Search the Community

Course List: Advance Course of Android Hacking Advance Of Black Hat Hacking Antivirus Evasion Course Complete Basic Course Of Android Hacking Complete Basic Course Of Kali Linux Complete Course Of Wifi Hacking Complete Course Of Carding ERC Course By DedSec Facebook & Instagram Hacking Manually Binding And Making FUD Payloads For Android Online Accounts Cracking Course Reverse Engineering Course – The Hacks Behind Cracking Spamming Practical Course – First Time In Internet History DedSec Latest FUD Ransomware [Hidden Content]

Mail-Swipe | Keep your real mailbox clean and secure. Mail Swipe is a python script that helps you to create temporary email addresses and receive emails at that address. It uses the API provided by 1secmail to create emails addresses and fetch emails. You can either generate your own email address or you can generate a random email address using this script. Once you receive an email it will be save in a text file inside the "All Mails" folder. For security reason you cannot read messages from addresses: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] All other addresses are free to use. - 1secmail team - [hide][Hidden Content]]

Docker for pentest is an image with the more used tools to create a pentest environment easily and quickly.Docker for pentest Features OS, networking, developing and pentesting tools installed. Connection to HTB (Hack the Box) vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou. Proxy service to send traffic from any browsers and burp suite installed in your local directory. Exploit database installed. Tool for cracking password. Linux enumeration tools installed. Tools installed to discovery services running. Tools installed to directory fuzzing. Monitor for linux processes without root permissions Zsh shell installed. Tools installed Operative system tools rdate vim zsh oh-my-zsh locate cifs-utils htop gotop Network tools traceroute telnet net-tools iputils-ping tcpdump openvpn whois host prips dig Developer tools git curl wget ruby go python python-pip python3 python3-pip php aws-cli tojson nodejs Pentest tools Port scanning nmap masscan ScanPorts created by @s4vitar with some improvements Recon Subdomains Amass GoBuster Knock MassDNS Altdns spyse Sublist3r findomain subfinder spiderfoot haktldextract Subdomain takeover subjack SubOver tko-subs DNS Lookups hakrevdns Screenshot gowitness aquatone Crawler hakrawler Photon gospider gau otxurls waybackurls Search directories dirsearch Fuzzer wfuzz ffuf Web Scanning whatweb wafw00z nikto arjun httprobe striker hakcheckurl CMS wpscan joomscan droopescan cmseek Search JS LinkFinder getJS subjs Wordlist cewl wordlists: wfuzz SecList Fuzzdb Dirbuster Dirb Rockyou all.txt crunch Git repositories gitleaks gitrob gitGraber github-search GitTools OWASP sqlmap XSStrike kxss dalfox Brute force crowbar hydra patator medusa Cracking hashid john the ripper hashcat OS Enumeration htbenum linux-smart-enumeration linenum enum4linux ldapdomaindump PEASS – Privilege Escalation Awesome Scripts SUITE Windows Exploit Suggester – Next Generation smbmap pspy – unprivileged Linux process snooping smbclient ftp Exploits searchsploit Metasploit MS17-010 AutoBlue-MS17-010 PrivExchange Windows evil-winrm impacket CrackMapExec Nishang Juicy Potato PowerSploit pass-the-hash mimikatz gpp-decrypt Reverse shell netcat rlwrap Other resources pentest-tools from @gwen001 qsreplace from @tomnomnom Custom functions NmapExtractPorts from @s4vitar Other services apache2 squid Changelog v0.3 Changelog feat: Update amass and change wafw00f installation mode. Commits [ a987755 ] – Update amass and change wafw00f installation mode. [hide][Hidden Content]]

Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say that bopscrk is a wordlist generator situated between them, taking the best of each one. The challenge was to try to apply the Cupp’s idea to more generic-situations and amplify the shoot-range of the resultant wordlist, without losing this custom-wordlist-profiler feature. How it works You have to provide some words which will act as a base. The tool will generate all possible combinations between them. To generate more combinations, it will add some common separators (e.g. “-“, “_”, “.”), random numbers, and special chars. You can enable leet and case transform to increase your chances. If you enable lyricpass mode, the tool will ask you about artists and it will download all his songs’ lyrics. Each line will be added as a new word. Then it will be transformed in several ways (leet, case, only first letters, with and without spaces…). Artist names will be added too. You can provide wordlists that you already tried against the target in order to exclude all these words from the resultant wordlist (-x). Changelog v2.3 Customizable configuration for artists and lyrics transforms using the cfg file Requirements at setup.py updated Multithreads logic improved Leet and case order reversed to improve operations efficiency BUG FIXED in lyrics space replacement BUG FIXED when removing duplicates (Type Error: unhashable type: ‘list’) Memory management and efficiency improved SPLIT INTO MODULES to improve project structure BUG FIXED in wordlists-exclusion feature [hide][Hidden Content]]

