Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'active'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Categories

  • Files
  • Online Book
  • Services

Categories

  • Hacking

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. Install the latest new null so that the nulled addons will work Install the script & import the database normally, if you get errors during importing database, don’t close the page, important! Go to phpMyAdmin and make new database. Import the database (shop.sql) located in the script installation folder. Go to .env file and insert the new database name, user, password. In .env file change your app url to the [Hidden Content], if it is in the sub domain use that. Go to [Hidden Content], and continue. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation. Active eCommerce CMS is a Laravel version of Active Super Shop multi-vendor eCommerce system with a lot of exclusive features! Addons List Active eCommerce CMS v.7.0.0 Activated Active eCommerce Refund Add-On v.1.2 Active eCommerce Delivery Boy Flutter App v3.0 Active eCommerce Flutter App v.2.4 Active eCommerce Auction Add-on v1.3 Active eCommerce Seller Subscription Add-on v.1.6 Active eCommerce Wholesale (B-B) Add-on v1.2 Active eCommerce Offline Payment Add-on v1. Active eCommerce Paytm add-on 1.1 Download Active eCommerce POS Manager v1.5 Add-on Active eCommerce Club Point Add-on v1.3 Active eCommerce Affiliate Add-On v.1.7 Active eCommerce African Payment Gateway Add-on v1.3 Active eCommerce Android App v.1.3 Active eCommerce OTP add-on v2.0 Download: [hide][Hidden Content]] Password: level23hacktools.com
  2. x13 Paramount+ | Subcription = NEW_FREE_PACKAGE | Status = ACTIVE [Hidden Content]
  3. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation. [Hidden Content] [hide][Hidden Content]]
  4. Active eCommerce CMS v6.5.0 Nulled + (All Addons) and Android App Active eCommerce Included in this Package 1# – Active eCommerce CMS Main Script (Nulled) 2# – Active eCommerce Android App 3# – Active eCommerce Seller Subscription Add-on 4# – Active eCommerce Paytm add-on 5# – Active eCommerce Offline Payment Add-on 6# – Active eCommerce OTP add-on 7# – Active eCommerce Club Point Add-on 8# – Active eCommerce Refund add-on 9# – Active eCommerce Affiliate add-on Main Features Multi-vendor eCommerce System Multi Language Option Wallet Recharge from All Payment Gateway Guest Checkout PayPal, Stripe, SSLCommerz, Razorpay, Instamojo and Cash on Delivery Payment Multiple Shipping Option Informative Customer Profile Seller Verification Seller and Product Review System Smart Cart System Compare, Wishlist, Discount Products Systems Product Video Preview Facebook, Google, Twitter Login/Register Multi Color Option and more [Hidden Content] [hide][Hidden Content]] Password: level23hacktools.com NEW VERSION: Active eCommerce CMS v7.0.0 Nulled + (All Addons) and Android App
  5. Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP) Looks for enabled normal user accounts. No Windows audit logs were generated. High-speed ~ up to 10K/sec – go beyond 25K/sec with multiple servers! Tries to autodetect DC from environment variables on domain joined machines or falls back to machine hostname FQDN DNS suffix Reads usernames to test from stdin (default) or file Outputs to stdout (default) or file Parallelized, multiple connections to multiple servers (defaults to 8 servers, 8 connections per server) Shows a progressbar if you’re using both input and output files Evasive maneuvers: Use –throttle 20 for a 20ms delay between each request (slows everything down to a crawl) Evasive maneuvers: Use –maxrequests 1000 to close the connection and reconnect after 1000 requests in each connection (try to avoid detection based on traffic volume) Changelog v1.1 64921bd: Fixed output for detected DNS domain (Lars Karlslund) 6ea0cd7: Fixed closing of output when exiting (Lars Karlslund) 61637bd: Added option to dump rootDSE attributes as JSON (Lars Karlslund) [hide][Hidden Content]]
  6. LDAP Nom Nom Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP) Looks for enabled normal user accounts. No Windows audit logs were generated. High-speed ~ up to 10K/sec – go beyond 25K/sec with multiple servers! Tries to autodetect DC from environment variables on domain joined machines or falls back to machine hostname FQDN DNS suffix Reads usernames to test from stdin (default) or file Outputs to stdout (default) or file Parallelized, multiple connections to multiple servers (defaults to 8 servers, 8 connections per server) Shows a progressbar if you’re using both input and output files Evasive maneuvers: Use –throttle 20 for a 20ms delay between each request (slows everything down to a crawl) Evasive maneuvers: Use –maxrequests 1000 to close the connection and reconnect after 1000 requests in each connection (try to avoid detection based on traffic volume) [hide][Hidden Content]]
