Telegram-Trilateration
AutoSploit
Telegram-Trilateration | AutoSploit | |
---|---|---|
9 | 1 | |
541 | 4,920 | |
- | - | |
0.0 | 0.0 | |
about 2 years ago | 12 months ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Telegram-Trilateration
- Telegram Trilateration
- Telegram Trilateration: Abusing “People Near Me” and tracking people's location
-
Hacker News top posts: Mar 13, 2022
Telegram Trilateration: Abusing “People Near Me” and tracking people's location\ (18 comments)
- Telegram Trilateration: PoC abusing “People Near Me” & tracking people location
- POC for abusing Telegram “People Near Me” feature and tracking people's location
- Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location
-
Security Analysis of Telegram (Symmetric Part)
Besides cryptographic issues they are also other issues compared to Signal Mtproto seems like the old man out in terms of cryptographic protocols also Mtproto dosen't seem to scale for multiple users. In earlier iterations of Mtproto there key-things missing like MAC, and etc. To be fair the paper does show in some sense the Mtproto is "secure" at protocol level (assuming your using the official client and the server is trusted) still it looks like it's fragile and pretty bad. Linked below are some more serious holes found in Mtproto's game.
AutoSploit
-
Awesome Penetration Testing
AutoSploit - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.
What are some alternatives?
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
RustScan - 🤖 The Modern Port Scanner 🤖
bleachbit - BleachBit system cleaner for Windows and Linux
pwntools - CTF framework and exploit development library
hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
dnstwist - Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
breaking-telegram - Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.
awesome-industrial-control-system-security - A curated list of resources related to Industrial Control System (ICS) security.
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
exif_delete - Secure your photographs by stripping them of all the EXIF data.
avatar - Self-hosted service for creating random avatars
Metasploit - Metasploit Framework