VFM is a simple and flexible plug-and-play file manager, easy to use and plenty of options. Send files to your customers, create new users with dedicated folders, or simply use it as your personal file cloud. Access from any device, manage users and general settings from an intuitive administration panel, customize it to your brand. [Hidden Content] [hide][Hidden Content]]

HawkScan Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.5.4 Add option “–js” for scan and analyze JS Delete “dryscrape” librarie for the moment, many errors with it, I’ll remake it later [hide][Hidden Content]]

GitHub just announced that its new code scanning feature, GitHub code scanning, is now generally available. The new feature of the developer platform that Microsoft bought in 2018 for 7.5 billion dollars can scan any public repository for vulnerabilities. The idea is to offer a native function within GitHub that can find vulnerabilities in the code of a repository before they reach production. If you have a public repo on GitHub, you can activate it from now on following the official documentation. Automated security as part of your workflow With the function active, the code will be revised as it is created, and areas that could be exploited in the future will be highlighted. At GitHub they hope that with this feature active they can catch bugs early to significantly reduce security incidents in the future. GitHub code scanning integrates with GitHub Actions or your existing CI / CD environment to maximize team flexibility. Scans code as it is created and displays actionable security reviews within pull requests and other GitHub experiences, all to automate security as part of your workflow. Before its launch, code scanning went through several months of testing. So far it has scanned 12,000 repositories 1.4 million times, and in total it has detected 20,000 security problems, from bugs that allowed remote code execution, through cross-site scripting, to SQL injection. During the tests the developers and those in charge of maintaining the repositories resolved 72% of the security flaws identified in their pull requests before merging after the first 30 days. This is important data since industry data shows that less than 30% of vulnerabilities are fixed within a month after being discovered. [Hidden Content]

GDBFrontend is an easy, flexible and extension able gui debugger. Changelog v0.1.3 beta Plugin and theme loading bug fixes. Theme plugins (like “theme_light”) dont get loaded automatically. So you can switch between themes with commands in GDB shell: gf-theme light, gf-theme default. GDBFrontendLive compatibility for new features. [hide][Hidden Content]]

BlackNET Free advanced and modern Windows botnet with a nice and secure PHP panel built using VB.NET. About BlackNET Free advanced and modern Windows botnet with a nice and secure PHP panel built using VB.NET. this botnet controller comes with a lot of features and the most secure panel for free Developed By: Black.Hacker What You Can Do Upload File Open Webpage [Visiable, Hidden] Show MessageBox Take Screenshot Steal Firefox Cookies Steal Saved Passwords [ Chrome, Firefox ] Steal Chrome Cookies Steal Chrome History Execute Scripts Execute Shell Commands Keylogger Computer operations [ Restart, Shutdown, Logout ] Uninstall Client Move Client Blacklist Client Close Client Requirements PHP >= 7.0 NET Framework How to Install PHP Panel Clone the Repo Compress BlackNET panel folder and upload it to your hosting Create a database with any name you want Change the database information and app path in config/config.sample.php Rename config.sample.php to config.php Change files and folders permission to 777 [ Uploads Folder] Make Sure that all DLLs are included in Plugins Folder Go to install.php to create the botnet tables automatically Enable a Cron Job for ping.php and remove.php What's New v3.5.2 1. Added Queue System to handle commands 2. Added NordVPN Stealer 3. Added Clipboard Stealer 4. Cleaner, Faster, Better Connection 5. Fixed Socket Issues 6. Update BlackUpload to 1.5 7. Update PHP Mailer 8. Removes some useless functions 9. Bugs Fixes [hide][Hidden Content]]

NUUBI is a Recon Tools, Scanners, and tools for penetration testing. Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned. So it is an Incredible fast recon tool for penetration tester which is specially designed for the Reconnaissance phase. Features: Infromation Modules : Banner grabing Subnetlookup Cms detect Certificate Transparency log monitor Dnslookup Extract links GeoIP lookup Httpheaders Nmapscan Subdomain lookup Traceroute Find hosts sharing DNS servers URL and website scanner for potentially malicious websites Github username Whois Crawler Reverse ip Reverse DNS Zonetransfer Nping test Ping Response Check an Autonomous System Number (ASN) Cloudflare Cookie Scraper [hide][Hidden Content]]

