Forwarded from BlackBox (Security) Archiv
Daily feed of bad IPs (with blacklist hit scores)
IPsum is a threat intelligence feed based on 30+ different publicly available lists of suspicious and/or malicious IP addresses. All lists are automatically retrieved and parsed on a daily (24h) basis and the final result is pushed to this repository. List is made of IP addresses together with a total number of (black)list occurrence (for each). Greater the number, lesser the chance of false positive detection and/or dropping in (inbound) monitored traffic. Also, list is sorted from most (problematic) to least occurent IP addresses.
π‘ As an example, to get a fresh and ready-to-deploy auto-ban list of "bad IPs" that appear on at least 3 (black)lists you can run:
https://github.com/stamparm/ipsum
#IPsum #tool #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
IPsum is a threat intelligence feed based on 30+ different publicly available lists of suspicious and/or malicious IP addresses. All lists are automatically retrieved and parsed on a daily (24h) basis and the final result is pushed to this repository. List is made of IP addresses together with a total number of (black)list occurrence (for each). Greater the number, lesser the chance of false positive detection and/or dropping in (inbound) monitored traffic. Also, list is sorted from most (problematic) to least occurent IP addresses.
π‘ As an example, to get a fresh and ready-to-deploy auto-ban list of "bad IPs" that appear on at least 3 (black)lists you can run:
curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | grep -v "#" | grep -v -E "\s[1-2]$" | cut -f 1π‘ If you want to try it with ipset, you can do the following:
sudo suIn directory levels you can find preprocessed raw IP lists based on number of blacklist occurrences (e.g. levels/3.txt holds IP addresses that can be found on 3 or more blacklists).
apt-get -qq install iptables ipset
ipset -q flush ipsum
ipset -q create ipsum hash:net
for ip in $(curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | grep -v "#" | grep -v -E "\s[1-2]$" | cut -f 1); do ipset add ipsum $ip; done
iptables -I INPUT -m set --match-set ipsum src -j DROP
https://github.com/stamparm/ipsum
#IPsum #tool #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
aria2 - The ultra fast download utility
aria2 is a utility for downloading files. The supported protocols are HTTP(S), FTP, SFTP, BitTorrent, and Metalink. aria2 can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth.
It supports downloading a file from HTTP(S)/FTP/SFTP and BitTorrent at the same time, while the data downloaded from HTTP(S)/FTP/SFTP is uploaded to the BitTorrent swarm. Using Metalink's chunk checksums, aria2 automatically validates chunks of data while downloading a file like BitTorrent.
π‘ Features:
ππΌ Multi-Connection Download. aria2 can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth. Really speeds up your download experience.
ππΌ Lightweight. aria2 doesnβt require much memory and CPU time. When disk cache is off, the physical memory usage is typically 4MiB (normal HTTP/FTP downloads) to 9MiB (BitTorrent downloads). CPU usage in BitTorrent with download speed of 2.8MiB/sec is around 6%.
ππΌ Fully Featured BitTorrent Client. All features you want in BitTorrent client are available: DHT, PEX, Encryption, Magnet URI, Web-Seeding, Selective Downloads, Local Peer Discovery and UDP tracker.
ππΌ Metalink Enabled. aria2 supports The Metalink Download Description Format (aka Metalink v4), Metalink version 3 and Metalink/HTTP. Metalink offers the file verification, HTTP/FTP/SFTP/BitTorrent integration and the various configurations for language, location, OS, etc.
ππΌ Remote Control. aria2 supports RPC interface to control the aria2 process. The supported interfaces are JSON-RPC (over HTTP and WebSocket) and XML-RPC.
ππΌ π The project page is located at:
https://aria2.github.io/
#aria2 #download #tool #utility #linux #windows
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
aria2 is a utility for downloading files. The supported protocols are HTTP(S), FTP, SFTP, BitTorrent, and Metalink. aria2 can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth.
It supports downloading a file from HTTP(S)/FTP/SFTP and BitTorrent at the same time, while the data downloaded from HTTP(S)/FTP/SFTP is uploaded to the BitTorrent swarm. Using Metalink's chunk checksums, aria2 automatically validates chunks of data while downloading a file like BitTorrent.
