• Content Count

  • Avg. Content Per Day

  • Joined

  • Last visited

  • Days Won


0x1 last won the day on December 3 2015

0x1 had the most liked content!

Community Reputation

5,503 Excellent


About 0x1

  • Rank
    LeVeL23 HacKerS TeaM
  • Birthday 03/03/1900

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. 0x1

    Burp Suite Professional v2.1.07

    You can check md5 from bursuite-pro.jar go to releses [Hidden Content] burpsuite_pro_v2.1.07.jar MD5: d22900104f4ae2d7c48a496741ab2091 SHA256: 3f18904e094693c411b9451d8dba8b79e9f5228de0a72752abdf3c28c414af80 Scan result for burp-loader-keygen-2_1_07.jar: No engine(s) detected this file: 0 / 32 SHA-256: ae37c4b69af3b6b0d3b21dfad20531c3b16889d8416d77b74dde57cc1372ba05 File name: burp-loader-keygen-2_1_07.jar File size: 47.8 KB Analysis date: 2020-01-23 | 09:55:01 [Hidden Content]
  2. 0x1

    Burp Suite Professional v2.1.07

    Info from Patch Cracked by SCZ Surferxyz's keygen has been supported until Burp 2.0.11beta, and finally expired in version 2.1. This is because of 2.1 The Burp registration algorithm has changed, including but not limited to: 1) The license format has been changed to include the SHA256 signature. Older versions of keygen did not generate corresponding fields. 2) No longer call library functions for key large number operations, but implement large number modular powers and large number comparisons by themselves, which is equivalent to Inline expansion. This makes the old version of keygen's modification to compareTo () not work. In general, the overall structure of the 2.1 registration algorithm is unchanged from earlier versions, such as DES keys, large numbers n And so on, the old values are used, and the new changes are completely for the purpose of combating known cracks. Instruction chmod +x burp-loader-keygen-2_1_07.jar;chmod +x burpsuite_pro_v2.1.07.jar java -jar burp-loader-keygen-2_1_07.jar java -noverify -Xbootclasspath/p:burp-loader-keygen-2_1_07.jar -jar burpsuite_pro_v2.1.07.jar Copy License to BurpSuite Click Manual activation, click Copy request Copy Request to Burp-loader-keygen's Activation Request Copy the automatically generated Activation Response back to BurpSuite Done, get started You can write an executable shell and throw it under /usr/bin example : copy all files to directory /opt/burpsuite echo '#!/bin/bash' > /usr/bin/burp echo 'cd /opt/burpsuite/' >> /usr/bin/burp echo 'java -noverify -Xbootclasspath/p:burp-loader-keygen-2_1_07.jar -jar burpsuite_pro_v2.1.07.jar' >> /usr/bin/burp chmod +x /usr/bin/burp
  3. VB Conversions - VB.NET to C# V.5.07 Professional by 0x1 Now with Visual Studio 2019 support! The number of test projects increased from 12k to 15k. They must all convert without C# compiler errors before each release. To help manage large project groups there is now the ability to apply filters by project status and Visual Studio version. In the project group screen, click the View menu, then pick the field to filter by. Improved detection of the Visual Studio version of a VB.Net project. Improved conversions in name overloaded scenarios, with class, variable, arguments, etc. being named the same. Reduced number of duplicate definitions commented out in complex overloading/interface scenarios. Improved disabiguation converting () to () or []. Improved conversions in complex inheritance scenarios. Reduced number of temporary variables created during conversions. Improved conversions in complex for each scenarios. Fixed error converting static local variables within a routine with an separate line attribute. Corrected problem converting elseif lines causing temporary variables to be declared. Improved conversions of parameterized property references defined in an external dll. Corrected error converting RaiseEvent on an event renamed as part of an interface implementation. Improved conversion of events in interfaces. Improved conversion of events. Unnecessary add/remove clauses not output in C#. Fixed error converting a parameterized property named “Value” Fixed runtime issue of adding event handler to variable being assigned null Fixed problem of converter hanging in rare circumstances. Improved conversion of complex conditional constants. Fixed error parsing If() statement with no Then and no space between If and ( Fixed issue where the application would sometimes crash opening a project. Fixed problem converting RaiseEvent lines for events with ByRef parameters requiring a temporary variable to be created. Import statements with generic definitions are now converted. Improved conversion logic on poorly formatted upgraded VB6 projects. Improved accuracy of converting exponentiation within built-in conversion functions. Fixed error converting left bit shift operators. Eliminated CS0019 errors being generated due to string comparisons or case statements with string ranges. Improved accuracy of conversions referencing import aliases. Improved type conversions to avoid CS0266, CS0029 compile errors. Added ability to automatically correct CS0738 errors about interface implementations having wrong return type. Improved accuracy of CS0019, CS0021, CS0030, CS0103, CS117, CS118, CS119, CS121, CS0176, CS0234, CS0246, CS0266, CS0571, CS1061, CS0426, CS0839, CS1061, CS1546, CS1620, CS1955 automatic compiler error correction. Reduced the number of C# compiler errors for CS0019, CS0029, CS0037, CS0103, CS0106, CS0117, CS0119, CS0149, CS0161, CS0173, CS0176, CS0234, CS0246, CS0266, CS0664, CS1002, CS1501, CS1503, CS1525, CS1750. Download Pro Version [HIDE][Hidden Content]]
  4. Visitor Maker 1.3 Premium by 0x1 This intelligent software will automatically send UNLIMITED amount of visitors to your website for free. The VisitorMaker allow you drive your visitors come from ANY COUNTRY, ANY DEVICE, ANY BROWSER, ANY REFERRAL, SEARCH ENGINE. But there a thing you should know, the software using Proxy Servers and open your website on your pc, so it is FAKE visitors. Demo Download Premium Version [HIDE][Hidden Content]]
  5. 0x1

