Shodan VS Social-Engineer Toolkit

Transform OSINT sources such as shodan, bgpview & urlscan into templates which you can use to query & store any and each of the API endpoints they provide. Source: 10 months ago

I'm a little surprised you're asking this but as you don't know - if you set the rulebase correctly, you won't get hammered by "public". A lot of people (of course not people here) don't do that which is why shodan.io is full of servers with SSH exposed to the world. Source: 10 months ago

Eh, request a full demo before signing anything. If they make you buy before you can try, move on. Just be advised that data they collect from your site may be used in a database that puts a target on your back. Similar to how shodan.io works. I would probe them on how they handle customer data and if data is shared, partitioned, or isolated to ensure safety from a platform leak. They want to be a security... Source: 10 months ago

My network is being hit by China and Russia many times per hour. Make sure your firewall is up-to-date and not have any services available on the Internet (WAN). Look at shodan.io which shows you _everything_ is searched on the Internet. Source: 11 months ago

In the cases of nginx or apache, I suspect they may be acting as proxies to some backend that also chooses not to send a reason phrase back. Searching for "Reason Phrase" yields a number of bug reports/frameworks that may omit it, and shodan.io shows apache tomcat and a few other services/software that omit the code as well. Source: 11 months ago

There's programs out there to make these malicious PDFs, word documents, etc https://github.com/trustedsec/social-engineer-toolkit. Source: about 1 year ago

Social Engineer Toolkit (SET) - Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly. - Source: dev.to / over 2 years ago