π‘ Features:
ππΌ Multi-Connection Download. aria2 can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth. Really speeds up your download experience.
ππΌ Lightweight. aria2 doesnβt require much memory and CPU time. When disk cache is off, the physical memory usage is typically 4MiB (normal HTTP/FTP downloads) to 9MiB (BitTorrent downloads). CPU usage in BitTorrent with download speed of 2.8MiB/sec is around 6%.
ππΌ Fully Featured BitTorrent Client. All features you want in BitTorrent client are available: DHT, PEX, Encryption, Magnet URI, Web-Seeding, Selective Downloads, Local Peer Discovery and UDP tracker.
ππΌ Metalink Enabled. aria2 supports The Metalink Download Description Format (aka Metalink v4), Metalink version 3 and Metalink/HTTP. Metalink offers the file verification, HTTP/FTP/SFTP/BitTorrent integration and the various configurations for language, location, OS, etc.
ππΌ Remote Control. aria2 supports RPC interface to control the aria2 process. The supported interfaces are JSON-RPC (over HTTP and WebSocket) and XML-RPC.
ππΌ π The project page is located at:
https://aria2.github.io/
#aria2 #download #tool #utility #linux #windows
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
aria2.github.io
aria2 is a lightweight multi-protocol & multi-source command-line
download utility. It supports HTTP/HTTPS, FTP, SFTP,
BitTorrent and Metalink. β¦
download utility. It supports HTTP/HTTPS, FTP, SFTP,
BitTorrent and Metalink. β¦
Forwarded from BlackBox (Security) Archiv
Maltrail
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g.
π‘Architecture
Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).
π ππΌ https://github.com/stamparm/maltrail#introduction
π ππΌ ipsum:
https://github.com/stamparm/ipsum
#stamparm #maltrail #ipsum #tool #malicious #detection #blacklist
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g.
zvpprsensinaix.com
for Banjori malware), URL (e.g. hXXp://109.162.38.120
/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231
for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).π‘Architecture
Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).
π ππΌ https://github.com/stamparm/maltrail#introduction
π ππΌ ipsum:
https://github.com/stamparm/ipsum
#stamparm #maltrail #ipsum #tool #malicious #detection #blacklist
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - stamparm/maltrail: Malicious traffic detection system
Malicious traffic detection system. Contribute to stamparm/maltrail development by creating an account on GitHub.
GHunt
GHunt is an OSINT tool to extract a lot of informations of someone's Google Account email.
π ππΌ It can currently extract :
β Owner's name
β Last time the profile was edited
β Google ID
β If the account is an Hangouts Bot
β Activated Google services (Youtube, Photos, Maps, News360, Hangouts, etc.)
β Possible Youtube channel
β Possible other usernames
β Public photos
β Phones models
β Phones firmwares
β Installed softwares
β Google Maps reviews
β Possible physical location
β οΈ Warning:
02/10/2020: Since few days ago, Google return a 404 when we try to access someone's Google Photos public albums, we can only access it if we have a link of one of his albums.
Either this is a bug and this will be fixed, either it's a protection that we need to find how to bypass.
So, currently, the photos & metadata module will always return "No albums" even if there is one.
π ππΌ https://github.com/mxrch/GHunt
#ghunt #google #account #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GHunt is an OSINT tool to extract a lot of informations of someone's Google Account email.
π ππΌ It can currently extract :
β Owner's name
β Last time the profile was edited
β Google ID
β If the account is an Hangouts Bot
β Activated Google services (Youtube, Photos, Maps, News360, Hangouts, etc.)
β Possible Youtube channel
β Possible other usernames
β Public photos
β Phones models
β Phones firmwares
β Installed softwares
β Google Maps reviews
β Possible physical location
β οΈ Warning:
02/10/2020: Since few days ago, Google return a 404 when we try to access someone's Google Photos public albums, we can only access it if we have a link of one of his albums.
Either this is a bug and this will be fixed, either it's a protection that we need to find how to bypass.