Here’s how you beat the game: get PlayerX today! It’s a heart-pounding theme dedicated to gaming, esports and every gaming studio. You can also announce your streams, display a list of your matches, present your gaming clan, and get everything else a modern gaming, esports and gaming studio website can ever need. If an all-round powerful gaming and esports website is what you’re after, look no further! PlayerX is here. [Hidden Content] [hide][Hidden Content]]

This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive. Examples of vulnerabilities that you can find So, the vulnerabilities identified, from which you can make personalized improvements are: Active Scan: XSS reflected and Stored SQL Injection error based Blind SQL injection Blind SQL injection time-based XXE Blind XXE SSRF CRLF Information disclosure Nginx off-by-slash vulnerability – From Orange Tsai Command injection Web cache poisoning Blind command injection Open Redirect Local File Inclusion Remote File Inclusion Path Traversal LDAP Injection XML Injection SSI Injection XPath Injection etc Passive Response Scan Security Headers Cookies attributes Endpoints extract Software versions Error strings In general any string or regular expression in the response. Passive Request Scan Interesting params and values In general any string or regular expression in the request. Changelog v3.3.5 Fixed bug with Payload and Payload without encoding match type Changed the default directory from user.dir to user.home Added and variables for printing issue details in Advisory. Fixed regex grep case sensitive Better redirection performance Fixed bug with Match And Replace [hide][Hidden Content]]

PHP malware scanner Traversing directories for files with php extensions and testing files against text or regexp rules, the rules-based on self-gathered samples and publicly available malwares/webshells. The goal is to find infected files and fight against kiddies, because too easy to bypass rules. Changelog v1.0.7 Signature update from new infections [hide][Hidden Content]]

[hide][Hidden Content]]

Telegram bot which steals stickers and packs and stores them in your own custom packs. [hide][Hidden Content]]

A Ransomware and Ransomware Builder for Windows written purely in Python What's New? (v3.0) Decryption key validation check before attempting decryption Overhaul to support Python 3.6 and above Drastically simplified dependency installation Crypter - 3.5 Implemented Time Delay capability Fixed sizer alignment issue Once again,the author accepts no responsibility for any damages that may occur, and by downloading this software you accept and agree to this disclaimer. [hide][Hidden Content]]

AutoDirbuster Automatically run and save Dirbuster scans for multiple IPs Why? OWASP Dirbuster is a great directory buster but running it against multiple IPs and ports is a very manual process with a lot of downtime between scans. This script attempts to automate that process and eliminates downtime between scans. What is the recommended usage? If attacking multiple targets: Run Nmap and find open ports, outputting the results with -oG or -oA Run AutoDirbuster with the Nmap results and a timeout (closed ports or non-HTTP based services are ignored) python AutoDirbuster.py -g Nmap_results.gnmap -to 15 As the pentest progresses, periodically review the Dirbust results using dirbust_read.py, which will ignore all Dirbuster error lines and only print the found directories and files If attacking a single target: python AutoDirbuster.py -st example.com:80 What data does this need? The script can take three data sources: List of IP:port or hostname:port, one per line python AutoDirbuster.py ip_port_list.txt An Nmap Gnmap result file python AutoDirbuster.py -g Nmap_results.gnmap A single target python AutoDirbuster.py -st example.com:80 How does this script work? A list of targets is provided A TCP connect scan is done on the target port to test if it’s open If it’s open, HTTP and HTTPS requests are sent to determine if the service is HTTP-based and whether it requires SSL If the service is HTTP, a check is done to determine if a previous report file is in the same directory. Report files follow the format: DirBuster-Report-IP-port.txt Dirbuster is run using Python’s subprocess.Popen(). If a timeout is specified, then after the timeout period, a SIGINT signal is sent to Dirbuster so it can safely shut down and write results to disk. A note is added to the report indicating that the scan timed out. The next IP:port goes through the same process (TCP connect, HTTP service query, dirbust) This script isn’t working Ensure the following Are all of the dependencies listed in requirements.txt installed? Is there a directory called “DirBuster” inside the same directory as AutoDirbuster.py? Does this “DirBuster” directory contain the Dirbuster JAR file named “DirBuster.jar”? Is “DirBuster.jar” version 0.12? Does this “DirBuster” directory contain a file called “directory-list-2.3-small.txt” (the default wordlist)? Does this “DirBuster” directory contain a subdirectory called “lib” with the default 13 required Dirbuster JAR dependencies? Is Java installed? Is Java in your path? Run AutoDirbuster with the –debug flag to view the subprocess command that AutoDirbuster is using to launch Dirbuster. Run this command from the terminal to view standard error as AutoDirbuster is configured to send subprocess standard error to /dev/null [hide][Hidden Content]]

What better program to monitor there is malware and trojans on my pc?

