When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to disclose them properly. As a result, security issues may be left unreported. security.txt defines a standard to help organizations define the process for security researchers to disclose security vulnerabilities securely: securitytxt.org.
Read MoreSecurity
The magazine computerwoche.de published a list of handy Open Source Intelligence Tools, incl.:
- Maltego – comprehensive tool for graphical link analyses that offers real-time data mining and information gathering, as well as the representation of this information on a node-based graph, making patterns and multiple order connections between said information easily identifiable
- Recon-ng – gathering tool aimed at reducing the time spent harvesting information from open sources
- theHarvester – emails, subdomains and names Harvester
- Shodan – world’s first search engine for Internet-connected devices
- Metagoofil – metadata harvester
- searchcode – search 75 billion lines of code from 40 million projects
- SpiderFoot – automates OSINT so one can find what matters, faster
- Babel X – discover and decipher geographically diverse, multilingual data into actionable insights in real time, babel street’s platform helps interpret real-time data, so one can make clear, decisive decisions that impact any mission
- Mitaka – browser extension for OSINT search
- BuiltWith – search tech stack of specific websites
- Wappalyzer – find the technology stack of any website
- DarkSearch.io – self-declared “first real” “dark web” “search engine” (yet, no longer publicly available)
- Grep.app – tool for searches across git repos
The list seems compiled from pcwdld.com, where more detailed descriptions of each tool can be found.
Furthermore, the OSINT Framework helps gathering information from free tools or resources by providing a very good overview of available applications, platforms, methods etc.
Read MoreOpen-Source Winforms application for uploading files to VirusTotal (virustotal.com): github.com/SamuelTulach/VirusTotalUploader.
Read MoreRemove the document protection from Word files without knowing the actual password (doesn’t work for files with password protection to open):
- Open the Word file in question (doc, docx)
- Choose “File”, “Save File As”, and make sure the file format is set to “Rich-Text-Format (*.rtf)”. Close the file in Word (important!)
- Open the new Rich-Text file with a text editor (e.g. Notepad or Notepad++). You can do so by dragging and dropping it into the editor window, or choose “File”, “Open File”, and set the file format to “All files (*.*)”.
- Find (ctrl-f) “passwordhash” and replace the string that follows with something else (e.g. “nopassword”). Save and close the file in your text editor.
- Re-open the modified Rich-Text file in Word, go to “Review”, “Restrict Editing” and click on “Stop Protection” (german version: “Überprüfen” – “Bearbeitung Einschränken” – “Schutz aufheben”). Uncheck all tick-boxes.
- Done. You’ve unprotected your Word file without ever knowing the password.
- Optional: Convert your file back to its original file format by selecting “File”, “Save As”, and choosing the original file format.
from: http://www.thinkoholic.com/2015/02/16/remove-unknown-password-protected-word-files.
Read MoreForget about spam, advertising mailings, hacking and attacking robots. Keep your real mailbox clean and secure. Temp Mail provides temporary, secure, anonymous, free, disposable email address: https://temp-mail.org.
Read MoreProtecting MS Excel Worksheets with passwords can be user-friendly. No one fiddles with the configuration. Yet, if you need to administer the sheets, lost passwords are a pain. So, in case you need to unprotect a sheet – and obviously only if you have the right to do so! – the folling VBA code snippet can help:
Sub LittleMagicPasswordBreaker()
Dim i As Integer, j As Integer, k As Integer
Dim l As Integer, m As Integer, n As Integer
Dim i1 As Integer, i2 As Integer, i3 As Integer
Dim i4 As Integer, i5 As Integer, i6 As Integer
On Error Resume Next
For i = 65 To 66: For j = 65 To 66: For k = 65 To 66
For l = 65 To 66: For m = 65 To 66: For i1 = 65 To 66
For i2 = 65 To 66: For i3 = 65 To 66: For i4 = 65 To 66
For i5 = 65 To 66: For i6 = 65 To 66: For n = 32 To 126
ActiveSheet.Unprotect Chr(i) & Chr(j) & Chr(k) _
& Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & Chr(i3) & _
Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
If ActiveSheet.ProtectContents = False Then
MsgBox "One usable password is " & Chr(i) & Chr(j) & _
Chr(k) & Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & _
Chr(i3) & Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
Exit Sub
End If
Next: Next: Next: Next: Next: Next
Next: Next: Next: Next: Next: Next
End Sub
Just open the VBA editor ([Alt]+[F11]), copy the snippet into a new VBA Module of the Excel worksheet, and execute (Run or [F5]).
Credits to: https://www.iseepassword.com/crack-ms-excel-password.html#part1
Read MoreThe qaul.net-software implements a redundant, open communication principle, in which wireless-enabled computers and mobile devices can directly form a spontaneous network. Text messaging, file sharing and voice calls are possible independent of internet and cellular networks. Qaul.net can spread like a virus, and an Open Source Community can modify it freely. It runs on MacOS, iOS, Windows, Ubuntu, Android alike: https://github.com/qaul/qaul.net.
Read More