awesome-tor
RustScan
awesome-tor | RustScan | |
---|---|---|
2 | 26 | |
396 | 12,287 | |
- | 2.0% | |
0.0 | 7.9 | |
8 months ago | 1 day ago | |
Rust | ||
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-tor
-
Tor is not just for anonymity
The internet is no longer as peer-to-peer friendly as it once was. Hence the existence of commercially-motivated hacks run by third parties such as hosting, e.g., Cloudflare, etc., including tunneling, e.g., ngrok, etc. Alternatively, Tor relies on third parties but AFAIK it's not so centralised and it's not commercially-motivated.
That is what differentiates it from all the other options. There is no company behind it trying to make money by exploiting internet subscribers trying to connect with each other (not the so-called "tech" company).
Tor can have uses other than the ones normally discussed such as anonymity and evading censorship. Tor can provide reachability without use of commercial eavesdropping third party intermediaries.
For example, one can use Onion Services for advertising open IP:port information that is needed for peer-to-peer connections over other, faster peer-to-peer overlay networks, not the Tor network. The Onion Service can function as the "rendezvous" server for making peer-to-peer connection outside of Tor. Tor's Onion Services can be used to exchange IP:port information for making direct connections over the internet without using Tor. No need to use commercial third parties. Ngrok, Tailscale, etc. all require use of servers run by a commercial third party. Tor does not. There is ample free software that can establish peer-to-peer connections over the internet but in every case it requires some reachable server running this software on the internet, and for most users that means they have to run a server and pay a commercial third party for hosting. Tor has no such requirement.
Imagine being able to share content with family, friends, colleagues without the need for so-called "tech" companies^1 acting as intermediaries ("middlemen"). With a reachable IPv4 address this becomes possible. It would be nice if every home internet access subscriber received a reachable IPv4 address from their ISP. No doubt, some do. But on today's internet most do not. The so-called "tech" companies all have reachable IPv4 addresses. Hence they assume the roles of middlemen and use this position to exploit internet subscribers for profit.
Something like Tor provides a solution. Again, it is not always necessary to route all traffic over Tor. Tor can have other uses. When the goal is simply peer-to-peer connections, Onion Services can be used to bootstrap peer-to-peer overlay connections using the user's choice of software by providing a secure, reliable way to exchange IP:port information. Goal here when using Tor is not anonymity nor censorship evasion, it's reachability. Similarly, goal of peer-to-peer is not necessarily anonymity nor evading censorship either, it's bypassing commercially-motivated, eavesdropping middlemen known as "tech" companies, and avoiding the annoyances of advertising. A possible additional benefot of using Tor in this way is elevated privacy. Google, for example, cannot easily discover Onion Services. No one can discover Onion Services using ICANN DNS.
1. The term "tech" as in "tech company" means a company, usually a website, that collects data from and about people to support the sale of advertising services because advertising services are the only services the company can sell on a scale large enough to sustain a profitable business.
More reading/viewing:
https://github.com/anderspitman/awesome-tunneling
Tor Hidden Services (now called "Onion Services")
https://jamielittle.org/2016/08/28/hidden.html
As one author wrote on Github:
"onion-expose is a utility that allows one to easily create and control temporary Tor onion services.
onion-expose can be used for any sort of TCP traffic, from simple HTTP to Internet radio to Minecraft to SSH servers. It can also be used to expose individual files and allow you to request them from another computer.
Why not just use ngrok?
ngrok is nice. But it requires everything to go through a central authority (a potential security issue), and imposes artificial restrictions, such as a limit of one TCP tunnel per user. It also doesn't allow you to expose files easily (you have to set it up yourself)."
https://github.com/ethan2-0/onion-expose
As another Github contributor put it:
"With onionpipe, that service doesn't need a public IPv4 or IPv6 ingress. You can publish services with a globally-unique persistent onion address, and share access securely and privately to your own allowlist of authorized keys.
You don't need to rely on, and share your personal data with for-profit services (like Tailscale, ZeroTier, etc.) to get to it."
https://github.com/cmars/onionpipe
https://news.ycombinator.com/item?id=36734956
https://news.ycombinator.com/item?id=30445421
https://news.ycombinator.com/item?id=29929399
"Finally, onion services are private by default, meaning that users must discover these sites organically, rather than with a search engine." [Small websites with small audiences get buried by advertising-supported search engines anyway.]
https://nymity.ch/onion-services/pdf/sec18-onion-services.pd...
https://media.ccc.de/v/31c3_-_6112_-_en_-_saal_2_-_201412301...
https://wiki.termux.com/wiki/Bypassing_NAT (Termux recommends Tor over Ngrok)
https://github.com/ajvb/awesome-tor
-
Awesome Penetration Testing
See also awesome-tor.
RustScan
- RustScan – The Modern Port Scanner
-
Is Rustscan tool allowed in CEH Practical exam?
I will be giving CEH Practical exam in the next month and I can't find whether Rustscan is allowed or not. I have read EC-Council is very particular about the tools used so I want to be sure whether to implement in my prepartion or not.
-
[self-made] havn - fast lightweight port scanner
I’m not sure why I decided to create it, I think I tried to use RustScan for a simple task last week, but it was too convoluted for my needs, as well as the fact that it requires nmap to be installed. Thus havn was born, nothing else needed, and only directly using two dependencies, Tokio and Clap, although I think If I really wanted to, I could remove the Clap dependency, but it’s just so handy and easy to use.
-
I just can't get RustScan to work. constantly the same error messages with 2 different versions
Did you read https://github.com/RustScan/RustScan, find the link to https://github.com/RustScan/RustScan/wiki/Installation-Guide and came across "Docker is the recommended way of installing RustScan"?
- Rustscan – The Modern Port Scanner
- RustScan is a modern take on the port scanner
-
Is there a good and simple command line alternative to Nmap?
I like RustScan https://github.com/RustScan/RustScan . For one thing, it’s fast!
- Recommended high speed port scanner?
- RustScan/RustScan: 🤖 The Modern Port Scanner 🤖
What are some alternatives?
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Tor-Bridges-Collector - Collecting Tor Bridges.
scapy - Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
awesome-privacy - 💡Limiting personal data leaks on the internet
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
onion-expose - Easily create Tor hidden services with one command.
SQLMap - Automatic SQL injection and database takeover tool
bettercap - The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
netdiscover - Netdiscover, ARP Scanner (official repository)
john - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
evillimiter-windows - Tool that limits bandwidth of devices on the same network without access.