dEEpEst

Administrators
  • Content Count

    7,773
  • Avg. Content Per Day

    5
  • Joined

  • Last visited

  • Days Won

    526

Everything posted by dEEpEst

  1. dEEpEst

    190 GB of dictionaries

    190 GB of dictionaries Major dictionary collection I could find for Hashcat to use. [Hidden Content]
  2. dEEpEst

    Some vocabulary 

    Some vocabulary Infosec: Information security, which is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. The information or data may take any form, e.g. electronic or physical. Infosec can also be a person who practices ethical security. Opsec: Operations security, which is a process that identifies critical information to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Black/grey/white hat hacker: Someone who uses bugs or exploits to break into systems or applications. The goal and the method differs depending if they're a black, grey or white hat hacker. A black hat is just someone malicious that does not wait permission to break into a system or application. A white hat is usually a security researcher who practice ethical hacking. A grey hat is just in the middle of these two kind of hackers, they might want to be malicious if it can be benefit (data breach, money, whistleblowing ...). Red team: According to Wikipedia, a red team or the red team is an independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. It is particularly effective in organizations with strong cultures and fixed ways of approaching problems. The United States intelligence community (military and civilian) has red teams that explore alternative futures and write articles as if they were foreign world leaders. Little formal doctrine or publications about Red Teaming in the military exist. In infosec exercises, Red teamers are playing the role of attackers. Blue team: A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation. As a result, blue teams were developed to design defensive measures against red team activities. In infosec exercises, Blue teamers are playing the role of defenders. Penetration tester: An ethical hacker who practices security, tests applications and systems to prevent intrusions or find vulnerabilities. Security researcher: Someone who practices pen testing and browses the web to find phishing/fake websites, infected servers, bugs or vulnerabilities. They can work for a company as a security consultant and are most likely a Blue teamer. Reverse engineering: Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object. Similar to scientific research, the only difference being that scientific research is about a natural phenomenon. Social engineering: In the context of information security, it refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation of a human, is also associated with the social sciences, but its usage has caught on among computer and information security professionals. Threat analyst: A threat hunter, also called a cybersecurity threat analyst, is a security professional or managed service provider (MSP) that proactively uses manual or machine-assisted techniques to detect security incidents that may elude the grasp of automated systems.
  3. Docker Images for Penetration Testing & Security • docker pull kalilinux/kali-linux-docker official Kali Linux • docker pull owasp/zap2docker-stable - official OWASP ZAP • docker pull wpscanteam/wpscan - official WPScan • docker pull metasploitframework/metasploit-framework - Official Metasploit • docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA) • docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation • docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock • docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed • docker pull opendns/security-ninjas - Security Ninjas • docker pull noncetonic/archlinux-pentest-lxde - Arch Linux Penetration Tester • docker pull diogomonica/docker-bench-security - Docker Bench for Security • docker pull ismisepaul/securityshepherd - OWASP Security Shepherd • docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image • docker pull vulnerables/web-owasp-nodegoat - OWASP NodeGoat • docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application • docker pull bkimminich/juice-shop - OWASP Juice Shop • docker pull phocean/msf - Docker Metasploit Make sure you installed docker in your pc
  4. dEEpEst

    Execution logging and tracing

    Execution logging and tracing • Wireshark - A free and open-source packet analyzer • tcpdump - A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture • mitmproxy - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface • Charles Proxy - A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic • usbmon - USB capture for Linux. • USBPcap - USB capture for Windows. • dynStruct - structures recovery via dynamic instrumentation. • drltrace - shared library calls tracing.
  5. dEEpEst

    List of Decompilers

    List of Decompilers • JVM-based languages • Krakatau - the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully. • JD-GUI • procyon ◦ Luyten - one of the best, though a bit slow, hangs on some binaries and not very well maintained. • JAD - JAD Java Decompiler (closed-source, unmaintained) • JADX - a decompiler for Android apps. Not related to JAD. • .net-based languages ◦ dotPeek - a free-of-charge .NET decompiler from JetBrains ◦ ILSpy - an open-source .NET assembly browser and decompiler ◦ dnSpy - .NET assembly editor, decompiler, and debugger Native code ◦ Hopper - A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables. ◦ cutter - a decompiler based on radare2. ◦ retdec ◦ snowman ◦ Hex-Rays Python ◦ uncompyle6 - decompiler for the over 20 releases and 20 years of CPython.
  6. dEEpEst

    What is Cryptography? 

