Search the Community

This is a universal Reddit scraper that can scrape Subreddits, Redditors, and comments on posts. Scrape speeds will be determined by the speed of your internet connection. Changelog v3.3.2 Added Source code In Redditor.py: Added a new method GetInteractions._get_user_subreddit() – extracts subreddit data from the UserSubreddit object into a dictionary. Tests In test_Redditor.py: Added TestGetUserSubredditMethod().test_get_user_subreddit() to test the new method. Changed Source code In Redditor.py: GetInteractions._get_user_info() calls the new GetInteractions._get_user_subreddit() method to set the Redditor’s subreddit data within the main Redditor information dictionary. In Version.py: Incremented version number. README Incremented PRAW badge version number. [hide][Hidden Content]]

Before obfuscation After obfuscation LoGiC.NET LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Current Features Renames methods, parameters, properties, fields, and events. Adds proxy calls. Encrypts strings. Encodes ints. Adds junk methods. Prevents application tampering. Adds control flow. And more! v1.5 : Protections update Added Control Flow Improved String Encryption Added Stripping DOS Header Improved code efficiency (i.e. analyzers) Added Anti-De4dot Improved Integer Encoding Removed String Length integer encoding Improved Renamer Updated to dnlib v3.3.2 Warning : Expect the obfuscated assembly to break, since there are been new obfuscations and I haven't tested them on a lot of assemblies. [hide][Hidden Content]]

Please Don't Use for illegal Activity Added New Tools Root Android {Supersu} Not Support All OS Version Jump To Adb Toolkit Shell ScreenShot Copy All Camera Photo Copy All WhatsApp Folder Copy All Data Storage Manual Copy {Costum} Backup Data Restore Data Permissons Reset Reboot Remove Lockscreen {Root} Jump To Metasploit Install Application Create Payload Backdoor {Msfvenom} Singed Run Metasploit Inject Payload In Original Application Phone Info Control Android {Scrcpy} Brute Pin 4 Digit Brute Pin 6 Digit Brute LockScreen Using Wordlist Bypass LockScreen {Antiguard} Not Support All OS Version Reset Data Cilocks_V2.1 Added new feature IP Logger GetCam Rat IOS {Metasploit} [hide][Hidden Content]]