So, currently, the photos & metadata module will always return "No albums" even if there is one.
π ππΌ https://github.com/mxrch/GHunt
#ghunt #google #account #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - mxrch/GHunt: π΅οΈββοΈ Offensive Google framework.
π΅οΈββοΈ Offensive Google framework. Contribute to mxrch/GHunt development by creating an account on GitHub.
Forwarded from BlackBox (Security) Archiv
Awful AI
Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness to its misuses in society
Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Often, AI systems and predictions amplify existing systematic biases even when the data is balanced. Nevertheless, more and more concerning the uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible preventive technology (to fight back!).
β‘οΈ Discrimination
β‘οΈ Influencing, disinformation, and fakes
β‘οΈ Surveillance
β‘οΈ Social credit systems
β‘οΈ Misleading platforms, and scams
β‘οΈ Autonomous weapon systems and military
β‘οΈ Awful research
π ππΌ https://github.com/daviddao/awful-ai
#awful #ai #answers #guide #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness to its misuses in society
Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Often, AI systems and predictions amplify existing systematic biases even when the data is balanced. Nevertheless, more and more concerning the uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible preventive technology (to fight back!).
β‘οΈ Discrimination
β‘οΈ Influencing, disinformation, and fakes
β‘οΈ Surveillance
β‘οΈ Social credit systems
β‘οΈ Misleading platforms, and scams
β‘οΈ Autonomous weapon systems and military
β‘οΈ Awful research
π ππΌ https://github.com/daviddao/awful-ai
#awful #ai #answers #guide #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - daviddao/awful-ai: πAwful AI is a curated list to track current scary usages of AI - hoping to raise awareness
πAwful AI is a curated list to track current scary usages of AI - hoping to raise awareness - daviddao/awful-ai
Forwarded from BlackBox (Security) Archiv
Take Control Of Your Privacy
Exercising privacy rights more simply is critical to making online privacy accessible to all.
You might have noticed βDo Not Sellβ and βObject To Processingβ links around the web from companies complying with privacy regulations. Rather than having to click on each of these links individually across many websites, you can exercise your rights in one step via the βGlobal Privacy Controlβ (GPC) signal, which is required under the California Consumer Protection Act (CCPA) and Europeβs Global Data Protection Regulation (GDPR).
π‘ ππΌ Get your privacy rights under control:
https://globalprivacycontrol.org/#download
π ππΌ https://globalprivacycontrol.org/
π‘ ππΌ Read as well ππΌ π‘
https://spreadprivacy.com/announcing-global-privacy-control/
#privacy #control #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Exercising privacy rights more simply is critical to making online privacy accessible to all.
You might have noticed βDo Not Sellβ and βObject To Processingβ links around the web from companies complying with privacy regulations. Rather than having to click on each of these links individually across many websites, you can exercise your rights in one step via the βGlobal Privacy Controlβ (GPC) signal, which is required under the California Consumer Protection Act (CCPA) and Europeβs Global Data Protection Regulation (GDPR).
π‘ ππΌ Get your privacy rights under control:
https://globalprivacycontrol.org/#download
π ππΌ https://globalprivacycontrol.org/
π‘ ππΌ Read as well ππΌ π‘
https://spreadprivacy.com/announcing-global-privacy-control/
#privacy #control #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
globalprivacycontrol.org
Global Privacy Control β Take Control Of Your Privacy
Exercise your privacy rights in one step via the βGlobal Privacy Controlβ (GPC) signal, a proposed specification backed by over a dozen organizations.
Forwarded from BlackBox (Security) Archiv
Introducing Cover Your Tracks!
Today, weβre pleased to announce Cover Your Tracks, the newest edition and rebranding of our historic browser fingerprinting and tracker awareness tool Panopticlick. Cover Your Tracks picks up where Panopticlick left off. Panopticlick was about letting users know that browser fingerprinting was possible; Cover Your Tracks is about giving users the tools to fight back against the trackers, and improve the web ecosystem to provide privacy for everyone.