  7. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation [Hidden Content] [hide][Hidden Content]]
  8. Description As a security professional, one of your most important jobs is to make sure that only authorized users have access to your system. Most often, this is achieved via credential-based access control, where credentials are stored in central directories like Microsoft Active Directory (AD). But are you really ready to handle an unexpected cyberattack? In this course, instructor Malcolm Shore gives you an overview of Active Directory, including how to enumerate it and validate its security with penetration testing. Explore the core concepts of penetration testing and why it’s so important for enterprise security management. Learn how AD interacts with identity providers and how you interact with it at the command line using LDAP protocol as well as through Powerpoint. Malcolm teaches you some key tricks and gives you examples of how to get the most out of your audits by understanding and utilizing spray attacks, hash extractions, impacket libraries, and brute force attacks. [hide][Hidden Content]]
  9. Active Directory Pentesting With Kali Linux – Red Team Attacking and Hacking Active Directory With Kali Linux Full Course – Red Team Hacking Pentesting What you’ll learn How to Use Metasploit to Exploit Active Directory How to Use Empire to Exploit Active Directory How to Use Evil-WinRM to Exploit Active Directory How to Use CrackMapExec to Exploit Active Directory How to Exploit Active Directory From Windows How to Do Active Directory Enumeration How to do Lateral Movement Active Directory Post Exploitation Active Directory Domain Privilege Escalation Active Directory Persistence Attacks How to use Kali Linux to hack Active Directory How to use nmap to Enumerate Servers How to exploit EternalBlue Requirements How Active Directory Work Windows Server Experience Description Most enterprise networks today are managed using Windows Active Directory and it is imperative for a security professional to understand the threats to the Windows infrastructure. Active Directory Pretesting is designed to provide security professionals to understand, analyze and practice threats and attacks in a modern Active Directory environment. The course is beginner friendly and comes with a walkthrough videos course and all documents with all the commands executed in the videos. The course is based on our years of experience of breaking Windows and AD environments and research. When it comes to AD security, there is a large gap of knowledge which security professionals and administrators struggle to fill. Over the years, I have taken numerous world trainings on AD security and always found that there is a lack of quality material and specially, a lack of good walkthrough and explanation. The course simulate real world attack and defense scenarios and we start with a non-admin user account in the domain and we work our way up to enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities. We cover topics like AD enumeration, tools to use, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, Silver ticket and more), ACL issues, SQL server trusts, and bypasses of defenses. Attacking and Hacking Active Directory With Kali Linux Full Course – Read Team Hacking Pentesting Who this course is for: Students who would love to become an Active Directory Pentesting Expert Students who would love to learn how to Attack Active Directory Students who would love a Job as a Red Team [Hidden Content] [hide][Hidden Content]]
  10. BloodyAD is an Active Directory Privilege Escalation Framework. This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc. It supports authentication using passwords, NTLM hashes, or Kerberos. How it works bloodyAD communicates with a DC using mainly the LDAP protocol in order to get information or add/modify/delete AD objects. A password cannot be updated with LDAP, it must be a secure connection that is LDAPS or SAMR. A DC doesn’t have LDAPS activated by default because it must be configured (with a certificate) so SAMR is used in those cases. [hide][Hidden Content]]
  11. Active Workdesk CMS is an online platform where resourceful clients and skillful freelancers can be connected. The site helps professionals find projects, communicate with clients and get paid. [Hidden Content] [hide][Hidden Content]]
  12. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation [Hidden Content] [hide][Hidden Content]]
