Forensics
Convert Video to Image
This will return all the images of the stack frames
1
$ convert image.gif %02.png
Make color transparent
This line will loop through all the images and change the background to transparent
1
$ ls *.png | while read filename; do convert $filename -transparent white $filename; done
Layer images
Layer all the images from a dir to the 00.png
1
$ ls *.png | while read filename; do convert $filename 00.png -gravity center -composite 00.png; done
Bruteforce zip file with password
1
$ fcrackzip -v -D -u -p rockyou.txt [zipfile]
Hexedit
This is the best hex editor, you can open it up and edit the hex values of the file and then save it.
1
$ hexedit [file]
Foremost
Foremost is awesome, you can give it as parameter a pcap file with packets that are not in correct order and it still reorder the image! It can even have duplicates
1
$ foremost [jpg,pcap]
Wireshark - Download data
You can either export all the object or, go to the packet that downloaded the file, view it as raw and then save it.
Wireshark - Upload pem key
Edit -> preferences -> SSL -> RSA keylist
- Note: It needs the source and destination ip, port and protocol
Remember to add the debug log file
Python HEX to IMAGE
This gets a hex file as input and return a jpg file
1
2
3
h = open('hexfile.txt')
c = h.read()
a = open('something.jpg','w').write(c.decode('hex'))
Test Disk
You can recover files, analyze the disk and much more
Binwalk
Nice trick to force binwalk to find things
1
$ binwalk -M --d=.* [file.png]
Print all the files from multiple subdirectories
1
$ find | xargs cat
Bruteforce a lot of jpg from subdirectories
1
$ ls | while read line; do steghide extract -sf $line -p "your password"; done