    MobiHok 6.0 - Android RAT

    Operating systems The program is compatible with win 10 - win 8 - win 7 - win vista - win xp .. Requires installation Net framework 4.0 Compatible with systems Android 10.0 .. Android 9.0 .. Android 8.0 .. Android 7.0 .. Android 6.0 .. Android 5.0 .. Android 4.0 .. Demo CHARACTERISTICS Take a photo of the screen * New * Record phone calls * New * Record Messenger, Skype and Skype calls. * New * browse and download files Live camera shooting locate record the microphone keylogger browse messages browse calls To call .. And other features Download from the official program website [HIDE][Hidden Content]] The next version It will include a method of key extraction for WhatsApp
  6. 0x1

    Yet Another Google Dorks Question

    Example for Xss: exploit Open-Redirect to XSS use dork from open redirect and change url to javascript:alert('Xss'); Example: [Hidden Content] use different search engine , try to adapt these dork compared to the search engine used
  7. 0x1

    haw does it crypted ?

    first encryption is like Base64 but next encryption i don't know
  8. BurpSuite Professional / Community 2.1.07 This release considerably improves Burp's SSL/TLS coverage. Historically, quirks in different server-side implementations together with bugs in the client-side Java stack led to problems connecting to some web sites. These have now been virtually eliminated. The Venn diagram below shows how Burp's coverage now compares with Google Chrome for the Alexa top 100,000 sites. Burp achieves substantial overlap with Chrome. Burp can connect to 1,696 sites that Chrome does not, and only fails to connect to 125 sites that Chrome can connect to. (Note that Burp's additional coverage is largely because Burp tolerates some older and weaker protocols and ciphers, in the interests of maximizing connectivity.) Various improvements have been made to the crawling phase of scans: The event log contains improved feedback regarding account self-registration and login. Crawling is more efficient, with substantially fewer requests needed to discover the same range of locations. Various minor bugs have been fixed. Download [HIDE][Hidden Content]]
  9. 0x1

    GTFOBins & GTFO

    GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions. This was inspired by the LOLBAS project for Windows. GTFOBins is a collaborative project created by norbemi and cyrus_and where everyone can contribute with additional binaries and techniques. [Hidden Content] Install The script has 2 dependencies: colorama pygments You can install these by typing: python3 setup.py install Run python3 gtfo.py [binary]
  10. 0x1

