pypi/<package-name>/json

visit pypi simple index to get all package names. but the info is clearly on the other page. you retrieve this from pypi. use the below commandline tool?

pypi [information|description] <package_name>

documentation url is provided separately from mainpage.

commandline tool for searching in pypi

install it, then run:

1
2
pypi search <query>

it also provides “read-the-docs” to search in documentation of a package, detailed info

nuget

we can search in cli tool (not dotnet nuget (installed with dotnet sdk) but nuget (installation guide)) and web interface.

list all packages:

1
2
nuget list

get package information:

1
2
nuget list <packageName> -Verbosity detailed

query all package information without nuget

the web interface seems allowing us to do some traversal on the parameter: https://www.nuget.org/packages?page=<pagenum>&sortBy=relevance

keep in mind the pagenum cannot be too big (like 2000).

maven

there are tools for interacting with maven search api.

you can retrieve “pom.xml” to get package info like homepage and description.

maven central has archtype-catalog for retrieving all avaliable artifact names

maven search tools:

mvn-search

mcs

homebrew

reading the source code and according to brew api docs i found this url is for retrieving all formula info on brew index, and this for casks.

also run this command for showing local cached package infos:

1
2
brew info --json --all

npm

there’s a repo storing up-to-date package names on github. after that, use npm-description to download description for every package.

all-the-package-repos contains repo information (github, gitlab) of every npm package

gem

change gem sources first:

1
2
gem sources --add https://gems.ruby-china.com/ --remove https://rubygems.org/

gem list -r really works. you just have to wait.

gem info -r list all remote gem infos, but too slow and not working, use only one package at a time.

manpages

you can download man pages before installing package

use “dman” by bikeshed (not avaliable on kali, maybe on ubuntu?)

1
2
apt-get install bikeshed

or browse manpages on web, tutorials on linux and languages

man pages with different sections (categories)

hierachical manpages of ubuntu

dman for ubuntu man pages

location of locally installed man pages: /usr/share/man

vscode plugin

web interface for searching

Read More

2022-11-29
hacker forums

some hacker forums like leakbase has rss feed

leakbase has proxy section in which you may find fresh proxy lists (may not work in mainland, but who knows?)

search with the name or link of these forums in github and you will get more info about hacking.

a bunch of hacker forums, including:

Breached

Xss

Exploit

0x00sec

lolz

Leakzone

Enclave

dublikat

Vlmi

Omrt

Nulled

Cracked

Coockie

Altenens

Bidencash

wooyun.org mirror site wooyun is dead/closed since 2016

social engineering is just a fancy name for spotting candidates, hooking up, gaining trust and doing shit.

in hacking we must be multilingual, as this shit is really hard to get right.

you would read them sometime do you? you would collect info from these sites do you? you would search for things when you need it do you?

You would like forums for dark web? Forum for hacking?

你要的是社工库 提取出来的账号密码库 用来撞库?百度谷歌 QQ 百度云盘 github 磁力种子搜索

when not reached, make sure you are in the channel!

Offensive Community

安全脉搏

网络尖刀

习科论坛

红黑联盟

黑客X档案

Alternative to ‘raid forum’: visit it in archive.org!

看雪论坛

乌云论坛(archive里面看吧)

吾爱破解

3dm

freebuf

Hack Today

GreySec Forums

世界中文黑客论坛

90Sec

T00LS

https://jaq.alibaba.com/community/index

http://bobao.360.cn/index/index

https://www.ichunqiu.com/

https://pentesterlab.com/

https://xianzhi.aliyun.com/forum/

http://lab.seclover.com/

腾讯玄武实验室

http://xlab.tencent.com/cn/

xss.is

cracked.io

Breached forum and onion

nulled

dread (forum)

leakbase forum leaked database

exploit.in in russian

hacktown hacking tutorial

hackforums site offline? another web archive shit?

evilzone

cryptbb is dead?

freehacks dead?

