A lightweight and cross platform QR Code and Bar code scanning library for the web. Support scanning different types of bar codes and QR codes. Supports different platforms and browsers. Supports scanning with camera as well as local files. Comes with an end to end library with UI as well as a low level library to build your own UI with.
Based on zxing-js.
A Barcode Detection API polyfill that uses ZXing-C++ WebAssembly under the hood.
Supported barcode formats: aztec, code_128, code_39, code_93, codabar, databar, databar_expanded, databar_limited, data_matrix, dx_film_edge, ean_13, ean_8, itf, maxi_code (only generated ones, and no position info), micro_qr_code, pdf417, qr_code, rm_qr_code, upc_a, upc_e, linear_codes and matrix_codes (for convenience).
It's probably easier just to grab it from the JS CDN and store it locally.
Radio Receiver is an HTML5 webpage that uses an USB digital TV receiver plugged into your system to capture radio signals, demodulates them in the browser, and plays the demodulated audio through your computer's speakers or headphones. This is called SDR (Software-Defined Radio), because all the radio signal processing is done by software running in the computer instead of purpose-built hardware.
Radio Receiver was written to work with an RTL-2832U-based DVB-T (European digital TV) USB receiver, with a R820T tuner chip. This hardware configuration is a little dated, but support for newer tuner chips is planned.
npm install esbuild
npm run build
npm run dist
Output in dist/. dist/apps/radioreceiver/ is where the web front-end stuff is, dist/tools/ is where the utility stuff lives.
Picking apart the demo site, it looks like you only need to serve dist/apps/radioreceiver/ because the only three files that get pulled down from it are index.html, main.js, and favicon.png (which implies that everything in there needs to be uploaded).
Requires a browser that supports the HTML5 USB API, which is pretty much everything but Firefox.
A Progressive Web Application (PWA) that scans barcodes of various formats, using the Barcode Detection API. Scan barcodes from webcam or image files. Copy detected barcode to clipboard. Share detected barcode via Web Share API on mobile. Open detected URL in a new tab. Save decoded barcodes in browser history (IndexedDB).
npm install
Upload the contents of dist/
to a web server.
soapysdr-fft-log is a tool for logging and playing back arbitrarily large portions of the RF spectrum. it can also identify peaks based on a handful of input parameters and log them to console. It is a sister project to plutosdr-fft-log which brings support to many of the most popular SDRs. scanner.py continuously scans a specified frequency range and logs the FFT results to .bin files. each log file contains data for an arbitrary large portion of the spectrum, allowing continuous spectrum monitoring. replay.pl plays back FFT log files generated by scanner.py, printing detected peaks to the console.
A reverse-engineering tool for docker environments. Takes all network connections from your docker containers and can export them as:
OS-independent, it uses different strategies to get container connections. Produces detailed connections graph with ports. Fast, scans ~400 containers in around 5 seconds. Right now only established and listen connections are listed.
A web-based SDR package for multiple users. Tune an SDR with your web browser, listen to what it picks up. Includes demodulators. 2d and 3d waterfall displays. Supports multiple SDRs, including the RTL-SDR. You can also join the sdr.hu radio network if your server is publically available.
DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures in our arsenal!
We can scan around 50 subdomains per second, testing each one with over 50 takeover signatures. This means most organisations can scan their entire DNS estate in less than 10 seconds.
Currently only supports Route53, Cloudflare, and Azure.
A flatbed document and book scanner. Will also scan 3d objects that'll fit under the camera. Minimum of 13MP image resolution (4160 x 3120), can handle up to A3 size documents. Maximum document thickness: 10mm. Scanner camera's height above the document is adjustable. As fast as one second per scan. Portable - can be folded up for transportation. Can detect when you turn the page or change the document, look for the new page, and automatically take the next image. Abbyy OCR functionality built in. Scans to Word documents, PDF, Excel spreadsheets, or TIFF image files. Software for Windows (back to XP) and OS X.
Shows up as a UVC device under Linux (archived), so any image or video capture software that is UVC enabled can do the work for you.
Python Django web frontend for playing recorded radio transmisisons. The audio files are recorded using Trunk Recoder.
Turbine is the SDR software for NoraSector. It's designed to capture and stream all frequencies in a trunked radio system. It is capable of decoding multiple systems concurrently, even different system types, provided they all fall within the same sample bandwidth generated by the radio and there's enough CPU available.
It's built with the expectation that it uses a single SDR that is able to capture the bandwidth containing all frequencies in the system.
All audio is encoded using the Opus codec for compatibility with WebRTC and output over UDP.
Designed for big-bore SDRs, like the HackRF. You won't get an RTL-SDR working with this (even though I tagged it with that to make it easier to find).
The number of IMSI-catchers (rogue cell towers) has been steadily increasing in use by hackers and governments around the world. Rogue cell towers, which can be as small as your home router, pose a large security risk to anyone with a phone. If in range, your phone will automatically connect to the rogue tower with no indication to you that anything has happened. At that point, your information passes through the rogue tower and can leak sensitive information about you and your device. Currently, there are no easy ways to protect your phone from connecting to a rogue tower (aside from some Android apps which are phone specific and require root access).
This project demonstrates how you can create a rogue cell tower detector using a Raspberry Pi and a SIM 900 module. The detector can identify rogue towers and triangulate their location. The demonstration uses a SIM 900 GSM module to fingerprint each cell tower and determine the signal strength of each tower relative to the detector.
SuperSDR allows a realtime view of the spectrum waterfall and audio playback of any KiwiSDR around the world along with a local or remotely controlled CAT transceiver.
Requires pygame, pyaudio, matplotlib, numpy, and scipy.
References the KiwiSDR specifically. Maybe it'll work with others?
The HTTP response headers that this site analyses provide huge levels of protection and it's important that sites deploy them. Hopefully, by providing an easy mechanism to assess them, and further information on how to deploy missing headers, we can drive up the usage of security based headers across the web.
Reproducibly verify assumptions about your network: DNS, available hosts, open ports, TLS configuration; nmap, testssl, and dig/kdig in an Ansible-shaped trench coat.
Rysiek calls it a poor being's personal SHODAN.
A CLI utility which scans websites for broken links. Sitemap aware.
This project goes around the internet and finds services, webapps, and credential leaks to index them. No user profile/sessions information shared. JSON search API. Can register for an API key.
This service can scan by ASN.
RadioWitness is a P25 public safety radio archive with a web application and support for cryptographically authenticated mirrors through Dat Protocol. Running this software requires two or more RTLSDR radios and one or more local P25 "Phase 1" public safety radio networks.
It looks like reading through the documentation alone will help in building a trunk tracker.
rtl_433 is a generic data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345 MHz, and 915 MHz ISM bands. rtl_433 is written in portable C (C99 standard) and known to compile on Linux (also embedded), MacOS, and Windows systems. Older compilers and toolchains are supported as a key-goal. Low resource consumption and very few dependencies allow rtl_433 to run on embedded hardware like (repurposed) routers. Systems with 32-bit i686 and 64-bit x86-64 as well as (embedded) ARM, like the Raspberry Pi and PlutoSDR are well supported.
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions.
Seems like it'd be useful for finding REST APIs to reverse engineer.