  13. SharpSpray SharpSpray is a Windows domain password spraying tool written in .NET C#. SharpSpray is a C# port of DomainPasswordSpray with enhanced and extra capabilities. This tool uses LDAP Protocol to communicate with the Domain active directory services. Features Can operate from inside and outside a domain context. Exclude domain disabled accounts from the spraying. Auto gathers domain users from the Active directory. Avoid potential lockouts by excluding accounts within one attempt of locking out. Avoid potential lockouts by auto-gathering domain lockout observation window settings. Compatible with Domain Fine-Grained Password policies. Custom LDAP filter for users, e.g. (description=admin) Delay in seconds between each authentication attempt. Jitter between each authentication attempt. Support a single password or a list of passwords. Single file Console Application. [hide][Hidden Content]]
  14. Burp Bounty – Scan Check Builder This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive. Examples of vulnerabilities that you can find So, the vulnerabilities identified, from which you can make personalized improvements are: Active Scan: XSS reflected and Stored SQL Injection error based Blind SQL injection Blind SQL injection time-based XXE Blind XXE SSRF CRLF Information disclosure Nginx off-by-slash vulnerability – From Orange Tsai Command injection Web cache poisoning Blind command injection Open Redirect Local File Inclusion Remote File Inclusion Path Traversal LDAP Injection XML Injection SSI Injection XPath Injection etc Passive Response Scan Security Headers Cookies attributes Endpoints extract Software versions Error strings In general any string or regular expression in the response. Passive Request Scan Interesting params and values In general any string or regular expression in the request. Changelog v4.0 Burp Bounty Pro 1.6 core Quick issue alert More options for creating profiles [hide][Hidden Content]]
  15. smartbrute The smart password spraying and bruteforcing tool for Active Directory Domain Services. [hide][Hidden Content]]
  16. Description ـــــــــــــــــــــــــ Most enterprise networks today are managed using Windows Active Directory and it is imperative for a security professional to understand the threats to the Windows infrastructure. Active Directory Pretesting is designed to provide security professionals to understand, analyze and practice threats and attacks in a modern Active Directory environment. The course is beginner friendly and comes with a walkthrough videos course and all documents with all the commands executed in the videos. The course is based on our years of experience of breaking Windows and AD environments and research. When it comes to AD security, there is a large gap of knowledge which security professionals and administrators struggle to fill. Over the years, I have taken numerous world trainings on AD security and always found that there is a lack of quality material and specially, a lack of good walkthrough and explanation. The course simulate real world attack and defense scenarios and we start with a non-admin user account in the domain and we work our way up to enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities. We cover topics like AD enumeration, tools to use, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, Silver ticket and more), ACL issues, SQL server trusts, and bypasses of defenses. Attacking and Hacking Active Directory With Kali Linux Full Course - Read Team Hacking Pentesting What you’ll learn ـــــــــــــــــــــــــــــــــــــ How to Use Metasploit to Exploit Active Directory How to Use Empire to Exploit Active Directory How to Use Evil-WinRM to Exploit Active Directory How to Use CrackMapExec to Exploit Active Directory How to Exploit Active Directory From Windows How to Do Active Directory Enumeration How to do Lateral Movement Active Directory Post Exploitation Active Directory Domain Privilege Escalation Active Directory Persistence Attacks How to use Kali Linux to hack Active Directory How to use nmap to Enumerate Servers How to exploit EternalBlue Are there any course requirements or prerequisites? ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ How Active Directory Work Windows Server Experience Who this course is for: ـــــــــــــــــــــــــــــــــــــــــــــــــ Students who would love to become an Active Directory Pentesting Expert Students who would love to learn how to Attack Active Directory Students who would love a Job as a Red Team Windows - Privilege Escalation and Local Enumeartion Cheat Sheet [hide] [Hidden Content]]
  17. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation. [Hidden Content] [hide][Hidden Content]]
  18. BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment. Changelog v4.0.2 This release comes with a whole heap of bugfixes. [hide][Hidden Content]]
  19. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation. [Hidden Content] [hide][Hidden Content]]
  20. Multi language options, multi currency option, 4 different payment gateways social media login & sharing, the most advanced product posting & presentation. [Hidden Content] [hide][Hidden Content]]