CrackingKing dead?

envoy dead?

helium dead?

HackADay

Exploit Database

Tinkernut

Dark Web Forum

Jean Valjean forum

Carding Team

BiTSHACK

SecList

0Day

HackerPlace

0x00sec

Hack5 Forums

BHF

Hack This Site

KickAss

Breaking Bad

Packet Storm

OpenSC

HackMac

Enigma Group

Rohitab

Ethical Hacker

Cracking Forum

Crackmes de

Binary Revolution Hacking Forums

Hack Hound

Hellbound Hackers

ftp://www.ly2008.com

用户名:ly2008

密码:ly2008

http://discovery0.blog.hexun.com/3271892_d.html

http://www.hackerxfiles.net/

http://www.nohack.cn/

http://www.hacker.com.cn/

ftp://fseandxy1@y667.com/

http://www.mmbest.com/SoftList/Catalog8/SoftList_Time_1.html

http://www.it-is.com.cn/dh/

http://www.20cn.net/cgi-bin/download/down.cgi?list=passwd

http://www.98919.com/index.html

http://www.muvip119.net/2/index.html

http://www.anqn.com/

http://www.hf110.com

http://down.juntuan.net/index.html

http://new.shockhack.net/index.asp

http://dx.hackbase.com/

http://www.chinahonker.com/index.htm

http://www.cnhacker.com/

http://77169.org/index.html

legionhiden4dqh4.onion - Let’s start with HeLL Reloaded, probably the only one that isn’t just awful. where Tor Carding Forum (TCF) members who weren’t arrested when it was seized are now dwelling! Not operated by the same people behind the original HeLL, but after the original was seized, some of the moderators and members made this site.

exoduockgfq3ikf7.onion Ex0du$, Pretty mediocre forum, lots of shitty banking botnets being sold. Also ransomeware is the big thing recently, so of course that’s being sold. The code is HILARIOUS. RansomWare coded in visual basic, Java, C# and AutoIT v3! Great.

damagelabraahzcu.onion - DamageLabs primarily russian forum, looks like there’s not much interesting going on here either. They have a good collection of pirated programming books.

darkod3eeziu3w5p.onion - looks like a really dead forum.

dublik2uqiorycsj.onion - dublik russian forum

forohpysho2t5mjs.onion - another random forum

1、独自等待:https://www.waitalone.cn/

2、中国红客联盟:https://www.ihonker.org/forum.php

3、安全沙漏:https://www.secsilo.com/about

4、易安在线:https://www.e365.info/

5、铁匠运维网:http://www.tiejiang.org/

6、吾爱漏洞:http://www.52bug.cn/

7、破晓团队:http://www.secbug.org/

8、黑白网:http://www.heibai.org/178.html

9、安全客:https://www.anquanke.com/

10、E安全:https://www.easyaq.com/

11、漏洞时代:http://0day5.com/

12、猫头鹰:http://www.mottoin.com/

13、华域联盟论坛:https://www.cnhackhy.com/forum.php

14、逆向未来:https://www.pd521.com/

15、邪恶八进制:https://forum.eviloctal.com/

16、飘云阁:https://www.chinapyg.com/

17、红黑联盟:http://bbs.2cto.com/

18、技术宅的世界:https://www.0xaa55.com/

19、安全牛:https://www.aqniu.com/

20、兄弟论坛:http://hackxd.com/

21、零日安全:https://www.jmpoep.com/

22、南域剑盟:http://www.98exe.net/

23、黑基论坛:http://www.safebase.cn/

24、网络攻防小组(WLGF):http://www.nsoad.com/

25、黑吧安全网:http://www.myhack58.com/

26、幽灵学院:http://www.41443.com/

纵观黑客发展史,大可分为三代:

第一代:专门从事计算机、网络,其代表组织为“绿色兵团”(1996年—1998年)

第二代:网络爱好者和在校学生.其代表组织为“中国黑客联盟”(1998年—2000年)

