lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Aug 30 18:07:19 2005 From: crittendeniv at gmail.com (CrittendenIV) Subject: Massive Enumeration Toolset Very cool. However, I am having issues getting it to run on Windows. I have python installed. Is there a quickstart? Thanks CrittendenIV -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Petko Petkov Sent: Tuesday, August 30, 2005 8:24 AM To: Josh perrymon; pen-test@...urityfocus.com; full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Massive Enumeration Toolset -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Massive Enumeration Toolset is a collection of python based scripts. However, you can use it as a library if you want to code your own tools. I hope it is easy to use. The main Google tool is called google. After installation this tool should be in /usr/bin/ ... You can use the tool in many different ways: * Download all VPN configuration files from the net and hack into them google web --tool=mobile -r100 -d5 -l:10 'main filetype:pcf' - --exec='wget -x %(URL)' * Test via GHDB google ghdb --database=ghdb.xml --tool=mobile - --filter='querystring.find("asp")>=0' 'site:microsoft.com' * Download cache via Google API google cache http://www.microsoft.com --key=your_key google cahce http://www.microsoft.com --ouput=index.html --key=you_key * Download cache via Google Mobile (you don't need license key) google cache http://www.micorosft.com --tool=mobile * Get Google Sets google sets microsoft linux * Get Google Spell google spell 'icorosft indows' * Google Images (similar to WEB) - get all images from microsoft.com sleeping every one second, getting 100 results per query, running on 6 levels (0 - 5) google images --tool=mobile 'site:microsoft.com' -d1 -r100 -l:5 * Google Web google web --key=your_key 'pentesting' * Google Web - get snips google web --tool=mobile 'pentesting' -S -T -U -s * Google Web - download pages google web --tool=mobile 'site:microsoft.com' --exec='wget -x %(URL)' There are many more options that I cannot discuss here. I should write a tutorial. :) Josh perrymon wrote: > I think this is of great use to pen-testers. How do you use the > software? If is a separate pgm or script based? > > JP > > -----Original Message----- From: > full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of > Petko Petkov Sent: Tuesday, August 30, 2005 9:34 AM To: > pen-test@...urityfocus.com; full-disclosure@...ts.grok.org.uk > Subject: [Full-disclosure] Massive Enumeration Toolset > > Hello everybody, > > I've been playing around with Google and Googles' API in the last > two months. I found out that Google is extremely powerful when it > comes to passive enumeration. This is the reason why I put myself > into coding a small tool, or library if you like, that can perform > various information-gathering techniques. So far, I have > implemented Google. I have other interesting ideas that I will put > into code latter. > > > The tool can be downloaded from: > http://www.gnucitizen.org/met/download/ > > > You need python in order to execute it. I want to make it clear > that this is POC. Do not use it for hacking, and pleas read > Google's Terms of Service first from the following address: > http://www.google.co.uk/intl/en/terms_of_service.html > > On the other hand I am very interesting to know how do you find the > tool. I am open to any suggestions and contributions as long as > they match my initial idea. > > Thanks and have fun. > > > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFDFHn7Ff/6vxAyUpgRApc8AJ9tvyKEOE3+CQvKo9Gg00CxS6vZuACgpGbA OtYGMRBi/TelxpOp7tFm1w8= =GqxR -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists