st3rven
/ m365_osint_recon.py
Created
August 27, 2025 20:23
— forked from HackingLZ/m365_osint_recon.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| M365 OSINT Reconnaissance Tool | |
| Based on techniques from: https://dstreefkerk.github.io/2025-07-m365-email-osint-after-lockdown/ | |
| This script performs modern M365/Azure AD reconnaissance after Microsoft's lockdown of traditional | |
| enumeration methods. It uses multiple validation techniques to discover organizational information | |
| and attempts to infer MOERA domains. | |
| """ |
st3rven
/ reconftw.cfg
Created
March 11, 2025 01:07
— forked from jhaddix/reconftw.cfg
reconFTW config file: NO google/osint, wordlist creation, nuclei js analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################################# | |
| # reconFTW config file # | |
| ################################################################# | |
| # General values | |
| tools=~/Tools # Path installed tools | |
| SCRIPTPATH="$( cd "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" # Get current script's path | |
| profile_shell=".$(basename $(echo $SHELL))rc" # Get current shell profile | |
| reconftw_version=$(git rev-parse --abbrev-ref HEAD)-$(git describe --tags) # Fetch current reconftw version | |
| generate_resolvers=false # Generate custom resolvers with dnsvalidator |
st3rven
/ mixunpin.js
Created
December 12, 2022 17:15
— forked from incogbyte/mixunpin.js
Frida script to bypass common methods of sslpining Android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("[*] SSL Pinning Bypasses"); | |
| console.log(`[*] Your frida version: ${Frida.version}`); | |
| console.log(`[*] Your script runtime: ${Script.runtime}`); | |
| /** | |
| * by incogbyte | |
| * Common functions | |
| * thx apkunpacker, NVISOsecurity, TheDauntless | |
| * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that. | |
| * !!! THIS SCRIPT IS NOT A SILVER BULLET !! |