A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Last update: Aug 09, 2022

Overview

Shodan Quick Recon

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Configuration

You must edit the python code, and insert your Shodan API Where it is stated & Save it.

The word apache is already definted, and will extract whatever you change it to, so each time you can setup a word to perform the search, and you can save the output results using > output.txt in order to cat/work and grep things of interest.

More info on tweaking this can be found here:

https://shodan.readthedocs.io/en/latest/tutorial.html

Support

You can Support our Work by Joining our Patreon for Exclusive Video Content:

https://www.patreon.com/blackhatethicalhacking

Owner

Black Hat Ethical Hacking

Offensive Security: Black Box Penetration Testing, Digital Forensics, Offensive Security Courses, Content Production, Bug Bounty & More!

GitHub Repository

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several

40 Dec 29, 2022

Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell

16 Nov 09, 2022

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication

77 Jan 03, 2023

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

105 Dec 05, 2022

CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享，严禁用于非法用途，否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn

355 Aug 03, 2022

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

PocOrExp in Github 聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网注意：只通过通用的CVE号聚合，因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞，还是自己检索一下比较好 Usage python3 exp.py -h usage: ex

567 Dec 30, 2022

this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

1 Nov 04, 2021

Tinyman exploit finder - Tinyman exploit finder for python

tinyman_exploit_finder There was a big tinyman exploit. You can read about it he

9 Dec 27, 2022

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

140 Dec 16, 2022

Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

133 Dec 18, 2022

Experimental musig2 python code, not for production use!

musig2-py Experimental musig2 python code, not for production use! This is just for testing things out. All public keys are encoded as 32 bytes, assum

14 Jul 08, 2022

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

19 Nov 18, 2022

macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

206 Dec 31, 2022

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021

Python implementation for PrintNightmare using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

141 Dec 31, 2022

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

162 Nov 25, 2022

pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this

181 Jan 02, 2023

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

Flask-SeaSurf SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF). CSRF vulnerabilities have been found in large and popular

183 Dec 28, 2022

PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)

yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log

1 Jan 31, 2022

This respository contains the source code of the printjack and phonejack attacks.

Printjack-Phonejack This repository contains the source code of the printjack and phonejack attacks. The Printjack directory contains the script to ca

2 Feb 12, 2022

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Related tags

Overview

Shodan Quick Recon

Configuration

Support

Owner

Black Hat Ethical Hacking

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Tinyman exploit finder - Tinyman exploit finder for python

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

Workshop Material on VM-based Deobfuscation

Experimental musig2 python code, not for production use!

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

macOS Initial Access Payload Generator

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Python implementation for PrintNightmare using standard Impacket.

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)

This respository contains the source code of the printjack and phonejack attacks.