DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

Related tags

Security related resourcesdependconfusion-x
Overview

DependConfusion-X

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion. Currently, it extracts application dependencies from https://example.com/package.json, and tries to find unclaimed dependency on https://registry.npmjs.org.


image

Requirements

  • Python 3
  • Linux/Windows/MAC OSX
  • Slack Webhook (Optional)

Installation

  • Installing Python dependencies

    pip3 install -r requirements.txt

  • Configuring Slack Webhook as env variable

    export slack_webhook=""

Usage

  • To run DependConfusion-X:

    python3 dependconfusion-x.py -l hosts_file [--slack, --threads 20]

Owner
Ali Fathi Ali Sawehli
Security Engineer πŸ¦Έβ€β™‚οΈ
Ali Fathi Ali Sawehli
GitHub Repository
MozDef: Mozilla Enterprise Defense Platform

MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def

Mozilla 2.2k Jan 08, 2023
Hack computer in the form of RAR files from all types of clients, even Linux

Program Features πŸ“Œ Hide malware πŸ“Œ Vulnerability software vulnerabilities RAR πŸ“Œ Creating malware πŸ“Œ Access client files πŸ“Œ Client Hacking πŸ“Œ Link Do

hack4lx 5 Nov 25, 2022
Laravel RCE (CVE-2021-3129)

CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri

Joshua van der Poll 21 Dec 27, 2022
PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) This script allows to check and exploit missing authentication checks in

chipik 82 Nov 09, 2022
Writing and posting code throughout my new journey into python!

bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this

1 Dec 30, 2021
Detection tool of malware(s) by checksum (useful for forensic)

🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) πŸ“¦ Dependencies installation $ pip3 install -r requirements.txt

Fayred 1 Jan 30, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
CVE-2021-41773 Path Traversal for Apache 2.4.49

CVE-2021-41773 Path Traversal for Apache 2.4.49

ac1d 3 Oct 20, 2021
A powerful password generator utility which utilizes the slot technique to generate strong passwords of required length having combinations of lower and upper characters, digits and symbols.

Bitpass Password Generator Installation Make sure Python 3+ is installed

Vaibhaw 6 Feb 02, 2022
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

HellSec 59 Dec 01, 2022
A collection of write-ups and solutions for Cyber FastTrack Spring 2021.

IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -

Alice 48 Aug 28, 2022
High level cheatsheet that was designed to make checks on the OSCP more manageable

High level cheatsheet that was designed to make checks on the OSCP more manageable. This repository however could also be used for your own studying or for evaluating test systems like on HackTheBox

Jacob Scheetz 89 Jan 01, 2023
automatically crawl every URL and find cross site scripting (XSS)

scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge

Md. Nur habib 30 Sep 24, 2022
This a simple tool XSS Detection Suite for CTFs games

This a simple tool XSS Detection Suite for CTFs games

Mostafa 2 Nov 24, 2021
Keystroke logging, often referred to as keylogging or keyboard capturing

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware

Harsha G 2 Jan 11, 2022
A secure way of storing your passwords.

StrongBox πŸ” A secure way of storing your passwords. πŸ”‘ Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i

Dylan Tintenfich 5 Dec 25, 2021
Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

Ivan Ε incek 165 Dec 28, 2022
Colin O'Flynn's Hacakday talk at Remoticon 2021 support repo.

Hardware Hacking Resources This repo holds some of the examples used in Colin's Hardware Hacking talk at Remoticon 2021. You can see the very sketchy

Colin O'Flynn 19 Sep 12, 2022
A python module for retrieving and parsing WHOIS data

pythonwhois A WHOIS retrieval and parsing library for Python. Dependencies None! All you need is the Python standard library. Instructions The manual

Sven Slootweg 384 Dec 23, 2022
'Our Drowsinessdetector detects drivers eyes if they are closed for more than 2 seconds and alerts driver'

Data analysis Document here the project: DriverDrowsinessDetector Description: Project Description Data Source: Type of analysis: Please document the

3 Jul 03, 2022