httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
 |
| echo 192.168.233.81:8080 | httpx -probe -title -tech-detect -status-code -jarm |
Installation
$ go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
Links:
How many HTTP versions have you come across?
We used to be using HTTP/1.0 for years (199x), and we move to HTTP/1.1 and using it for most of the time. And then HTTP working group has introduced to HTTP/2 (aka SPDY) in 2015 and now HTTP/3 (aka QUIC) in 2022.
HTTP/2 or SPDY, has some new features (like server pushes) and performance improvements (header compression) over HTTP/1.1.
HTTP/3 or QUIC - is a UDP-based stream-multiplexing, encrypted transport protocol that documented under RFC9000.
As of today, a few web sites have migrated to HTTP/3, for example, www.facebook.com, blog.cloudflare.com and www.google.com
HTTP/3 Check is a hosted QUIC protocol exploration tool used to test whether a server supports the QUIC transport protocol and the HTTP/3 semantics.
Majority of the browsers are supporting HTTP/2 (enabled by default) but not all are supporting HTTP/3 yet. Below are the curl and httx commands to check HTTP version.
$ curl -sI https://www.dell.com -o/dev/null -w '%{http_version}\n'
1.1
$ curl -sI https://www.google.com -o/dev/null -w '%{http_version}\n'
2
$ echo www.youtube.com | httpx -http2 -title -pipeline -vhost
__ __ __ _ __
/ /_ / /_/ /_____ | |/ /
/ __ \/ __/ __/ __ \| /
/ / / / /_/ /_/ /_/ / |
/_/ /_/\__/\__/ .___/_/|_|
/_/ v1.2.1
projectdiscovery.io
Use with caution. You are responsible for your actions.
Developers assume no liability and are not responsible for any misuse or damage.
https://www.youtube.com [YouTube] [vhost] [http2]
Links:
dnsx is a fast and multi-purpose DNS toolkit allow you to perform multiple DNS queries with the supports of DNS wildcard filtering.
It supports:
Installation
$ go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
Links:
Cobalt Strike is a commercial penetration testing tool, which gives security testers access to a large variety of attack capabilities. It can be used to conduct spear-phishing and gain unauthorized access to systems, and can emulate a variety of malware and other advanced threat tactics.
This powerful network attack platform combines social engineering, unauthorized access tools, network pattern obfuscation and a sophisticated mechanism for deploying malicious executable code on compromised systems. It can now be used by attackers to deploy advanced persistent threat (APT) attacks against any organization.
This threat emulation program has the following capabilities:
It is also interesting task to detect Cobalt Strike even it is difficult to do so most of the time, such as 50050/tcp, DNS with bogus reply, TLS cert, etc.
Cobalt Strike is also a post-exploitation framework tool developed for ethical hackers. It gives a post-exploitation agent and covert channels to emulate an embedded actor in your customer’s network.
It can be extended and customized by the user community. Several excellent tools and scripts have been written and published, but they can be challenging to locate.
Cobalt strike is a premium product. However, like Metasploit, there’s a free community edition called Community Kit.
Community Kit is a central repository of extensions written by the user community to extend the capabilities of Cobalt Strike. The Cobalt Strike team acts as the curator and provides this kit to showcase this fantastic work.
Links:
Have you ever need to invert a dictionary with value being a list in Python?
Here is what I mean. We need to convert the following dict:
{ "apple" : [ "green", "red" ],
"watermelon" : [ "green" ],
"strawberry" : [ "red" ],
"lemon" : [ "green", "yellow" ] }
To a new dict as below:
{ 'green' : ['apple', 'watermelon', 'lemon'],
'red' : ['apple', 'strawberry'],
'yellow' : ['lemon'] }
Here's my solution which using the defaultdict from collections:
>>> from collections import defaultdict
>>> a_dict = { "apple" : [ "green", "red" ], "watermelon" : [ "green" ], "strawberry" : [ "red" ], "lemon" : [ "green", "yellow" ] }
>>> b_dict = defaultdict(list)
>>> for k,v in a_dict.items():
... for k1 in v:
... b_dict[k1].append(k)
...
>>> b_dict
defaultdict(<class 'list'>, {'green': ['apple', 'watermelon', 'lemon'], 'red': ['apple', 'strawberry'], 'yellow': ['lemon']})
There is another way that simplies what we have above:
>>> from collections import defaultdict
>>> a_dict = { "apple" : [ "green", "red" ], "watermelon" : [ "green" ], "strawberry" : [ "red" ], "lemon" : [ "green", "yellow" ] }
>>> b_dict = defaultdict(list)
>>> { b_dict[k1].append(k) for k,v in a_dict.items() for k1 in v }
>>> b_dict
Alright, hope this helps!!