The children of the void act without thought. Only a tear in the eye flashes.
Elon Musk's actions are a brazen attempt to silence honest criticism and independent research: https://doxa.team/news/2023-07-31-musk-infantile
The Phishing Risks of Twitter’s Name Change to X: https://socradar.io/the-phishing-risks-of-twitters-name-change-to-x/
A critical vulnerability dubbed CVE-2023-30799 has put over 900,000 MikroTik RouterOS routers at severe risk, allowing attackers to gain “super-admin” privileges and take full control of the devices without detection: https://www.blackhatethicalhacking.com/news/super-admin-privilege-vulnerability-plagues-mikrotik-routers/
Hackers Released New Black Hat AI Tools XXXGPT and Wolf GPT: https://cybersecuritynews.com/black-hat-ai-tools-xxxgpt-and-wolf-gpt/
How to conduct person of interest investigations using OSINT and Maltego: https://www.maltego.com/blog/how-to-conduct-person-of-interest-investigations-using-osint-and-maltego/
Integrating Wireless Data into Your OSINT Investigations from Maltego: https://www.maltego.com/blog/integrating-wireless-data-into-your-osint-investigations/
Awesome Browser Extensions for OSINT - A collection of awesome browser extension useful for OSINT along with their use case: https://github.com/osintambition/Awesome-Browser-Extensions-for-OSINT
Social-Media-OSINT-Tools-Collection - A collection of most useful OSINT tools for SOCINT: https://github.com/osintambition/Social-Media-OSINT-Tools-Collection
OSINT resources for CTI: https://www.authentic8.com/resources/OSINT-resources
Added searching for old usernames of Twitter account with memory.lol in Maigret.
Don't forget to update socid-extractor to the last version (v0.0.25)!
Also, remind you that you can start your investigations from any parseable account, example with parse mode: maigret --parse: https://api.memory.lol/v1/tw/libsoftiktok
Quiet. A private, p2p alternative to Slack and Discord built on Tor & IPFS: https://github.com/TryQuiet/quiet
DiG GUI. Web Interface for DNS Queries: https://www.diggui.com/
lmt. A cli program written in go that can be used to run applications with resource limits enforced using cgroupsv2: https://github.com/Rohansjamadagni/lmt
Pipper. Python Module able to automatically install missing imported libraries through pip: https://github.com/D35m0nd142/Pipper
Sniffle. A sniffer for Bluetooth 5 and 4.x LE: https://github.com/nccgroup/Sniffle
MetadataPlus. Chris Nevin @ NCCGroup A tool to extract metadata from Microsoft Office files that includes new locations not checked in other tools: https://github.com/nccgroup/MetadataPlus
Code Credential Scanner. A script is intended to scan a large, diverse codebase for hard-coded credentials, or credentials present in configuration files. These represent a serious security issue, and can be extremely hard to detect and manage: https://github.com/nccgroup/ccs
credential-digger. A GitHub scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models: https://github.com/SAP/credential-digger
LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities: https://github.com/capture0x/LFI-FINDER
Details: https://www.kitploit.com/2023/07/lfi-finder-tool-focuses-on-detecting.html
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner: https://github.com/D35m0nd142/LFISuite
DWH. Simple (but working) WEP/WPA/WPA2 Hacking script: https://github.com/D35m0nd142/DWH
FakeSG enters the 'FakeUpdates' arena to deliver NetSupport RAT: https://www.malwarebytes.com/blog/threat-intelligence/2023/07/socgholish-copycat-delivers-netsupport-rat
fakes-gen-cli. A Library and CLI tool for generating fake data as formatted as CSV, TSV and JSON: https://github.com/ogata-k/fakes-gen-cli
pdlist. A passive subdomain finder: https://github.com/gnebbia/pdlist
LinkedIn: OSINTech's Featured Timeline
SubStack: OSINTech's Substack
WARNING! All tools, programs and techniques published in this article and repository are used for informational, educational purposes or for information security purposes. The authors are not responsible for the activities that users of these tools and techniques may carry out, and urge them not to use them to carry out harmful or destructive activities directed against other users or groups on the Internet.