CommandoVM – a fully customized, Windows-based security distribution for penetration testing and red teaming. Installed Tools Active Directory Tools Remote Server Administration Tools (RSAT) SQL Server Command Line Utilities Sysinternals Command & Control Covenant PoshC2 WMImplant WMIOps Developer Tools Dep Git Go Java Python 2 Python 3 (default) Ruby Ruby Devkit Visual Studio 2017 Build Tools (Windows 10) Visual Studio Code Evasion CheckPlease Demiguise DefenderCheck DotNetToJScript Invoke-CradleCrafter Invoke-DOSfuscation Invoke-Obfuscation Invoke-Phant0m Not PowerShell (nps) PS>Attack PSAmsi Pafishmacro PowerLessShell PowerShdll StarFighters Exploitation ADAPE-Script API Monitor CrackMapExec CrackMapExecWin DAMP EvilClippy Exchange-AD-Privesc FuzzySec’s PowerShell-Suite FuzzySec’s Sharp-Suite Generate-Macro GhostPack Rubeus SafetyKatz Seatbelt SharpDPAPI SharpDump SharpRoast SharpUp SharpWMI GoFetch Impacket Invoke-ACLPwn Invoke-DCOM Invoke-PSImage Invoke-PowerThIEf Kali Binaries for Windows LuckyStrike MetaTwin Metasploit Mr. Unikod3r’s RedTeamPowershellScripts NetshHelperBeacon Nishang Orca PSReflect PowerLurk PowerPriv PowerSploit PowerUpSQL PrivExchange Ruler SharpExchangePriv SharpExec SpoolSample UACME impacket-examples-windows vssown Information Gathering ADACLScanner ADExplorer ADOffline ADRecon BloodHound dnsrecon Get-ReconInfo GoWitness Nmap PowerView Dev branch included SharpHound SharpView SpoolerScanner Networking Tools Citrix Receiver OpenVPN Proxycap PuTTY Telnet VMWare Horizon Client VMWare vSphere Client VNC-Viewer WinSCP Windump Wireshark Password Attacks ASREPRoast CredNinja DSInternals Get-LAPSPasswords Hashcat Internal-Monologue Inveigh Invoke-TheHash KeeFarce KeeThief LAPSToolkit MailSniper Mimikatz Mimikittenz RiskySPN SessionGopher Reverse Engineering DNSpy Flare-Floss ILSpy PEview Windbg x64dbg Utilities 7zip Adobe Reader AutoIT Cmder CyberChef Gimp Greenshot Hashcheck Hexchat HxD Keepass MobaXterm Mozilla Thunderbird Neo4j Community Edition Pidgin Process Hacker 2 SQLite DB Browser Screentogif Shellcode Launcher Sublime Text 3 TortoiseSVN VLC Media Player Winrar yEd Graph Tool Vulnerability Analysis AD Control Paths Egress-Assess Grouper2 NtdsAudit zBang Web Applications Burp Suite Fiddler Firefox OWASP Zap Subdomain-Bruteforce Wordlists FuzzDB PayloadsAllTheThings SecLists Changelog v2021.2 – July 14, 2021 Require users to disable Defender before installing Too many issues arise from Defender magically turning itself back on. Disabling defender with the preconfig script has been unreliable since Win10 1909. removed update requirement (legacy requirement for Windows 7. Windows 7 support was removed last year) Added support for Windows 10 20H2 and 21H1 Removed vcpython27 #204 updated proxycap install args #203, #200. #196 updated sqlitebrowser.fireeye to remove newly created desktop shortcuts #200 Closed issues #203, #204, #202, #200, #196, #195, #192, #191, #190, #189, #188, #186, #185, #184, #177, #175, #174, #170, #169, #160, #134, #133 [hide][Hidden Content]]

Nebula Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is built with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or automation engines like Ansible, Terraform, Chef, etc. Currently covers: S3 Bucket name bruteforce IAM, EC2, S3, STS, and Lambda Enumeration IAM, EC2, STS, and S3 exploitation SSM Enumeration + Exploitation Custom HTTP User-Agent Enumerate Read Privileges (working on write privs) Reverse Shell No creds Reconnaisance There are currently 67 modules covering: Reconnaissance Enumeration Exploit Cleanup Reverse Shell Changelog v2.0 STS AssumeRoleWithWebIdentity Reconnaissance crt.sh TCP Reverse Shell (Draft) Reverse Shell check_env that checks the environment of the victim system Updated getuid that checks IAM:GetUser, IAM:ListAttachedUserPolicies and IAM:GetPolicy Now it gets the credentials from ¬/.aws [hide][Hidden Content]]

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for the found emails. Features Domain TLD (.com, .org, .net, etc…) Emails Data leaks Emails Social Instagram Facebook Twitter Tiktok Linktr.ee MySpace Flickr Programming Github Pastebin LessWrong Forum Hackernews Jeuxvideo.com Web Hosting AboutMe [hide][Hidden Content]]

“How I Run 9 Different Profitable YouTube Channels and Make 6 Figures From Them” Introducing Tube Mastery and Monetization Tube Mastery and Monetization teaches how to start, grow, and monetize a hyper-profitable YouTube channel from complete scratch. It doesn’t matter if you don’t have any tech skills or any previous business experience. Everything you need to know is provided step-by-step in this training program. My EXACT Strategies In this complete course, I teach my EXACT strategies for starting YouTube channels from scratch and show you how I started a YouTube channel and grew it to having 500,000 subscribers in just one year. I hold nothing back as I show you secret algorithm growth hacks, tips, and strategies for growing quickly and going viral that I have not seen taught anywhere else online. When You Join Tube Mastery and Monetization, You Get Full & Immediate Access To: Module 1: Overview of The Blueprint The 3 Stages To YouTube Module 2: Choosing a Niche Module 3: Setting Up Your Channel For Success Module 4: Uploading Videos Module 5: The Growth Module Module 6: The Monetization Module Module 7: Scaling Your Channel [Hidden Content] [hide][Hidden Content]]

