Here’s a few of the interesting and useful articles and tools that I’ve come across last week.
Articles and news:
OSINT expert Jake Creps takes deep dive into the OSINT tools available to identify fraudulent and scamming vendors on Amazon
Using Python and NLP to scrape the really interesting data from over 90Gb of declassified CIA documents
US hotel chain Marriott has admitted that a breach of its Starwood subsidiary’s guest reservation network has exposed the entire database – all 500 million guest bookings over four years, making this one of the biggest hacks of an individual org ever.
A npm package called event-stream which you probably didn’t use directly but which was a dependency of some popular packages (e.g. nodemon, copay-dash) had malicious code in it.
To disclose or not disclose, that is the question
Tools and tech:
Tools and Dorks
This huge list has plenty that you’ve maybe not been aware of before
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Fantastic one-stop-shop providing numerous links, tools, and inspiration
Extractor is a Burp Suite tool that allows users to define one or more decode steps and automatically apply them to all requests and responses.