Over a decade ago, we launched Panopticlick as an experiment to see whether the different characteristics that a browser communicates to a website, when viewed in combination, could be used as a unique identifier that tracks a user as they browse the web. We asked users to participate in an experiment to test their browsers, and found that overwhelmingly the answer was yesβbrowsers were leaking information that allowed web trackers to follow their movements.
n this new iteration, Cover Your Tracks aims to make browser fingerprinting and tracking more understandable to the average user. With helpful explainers accompanying each browser characteristic and how it contributes to their fingerprint, users get an in-depth look into just how trackers can use their browser against them.
π ππΌ https://www.eff.org/deeplinks/2020/11/introducing-cover-your-tracks
#eff #tool #coveryourtracks #panopticlick #tracking #fingerprinting
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Today, weβre pleased to announce Cover Your Tracks, the newest edition and rebranding of our historic browser fingerprinting and tracker awareness tool Panopticlick. Cover Your Tracks picks up where Panopticlick left off. Panopticlick was about letting users know that browser fingerprinting was possible; Cover Your Tracks is about giving users the tools to fight back against the trackers, and improve the web ecosystem to provide privacy for everyone.
Over a decade ago, we launched Panopticlick as an experiment to see whether the different characteristics that a browser communicates to a website, when viewed in combination, could be used as a unique identifier that tracks a user as they browse the web. We asked users to participate in an experiment to test their browsers, and found that overwhelmingly the answer was yesβbrowsers were leaking information that allowed web trackers to follow their movements.
n this new iteration, Cover Your Tracks aims to make browser fingerprinting and tracking more understandable to the average user. With helpful explainers accompanying each browser characteristic and how it contributes to their fingerprint, users get an in-depth look into just how trackers can use their browser against them.
π ππΌ https://www.eff.org/deeplinks/2020/11/introducing-cover-your-tracks
#eff #tool #coveryourtracks #panopticlick #tracking #fingerprinting
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Electronic Frontier Foundation
Introducing Cover Your Tracks!
Today, weβre pleased to announce Cover Your Tracks, the newest edition and rebranding of our historic browser fingerprinting and tracker awareness tool Panopticlick. Cover Your Tracks picks up where
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Nipe - An engine to make Tor Network your default gateway
Summary
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about their privacy in the digital world.
Nipe is an engine, developed in Perl, that aims on making the Tor network your default network gateway. Nipe can route the traffic from your machine to the Internet through Tor network, so you can surf the Internet having a more formidable stance on privacy and anonymity in cyberspace.
π ππΌ Download and install:
https://github.com/htrgouvea/nipe#download-and-install
#nipe #tor #routing #privacy #anonymity #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Summary
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about their privacy in the digital world.
Nipe is an engine, developed in Perl, that aims on making the Tor network your default network gateway. Nipe can route the traffic from your machine to the Internet through Tor network, so you can surf the Internet having a more formidable stance on privacy and anonymity in cyberspace.
π ππΌ Download and install:
https://github.com/htrgouvea/nipe#download-and-install
#nipe #tor #routing #privacy #anonymity #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
You've Got Spam: With this tool you send back your spam mails
You get unwanted emails every day, no matter how often you unsubscribe from mailing lists? With this tool, e-mail revenge is yours.
π‘ ππΌ https://youvegotspam.mschfmag.com
#youvegotspam #email #spam #tool #gmail
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
You get unwanted emails every day, no matter how often you unsubscribe from mailing lists? With this tool, e-mail revenge is yours.
π‘ ππΌ https://youvegotspam.mschfmag.com
#youvegotspam #email #spam #tool #gmail
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
LineageOS adopts SeedVault as its open source backup solution
For those not familiar with SeedVault, it is an open-source backup app that uses the same internal APIs as adb backup. The application doesnβt need root access, but it must be compiled with the operating system. The backup location is user-configurable, with options ranging from a USB flash drive to a remote self-hosted cloud alternative such as NextCloud. This makes SeedVault a particularly viable option for users who doesnβt want to store their personal data to Googleβs proprietary cloud-based storage.
