discover.sh

discover.sh You’ll love this script. I incorporate this tool into penetration testing engagements that require tactical social engineering or on-demand targeted reconnaissance.   Download, setup & usage Kali mini apt-get install windows-binaries git clone git://github.com/leebaird/discover.git /opt/discover/ All scripts must be ran from this location. cd /opt/discover/ && ./setup.sh &&./discover.sh RECON 1. Domain 2. Person 3. Parse […]

Read more "discover.sh"

How To Force Client to use HTTPS

You’ve got a problem.  After a recent Tomcat upgrade in your authentication server’s test environment, you noticed that authentication between your web application’s rest API calls and your authentication server fails. You decide to sniff the network with good ole’ tcpdump on the app (client) and authentication server. tcpdump -ni any port 80 or port 443 -A […]

Read more "How To Force Client to use HTTPS"