Regex is a pattern-matching tool used to find, extract, or validate text. It’s built into almost every programming language but has cryptic syntax like “^\d{3}-\d{3}-\d{4}$”
[mai mult...]Turn Meeting Notes into Action Items with AI
Use AI to Debug your Code in 60 Seconds
Get better AI responses in 3 steps
Getting good answers from AI tools like ChatGPT or Claude is all about how you ask. Most people ask vague questions and get vague answers. Follow these 3 simple steps to get dramatically better results every time.
[mai mult...]How to scan for weak passwords with Hydra
Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.
It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
Installed size: 956 KB
How to install: sudo apt install hydra
How to see WiFi Signal strength with Wavemon
Kali Linux tools – zsteg
Purpose: Detect steganographic payloads in PNG and BMP image files.
What It Is:
zsteg is a Ruby-based tool used to find LSB (Least Significant Bit)-based steganography and hidden data inside image files.
Primarily works on BMP and PNG formats, including non-standard or suspicious metadata and bit-layer anomalies.
Features
Detects:
-LSB steganography (bit-level hidden data in image color channels)
-Embedded files in metadata or unusual file structures.
-Strings, byte patterns, XOR, and Zlib compression artifacts.
-Supports pattern-based payload discovery using known signatures.
Built into Kali Linux
You can run it without installing anything
Kali Linux tools -magic-wormhole
magic-wormhole is a command-line tool that allows two computers to securely transfer a file or short message through a simple, human-readable code. It is designed to be:
-Easy to use via CLI: wormhole send file.txt → receive with wormhole receive
-Transfers are encrypted, peer-to-peer (or via a relay if needed).
-No user accounts or persistent connections.
-Can send directories (–code, –hide-progress available).
-Works on Linux, macOS, Windows, and even Raspberry Pi.
Real Use Cases:
Share sensitive files securely without needing cloud services.
Drop a script or payload into a target machine in red-team/pentest environments (covert file exfiltration).
Air-gapped environments where traditional networking is blocked but outbound DNS or HTTP exists.
Built into Kali Linux
You can run it without installing anything
How does it work?
1.The sender and receiver each run magic-wormhole in the terminal.
2.The sender is shown a one-time “wormhole code” like 7-orange-tunnel.
3.The receiver enters that same code into their own wormhole command.
4.Both sides use this code to derive a shared cryptographic key using PAKE (Password-Authenticated Key Exchange).
5.This key encrypts the file or message and sends it directly over a secure connection.
It uses:
-SPAKE2 protocol for key agreement.
-libsodium (NaCl) for authenticated encryption (Curve25519 + XSalsa20-Poly1305).
-Transit relay server (if direct peer-to-peer fails).
Kali Linux tools – dnstwist
Discovering Typosquatting Domains with dnstwist
dnstwist is an open-source domain name permutation engine — a typosquatting detection tool used in cybersecurity to identify suspicious or malicious domains that look similar to legitimate ones.
dnstwist generates hundreds of typo variations (e.g., goggle.com, gooogle.com, g00gle.com) based on a target domain and checks:
-If those domains are registered
-Whether they resolve to IP addresses
-If they have DNS, MX, or WHOIS info
-(Optional) Whether they are serving web content, potentially phishing pages
Built into Kali Linux
You can run it without installing anything
Why It’s Useful (in Cybersecurity & OSINT)
-Detect phishing campaigns targeting your brand
-Monitor brand abuse or lookalike domains
-Alert your clients of malicious typosquat domains
-Enhance security posture in red team and blue team scenario
Goal:
Check for domains that look similar to your real domain (like gooogle.com, g00gle.com, etc.). These are often used for phishing, malware, or impersonation — a classic typosquatting tactic.
Linux: using grep + find to locate stuff fast
In Linux, grep and find are two powerful command-line tools that, when combined, allow you to quickly search and locate files and content on your system.
-
findhelps you search for files and directories based on various criteria, such as name, size, modification date, and more. grepis used to search for specific content within files, making it perfect for finding text patterns or keywords inside files.
it’s a must-know skill for navigating and searching in Linux
Goal:
Find specific files or content inside files — fast.