π ππΌ https://nitter.net/t_grote/status/1220036097293586432#m
π ππΌ http://telegra.ph/LineageOS-adopts-SeedVault-as-its-open-source-backup-solution-12-06
via www.xda-developers.com
β οΈWarning not all apps can be backed up this way
Some apps declare they cannot be backed up in their manifests so adb backup, therefore seedvault, skips them
#lineage #android #seedvault #opensource #backup #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
For those not familiar with SeedVault, it is an open-source backup app that uses the same internal APIs as adb backup. The application doesnβt need root access, but it must be compiled with the operating system. The backup location is user-configurable, with options ranging from a USB flash drive to a remote self-hosted cloud alternative such as NextCloud. This makes SeedVault a particularly viable option for users who doesnβt want to store their personal data to Googleβs proprietary cloud-based storage.
π ππΌ https://nitter.net/t_grote/status/1220036097293586432#m
π ππΌ http://telegra.ph/LineageOS-adopts-SeedVault-as-its-open-source-backup-solution-12-06
via www.xda-developers.com
β οΈWarning not all apps can be backed up this way
Some apps declare they cannot be backed up in their manifests so adb backup, therefore seedvault, skips them
#lineage #android #seedvault #opensource #backup #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
SOPS: Secrets OPerationS
sops is an editor of encrypted files that supports #YAML, #JSON, #ENV, #INI and #BINARY formats and encrypts with #AWS #KMS, #GCP #KMS, #Azure #Key #Vault and #PGP.
https://github.com/mozilla/sops
#sops #encryption #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
sops is an editor of encrypted files that supports #YAML, #JSON, #ENV, #INI and #BINARY formats and encrypts with #AWS #KMS, #GCP #KMS, #Azure #Key #Vault and #PGP.
https://github.com/mozilla/sops
#sops #encryption #tool
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Social Analyzer
Social Analyzer - API, CLI & Web App for analyzing & finding a person's profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation process.
The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0 to 100 (No-Maybe-Yes). This module intended to have less false positive and it's documented in this Wiki link
The analysis and extracted social media information from this OSINT tool could help in investigating profiles related to suspicious or malicious activities such as cyberbullying, cybergrooming, cyberstalking, and spreading misinformation.
This project is "currently used by some law enforcement agencies in countries where resources are limited".
https://github.com/qeeqbox/social-analyzer
#social #analyzer #qeeqbox #socialmedia #tool
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Social Analyzer - API, CLI & Web App for analyzing & finding a person's profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation process.
The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0 to 100 (No-Maybe-Yes). This module intended to have less false positive and it's documented in this Wiki link
The analysis and extracted social media information from this OSINT tool could help in investigating profiles related to suspicious or malicious activities such as cyberbullying, cybergrooming, cyberstalking, and spreading misinformation.
This project is "currently used by some law enforcement agencies in countries where resources are limited".
https://github.com/qeeqbox/social-analyzer
#social #analyzer #qeeqbox #socialmedia #tool
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - qeeqbox/social-analyzer: API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites - qeeqbox/social-analyzer
Forwarded from BlackBox (Security) Archiv
This browser extension shows what the Internet would look like without Big Tech
A web without Google, Facebook, Microsoft, or Amazon
The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), Iβd say it drives home the point that itβs almost impossible to avoid these companies on the modern web, even if you try.
https://www.theverge.com/2021/2/24/22297686/browser-extension-blocks-sites-using-google-facebook-microsoft-amazon
π‘ https://bigtechdetective.net/
#DeleteGoogle #delete #microsoft #amazon #browser #plugin #extension #tool
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
A web without Google, Facebook, Microsoft, or Amazon
The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), Iβd say it drives home the point that itβs almost impossible to avoid these companies on the modern web, even if you try.
https://www.theverge.com/2021/2/24/22297686/browser-extension-blocks-sites-using-google-facebook-microsoft-amazon
π‘ https://bigtechdetective.net/
#DeleteGoogle #delete #microsoft #amazon #browser #plugin #extension #tool
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
FLoC Block
Prevent Federated Learning of Cohorts aka FLoC ad-targeting code from running in Chrome.
