{"id":4956,"date":"2019-05-12T19:51:51","date_gmt":"2019-05-12T14:21:51","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=4956"},"modified":"2019-05-12T19:51:51","modified_gmt":"2019-05-12T14:21:51","slug":"iculeak","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/iculeak\/","title":{"rendered":"iCULeak : Tool To Find &#038; Extract Credentials From Phone Configuration Files Hosted On CUCM"},"content":{"rendered":"\n<p><strong>iCULeak (iCULeak.py)<\/strong>  is a tool to find and extract credentials from phone configuration files in environments managed by Cisco&#8217;s CUCM (Call Manager).<\/p>\n\n\n\n<p>When using Cisco&#8217;s CUCM (Call Manager), phone configuration files are\n stored on a TFTP server. These VoIP phone configuration files quite \nfrequently contain sensitive data, including phone SSH\/admin \ncredentials.<\/p>\n\n\n\n<p>There is also an issue with how some browsers <strong>autofill fields such as the SSH Username &amp; Password fields with their CUCM credentials (commonly their AD credentials)<\/strong>,  if the administrator has saved the credentials in their browser. <\/p>\n\n\n\n<p>This  issue has also been faced by administrators using password managers that  automatically plug in credentials, where they found that their  credentials were being automatically inputted into the SSH Username  &amp; Password fields, and then being saved (and stored in plaintext in  the configuration files).<\/p>\n\n\n\n<p>While the issue was fixed in CUCM 12.0, credentials stored in the past may still be discoverable. The issue can be somewhat mitigated by the following actions:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Regularly purging existing configuration files from leaked credentials.<\/li><li>Blocking autosave\/autofill on CUCM.<\/li><li>Enabling encryption of phone configuration files. Read more on that <a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/voice_ip_comm\/cucm\/security\/8_5_1\/secugd\/sec-851-cm\/secuencp.html\">here<\/a>.  Note that this doesn&#8217;t completely mitigate the issue, as the encryption  password could be obtained from the phones&#8217; memory or through  administrative access of CUCM &#8211; but it reduces the impact of a  hacker\/pentester dumping the configuraiton files.<\/li><\/ul>\n\n\n\n<p>This tool utilises a lot of code from Dirk-jan&#8217;s tool adidnsdump to extract a list of phone hostnames from ADIDNS over LDAP. <\/p>\n\n\n\n<p>To read more aboout the technique and tool, you can read the associated blog post. So credit goes to him for a lot of the code.<\/p>\n\n\n\n<p><strong>Also Read &#8211;  <a href=\"https:\/\/kalilinuxtutorials.com\/10minutemail\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"10minutemail : Python Temporary Email (opens in a new tab)\">10minutemail : Python Temporary Email<\/a><\/strong><\/p>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><strong>Installation<\/strong><\/p>\n\n\n\n<p><strong>To install the tool:<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>git clone https:\/\/github.com\/llt4l\/iCULeak.py<br>cd iCULeak.py<br>pip install -r requirements.txt<\/strong><\/p>\n\n\n\n<p style=\"text-align:center\" class=\"has-text-color has-background has-very-dark-gray-color has-light-green-cyan-background-color\"><strong>Usage<\/strong><\/p>\n\n\n\n<p>Run iCULeak.py against phones with hostnames found in the DNS zone<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>python iCULeak.py -u domain\\llt4l -c 10.100.1.29 10.100.1.1<\/strong><\/p>\n\n\n\n<p>Run iCULeak.py against a list of phones provided in a file<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>python iCULeak.py -l phones_hostnames -c 10.100.1.29 10.100.1.1<\/strong><\/p>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><strong>Flags<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>View the help page<\/strong> with <code><strong>-h<\/strong><\/code> or <code><strong>--help<\/strong><\/code><\/li><li><strong>Pass the username<\/strong> of the user that will authenticate to ADIDNS with the <code><strong>-u<\/strong><\/code> or <code><strong>--user<\/strong><\/code> flags. The user should be preceded by the user&#8217;s domain, so it should look something like this: <strong><code>domain\\\\llt4l<\/code><\/strong>. This flag is optional if a list is passed instead.<\/li><li><strong>Pass the password<\/strong> to the program with the <code><strong>-p<\/strong><\/code> or <code><strong>--password<\/strong><\/code> flag. If you do not pass it as an argument, but do pass a username, then the program will prompt for a password when run .<\/li><li>The <strong>IP address or hostname of the CUCM server<\/strong> should be passed to the program with either the <code><strong>-c<\/strong><\/code> or <code><strong>--cucm-server<\/strong><\/code>  flag. If, for any reason, the TFTP server being used by CUCM to store  phone configuration files is found on another host, please provide that  address.<\/li><li>Provide a <strong>file that contains a list of phone hostnames<\/strong> with the <code>-l<\/code> or <code><strong>--list<\/strong><\/code> flag. The file should just be a list of phone hostnames, such that each line would look something like <code><strong>SEP112233445566<\/strong><\/code>.