What is DNSStager? DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting it into chunks and encoding the payload using different algorithms. It can generate a custom agent written in C or GoLang that will resolve a sequence of domains, retrieve the payload, decode it and finally inject it into the memory based on any technique you want. You can edit the code of the DNSStager agent as you wish, and build it using your own custom execution techniques. The main goal of using DNSStager is to help red teamers/pentesters to deliver their payloads in the stealthy channel using DNS. How does it work? Based on your DNS resolution option, DNSStager will split your payload into chunks and save each chunk of the payload as a response for a subdomain. For example, if you choose IPV6 as your option to retrieve the payload, the DNS response will be something like: cloud-srv-1.test.mydnsserver.live. 300 IN AAAA 5648:31d2:6548:8b52:6048:8b52:1848:8b52 Where 5648:31d2:6548:8b52:6048:8b52:1848:8b52 is a part of your payload? So, the agent will resolve some domains to retrieve the payload and then decode it and finally inject it into memory. Currently, DNSStager only supports two records, AAAA and TXT. You can encode your payload using XOR for the AAAA record and by default, it will be encoded as base64 if you choose TXT record. DNSStager key features: DNSStager has some key features such as: Hide and Resolve your payload in IPV6 records. Hide and Resolve your payload in TXT records. XOR encoder to encode your payload. Base64 encoder to encode your payload (only for TXT records). Pure agent wrote in C with the ability to customise it. Pure agent wrote in GoLang with the ability to customise it. The ability to use sleep between each DNS request. AND MUCH MORE TO COME! [hide][Hidden Content]]

We use I/O alghoritm to make data transfer faster than the others Easy to connect the vpn after you choose the server There are many free server for users to choose Unlimited bandwith for users, they can browse anytime, anywhere [Hidden Content] [Hidden Content]

HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. The plugin can custom regular expressions to match HTTP response messages. You can decide for yourself whether the corresponding request that meets the custom regular expression match needs to be highlighted and information extracted. Note: The use of HaE requires a basic regular expression foundation for testers. Since the Java regular expression library is not as elegant or convenient as Python when using regular expressions, HaE requires users to use () to extract what they need The expression content contains; for example, if you want to match a response message of a Shiro application, the normal matching rule is rememberMe=delete, if you want to extract this content, you need to become (rememberMe=delete). Changelog v2.0.5 Fixed a logic error #18 [hide][Hidden Content]]

