Misc Attacks
Various useful attack tools and techniques.
GIT
Search for sensitive information in the git repository
gitleaks detect -v . (inside cloned git)
A tool to download a git repository from a website. Useful when you find the .git folder on a website.
git-dumper <URL.GIT> <OUTPUT>
Hidden File Extraction
Web site that allows you to edit the bytes of a file.
Website that performs various techniques for analyzing and extracting hidden files from images or similar.
Detect and hide files in images, videos, audio etc.
steghide info <FILENAME>
steghide extract -sf <FILENAME>
Allows brute force attacks on hidden files covered by passphrases.
stegcracker <FILENAME> [<WORDLIST>]
Tool used to analyze, decode and extract firmware images.
binwalk <FILENAME>
binwalk -e <FILENAME> (extraction)
Foremost is a forensic program for recovering lost files based on their headers, footers and internal data structures.
foremost <FILENAME>
foremost -i <INPUT.img> -o <OUTPUT>
Other
pdfimages
Saves images from a PDF.
apt-get install poppler-utils
pdfimages <PDF_FILE> <OUTFILE>
Recovers passwords from pixelized screenshots.
python3 depix.py -p <IMAGE_TARGET> -s images/searchimages/debruinseq_notepad_Windows10_closeAndSpaced.png -o <OUTFILE>
Last updated