FLoC, short for Federated Learning of Cohorts, is the new mechanism used by Google Chrome to group users into buckets based on their interests. You can read more about it here and why Brave and some other browsers have blocked it here. EFF did some analysis as well.
π‘ How does this Chrome Extension help?
If you HAVE to use Chrome but don't like the idea of being grouped into a bucket (aka cohort) based on the websites you visit, this extension is a simple way to prevent FLoC from divulging your "cohort id" to websites. The extension removes document.interestCohort() from every page so that a website cannot get your cohort id.
π‘ How do I install this extension?
ππΌ Download flocblock.zip from https://github.com/ShivanKaul/flocblock/releases/latest. Direct link: https://github.com/ShivanKaul/flocblock/releases/download/v0.0.1/flocblock.zip
ππΌ Extract extension.
ππΌ Follow the instructions to load into Chrome.
https://github.com/ShivanKaul/flocblock
#floc #block #chrome #browser #tracking #tool
π‘ @nogoolag π‘ @blackbox_archiv
Prevent Federated Learning of Cohorts aka FLoC ad-targeting code from running in Chrome.
FLoC, short for Federated Learning of Cohorts, is the new mechanism used by Google Chrome to group users into buckets based on their interests. You can read more about it here and why Brave and some other browsers have blocked it here. EFF did some analysis as well.
π‘ How does this Chrome Extension help?
If you HAVE to use Chrome but don't like the idea of being grouped into a bucket (aka cohort) based on the websites you visit, this extension is a simple way to prevent FLoC from divulging your "cohort id" to websites. The extension removes document.interestCohort() from every page so that a website cannot get your cohort id.
π‘ How do I install this extension?
ππΌ Download flocblock.zip from https://github.com/ShivanKaul/flocblock/releases/latest. Direct link: https://github.com/ShivanKaul/flocblock/releases/download/v0.0.1/flocblock.zip
ππΌ Extract extension.
ππΌ Follow the instructions to load into Chrome.
https://github.com/ShivanKaul/flocblock
#floc #block #chrome #browser #tracking #tool
π‘ @nogoolag π‘ @blackbox_archiv
GitHub
Release FLoC Block Β· ShivanKaul/flocblock
Contribute to ShivanKaul/flocblock development by creating an account on GitHub.
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Facebook Email to profile vulnerability
A video shared with researchers and Motherboard shows a tool linking email addresses to Facebook accounts
A tool lets a user see which email address is linked to a Facebook account even if the Facebook user didn't publicly advertise their address, according to a video sent to various researchers and Motherboard.
The news presents another significant privacy issue for Facebook, which is continuing to face a series of data leaks around phone numbers and other data.
https://twitter.com/UnderTheBreach/status/1384552368512159744
https://www.vice.com/en/article/bvz8pz/tool-finds-facebook-email-addresses
#tool #facebook #DeleteFacebook #poc #email #accounts #video
π‘ @nogoolag π‘ @blackbox_archiv
A video shared with researchers and Motherboard shows a tool linking email addresses to Facebook accounts
A tool lets a user see which email address is linked to a Facebook account even if the Facebook user didn't publicly advertise their address, according to a video sent to various researchers and Motherboard.
The news presents another significant privacy issue for Facebook, which is continuing to face a series of data leaks around phone numbers and other data.
https://twitter.com/UnderTheBreach/status/1384552368512159744
https://www.vice.com/en/article/bvz8pz/tool-finds-facebook-email-addresses
#tool #facebook #DeleteFacebook #poc #email #accounts #video
π‘ @nogoolag π‘ @blackbox_archiv
Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Profil3r
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for the found emails.
βΌοΈ For educational purposes only
https://github.com/Rog3rSm1th/Profil3r
#educational #profil3r #osint #tool #social #networks #email
π‘ @nogoolag π‘ @blackbox_archiv
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for the found emails.
βΌοΈ For educational purposes only
https://github.com/Rog3rSm1th/Profil3r
#educational #profil3r #osint #tool #social #networks #email
π‘ @nogoolag π‘ @blackbox_archiv