In modern times as data becomes more secure with encryption, there are certain attacks that you may not be aware of. One specific type of attack is called a side-channel attack. What is a side-channel attack? Side-channel attacks rely on measuring tendencies and frequencies of your computer to establish patterns that can extract private information from your machine. Side-channel attacks or SCA, monitor your power use and electromagnetic emissions during cryptographic operations. Due to the low cost and simplicity of these attacks, multiple side-channel techniques can be used. Here is a list of the different techniques: Cache Attack — Monitor your cache accesses in a shared physical system. Commonly found in virtualized environment or a type of cloud service. Timing Attack — Monitor the time of computations and establishing patterns. Power-Monitoring Attack — Monitor the power consumption by the hardware during computation. Electromagnetic Attack — Based on leaked electromagnetic radiation, which can directly provide plain texts and other information. Such measurements can be used to infer cryptographic keys using techniques equivalent to those in power analysis or can be used in non-cryptographic attacks. Acoustic Cryptanalysis — Exploits sound produced during a computation (rather like power analysis). Differential Fault Analysis — Secrets are discovered by introducing faults in a computation. Data Remanence — Sensitive data are read after supposedly having been deleted. Software-Initiated Fault Attacks — Currently a rare class of side-channels, row hammer is an example in which off-limits memory can be changed by accessing adjacent memory too often (causing state retention loss). Optical - Secrets and sensitive data can be read by visual recording using a high resolution camera, or other devices that have such capabilities (see examples below). Countermeasures Different ways to help prevent these attacks have been introduced but not widely implemented. A few ways to try to prevent these attacks are: Eliminating the release of private information or making sure this information is unrelated to your private data. Power line conditioning and filtering to deter power-monitoring attacks as well as emitting a channel with noise. Blinding technique that serves to alter the algorithm’s input into some unpredictable state rendering some or all of the leakage of useful information. Once your keys are established, hackers could gain access to your data and could increase your chances of corruption or removal. Side-channel and other types of cyberattacks are one of the key reasons you should always have redundant backups running using a service like Jungle Disk and another form of backup such as an external hard drive or network attached storage device.

Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Changelog v1.5.7 Fixes #4728 [hide][Hidden Content]]

Universal Reddit Scraper This is a universal Reddit scraper that can scrape Subreddits, Redditors, and comments on posts. Scrape speeds will be determined by the speed of your internet connection. [hide][Hidden Content]]

HawkScan Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in the waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.8.4 Fixed: Better display of live lines Added: A new file to manage the modules to launches [hide][Hidden Content]]

Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP, and lets you control the size of queries using random delay. Also, allows you to avoid detections by using random domains in each of your queries and you can use it to transfer information both locally and remotely. [hide][Hidden Content]]

With the SongCharts script you can run your own fully automated song charts and music search engine website within minutes. Let your visitors search and download songs and discover the best new music hits with the top songs charts. [Hidden Content] [hide][Hidden Content]]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

If you are a lover of the entertainment industry! If you want to increase your Business Scale & If you want to earn good capital by sitting on a comfortable chair in an air-conditioned room. There is nothing better than our product called “NEXT HOUR”. [Hidden Content] [hide][Hidden Content]]

Description The incredible amount of data on the Internet is a rich resource for any field of research or personal interest. To effectively harvest that data, you’ll need to become skilled at web scraping. The Python libraries requests and Beautiful Soup are powerful tools for the job. If you like to learn with hands-on examples and you have a basic understanding of Python and HTML, then this course is for you. Use requests and Beautiful Soup for scraping and parsing data from the Web Walk through a web scraping pipeline from start to finish Build a script that fetches job offers from the Web and displays relevant information in your console [Hidden Content] [hide][Hidden Content]]

Sharperner Sharperner is a tool written in CSharp that generates a .NET dropper with AES and XOR obfuscated shellcode. A generated executable can possibly bypass signature check but I can’t be sure it can bypass heuristic scanning. Features PE binary Process Hollowing PPID Spoofing Random generated AES key and iv Final Shellcode, Key, and IV are translated to morse code .NET binary AES + XOR encrypted shellcode APC Process Injection (explorer.exe) Random function names Random generated AES key and iv Final Shellcode, Key, and IV are translated to morse code [hide][Hidden Content]]

Free Botnet Cleaning And Malware Analysis The " Cyber Swachhta Kendra " (Botnet Cleaning and Malware Analysis Centre) is a part of the Government of India's Digital India initiative under the Ministry of Electronics and Information Technology (MeitY) to create a secure cyber space by detecting botnet infections in India and to notify, enable cleaning and securing systems of end users so as to prevent further infections. More Details - [Hidden Content] Download Free Bot net Removal Tool - [Hidden Content] Supported By CERT-In (Indian Computer Emergency Response Team), Minstry of electronic information

Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in the waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.8.3 Fixed: Bug in socketio module Fixed: Add size bytes during th error scan Added: Words in wordlist [hide][Hidden Content]]