https://www.facebook.com/140624999123160/

SecureScript

Home
Pakistan
Karachi
SecureScript

Cyber Security | Network Security | Pe*******on Testing | Bug Bounty 🏅

11/12/2023

Hack Wi-fi Passwords with Three main steps 🎭🛜

Watch full video for better Understanding 😉

19/10/2023

🌐Hacker Search Engines: Phone Numbers

🔹NumLookup - Free reverse phone lookup
🔗https://www.numlookup.com/

🔹 SpyDialer - Free Reverse Lookup Search
🔗https://spydialer.com/

🔹 WhitePages - Find people, contact info & background checks
🔗https://www.whitepages.com/

🔹 National Cellular Directory - Begin your comprehensive people search now
🔗https://www.nationalcellulardirectory.com/

🔹 Phone Validator - Is it a cell phone or is it a landline or is it a fake?
🔗https://www.phonevalidator.com/

🔹 Free Carrier Lookup - Enter a phone number and we'll return the carrier name
🔗https://freecarrierlookup.com/

🔹 RocketReach - Your first-degree connection to any professional
🔗https://rocketreach.co/

🔹 sync.me - Find out who called
🔗https://sync.me/

🔹 EmobileTracker - Track Mobile Owner Name, Location and Mobile Service Provider
🔗https://www.emobiletracker.com/

🔹 Reverse Phone Lookup - Find Out The Owner Of A Phone Number
🔗https://www.reversephonelookup.com/

🔹 ThatsThem - Reverse phone lookup
🔗https://thatsthem.com/reverse-phone-lookup

🔹 thisnumber.com - International Phone Directories
🔗https://www.thisnumber.com/

🔹 usphonebook.com - Free Reverse Phone Number Lookup
🔗https://www.usphonebook.com/

🔹 truepeoplesearch.com - Get current address, cell phone number, email address, relatives, friends and a lot more
🔗https://www.truepeoplesearch.com/ #

🔹 Tellows - Who is calling? The phone number reverse search
🔗https://www.tellows.com/

🔹 SynapsInt - The unified OSINT research tool
🔗https://synapsint.com/

🔹 C99.nl - Over 57 quality API's and growing
🔗https://api.c99.nl/

🔹 ValidNumber.com - Free reverse phone lookup service to let you identify a caller associated with any 10-digit phone number from the US and Canada
🔗https://validnumber.com/

🔹 CellIdFinder - Nonprofit project wich helps you to find GSM BTS by MCC, MNC, LAC and CellID
🔗https://cellidfinder.com/

🔹 OldPhoneBook - Intantly search a large selection from the past 20 years of USA phone listings
🔗http://www.oldphonebook.com/

🔹 Spokeo - Search by name, phone, address, or email to confidentially lookup information about people you know
🔗https://www.spokeo.com/

🔹 Intelius Phone Lookup - Look up a phone number to find owner information, carrier details, and more
🔗https://www.intelius.com/reverse-phone-lookup/

🔹 ZabaSearch Phone Lookup - Reverse Phone Lookup Tool Can Uncover Personal Information, Social Media Data, Online Activity, Photos, and More
🔗https://www.zabasearch.com/reverse-phone-lookup/

🔹 AnyWho Phone Lookup - Find out information associated with a phone number
🔗https://www.anywho.com/reverse-phone-lookup/

🔹 Radaris Phone Lookup - Look up any phone number to see its owner and identify who's calling or texting you
🔗https://radaris.com/

🔖

27/09/2023

In the field of cybersecurity, there is a wide range of information gathering tools that security professionals and ethical hackers use to gather data about target systems, networks, and organizations. These tools are typically used during the Footprinting and Reconnaissance phases of a security assessment. Here's a comprehensive list of some commonly used information gathering tools:

Nmap - Network Mapper: A versatile and powerful open-source network scanning tool used to discover hosts, open ports, and services running on a network.

Wireshark: A network protocol analyzer that captures and inspects data packets on a network, allowing you to analyze network traffic.

Shodan: A search engine for Internet-connected devices, Shodan allows you to find information about open ports, services, and vulnerable devices.

Maltego: A versatile tool for data mining and information gathering that can help you visualize relationships between various pieces of information.

theHarvester: A tool for gathering email addresses, subdomains, hosts, and other information from public sources and search engines.

Recon-ng: A powerful open-source reconnaissance framework that automates many information gathering tasks, including DNS enumeration, subdomain discovery, and more.

Google Dorks: Advanced search techniques using Google search operators to find sensitive information and vulnerabilities on websites.

WHOIS Tools: Tools like WHOIS and WHOIS lookup services provide information about domain registrations, including the owner's contact details.

DNSdumpster: A tool for gathering information about a domain, including subdomains, DNS records, and associated IP addresses.

Metasploit: While known as a pe*******on testing framework, Metasploit can also be used for information gathering, such as scanning for vulnerabilities.

Censys: Similar to Shodan, Censys provides information about Internet-connected devices, including certificates and protocols in use.

Netcraft: A service that provides information about web servers, domains, and the technology stack used by websites.

SpiderFoot: An open-source intelligence automation tool that performs reconnaissance by collecting data from various sources, including public databases and social media.

Osint Framework: A collection of various open-source intelligence (OSINT) tools and resources for information gathering.

FOCA (Fingerprinting Organizations with Collected Archives): A tool for metadata analysis that helps gather information about documents and files associated with an organization.

