bormaxi8080 OSINT Timeline (31) - 02.11.2023

People are evil to the extent that they are unhappy.

Separating Fact from Fiction on Social Media in Times of Conflict from Bellingcat: https://www.bellingcat.com/resources/how-tos/2023/10/26/separating-fact-from-fiction-on-social-media-in-times-of-conflict/

Python for OSINT. 21 days course for beginners: https://github.com/cipher387/python-for-OSINT-21-days

Collection of OSINT submodules/scripts/tools from notdodo: https://github.com/notdodo/Tools

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed: https://github.com/drwetter/SecLists

Amnezia-WG VPN protocol - AmneziaWG is a contemporary version of the WireGuard protocol. It's a fork of WireGuard-Go and offers protection against detection by Deep Packet Inspection (DPI) systems. At the same time, it retains the simplified architecture and high performance of the original: https://github.com/amnezia-vpn/amnezia-wg

Amnezia-WG OpenVPN Server - https://github.com/amnezia-vpn/openvpn-server

Amnezia-WG Client (Desktop + Mobile) - https://github.com/amnezia-vpn/amnezia-client

Amnezia-WG for Apple - https://github.com/amnezia-vpn/awg-apple

Amnezia-WG for Android - https://github.com/amnezia-vpn/awg-android

Amnezia-WG for Windows - https://github.com/amnezia-vpn/awg-windows

In video veritas, if we divert the old Latin saying: In video, there is truth! The digital media revolution and the?convergence of social media with broadband wired and wireless connectivity are bringing breaking news to online?video platforms; and, news organisations delivering information by Web streams and TV broadcast often rely on?user-generated recordings of breaking and developing news events shared by social media to illustrate the story.?However, in video there is also deception. Access to increasingly sophisticated editing and content management tools,?and the ease in which fake information spreads in electronic networks requires reputable news outlets to carefully?verify third-party content before publishing it, reducing their ability to break news quickly while increasing costs in?times of tight budgets. InVID will build a platform providing services to detect, authenticate and check the reliability?and accuracy of newsworthy video files and video content spread via social media: https://www.invid-project.eu/

Fake video news debunker by InVID. This plugin has been designed as a verification “Swiss army knife” helping journalists to save time and be more efficient in their fact-checking and debunking tasks on social networks especially when verifying videos and images: https://github.com/invideu/invid-verification-plugin

GlossaryTech | Learn tech words - GlossaryTech Chrome Plugin is your tech recruiting and sourcing assistant. Once installed, you can always use the extension either for sourcing tech talent or for learning IT-related terms whilst browsing. The plug-in works for every single website, including Github, Wikipedia, and Stack Overflow: https://chrome.google.com/webstore/detail/glossarytech-learn-tech-w/lkfaknngnekohfmljebdikgefjfhkgkp

Silence - Block unknown Phone callers: https://github.com/x13a/Silence

PasteGo - Scrape/Parse Pastebin using GO and expression grammar (PEG): https://github.com/notdodo/pastego

NMapAutomator - A script that you can run NMap scans in the background: https://github.com/mr-rizwan-syed/nmapAutomator

testssl.sh?is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws: https://github.com/drwetter/testssl.sh

Firezone - WireGuard?-based scalable remote access platform: https://github.com/firezone/firezone

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities: https://github.com/agrawalsmart7/scodescanner

Darkus is a Onion websites searcher it uses deep/dark web searcher engines to search a specific word and give you back the link results: https://github.com/Lucksi/Darkus

NaiveProxy uses Chromium's network stack to camouflage traffic with strong censorship resistence and low detectablility. Reusing Chrome's stack also ensures best practices in performance and security.: https://github.com/klzgrad/naiveproxy

DeadFinder - Dead link (broken link) means a link within a web page that cannot be connected. These links can have a negative impact to SEO and Security. This tool makes it easy to identify and modify: https://github.com/hahwul/deadfinder

HOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers: https://github.com/mr-rizwan-syed/chomtesh

PatchaPalooza - A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates: https://github.com/xaitax/PatchaPalooza

Wacker - A WPA3 dictionary cracker: https://github.com/blunderbuss-wctf/wacker

Kraken - A multi-platform distributed brute-force password cracking system: https://github.com/arcaneiceman/kraken

uriDeep - Unicode encoding attacks with machine learning. Tool based on machine learning to create amazing fake domains using confusables. Some domains can deceive IDN policies (Chrome & Firefox): https://github.com/mindcrypt/uriDeep

autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat: https://github.com/hmaverickadams/autoNTDS

c41n?provides automated setup of several types of Rogue Access Points, and Evil Twin attacks.?c41n?sets up an access point with user defined characteristics (interface, name and channel for the access point), sets up DHCP server for the access point, and provides user with abilities of HTTP traffic sniffing, or Captive Portal setup with credential sniffing: https://github.com/MS-WEB-BN/c41n

bormaxi8080 OSINT timeline:

GitHub:?https://github.com/bormaxi8080/osint-timeline

You can see Systematized List of my GitHub Starred OSINT Repositories

You can contact me on Twitter: https://twitter.com/OSINTech_

If you like the projects that I do, I will be grateful for donations in private dialogue.

WARNING! All tools, programs and techniques published in this article and repository are used for informational, educational purposes or for information security purposes. The authors are not responsible for the activities that users of these tools and techniques may carry out, and urge them not to use them to carry out harmful or destructive activities directed against other users or groups on the Internet.