A reverse-engineering tool for docker environments. Takes all network connections from your docker containers and can export them as:
- graphviz .dot files
- structurizr dsl
- json stream of elements
OS-independent, it uses different strategies to get container connections. Produces detailed connections graph with ports. Fast, scans ~400 containers in around 5 seconds. Right now only established and listen connections are listed.
DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures in our arsenal!
We can scan around 50 subdomains per second, testing each one with over 50 takeover signatures. This means most organisations can scan their entire DNS estate in less than 10 seconds.
Currently only supports Route53, Cloudflare, and Azure.
A flatbed document and book scanner. Will also scan 3d objects that'll fit under the camera. Minimum of 13MP image resolution (4160 x 3120), can handle up to A3 size documents. Maximum document thickness: 10mm. Scanner camera's height above the document is adjustable. As fast as one second per scan. Portable - can be folded up for transportation. Can detect when you turn the page or change the document, look for the new page, and automatically take the next image. Abbyy OCR functionality built in. Scans to Word documents, PDF, Excel spreadsheets, or TIFF image files. Software for Windows (back to XP) and OS X.
Shows up as a UVC device under Linux (archived), so any image or video capture software that is UVC enabled can do the work for you.
Python Django web frontend for playing recorded radio transmisisons. The audio files are recorded using Trunk Recoder.
Turbine is the SDR software for NoraSector. It's designed to capture and stream all frequencies in a trunked radio system. It is capable of decoding multiple systems concurrently, even different system types, provided they all fall within the same sample bandwidth generated by the radio and there's enough CPU available.
It's built with the expectation that it uses a single SDR that is able to capture the bandwidth containing all frequencies in the system.
All audio is encoded using the Opus codec for compatibility with WebRTC and output over UDP.
Designed for big-bore SDRs, like the HackRF. You won't get an RTL-SDR working with this (even though I tagged it with that to make it easier to find).
The number of IMSI-catchers (rogue cell towers) has been steadily increasing in use by hackers and governments around the world. Rogue cell towers, which can be as small as your home router, pose a large security risk to anyone with a phone. If in range, your phone will automatically connect to the rogue tower with no indication to you that anything has happened. At that point, your information passes through the rogue tower and can leak sensitive information about you and your device. Currently, there are no easy ways to protect your phone from connecting to a rogue tower (aside from some Android apps which are phone specific and require root access).
This project demonstrates how you can create a rogue cell tower detector using a Raspberry Pi and a SIM 900 module. The detector can identify rogue towers and triangulate their location. The demonstration uses a SIM 900 GSM module to fingerprint each cell tower and determine the signal strength of each tower relative to the detector.
SuperSDR allows a realtime view of the spectrum waterfall and audio playback of any KiwiSDR around the world along with a local or remotely controlled CAT transceiver.
Requires pygame, pyaudio, matplotlib, numpy, and scipy.
References the KiwiSDR specifically. Maybe it'll work with others?
The HTTP response headers that this site analyses provide huge levels of protection and it's important that sites deploy them. Hopefully, by providing an easy mechanism to assess them, and further information on how to deploy missing headers, we can drive up the usage of security based headers across the web.
Reproducibly verify assumptions about your network: DNS, available hosts, open ports, TLS configuration; nmap, testssl, and dig/kdig in an Ansible-shaped trench coat.
Rysiek calls it a poor being's personal SHODAN.
A CLI utility which scans websites for broken links. Sitemap aware.
RadioWitness is a P25 public safety radio archive with a web application and support for cryptographically authenticated mirrors through Dat Protocol. Running this software requires two or more RTLSDR radios and one or more local P25 "Phase 1" public safety radio networks.
It looks like reading through the documentation alone will help in building a trunk tracker.
rtl_433 is a generic data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345 MHz, and 915 MHz ISM bands. rtl_433 is written in portable C (C99 standard) and known to compile on Linux (also embedded), MacOS, and Windows systems. Older compilers and toolchains are supported as a key-goal. Low resource consumption and very few dependencies allow rtl_433 to run on embedded hardware like (repurposed) routers. Systems with 32-bit i686 and 64-bit x86-64 as well as (embedded) ARM, like the Raspberry Pi and PlutoSDR are well supported.
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions.
Seems like it'd be useful for finding REST APIs to reverse engineer.
RTLSDR-Airband receives analog radio voice channels and produces audio streams which can be routed to various outputs, such as online streaming services like LiveATC.net. Originally the only SDR type supported by the program was Realtek DVB-T dongle (hence the project's name). However, thanks to SoapySDR vendor-neutral SDR library, other radios are now supported as well. Runs on the RasPi just as well as more powerful systems.
Now under new management.
A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library.
Seems rather along the lines of gqrx, but in Python.
This project is a software defined radio receiver for these messages. We make use of an inexpensive rtl-sdr dongle to allow users to non-invasively record and analyze the commodity consumption of their household. Designed with ERT-compatible smart meters i mind.
An open source 3d scanner built around multiple RasPi single board computers and an equal number of digital cameras (between 3 and 5, inclusive). This is a fairly complex build, definitely not for beginners.
Software-defined radio receiver application built on GNU Radio with a web-based UI and plugins. In development, usable but incomplete. Compatible with RTL-SDR.
Installation docs: https://shinysdr.switchb.org/manual/installation
Requires more horsepower than a RasPi 0 W can provide.
Written using Python v2.7. Don't think it's been updated to Python3 yet.
A web-based SDR package for multiple users. Tune an SDR with your web browser, listen to what it picks up. Includes demodulators. 2d and 3d waterfall displays. Supports multiple SDRs, including the RTL-SDR. You can also join the sdr.hu radio network if your server is publically available.
In the AUR.
Implemented with Python v2.7 and HTML5.
SHODAN has a service where you can use them to monitor your your stuff if you have an account with API access. Schedule and run scans, get alerts if something new or unexpected appears. Has its own API and CLI tool, too.