Amass: A tool for subdomain enumeration and information gathering that combines various data sources.

WhatWeb: A tool for identifying technologies and frameworks used by websites and web applications.

InSpy: A tool for discovering LinkedIn profiles associated with a company, helping with social engineering reconnaissance.

Web Application Vulnerability Scanners: Tools like Burp Suite, OWASP ZAP, and Nessus can be used for web application scanning to identify vulnerabilities.

Social Engineering Toolkit (SET): While primarily a social engineering tool, SET includes features for gathering information about potential targets.

Please note that the use of these tools should always be legal and ethical. Unauthorized information gathering or pe*******on testing can be illegal and result in severe consequences. These tools are typically used by cybersecurity professionals and ethical hackers with proper authorization as part of security assessments, pe*******on tests, or other legitimate cybersecurity activities.

27/09/2023

In the realm of cybersecurity, both Footprinting and Reconnaissance are crucial phases of information gathering during the early stages of an attack, but they serve slightly different purposes and involve distinct methods. Here's the difference between the two:

1) Footprinting:

Purpose:
Footprinting is the first step in the information-gathering process and is primarily focused on collecting information about a target system, organization, or individual. The goal is to build a comprehensive profile that provides insights into potential vulnerabilities and attack vectors.

Methods:
Footprinting involves passive techniques, such as searching for publicly available information on websites, social media, search engines, and other public sources. It also includes domain name system (DNS) queries, network scanning, and using specialized tools like WHOIS databases to gather data about IP addresses, domain names, and network infrastructure.

Examples:
Collecting information about an organization's employee names, email addresses, phone numbers, physical addresses, domain names, subdomains, IP address ranges, technology stack in use, and more

2) Reconnaissance:

Purpose:
Reconnaissance, often considered a subset of Footprinting, is a more active phase where the attacker attempts to gather additional information that couldn't be obtained through passive means. The goal is to identify potential vulnerabilities and weaknesses, such as open ports, services, and system configurations.

Methods:
Reconnaissance includes techniques like scanning target networks for open ports (e.g., using tools like Nmap), probing for weaknesses, and attempting to identify the operating systems, services, and software versions in use. It may also involve searching for hidden or non-publicly accessible resources on the target network.

Examples:
Identifying open ports, services running on those ports, determining which vulnerabilities may exist based on service versions, and finding potential attack vectors (e.g., misconfigured services, weak passwords).

14/09/2023

Ethical hacking, also known as pe*******on testing or white-hat hacking, involves authorized professionals attempting to identify and exploit vulnerabilities in computer systems, networks, or applications for the purpose of improving security.
These ethical hackers follow a structured process that typically includes five phases:

Reconnaissance:
In this initial phase, ethical hackers gather as much information as possible about the target system or network. This includes both passive and active reconnaissance. Passive reconnaissance involves collecting information from publicly available sources like websites, social media, and public records.
Active reconnaissance involves actively scanning the target system or network to discover open ports, services, and potential vulnerabilities.

Scanning:
During this phase, ethical hackers use various tools and techniques to identify vulnerabilities and weaknesses in the target system or network.
They may perform port scanning to find open ports and services, conduct vulnerability scanning to identify known vulnerabilities, and enumerate users and resources on the network. The goal is to create a comprehensive map of the target's attack surface.

Gaining Access:
In this critical phase, ethical hackers attempt to exploit the vulnerabilities discovered in the previous phases to gain unauthorized access to the target system or network. Exploitation may involve using known exploits, custom scripts, or social engineering techniques to compromise systems or obtain sensitive information. The ethical hacker's aim here is to demonstrate the potential impact of a successful attack.

Maintaining Access:
After successfully gaining access, ethical hackers work to maintain their foothold within the system or network. This phase involves creating backdoors, establishing persistent connections, or escalating privileges to ensure continued access, even if the initial vulnerability is patched. The goal is to mimic real-world cyber threats, which often involve prolonged attacks.

Covering Tracks:
Once the ethical hacker has completed the testing phase and thoroughly documented their findings, they must ensure that their activities do not leave any traces or disruptions.
Afterward, a detailed report is prepared for the organization that hired the ethical hacker. This report should include a description of vulnerabilities discovered, the potential impact, and recommendations for remediation. The organization can then use this information to patch vulnerabilities and improve their security posture.
Ethical hacking is a critical component of an organization's overall cybersecurity strategy. It helps identify and mitigate vulnerabilities before malicious hackers can exploit them, ultimately enhancing the security and resilience of systems and networks. It's important to conduct ethical hacking with the proper authorization and adherence to legal and ethical guidelines.

14/09/2023

In today's digital age, cybersecurity is not an option; it's an imperative. 🔐

Our lives, businesses, and critical infrastructure are more connected than ever before, making us vulnerable to cyber threats. Whether you're an individual or an organization, safeguarding your digital presence is paramount.

- For businesses, a breach can mean data loss, reputation damage, and financial setbacks.
- As individuals, we store personal information online that we wouldn't want falling into the wrong hands.
- That's why cybersecurity isn't just an IT concern; it's everyone's responsibility.
- Stay vigilant, update your software, use strong, unique passwords, and educate yourself about the latest threats. -

Address

Karachi

Website

facebook.com

Alerts

Be the first to know and let us send you an email when SecureScript posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.