<\/li><li>If you&#8217;d like to <strong>save the results to a CSV file<\/strong>, pass the <code><strong>-s<\/strong><\/code> or <code><strong>--save<\/strong><\/code><strong> <\/strong>flag along with the filename to be saved to.<\/li><li>By default iCULeak.py checks credentials leaked for validity in the AD. To <strong>disable authentication attempts<\/strong> being made to verify the leaked credentials, pass the <code><strong>-nA<\/strong><\/code> or <code><strong>--no-authentication<\/strong><\/code> flag.<\/li><li>To <strong>save all the phone configuration files<\/strong> dumped to a directory, pass the <code><strong>-O<\/strong><\/code> or <code><strong>--out-dir<\/strong><\/code> flag, along with the name of the folder you want to save it to.<\/li><li>For <strong>increased verbosity<\/strong>, you can pass the <code><strong>-v<\/strong><\/code> or <code><strong>--verbose<\/strong><\/code> flag.<\/li><li>If the DNS entries for the phones are in a <strong>different DNS zone<\/strong> to the default zone of the domain you are authenticating against, you can pass the zone along with the <code><strong>-z<\/strong><\/code> or <code><strong>--zone<\/strong><\/code> flag.<\/li><\/ul>\n\n\n\n<div class=\"wp-block-button aligncenter is-style-squared\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/llt4l\/iCULeak.py\"><strong>Download<\/strong><\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco&#8217;s CUCM (Call Manager). When using Cisco&#8217;s CUCM (Call Manager), phone configuration files are stored on a TFTP server. These VoIP phone configuration files quite frequently contain sensitive data, including phone SSH\/admin credentials. There is also an [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":15536,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","fifu_image_alt":"iCULeak : Tool To Find & Extract Credentials From Phone Configuration Files Hosted On CUCM","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[714,1580,1581],"class_list":["post-4956","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-cucm","tag-iculeak","tag-iculeak-py"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>iCULeak : Tool To Find &amp; Extract Credentials From Phone Configuration<\/title>\n<meta name=\"description\" content=\"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco&#039;s CUCM\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/iculeak\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"iCULeak : Tool To Find &amp; Extract Credentials From Phone Configuration\" \/>\n<meta property=\"og:description\" content=\"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco&#039;s CUCM\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/iculeak\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-12T14:21:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"iCULeak : Tool To Find &#038; Extract Credentials From Phone Configuration Files Hosted On CUCM\",\"datePublished\":\"2019-05-12T14:21:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/\"},\"wordCount\":639,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\",\"keywords\":[\"CUCM\",\"iCULeak\",\"iCULeak.py\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/\",\"name\":\"iCULeak : Tool To Find & Extract Credentials From Phone Configuration\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\",\"datePublished\":\"2019-05-12T14:21:51+00:00\",\"description\":\"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/iculeak\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage\",\"url\":\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\",\"contentUrl\":\"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"iCULeak : Tool To Find & Extract Credentials From Phone Configuration","description":"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/iculeak\/","og_locale":"en_US","og_type":"article","og_title":"iCULeak : Tool To Find & Extract Credentials From Phone Configuration","og_description":"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM","og_url":"https:\/\/kalilinuxtutorials.com\/iculeak\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2019-05-12T14:21:51+00:00","og_image":[{"url":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"iCULeak : Tool To Find &#038; Extract Credentials From Phone Configuration Files Hosted On CUCM","datePublished":"2019-05-12T14:21:51+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/"},"wordCount":639,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage"},"thumbnailUrl":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","keywords":["CUCM","iCULeak","iCULeak.py"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/","url":"https:\/\/kalilinuxtutorials.com\/iculeak\/","name":"iCULeak : Tool To Find & Extract Credentials From Phone Configuration","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage"},"thumbnailUrl":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","datePublished":"2019-05-12T14:21:51+00:00","description":"iCULeak (iCULeak.py) is a tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/iculeak\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/iculeak\/#primaryimage","url":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","contentUrl":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/3.bp.blogspot.com\/-H5vNa4ZFRDQ\/XNeqy7PuRgI\/AAAAAAAAAPI\/xDAYh7UI52M5PucVzyWHdkQ2Sx3LFKILwCLcBGAs\/s1600\/iCULeak%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2335,"url":"https:\/\/kalilinuxtutorials.com\/gitminer-tool-mining-content-github\/","url_meta":{"origin":4956,"position":0},"title":"GitMiner &#8211; Tool For Advanced Mining For Content On Github","author":"R K","date":"August 22, 2018","format":false,"excerpt":"GitMiner is a Advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site's search page. GitMiner Requirements lxml requests argparse json re Installation $ git clone http:\/\/github.com\/UnkL4b\/GitMiner $ cd GitMiner ~\/GitMiner $ pip3 install -r requirements.txt Docker\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Github.