Osintgram
sslstrip
Our great sponsors
| Osintgram | sslstrip | |
|---|---|---|
| 32 | 7 | |
| 8,703 | 1,857 | |
| - | - | |
| 1.9 | 0.0 | |
| 29 days ago | almost 3 years ago | |
| Python | Python | |
| GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Osintgram
-
facebook hack
If the tattoo studios aren't necessary to have been from facebook specifically, Osintgram is a pretty effective tool for scraping shit from Instagram really quickly that could theoretically be used to achieve this, if not perhaps in a roundabout sort of way like starting from one business you know and getting shit from their friends' info and so on. I could swear that I had known about a similar tool for facebook, but I'm drawing a blank right now...
-
Historical usernames on Instagram
Doing this manually has many advantages, but you can, of course, use Osintgram for speedy results.
- Phone numbers or emails behind social media accounts
-
I am teaching High School students about online privacy/security. What tools could I use to simulate a "this is what other people could find out about you" scenario.
Github: https://github.com/Datalux/Osintgram
-
Is there a way to bulk download photos and videos from an Instagram profile?
If I remember correctly Osintgram can achieve this
- Finding email of a guy
- Finding Social media accounts with a persons email
-
InstAgent
Since the original version is more or less inactive, I took the initiative to continue with the developments.
- Does someone have a solution Osintgram
- Noob question. On step number 6 how do I incorporate what is says onto terminal?
sslstrip
- Some information and advice about DDoS, from someone who was there during #opPayback
- List of resources
-
Is there a tool to control bandwidth for debugging purposes?
Another option might be to try something like sslstrip to strip off the TLS layer so you can point your tools at the stripped-off/non-TLS endpoint. Probably non-trivial to get this old code working on any system though, let alone a Jetson: https://github.com/moxie0/sslstrip
-
Awesome Penetration Testing
sslstrip - Demonstration of the HTTPS stripping attacks.
-
Tracking One Year of Malicious Tor Exit Relay Activities (Part II)
Yeah. And for anyone unaware, this technique, SSL stripping, was made well-known (and arguably pioneered?) by Moxie Marlinspike of Signal with his tool sslstrip back in 2011: https://github.com/moxie0/sslstrip. I believe that's what he was most famous for before Signal.
-
MITM (Man-In-The-Middle) Attacks and Prevention
Once the connection has been intercepted, the attacker can use a tool such as sslstrip to disable all HTTPS redirects and change https:// links to unencrypted http://.
-
Qualcuno mi sa spiegare perché il sito del SENATO non utilizza il protocollo https? (rendendolo di fatto "insicuro")
E' possibile, per quanto molto meno facile. https://github.com/moxie0/sslstrip per esempio. Ci sono anche altre tecniche che si basano sulla manipolazione delle richieste di DNS e cose simili. Sicuramente molto piu' facile da notare e ordini di grandezza piu' complesso di HTTP, che è assolutamente triviale.
What are some alternatives?
osmedeus - A Workflow Engine for Offensive Security
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
instaloader - Download pictures (or videos) along with their captions and other metadata from Instagram.
toxiproxy - :alarm_clock: :fire: A TCP proxy to simulate network and system conditions for chaos and resiliency testing
holehe - holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
EvilOSX - An evil RAT (Remote Administration Tool) for macOS / OS X.
ignorant - ignorant allows you to check if a phone number is used on different sites like snapchat, instagram.
SQLMap - Automatic SQL injection and database takeover tool
instagram-scraper - Scrapes an instagram user's photos and videos
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
social-analyzer - API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
RustScan - 🤖 The Modern Port Scanner 🤖