🔐Blog of Osanda

This is small automated tool for dumping stored browser passwords. No need to run as Administrator to function this properly. Fully written in Windows batch and VBS. This tool is based on the following tools by nirsfot.


  • Can dump passwords of Chrome, Firefox, Opera, Safari and IE
  • Works with any Windows OS as it is written in batch
  • Has a self destruction option which would delete all of the downloaded files and app it self
  • Can be used during pen-tests, mostly in the post exploitation phase
  • Requires internet connection
  • Added some voice 😉

Sometimes you AV would flag this as a malware but it is a false positive.


Thanks a lot for the nice review by Dimitrious Kalemis

View original post

5,500+ email and pass dump. , among others.


Here is a snippet.

Note, this is addressed to original hacker, not to me.

 photo Screen-Shot-2014-01-25-at-12739-PM.png

Here is a snippet of the hackers reddit post:

These are the e-mail addresses from the list, if you see yours in here, please change your passwords on every site/MPOS/etc that you might use. I do not know how old this particular dump is, I found it a few days ago and the site it was on has since removed it and updated their security.


This is the hacker’s original reddit

Dark Mail Alliance, truly secure email.

Existing forms of email encryption, like PGP, can be used to encrypt the content of an email. But PGP cannot encrypt the “subject” header or metadata like the “to” and “from” fields, and the average user can find it too complicated to use. Dark Mail promises to address both of these issues in the form of an easy-to-use iOS app and an Android app. There will also be desktop versions for Mac and Windows users. People using the technology will still be able to send emails to friends or colleagues using Gmail and Hotmail—but when sending messages to non-Dark Mail users, a warning will be displayed, making it clear that the communication could be intercepted.

Read the rest of the article at Slate article, this was sourced from.

Or Alternate

Frest Snowden Leak

In recent document leaks by Edward Snowden, we now have inforfation on the United Kimdom, with help of the United States, were collecting nonencryted data from facebook, YouTube and others. They were capturing Facebook likes, tweets, YouTube subscriptions and likes, blogspot/blogger data on U.S. citizens. ZDNet Article NBCnewsblog pdf Of leak, from msnbc.

Full disk encryption, a must for the security minded.

Full disk encryption helps protect your files from prying eyes. Truecrypt is an open source solution to your encryption needs. Truecrypt will encrypt all data on to a virtual disk. When decryption key is entered, you will be able to access your data on-the-fly by decrypting piece by piece on your RAM. If someone were to steal, say your USB stick, they would need your key to unlock the data. Check it out, you could save yourself from data exposure, that could be potentially embarrassing, business loosing, prosecution, etc… Yay, save yourself with free open source software!!!

AeroFS private cloud

AeroFS is a dropbox equivalent cloud storage company that encrypts your data in transit. They have now released an iOS app that connects you to your cloud. Here is an article from Arstechnica that is pretty nice.
AeroFS says that they’re working on an android app. Hopefully it will be ready soon.
You also need to remember to always use https! Proxies and VPN’s will also help keep your information secure. You can also use the TOR bundle to help achieve privacy. On android use OrBot and OrWeb