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Github.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Github.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Github.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":7207,"url":"https:\/\/kalilinuxtutorials.com\/github-dorks\/","url_meta":{"origin":4956,"position":1},"title":"Github Dorks :  Collection of Github Dorks &#038; Helper Tool","author":"R K","date":"November 8, 2019","format":false,"excerpt":"Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and\/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11110,"url":"https:\/\/kalilinuxtutorials.com\/shhgit\/","url_meta":{"origin":4956,"position":2},"title":"shhgit : Finds Secrets &#038; Sensitive Files Across GitHub","author":"R K","date":"August 3, 2020","format":false,"excerpt":"shhgit finds secrets and sensitive files across GitHub (including Gists), GitLab and BitBucket committed in near real time. There are many great tools available to help with this depending on which side of the fence you sit. On the adversarial side, popular tools such as gitrob and truggleHog focus on\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":24764,"url":"https:\/\/kalilinuxtutorials.com\/evilselenium\/","url_meta":{"origin":4956,"position":3},"title":"EvilSelenium : A Tool That Weaponizes Selenium To Attack Chromium Based Browsers","author":"R K","date":"May 27, 2022","format":false,"excerpt":"EvilSelenium is a new project that weaponizes\u00a0Selenium\u00a0to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill)Steal cookiesTake screenshots of websitesDump Gmail\/O365 emailsDump WhatsApp messagesDownload & exfiltrate filesAdd SSH keys to GitHub Or extend the existing functionality to suit your needs (e.g. Download files from the\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgw6QUKnZGAh6pGVriRqEmkHy8izJ_VxQ5jtOl4RiD9a2IOAmZLrY0wzL06TGm9lRukdrStNFFdUFX9nznNxKhGBtrqhgWxM1m6jzpT5URX3olzemPp5F_zmCQkRKR1nMig_BWgfTCQbrajVd2f2IjryRFIRCEG51zcZgbGHh-UIUWdPEpmYZNgPmrA\/s728\/d301f8da.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgw6QUKnZGAh6pGVriRqEmkHy8izJ_VxQ5jtOl4RiD9a2IOAmZLrY0wzL06TGm9lRukdrStNFFdUFX9nznNxKhGBtrqhgWxM1m6jzpT5URX3olzemPp5F_zmCQkRKR1nMig_BWgfTCQbrajVd2f2IjryRFIRCEG51zcZgbGHh-UIUWdPEpmYZNgPmrA\/s728\/d301f8da.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgw6QUKnZGAh6pGVriRqEmkHy8izJ_VxQ5jtOl4RiD9a2IOAmZLrY0wzL06TGm9lRukdrStNFFdUFX9nznNxKhGBtrqhgWxM1m6jzpT5URX3olzemPp5F_zmCQkRKR1nMig_BWgfTCQbrajVd2f2IjryRFIRCEG51zcZgbGHh-UIUWdPEpmYZNgPmrA\/s728\/d301f8da.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgw6QUKnZGAh6pGVriRqEmkHy8izJ_VxQ5jtOl4RiD9a2IOAmZLrY0wzL06TGm9lRukdrStNFFdUFX9nznNxKhGBtrqhgWxM1m6jzpT5URX3olzemPp5F_zmCQkRKR1nMig_BWgfTCQbrajVd2f2IjryRFIRCEG51zcZgbGHh-UIUWdPEpmYZNgPmrA\/s728\/d301f8da.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":5768,"url":"https:\/\/kalilinuxtutorials.com\/passpie-command-line-password-manager\/","url_meta":{"origin":4956,"position":4},"title":"Passpie : Multiplatform Command-line Password Manager","author":"R K","date":"July 17, 2019","format":false,"excerpt":"Passpie is a command line tool to manage passwords from the terminal with a colorful and configurable interface. Use a master passphrase to decrypt login credentials, copy passwords to clipboard, syncronize with a git repository, check the state of your passwords, and more. Password files are encrypted using\u00a0GnuPG\u00a0and saved into\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":37392,"url":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","url_meta":{"origin":4956,"position":5},"title":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft","author":"Varshini","date":"April 1, 2025","format":false,"excerpt":"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges and move laterally across networks. These tools exemplify the evolving sophistication of credential theft techniques in cybersecurity. SSH-Stealer: Smart Keylogging For SSH Credentials SSH-Stealer focuses on capturing SSH login details, including passwords and\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/4956","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=4956"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/4956\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/15536"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=4956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=4956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=4956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}