Description: Program based on readnfccc (by Renaud Lifchitz) to read some private data from credit cards, like cardholder, Permanent Account Number (PAN), expiry date, etc., using NFC technology. It has been tested with Spanish contactless credit cards, but can also be used with other countries cards. Take a look at this post (Spanish) and this video.
I'm going to lay aside PDF files and malware to write a simple script to control friends and followers on Twitter. We use to have a lot of them and it's difficult to know if our friends haven't written some time ago or our followers have left. But we can use one of the multiple modules (talking about Python) to communicate with the Twitter API and solve this task. I've chosen Tweepy because I think it's very simple and well documented. What we want to obtain from Twitter is:
Description: This script compress/decompress a specified string or file using the Zlib library and writes to the standard output. If the input is a file and the method used is decompression, then the script looks for the streams compressed with the /FlateDecode filter, so it's focused on PDF files. If there is no filters in the file, the whole file is considered as a stream.
Usage: xorBruteForcer -k xor_key file [search_pattern] Arguments: file: the source file to be xored. search_pattern: pattern that must be found in the xored result. Options: -k xor_key: key used in the XOR function (00-ff). If not specified, all the possible values will be tested (bruteforcing).
# xorBruteForcer -k 25 geoloc > geoloc_xored_25 # xorBruteForcer geoloc_xored_25 GEoIpTOOl > out Pattern found using the following keys: ['0X5', '0X25']
Description: Script which returns a list of hostnames of the given domain (and their resolved IPs) contained in the given URL. The request can be recursive. This is useful to map all the hosts of one organization.
Usage: hostsGrabber [-r] url [domain] Arguments: url: the URL of the page which must be searched for hostnames. domain: the domain of the hostnames to look for. By default it's the url domain. Options: -r: recursive