第三代:在校学生,其代表组织为“红客联盟”,“中国鹰派”(2000年—今)

以下为几个典型的黑客组织:

●安全焦点(代表人:冰河)网址:www.xfocus.net

●绿色兵团(已解散)(代表人:龚蔚)

●中国鹰派联盟(代表人:老鹰)网址:www.chinaeagle.org 博客:blog.sina.com.cn/u/1262168602

●小榕工作室(代表人:小榕)网址:www.netxeyes.com

●第八军团(代表人:陈三公子)网址:www.sec520.com

●邪恶八进制(代表人:冰血封情)网址:forum.eviloctal.com

●黑客基地(代表人:孤独剑客)网址:www.hackbase.com

●华夏黑客同盟(代表人:怪狗)网址:www.77169.com

●牧民网安(代表人:牧民战天)网址:www.hack006.com

●黑客防线 网址:www.hacker.com.cn

国外黑客组织站点及介绍黑客知识的网站:

http://www.security.nnov.ru/,俄罗斯的一个安全站点

http://chess.eecs.berkeley.edu/trust/加州大学伯克利分校“普安全技术研究小组”网站

http://www.io.com/.vkp的个人主页,linux安全方面的专业人员(程序员).

http://linsec.ca/加拿大一个主要收集linux安全相关的文档资料的站点, 也包括其它类Unix系统如OpenBSD, Mac OS X等.

