Reconnoiter Updated

I spent some time today and fixed some seriously messed up regular expressions in Reconnoiter.  Basically, Google made a bunch of changes to their search results and added AJAX all over the place.  To deal with this, I changed the submitted user agent to Lynx and then updated the regex accordingly.  Changes with regex were made to and username_gen.rb … Read More

Reconnoiter Updated with Metasploit Module

Just a quick note today. I finished working on a Metasploit module to create usernames the same way that the other two scripts in Reconnoiter does. However, this module is able to search Yahoo or Google and does not require separate scripts to do so. It also provides the option to use msfweb to get a web interface to run … Read More

Reconnoiter featured on Pauldotcom Podcast

The last week was really busy while I prepared to do my presentation at the Utah Open Source Conference.  While I was engaged in this process I got a message from Larry Pesce of the Pauldotcom Podcast.  He had some updates to Reconnoiter and wanted to shoot them over to me.  He said that he would be doing a tech … Read More

Scripts to Generate Usernames

I’ve written a couple of posts about a script I wrote to generate usernames.  Since then I’ve written another script that uses Yahoo’s XML API and both of them have been included in SamuraiWTF.  It’s been pretty cool to see people try out something that I wrote and find it useful to them.  The scripts are still pretty rough and … Read More

Need usernames? Ask Google what Linkedin has!

I wanted to do some testing on access controls to a SQL server recently, but I needed to a decent password list and username list. Password lists are fairly straight forward to find and I used an excellent how to from the Pauldotcom Podcast to create my password list. Next I needed a list of usernames. To be effective, it … Read More