Search the Community

Showing results for tags 'application'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
    • Cracking Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Premium Accounts
    • Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Cracking Zone PRIV8
    • Cracking Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area


There are no results to display.

There are no results to display.

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start








Found 17 results

  1. WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL’s with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the terminal, or use the default payloads Default payloads that are guaranteed to produce at least one WAF triggering Ability to bypass firewalls using both SQLi techniques and cross-site scripting techniques Ability to run behind multiple proxy types (socks4, socks5, http, https, and Tor) Ability to use a random user agent, personal user agent, or custom default user agent Auto-assign protocol to HTTP or ability to force protocol to HTTPS A built-in encoder so you can encode your payloads into the discovered bypasses More to come… [Hidden Content]
  2. Konan is an advanced open source tool designed to brute force directories and files names on web/application servers. Support Platforms Linux Windows MacOSX [HIDE][Hidden Content]]
  3. This Metasploit module exploits untrusted serialized data processed by the WAS DMGR Server and Cells in the IBM Websphere Application Server. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset. View the full article
  4. This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access. View the full article
  5. Have a good overview of the Java programming language Install Android Studio and setup the environment Debug an Android Application Create a signed APK file to submit to the Google Play Store Use Explicit and Implicit Intents Make use of Fragments Create a Custom List View Create the Android Actionbar Create a custom Toast Use Shared Preferences, Files and SQLite Use the AsyncTask class Handle Android 6 Permissions Save data in an online database (MBAAS - Backendless) and do User management [Hidden Content]
  6. XenForo version 1.5.x with Advanced Application Forms version 1.2.2 suffers from an open redirection vulnerability. View the full article
  7. itsMe


    With PlayTube users can view & Interact with lasted videos and like and comment and more, now using the application is easier, and more fun! PlayTube is easy, secured, and it will be regularly updated. Demo: [Hidden Content] [HIDE][Hidden Content]]
  8. [HIDE][Hidden Content]] w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process. this is a list of available scanners: automatically detects target authentication type. admin page scanner. SQL injection scanner vulnerability. Attack Method: w3brute can attack using various methods of attack. this is a list of available attack methods: SQL injection bypass authentication mixed credentials (username + SQL injection queries) Support: multiple target google dorking a list of supported web interface types to attack: web shell HTTP 401 UNAUTHORIZED (Basic and Digest) create file results brute force attack. supported file format type: CSV (default) HTML SQLITE3 custom credentials (username, password, domain) (supported zip file) custom HTTP requests (User-Agent, timeout, etc) and much more...
  9. Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section Vooki – Web Application Scanner can help you to find the following attacks Sql Injection Command Injection Header Injection Cross site scripting – reflected, Cross site scripting – stored Cross site scripting – dom based Missing security headers Malicious JS script execution Using components with known vulnerabilities Jquery Vulnerabilites Angularjs Vulnerabilites Bootstrap Vulnerabilities Sensitive Information disclosure in response headers Sensitive Information disclosure in error messages Missing Server Side Validation Javascript Dyanamic Code Execution Sensitive Data Exposure [HIDE][Hidden Content]]
  10. Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features : [HIDE][Hidden Content]] Frontend framework detection Content Delivery Network detection Define Risk Level to allow for scans Plugin system Docker image available to build and run Features Fingerprints Server Web Frameworks (CakePHP,CherryPy,...) Frontend Frameworks (AngularJS,MeteorJS,VueJS,...) Web Application Firewall (Waf) Content Management System (CMS) Operating System (Linux,Unix,..) Language (PHP,Ruby,...) Cookie Security Content Delivery Networks (CDN) Attacks: Bruteforce Admin Interface Common Backdoors Common Backup Directory Common Backup File Common Directory Common File Log File Injection HTML Injection SQL Injection LDAP Injection XPath Injection Cross Site Scripting (XSS) Remote File Inclusion (RFI) PHP Code Injection Other HTTP Allow Methods HTML Object Multiple Index Robots Paths Web Dav Cross Site Tracing (XST) PHPINFO .Listing Vulnerabilities ShellShock Anonymous Cipher (CVE-2007-1858) Crime (SPDY) (CVE-2012-4929) Struts-Shock
  11. Taipan is a an automated web application scanner that allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which includes other components, like a web dashboard where you can manage your scans, download a PDF report and a scanner agent to run on specific host. Below are some screenshots of the Taipan dashboard: [HIDE][Hidden Content]] Below an example of execution: [Hidden Content] Taipan Components Taipan is composed of four main components: Web Application fingerprinter it inspects the given application in order to identify if it is a COTS application. If so, it extracts the identified version. This components is very important since it allows to identify vulnerable web applications. Hidden Resource Discovery this component scans the application in order to identify resources that are not directly navigable or that shouldn't be accessed, like secret pages or test pages. Crawler This component navigates the web site in order to provide to the other components a list of pages to analyze. It allows to mutate the request in order to find not so common pathes. Vulnerability Scanner this component probes the web application and tries to identify possible vulnerabilities. It is composed of various AddOn in order to easily expand its Knowledge Base. It is also in charge for the identification of know vulnerabilities which are defined by the user.
  12. Twilio WEB To Fax Machine System Application version 1.0 suffers from a remote SQL injection vulnerability. View the full article
  13. Oracle Application Express versions prior to suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the "__externalobjid" GET parameter is not properly sanitized before being passed to the "" method. View the full article
  14. University Application System version 1.0 suffers from cross site request forgery and remote SQL injection vulnerabilities. View the full article
  15. It was found that the PowerGrid application can be used to run arbitrary commands via the /SEE command line option. An attacker can abuse this issue to bypass Application Whitelisting in order to run arbitrary code on the target machine. This issue was successfully verified on Ivanti Workspace Control version 10.2.950.0. View the full article
  16. It was found that the PowerGrid application will execute rundll32.exe from a relative path when it is started with the /RWS command line option. An attacker can abuse this issue to bypass Application Whitelisting in order to run arbitrary code on the target machine. This issue was successfully verified on Ivanti Workspace Control version 10.2.700.1. View the full article
  17. ownCloud version 3.7.3 for iOS suffers from a cross site scripting vulnerability. View the full article