HawkScan Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.5.3 – add setup.sh [hide][Hidden Content]]

OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn’t require setting up a server on the internet somewhere or using a third party file-sharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you. Features: A user-friendly drag-and-drop graphical user interface that works in Windows, Mac OS X, and Linux Ability to share multiple files and folders at once Support for multiple people downloading files at once Automatically copies the unguessable URL to your clipboard Shows you the progress of file transfers When file is done transferring, automatically closes OnionShare to reduce the attack surface Localized into several languages, and supports international Unicode filenames Changelog v2.3 Major new feature: Multiple tabs, including better support for persistent services, faster Tor connections New feature: Chat anonymously mode New feature: All new design New feature: Ability to display QR codes of OnionShare addresses New feature: Web apps have responsive design and look better on mobile New feature: Flatpak packaging for Linux Several bug fixes [hide][Hidden Content]]

[Hidden Content]

Stowaway is a Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes (multi-layer) PS: The files under demo folder are Stowaway’s beta version, it’s still functional, you can check the detail by README.md file under the demo folder This tool is limited to security research and teaching, and the user bears all legal and related responsibilities caused by the use of this tool! The author does not assume any legal and related responsibilities! Features Obvious node topology Clear information display of nodes and keep them permanently Active/passive connect mode between nodes Reverse connection between nodes through socks5 proxy Ssh tunnel mode Can be used on multiple platforms Multi-hop socks5 traffic proxy(Support UDP/TCP,IPV4/IPV6) Multi-hop ssh traffic proxy Remote interactive shell Upload/download functions Port Mapping(local to remote/remote to local) Port Reuse Open or Close all the services arbitrarily Authenicate each other between nodes Network traffic encryption with AES-256(CBC mode [hide][Hidden Content]]

SubDomainizer SubDomainizer is a tool designed to find hidden subdomains and secrets present is either webpage, Github, and external javascript present in the given URL. This tool also finds S3 buckets, cloudfront URL’s and more from those JS files which could be interesting like S3 bucket is open to read/write, or subdomain takeover and a similar case for cloudfront. It also scans inside the given folder which contains your files. Cloud Storage Services Supported: SubDomainizer can find URL for following cloud storage services: 1. Amazon AWS services (cloudfront and S3 buckets) 2. Digitalocean spaces 3. Microsoft Azure 4. Google Cloud Services 5. Dreamhost 6. RackCDN. Changelog v2.0 SANs Feature: Added a feature to find Subject Alternative Names for already found subdomains from different sources. Two options can be used with -san argument i.e. all or same. same will find only subdomains for TLD of the URL. all will find all (sub)domains having the same SAN for a given subdomain. Secret Location Feature: Added a feature to display the location of secrets. Inline in case if secret(s) found within the page (used in -u argument) URL of file in case if secret(s) found on External JS file or Github URL or File path (in case of the folder). [hide][Hidden Content]]

HawkScan Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.5.2 Try differents bypass for 403 code error Update dico.txt [hide][Hidden Content]]

A dynamic VMP dumper and import fixer, powered by VTIL. Works for VMProtect 3.X x64. How It Works VMProtect injects stubs for every import call or jmp. These stubs resolve the ‘obfuscated’ thunk in the .vmpX section and add a fixed constant to ‘deobfuscate’ it. The calls or jumps themselves are then dispatched with a ret instruction. VMPDump scans all executable sections for these stubs and lifts them to VTIL using the VTIL x64 lifter. The analysis is then performed on these stubs, in order to determine what kind of call must be replaced and what bytes must be overwritten. Once all calls have been retrieved, VMPDump then creates a new import table and appends thunks to the existing IAT. The calls to the VMP import stubs are replaced with direct calls to these thunks. Note that in mutated routines, there are situations when there are not enough bytes to replace the VMP import stub call with a direct thunk call, as the latter is 1 byte larger. In these cases, the section is extended and a stub that jumps to the import thunk is injected. The VMP import stub call is then replaced with a 5-byte relative call or jmp to said injected stub. [hide][Hidden Content]]