http://www.rootsecure.net/一个专门为系统管理员和黑客提供安全新闻的网站,成立于2002年9月8日

http://astalavista.box.sk.著名的软件破解网站

●auscert.org.au.一个很棒的黑客工具和入侵攻击的搜索网站

http://www.elitehackers.info/.为博学的黑客提供的信息公告牌,是上了等级的黑客去的地方。可找到最新的入侵攻击及对解决办法

ftp://ftp.nec.com/.在/pub/securit目录下面包含一个巨大的工具库

●ftp.win.tue.nl.在/pub/securit目录下包含巨大的安全工具库

国外安全 http://www.neohapsis.com/ 内容极为丰富

国外安全 http://www.deadly.org/ 大量关于OpenBSD的资料文档教程

国外安全 http://www.guninski.com/ 安全专家Guninski的主页,有大量由系统漏洞

国外安全 http://www.sysinternals.com 有很好的windows下的工具及源代码

国外安全 http://www.securityflaw.com/bible/ 入侵检测等文档整理较好的站点

国外安全 http://www.secinf.net/ 网络安全方面的大量文档

国外安全 http://www.incident-response.org 入侵反应,数据恢复工具等

国外安全 http://www.securityfocus.com/ 安全资料整合最好的站

国外安全 http://www.project.honeynet.org/ 由安全界一帮牛人组织的一个project

国外安全 http://www.packetstormsecurity.com 资料全面的安全站

国外安全 http://www.securityportal.com/ 还可以看看的安全站

国外安全 http://www.ussrback.com/ 比较活跃的安全站

国外安全 http://www.attrition.org/ 内容全面的安全站

国外安全 http://www.wiretrip.net/rfp/2/index.asp rfp的安全主页,提供权威的安全信息

国外安全 http://www.antionline.com/ 有些特色栏目的安全站

国外安全 http://www.eeye.com/ eeye公司的主页,提供权威性的安全建议和工具

国外安全 http://www.insecure.org/ Fyodor的主页,nmap的老家,还有exploit

国外安全 http://www.atstake.com/ @stack公司的主页,提供权威的安全建议

国外安全 http://www.bugnet.com/ 提供漏洞修补

国外黑客 http://lsd-pl.net/ LsD的站,最新最有效的exploit

国外黑客 http://www.s0ftpj.org 提供一些水平很高的小工具

国外黑客 http://phrack.org/ Phrack的主页,经典的黑客技术电子杂志

国外黑客 http://www.w00w00.org/ w00w00组织的主页

国外黑客 http://mixter.void.ru/ Mixter的个人主页,不少有用的工具

国外黑客 http://www.thehackerschoice.com/ THC黑客组织的页面,很好的安全文档和工具

国外黑客 www.win2000mag.net Windows & .NET Magazine Network 绝对专业的站点,文章都是一流的

国外黑客 http://www.2600.com/ 2600 Magazine

国外黑客 www.experts-exchange.com 全球有名的社区

国外黑客 www.is-it-true.org 类似于FAQ的站点,资源丰富

国外黑客 www.mixter.warrior2k.com mixter security

国外黑客 www.liun.hektik.org Long Island our Underground Networks

国外黑客 www.ussrback.com ussr is back

国外黑客 www.securiteam.com 非常好的安全文章漏洞利用工具下载站点

国外黑客 www.lsd-pl.net The Last Stage of Delirium Research Group

国外黑客 www. neworder.box.sk Box Network team

国外黑客 www.sysinternals.com sysinternals

国外黑客 www.webattack.com WebAttack Inc

国外黑客 www.blackhat.com Black Hat, Inc

国外黑客 http://p.ulh.as pulhas

http://www.hack.co.za (国外著名黑客站点,较全的Exploit库)

http://www.phrack.org (经典的黑客技术电子杂志)

http://www.antionline.com (国外经典黑客站点)

http://whitehats.com (白帽子网站,有最新的规则库下载,关于Snort等)

http://lsd-pl.net (发布最新的Exploit程序)

http://www.nhs8.com/ 神刀网

http://packetstormsecurity.com (国外著名漏洞库,有大量exploit程序)

http://oliver.efri.hr/~crv/security/bugs/list.html (有整理好的最新漏洞库供下载)

http://astalavista.box.sk (著名的软件破解网站)

http://www.thehackerschoice.com (THC黑客组织的站点,有很多资料和工具)

http://www.insecure.org (Fyoderr的个人站点,即Nmap的老家)

http://www.securityfocus.com/

http://www.milw0rm.com/

http://www.metasploit.com/

Read More

2022-11-11
Call Ruby From Python

rb_call

puby

Read More

2022-09-12
Audio And Music Tools

Audio and music processing tools.

Related links:

🔗 Audio, Music, Radio, and Podcast Streaming Apps

🔗 Audio and Music Tools

🔗 Free Audio and Music

AI Apps for Audio

AI Music Separation

AI Music Recognition

Audio Creation

Audio and Music Programming

AI Audio and Music Generator

Audio and Music Creation and Sharing

  • Beepbox : BeepBox is an online tool for sketching and sharing instrumental melodies.

  • Jummbox : Jummbox is Beepbox modification (online tool for sketching and sharing chip tune melodies).

WASM Audio Processing

Audio Player

Online Audio Player

Peer to Peer Audio

Audio Editor

Desktop Audio Editor

  • Audacity, #opensource

Online Audio Editor

Other Audio Tools

Working with Virtual Audio Tools

Audio Recording - Transcription

Benefits/drawbacks:

  • We cannot listen the audio output from playback apps

VAC Audio Recording

Use cases:

  • Record Zoom Webinar to Speechtexter, Google Docs etc.

Audio Input Mixing

Audio Input Mixing

Use cases:

Audio Output Mixing

Audio Output Mixing

Setting:

Use cases:

  • Transcribe (and listen) Zoom Seminar to Speaker and Speechtexter, Google Docs

  • Translate Youtube Video using Google Translate

Zoom Audio Recording/Transcription

Zoom Recording Transcription

Google Meet Audio Transcription

But we cannot do both Speechtexter and Google Docs

We cannot do both Speechtexter and Voice Note

We can do both Google Meet and Speechtexter/VoiceNote/Dictanote

We can do both Zoom and Speechtexter/VoiceNote/Dictanote

Read More