    S'il vous plaît, aidez-moi

    Read Rules Allowed Languages: Spanish | English 1. Title : you need help for what ? example: how make private dork & keyword 2. add example to dork you want make private 3. Make Private dork = Find Exploit & create dork from the links or from code source (powered by ...) & No sharing for stay private. Example: "Powered by ..." .php?name= If you want someone to help you try to explain better what you need
  11. 0x1


    Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications. Extraction and decoders produce reports in HTML and Excel formats. Features Automated data extraction and decoding Data extraction of non-rooted without devices by Android Backup (Android versions 4.x, varied/limited support) Data extraction with root permissions: root ADB daemon, CWM recovery mode, or SU binary (Superuser/SuperSU) Data parsing and decoding for Folder structure, Tarball files (from nanddroid backups), and Android Backup (backup.ab files) Selection of individual database decoders for Android apps Decryption of encrypted WhatsApp archived databases (.crypt to .crypt12, must have the right key file) Lockscreen cracking for Pattern, PIN, Password (not gatekeeper) Unpacking the Android backup files Screen capture of a device’s display screen Python Requirements 3.6+ (64-bit version recommended) It is highly advised to setup a virtual environment to install Andriller and its dependencies in it. However, it is not essential, and the global environment can also be used. Depending on how Python was setup, it may be needed to substitute python and pip to python3 and pip3 retrospectively for the instructions below. System Dependencies adb python3-tk [Ubuntu/Debian] Install from Terminal: sudo apt-get install android-tools-adb python3-tk [Mac] Install from brew cask: brew cask install android-platform-tools [Windows] : Included. Installation (Recommended way) Create a virtual environment using Python 3: python3 -m venv env Activate the virtual environment: source env/bin/activate Install Andriller with its Python dependencies (same command to upgrade it): (env) $ pip install andriller -U Quick Start (run GUI) (env) $ python -m andriller License MIT License Contributing Contributions are welcome, please make your pull requests to the dev branch of the repository. More Info & Download [Hidden Content]
  12. Check if Windows 10 and if administrator privileges Can help for Option BypasUAC or (if Not Windows10 use vbs ...) [Hidden Content]
  13. 0x1


    AttackSurfaceMapper is a tool that aims to automate the reconnaissance process. Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and passive lookups, Other IPs of the same network block owner, IPs that have multiple domain names pointing to them and so on. Once the target list is fully expanded it performs passive reconnaissance on them, taking screenshots of websites, generating visual maps, looking up credentials in public breaches, passive port scanning with Shodan and scraping employees from LinkedIn. Demo Example run command python3 asm.py -t your.site.com -ln -w resources/top100_sublist.txt -o demo_run Optional Parameters Additional optional parameters can also be set to choose to include active reconnaissance modules in addition to the default passive modules. |<------ AttackSurfaceMapper - Help Page ------>| positional arguments: targets Sets the path of the target IPs file. optional arguments: -h, --help show this help message and exit -f FORMAT, --format FORMAT Choose between CSV and TXT output file formats. -o OUTPUT, --output OUTPUT Sets the path of the output file. -sc, --screen-capture Capture a screen shot of any associated Web Applications. -sth, --stealth Passive mode allows reconaissaince using OSINT techniques only. -t TARGET, --target TARGET Set a single target IP. -V, --version Displays the current version. -w WORDLIST, --wordlist WORDLIST Specify a list of subdomains. -sw SUBWORDLIST, --subwordlist SUBWORDLIST Specify a list of child subdomains. -e, --expand Expand the target list recursively. -ln, --linkedinner Extracts emails and employees details from linkedin. -v, --verbose Verbose ouput in the terminal window. Authors: Andreas Georgiou (@superhedgy) Jacob Wilkin (@greenwolf) Setup && Download As this is a Python based tool, it should theoretically run on Linux, ChromeOS (Developer Mode), macOS and Windows. [1] Download AttackSurfaceMapper [Hidden Content] [2] Install Python dependencies cd AttackSurfaceMapper python3 -m pip install --no-cache-dir -r requirements.txt [3] Add optional API keys to enable more data gathering Register and obtain an API key from:[Hidden Content] Edit and enter the keys in keylist file nano keylist.asm
  14. 0x1

