Need Some Input From All Of You Please

There is a project I am working on and I need some input from the rest of you to figure out one part of it.

What I am looking to find out is what the most used tools are.

So if you could reply with what you use the most I would appreciate it.

Hopefully Hackersploit will chime in also.
I would love to have his input also on this since he actually works in the field(some of the rest of you might also I really don’t know).

Thank you for any input you may add.

EDIT: If it is not free and open source I don’t want to know about it sry.

Good question.

  1. Tor

  2. Owasp-zap

  3. Kwrite

  4. CTFR

  5. XSSTRIKE

  6. Tidos

  7. Recon-ng

  8. Burp

  9. SQLmap

  10. SearchSploit

  11. WireShark

  12. EDB

  13. MetaSploit

  14. Nmap

  15. Pupy

Some of those I never heard of haha but I’ll have to do some research into them.

Nmap, Wireshark, and Metasploit were already on my list I figured those were essential things everyone had.
Kwrite I use a lot for different things but this will be focused on pen testing tools.

One problem I am having is finding links to things that I can trust since you know that such tools are sometimes not tools but some malicous thing some asshat uploaded to look like something else.
Then again a lot of useful things can come right from your Linux distros repo.

I bet parts of my posts sound like I am phishing or something LoL.
Soon as I get something written that looks presentable I will release it and give more info on what I am doing.

Thank you for your reply it helps.

The tool I use the most is Sn1per from 1N3. It utilizes a ton of other tools I’m sure used by many here but very nicely automates everything together. I love using it for doing a high-level overview and recon on targets. It’s on github : https://github.com/1N3/Sn1per

Although a bit little buggy, Blackwidow is also an amazing tool.

Also to name a few others…
Photon
WPSeku

I hope you’re hiding where you are when you use Sn1per.
More than one of the search engines it uses will track your location and machine fingerprint.
PLus after looking through the source it does a few other things I don’t like.

Looks like a nice tool though.

I always do, with any tool I use honestly.

But I am very curious to know more about what and how you mean? I’m still not very good at coding but would love to know more about how to spot things like that.

Ive been trying to learn more about coding, however it’s a bit overwhelming with all the languages so I’ve been trying to stick with the more basic ones for now i.e. Bash/python.

Also, I’ve been wanting to make my own tool like Sn1per for a while now(especiallyffor the practice and experience) so after hearing what you said, I’d really like to learn how to avoid having the same issues. =)

I don’t know a lot about code but I sort of can read it and figure out what it does but it depends on the language.
C ,C+,C++ for example I can’t understand much at all. I don’t know if it is the way it is written or how it works I just have trouble with it.
Also looking at code that the author put a lot of comments in helps a lot because then you can remember that x function does something like this or that etc

Shell script(or bash whatever you want to call it) is very easy for me to read it reminds me of the C# scripts I used to write for Unity 3d(I never got good at it and stopped because the math became too much for me).
Python and Ruby I haven’t really looked at much but from what I have seen it looks like something I could pick up.

At this point I am better at understanding what it does than writing anything without looking through the manuals and reference material or searching on the internet to find out how to do something I want to do and I don’t really have much I have written that I would show in public it is sort of embarrasing LoL.

This is an example of what I meant by comments which I think everyone should use for a few reasons.

#!/bin/bash
#required for this type of bash script

echo “Please enter your username” #prints on screen asking user what their username is

read NAME #variable is NAME #reads user input

if [ “$NAME” = “bugs” ]; # if you’re username is bugs

then #then we do this
echo “Whats up doc” #if you don’t need to use an else the if ends after this line with fi

else #if it is not bugs we do this
echo “Invalid username exiting script”

fi # closes if statement
EDIT:I take no credit for this code it is from Hackersploits shell scripting tutorial series on youtube.
https://www.youtube.com/watch?v=qoem5hqCH6A

Very sorry for forgetting to give credit,

The # or / or something similar usually comments out a line so that you can put in comments in code that way it doesn’t try to run some imaginary function or whatever and give you errors.

So this asks you for your username and then IF it is X it will THEN it does something like this one prints on the screen Whats up doc(haha I always put silly things in when I am learning something).
And if you’re name isn’t X (ELSE) it will say “invalid username” and the script exits.

The FI is to close the IF statement.

Not sure if that helps but you can sort of see why comments might be important.
Not only do they help people understand what the code is doing it also helps me.

Say I don’t do any scripting for a year and I have forgotten a few things.
When I look at this code it helps remind me what it does,
I had this problem once because I didn’t use comments and it took me a few hours to look up what each script I had saved did when I could have commented it in the first place and spent less time remembering,

Anyway like I said I don’t know a lot just a little but I hope this helped you at least some.

Yeah i know what you mean, same here. I’ve only reversed engineered 1 program(written in C which I didn’t really know jack shit about) for a previous job and it took me like almost 2 weeks straight of scorching my eyes staring at so much code… But was finally able to get the info I needed for what I was doing lol

Oh snap, unity 3D? Was it for oculus rift?

Python/bash I can read/debug fairly easily but can only make basic scripts of my own atm unfortunately =/ I can read a little bit of several web-based languages but mostly just becauseiI’ve been taking a deep dive into more web app pentesting.

Haha, you and me both xD my github repository is practically naked. But I’m really wanting to change that and expand my cyber security/pentesting knowledge as well, outside of Wifi hacking. I’ve spent wayyy too much time only focusing WiFi… But omg it was fun as hell! Lol

Yeah wifi atacks can be fun just ask my girlfriend and daughter how much fun I had one night Dos their phones at random LoL. They would come in the room to tell me the wifi wasn’t working and I would be laughing my head off.

The Unity 3d stuff I was doing was just some stuff for windows that never amounted to anything and I have forgotten just about everything I have learned since it has been at least 3 years since I looked at it. Wish I remembered more of the C# I learned though.

Anyway we’re getting this way off topicO.o.

So this project has been abandoned.
I have recently found 3 different scripts that do the same thing I wanted to do that everyone already knows about.

Need to come up with something else I guess no sense in writing things that already exist and do the same thing.

@NuBz, you can add a few add-ons to your browser and change the user agent. this will help you hide your “browser fingerprint”. You can also use privacy badger to handle most cookies. HTTPS everywhere is also a good tool when it comes to keeping as much as you can to yourself when browsing.

Tell more about it in detail bro. Like what type add-ons other than HTTPS everywhere?

How to fix this issue?

Change your config settings / some addons my addons are.
1.) User Agent Spoofer
2.) WebRTC Disable (addon and in the config)
3.) Decentraleyes
4.) HTTPS EVERYWHERE
5.) Privacy Badger
6.) uBlock
7.) And my browsers config settings have been modified

1 Like

Will try this and report to you in case of any error.

This was never about browser addons and being private on the internet.