Soluții

Kali Linux tools -magic-wormhole

magic-wormhole is a command-line tool that allows two computers to securely transfer a file or short message through a simple, human-readable code. It is designed to be:

-Easy to use via CLI: wormhole send file.txt → receive with wormhole receive
-Transfers are encrypted, peer-to-peer (or via a relay if needed).
-No user accounts or persistent connections.
-Can send directories (–code, –hide-progress available).
-Works on Linux, macOS, Windows, and even Raspberry Pi.

Real Use Cases:
Share sensitive files securely without needing cloud services.
Drop a script or payload into a target machine in red-team/pentest environments (covert file exfiltration).
Air-gapped environments where traditional networking is blocked but outbound DNS or HTTP exists.

Built into Kali Linux
You can run it without installing anything

How does it work?
1.The sender and receiver each run magic-wormhole in the terminal.
2.The sender is shown a one-time “wormhole code” like 7-orange-tunnel.
3.The receiver enters that same code into their own wormhole command.
4.Both sides use this code to derive a shared cryptographic key using PAKE (Password-Authenticated Key Exchange).
5.This key encrypts the file or message and sends it directly over a secure connection.
It uses:
-SPAKE2 protocol for key agreement.
-libsodium (NaCl) for authenticated encryption (Curve25519 + XSalsa20-Poly1305).
-Transit relay server (if direct peer-to-peer fails).

[mai mult...]

Kali Linux tools – dnstwist

Discovering Typosquatting Domains with dnstwist

dnstwist is an open-source domain name permutation engine — a typosquatting detection tool used in cybersecurity to identify suspicious or malicious domains that look similar to legitimate ones.

dnstwist generates hundreds of typo variations (e.g., goggle.com, gooogle.com, g00gle.com) based on a target domain and checks:
-If those domains are registered
-Whether they resolve to IP addresses
-If they have DNS, MX, or WHOIS info
-(Optional) Whether they are serving web content, potentially phishing pages

Built into Kali Linux
You can run it without installing anything

Why It’s Useful (in Cybersecurity & OSINT)
-Detect phishing campaigns targeting your brand
-Monitor brand abuse or lookalike domains
-Alert your clients of malicious typosquat domains
-Enhance security posture in red team and blue team scenario

Goal:
Check for domains that look similar to your real domain (like gooogle.com, g00gle.com, etc.). These are often used for phishing, malware, or impersonation — a classic typosquatting tactic.

[mai mult...]

Unable to install O365

If you having trouble whilst trying to install O365, this might just help you out.

If you get an error after trying to run the OfficeSetup.exe, simply follow the next simple steps.The most common error when upgrading an already existing copy of Microsoft Office is:

Go ahead and open “Regedit” as shown below:

Next, follow the steps in the picture below:

When you reach the “OfficeUpdate” tab, simply right click on it and press “Delete” . No restart required, your OfficeSetup.exe should run smoothly now.

[mai mult...]

How to Encrypt MongoDB Data?

Encryption serves as a protective shield for your data. MongoDB offers two main types of encryption: at rest and in transit. Encryption at rest shields your data when it’s stored on disk, while encryption in transit secures it during transmission between your MongoDB servers and clients. MongoDB offers two primary encryption types:

  • Encryption at Rest: Protects data stored on disk using robust encryption algorithms
  • Encryption in Transit: Secures data during transmission between MongoDB servers and clients
  • Client-Side Encryption: Encrypts data before it reaches the database, ensuring extra security.
[mai mult...]