    Metasploit Pro

    Metasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities. The platform includes the Metasploit Pro and Metasploit Framework. To get started using Metasploit Pro right away. Metasploit Pro Metasploit Pro is for users who prefer to use a web interface for pen testing. Some features available in Pro are unavailable in Metasploit Framework. Pro Features not in Metasploit Framework Task Chains Social Engineering Vulnerability Validations GUI Quick Start Wizards Nexpose Integration If you are a command line user, but still want access to the commercial features, Metasploit Pro includes its very own console, which is very much like msfconsole, except it gives you access to most of the features in Metasploit Pro via the [Hidden Content]. Metasploit Pro Features Metasploit Pro offers pen testing features to help you simulate real world attacks, collect data, and remediate found exploits. Infiltrate Manual Exploitation Anti-virus Evasion IPS/IDS Evasion Proxy Pivot Post-Exploration Modules Session Clean Up Credentials Reuse Social Engineering Payload Generator Quick Pen Testing VPN Pivoting Vulnerability Validation Phishing Wizard Web App Testing Persistent Sessions Collect Data Import and scan data Discovery Scans MetaModules Nexpose Scan Integration Remediate Bruteforce Task Chains Exploitation Workflow Session Rerun Task Replay Project Sonar Integration Session Management Credential Management Team Collaboration Web Interface Backup and Restore Data Export Evidence Collection Reporting Tagging Data Interfaces Metasploit Pro comes with a web interface and a command line interface. Most features available in the web interface are also available in the command line. Web Interface A web interface is available for you to work with Metasploit Pro. To launch the web interface, open a web browser and go to [Hidden Content]. To learn more about the web interface see [Hidden Content] Pro Console The [Hidden Content] enables you to interact with Metasploit Pro from the command line. It is similar to the Metasploit Framework console. Metasploit Framework The Metasploit Framework is the foundation on which the commercial products are built. It is an [Hidden Content] that provides the infrastructure, content, and tools to perform penetration tests and extensive security auditing. There are quite a few resources available online to help you learn how to use the Metasploit Framework; however, we highly recommend that you take a look at the [Hidden Content], which is maintained by Rapid7, to ensure that you have the most up to date information available. Metasploit Architecture The Metasploit Framework is an open source pen testing and development platform that provides you with access to the latest exploit code for various applications, operating systems, and platforms. You can leverage the power of the Metasploit Framework to create additional custom security tools or write your own exploit code for new vulnerabilities. Modules A module is a standalone piece of code, or software, that extends the functionality of the Metasploit Framework. Modules automate the functionality that the Metasploit Framework provides and enables you to perform tasks with Metasploit Pro. A module can be an: Exploit Auxiliary Payload No operation payload (NOP) Post-exploitation module Encoder For example, an exploit uses a payload to deliver code to run on another machine. The payload will open a shell or a Meterpreter session to run a post-exploitation module. The encoder will make sure the payload is delivered and no operation payload will make sure the payload size is kept consistent. Services Metasploit Pro runs the following services: PostgreSQL - Runs the database that Metasploit Pro uses to store data from a project. Ruby on Rails - Runs the web Metasploit Pro web interface. Pro service - Also known as the Metasploit service, bootstraps Rails, the Metasploit Framework, and the Metasploit RPC server. What’s Next [Hidden Content] Get you trial && Download Pro Version [Hidden Content]
  15. 0x1

    Need to learn more about SAMBA service

    Choose search engine and add : secure samba server Six easy ways to secure Samba: [HIDE][Hidden Content]] Protecting an unpatched Samba server : [HIDE][Hidden Content]] how to secure samba with stunnel : [HIDE][Hidden Content]] How To Set Up a Samba Share For A Small Organization on Ubuntu 16.04 : [HIDE][Hidden Content]] Secure your Samba Authentications Automatically via OpenVPN : [HIDE][Hidden Content]] Doc Wiki-Samba : [HIDE][Hidden Content]]