  21. AD Penetration Testing Lab The AD Pentesting tool (ADLab) is a tool created in PowerShell to quickly set up an Active directory lab for testing purposes. This tool can help set up a Domain controller and Workstation in a lab environment quickly and effectively. While the tool is specifically written to configure an Active Directory environment in a lab environment the tool can be easily stretched for a production environment as it’s released under MIT license. The process to manually configure a domain controller using GUI can be painful especially if you need to create and tear down the lab frequently. This single tool can not only configure a domain controller quickly but can also automate additional configuration such as creating shares, creating users, and configuring group policy objects for disabling Windows Defender which is something desirable especially in a lab environment. [hide][Hidden Content]]
  22. This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive. Examples of vulnerabilities that you can find So, the vulnerabilities identified, from which you can make personalized improvements are: Active Scan: XSS reflected and Stored SQL Injection error based Blind SQL injection Blind SQL injection time-based XXE Blind XXE SSRF CRLF Information disclosure Nginx off-by-slash vulnerability – From Orange Tsai Command injection Web cache poisoning Blind command injection Open Redirect Local File Inclusion Remote File Inclusion Path Traversal LDAP Injection XML Injection SSI Injection XPath Injection etc Passive Response Scan Security Headers Cookies attributes Endpoints extract Software versions Error strings In general any string or regular expression in the response. Passive Request Scan Interesting params and values In general any string or regular expression in the request. Changelog v3.3.5 Fixed bug with Payload and Payload without encoding match type Changed the default directory from user.dir to user.home Added and variables for printing issue details in Advisory. Fixed regex grep case sensitive Better redirection performance Fixed bug with Match And Replace [hide][Hidden Content]]
  23. ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes: ADCollector is not an alternative to the powerful PowerView, it just automates enumeration to quickly identify juicy information without thinking too much at the early Recon stage. Functions implemented in ADCollector are ideal for enumeration in a large Enterprise environment with lots of users/computers, without generating lots of traffic and taking a large amount of time. It only focuses on extracting useful attributes/properties/ACLs from the most valuable targets instead of enumerating all available attributes from all the user/computer objects in the domain. You will definitely need PowerView to do more detailed enumeration later. The aim of developing this tool is to help me learn more about Active Directory security in a different perspective as well as to figure out what’s behind the scenes of those PowerView functions. I just started learning .NET with C#, the code could be really terrible~ It uses S.DS namespace to retrieve domain/forest information from the domain controller(LDAP server). It also utilizes S.DS.P namespace for LDAP searching. Enumeration Current Domain/Forest information Domains in the current forest (with domain SIDs) Domain Controllers in the current domain [GC/RODC] (with ~~IP, OS Site and ~~Roles) Domain/Forest trusts as well as trusted domain objects[SID filtering status] Privileged users (currently in DA and EA group) Unconstrained delegation accounts (Excluding DCs) Constrained Delegation (S4U2Self, S4U2Proxy, Resources-based constrained delegation) MSSQL/Exchange/RDP/PS Remoting SPN accounts User accounts with SPN set & password does not expire account Confidential attributes () ASREQROAST (DontRequirePreAuth accounts) AdminSDHolder protected accounts Domain attributes (MAQ, minPwdLength, maxPwdAge lockoutThreshold, gpLink[group policies that linked to the current domain object]) LDAP basic info(supportedLDAPVersion, supportedSASLMechanisms, domain/forest/DC Functionality) Kerberos Policy Interesting ACLs on the domain object, resolving GUIDs (User-defined object in the future) Unusual DCSync Accounts Interesting ACLs on GPOs Interesting descriptions on user objects Sensitive & Not delegate account Group Policy Preference cpassword in SYSVOL/Cache Effective GPOs on the current user/computer Restricted groups Nested Group Membership Changelog v2.0 1. Complete Rewrite (more extensible) 2. Add Interactive Menu with command line choice 3. Use direct API call to enumerate Trust relationship 4. Update Applied GPO Enumeration with Security Filtering and WMI Filtering (WMIFilter needs to be checked manually) 5. Add LDAP DNS Record Enumeration 6. RunAs: Run ADCollector under another user context 7. Flexible SPN Scan, DNS Records, Nested Group Membership, ACL Enumeration 8. Add NetSessionEnum, NetLocalGroupGetMembers and NetWkstaUserEnum [hide][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.