    What is Cryptography? Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents.When transmitting electronic data, the most common use of cryptography is to encrypt and decrypt email and other plain-text messages.Modern cryptography uses sophisticated mathematical equations (algorithms) and secret keys to encrypt and decrypt data. Today, cryptography is used to provide secrecy and integrity to our data, and both authentication and anonymity to our communications.An example of basic cryptography is an encrypted message in which letters are replaced with other characters. To decode the encrypted contents, you would need a grid or table that defines how the letters are transposed.
  7. dEEpEst

    How to solve CTF 

    How to solve CTF Challenge types Jeopardy style CTFs challenges are typically divided into categories. I'll try to briefly cover the common ones. Cryptography - Typically involves decrypting or encrypting a piece of data Steganography - Tasked with finding information hidden in files or images Binary - Reverse engineering or exploiting a binary file Web - Exploiting web pages to find the flag Pwn - Exploiting a server to find the flag Where do I start? If I managed to pique your curiosity, I've compiled a list of resources that helped me get started learning. CTF veterans, feel free to add your own resources in the comments below! Learning [Hidden Content] - Introduction to common CTF techniques such as cryptography, steganography, web exploits (Incomplete) [Hidden Content] - Tips and tricks relating to typical CTF challenges/scenarios [Hidden Content] - Explanations of solutions to past CTF challenges Resources [Hidden Content] - CTF event tracker [Hidden Content] - Comprehensive list of tools and further reading Tools (That I use often) binwalk - Analyze and extract files burp suite - Feature packed web penetration testing framework stegsolve - Pass various filters over images to look for hidden text GDB - Binary debugger The command line Practice Many of the "official" CTFs hosted by universities and companies are time-limited competitions. There are many CTFs however that are online 24/7 that can be used as practice and learning tools. Here are some that I found to be friendly for beginners. [Hidden Content] - A collection of various user-submitted challenges aimed towards newcomers [Hidden Content] - A series of progressively more difficult pwn-style challenges. (Start with the bandit series) [Hidden Content] - Yearly time-limited CTF now available to use as practice Conclusion CTF is a great hobby for those interested in problem-solving and/or cyber security. The community is always welcoming and it can be a lot of fun tackling challenges with friends. Thank you for reading!
  8. dEEpEst

    What is CTF? 

    What is CTF? CTF (Capture The Flag) is a kind of information security competition that challenges contestants to solve a variety of tasks ranging from a scavenger hunt on wikipedia to basic programming exercises, to hacking your way into a server to steal data. In these challenges, the contestant is usually asked to find a specific piece of text that may be hidden on the server or behind a webpage. This goal is called the flag, hence the name! Like many competitions, the skill level for CTFs varies between the events. Some are targeted towards professionals with experience operating on cyber security teams. These typically offer a large cash reward and can be held at a specific physical location.
  9. dEEpEst

    How To Run .Exe File In Android

    [Hidden Content]
  10. dEEpEst

    1TB of free storage

    1TB of free storage [Hidden Content]
  11. Metasploit Error Solved ! How to install metasploit framework in termux without any errors [Hidden Content]
  12. How to install hammer in termux [Hidden Content]
  13. How to use Subscraper in termux [Hidden Content]
  14. How to install Subscraper in termux [Hidden Content]
  15. View File Learn how to Reverse Engineer Apps & Softwares via this detailed Course Learn how to Reverse Engineer Apps & Softwares via this detailed Course * Learn How To Crack Software Legally And More.. Download Link: Free for users PRIV8 Submitter dEEpEst Submitted 28/04/22 Category Libro Online Password ********  
  16. 1 download

    Learn how to Reverse Engineer Apps & Softwares via this detailed Course * Learn How To Crack Software Legally And More.. Download Link: Free for users PRIV8

    $100.00 PRIV8

  17. View File Complete Software Cracking & Ethicalhacking Course COMPLETE SOFTWARE CRACKING & ETHICALHACKING COURSE *Beginner To Advanced. Download: Free for users PRIV8 Submitter dEEpEst Submitted 22/04/22 Category Libro Online Password ********  
  18. 1 download

    COMPLETE SOFTWARE CRACKING & ETHICALHACKING COURSE *Beginner To Advanced. Download: Free for users PRIV8

    $100.00 PRIV8

  19. Download: [Hidden Content] Guide:
  20. View File Fraud Bible 2021[18.4 GB] Fraud Bible 2021 Download: Free for users PRIV8 Submitter dEEpEst Submitted 13/04/22 Category Libro Online Password ********  
  21. dEEpEst

    Fraud Bible 2021[18.4 GB]

    7 downloads

    Fraud Bible 2021 Download: Free for users PRIV8

    $100.00 PRIV8

  22. AFTER EFFECTS | MOTION SHAPES PACK BY PREMIUMILK [1.6GB] [Hidden Content]
  23. dEEpEst

    What is Website Defacement?

    What is Website Defacement? A website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own. The most common method of defacement is using SQL Injections to log on to administrator accounts. Defacements usually consist of an entire page. This page usually includes the defacer’s pseudonym or “Hacking Codename.” Sometimes, the Website Defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless, however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware or deleting essential files from the server.
  24. [Hidden Content]
  25. View File Android Hacking Full Advance Professional Course Android Hacking Full Advance Professional Course # Total Videos :- 31 # Language ( हिंदी) # Resolution :- 1920×1080 Full HD # Videos Duration Time :- 6Hour.48Min.22Sec. # System Used :- Kali Linux, Windows 8.1, And Windows 10 # Basic Knowledge Of Kali Linux And Windows Download LINK : Download Free for users PRIV8 Submitter dEEpEst Submitted 13/03/22 Category Libro Online Password ********