Search the Community

Showing results for tags 'application'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 38 results

  1. With MailWizz not only that you will be able to properly handle email marketing for your own purposes but you can also become an Email Service Provider for your customers, since MailWizz integrates easily with payment gateways like Paypal and it offers all the needed tools to create pricing plans, promotional codes and to manage orders and transactions created by your customers. Demo: [Hidden Content] [HIDE][Hidden Content]]
  2. Android Application Identifier for Packers, Protectors, Obfuscators and Oddities APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android. [HIDE][Hidden Content]]
  3. Allows One To Identify And Fingerprint Web Application Firewall (WAF) Products Protecting A Website The Web Application Firewall Fingerprinting Tool. — From Enable Security How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository. [HIDE][Hidden Content]]
  4. A VBA implementation of the RunPE technique or how to bypass application whitelisting. Description A simple yet effective implementation of the RunPE technique in VBA. This code can be used to run executables from the memory of Word or Excel. It is compatible with both 32 bits and 64 bits versions of Microsoft Office 2010 and above. Tests This code was tested on the following platforms: Windows 7 Pro 32 bits + Office 2010 32 bits Windows 7 Pro 64 bits + Office 2016 32 bits Windows 2008 R2 64 bits + Office 2010 64 bits Windows 10 Pro 64 bits + Office 2016 64 bits [HIDE][Hidden Content]]
  5. XeroChat, a multichannel marketing application, the ultimate white-label SaaS software with all-in-one solution for your business to grow. It offers all powerful tools like Facebook marketing, social media posting, SMS marketing, email marketing, search marketing, comparison marketing, analytical marketing & many other features. XeroChat is the best choice for your daily marketing solutions. Demo: [Hidden Content] [HIDE][Hidden Content]]
  6. WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL’s with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the terminal, or use the default payloads Default payloads that are guaranteed to produce at least one WAF triggering Ability to bypass firewalls using both SQLi techniques and cross-site scripting techniques Ability to run behind multiple proxy types (socks4, socks5, http, https, and Tor) Ability to use a random user agent, personal user agent, or custom default user agent Auto-assign protocol to HTTP or ability to force protocol to HTTPS A built-in encoder so you can encode your payloads into the discovered bypasses More to come… Changelog v1.7 Bunch of issue fixes with a few new wafs added into it enjoy [HIDE][Hidden Content]]
  7. WiFi Bruteforcer - Fsecurify WARNING: This project is still under development and by installing the app may desconfigure the Wi-Fi settings of your Android OS, a system restore may be necessary to fix it. Android application to brute force WiFi passwords without requiring a rooted device. [HIDE][Hidden Content]]
  8. WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques. WARNING 1: While running this program your machine will be extremely vulnerable to attack. You should disconnect from the Internet while using this program. WebGoat's default configuration binds to localhost to minimize the exposure. WARNING 2: This program is for educational purposes only. If you attempt these techniques without authorization, you are very likely to get caught. If you are caught engaging in unauthorized hacking, most companies will fire you. Claiming that you were doing security research will not work as that is the first thing that all hackers claim. [HIDE][Hidden Content]]
  9. w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. Video: [Hidden Content] Download: [HIDE][Hidden Content]]
  10. Mobile Application Penetration Testing Cheat Sheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics and checklist, which is mapped OWASP Mobile Risk Top 10 for conducting pentest. [Hidden Content]
  11. With PlayTube users can view & Interact with lasted videos and like and comment and more, now using the application is easier, and more fun! PlayTube is easy, secured, and it will be regularly updated. Demo: [Hidden Content] [HIDE][Hidden Content]]
  12. Combine with all powerful tools like Messenger BOT Builder, Comment BOT Builder, Messenger Broadcaster, Facebook Poster, RSS Poster, Existing Messenger Subscribers Import,SMS marketing, search marketing, comparison marketing & many other features , XeroChat is the best choice for your daily marketing solutions. The best part of this system is you can broadcast Promotional Message to Messenger Subscribers. Demo: [Hidden Content] [HIDE][Hidden Content]]
  13. dEEpEst

    Top Android hacking application

    Top Android hacking application [Hidden Content]
  14. Web Security Dojo Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want to transform their stock Ubuntu into a virtual dojo. Bow to your sensei! Features vulnerable web applications common web security testing tools popular industry web application security guidelines walk-throughs of several targets (no peeking ahead) no Internet-connect required to use username: dojo password: dojo To install Dojo you first install and run VirtualBox 5 or later, then “Import Appliance” using the Dojo’s OVF file. We have PDF or YouTube for instructions for Virtualbox. The OVA should also be able to be imported and used in various VMware tools, but we do not support this directly at this time. [HIDE][Hidden Content]]
  15. BUILD PROFESSIONAL APPS BRIDGING THE GAP BETWEEN BUSINESS AND IT WITH A CODE ABSTRACTION RULE YOU WON'T NEED HELP OF AN EXPERT DEVELOPER. ONE LICENSE INFINITE APPS YOUR IDEA. YOUR APP DEPLOYED FOR SEVERAL DEVICES. NO ROYALTIES. ONE PROJECT, MULTI-PLATFORM DEPLOY FOR DIFFERENT OS AND DIFFERENT DEVICES, SHARING COMPATIBILITY. WE HAVE BEAUTIFUL ICON SETS AND THEMES YOU CAN USE IT TO START YOUR APP INTERFACE. [Hidden Content] [HIDE][Hidden Content]]
  16. [Hidden Content] [HIDE][Hidden Content]] Pass: level23hacktools.com
  17. This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below. View the full article
  18. WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL’s with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the terminal, or use the default payloads Default payloads that are guaranteed to produce at least one WAF triggering Ability to bypass firewalls using both SQLi techniques and cross-site scripting techniques Ability to run behind multiple proxy types (socks4, socks5, http, https, and Tor) Ability to use a random user agent, personal user agent, or custom default user agent Auto-assign protocol to HTTP or ability to force protocol to HTTPS A built-in encoder so you can encode your payloads into the discovered bypasses More to come… Changelog v1.5.4 minor update to Cloudflare detection via issue #299 [HIDE][Hidden Content]]
  19. This Project Developed For 2 Reasons First " Help Beginners to learn coding . " Second " Help Newbie Servers Managers To Learn New Protection Tricks " Requirements PHP PHP CUrl OS Linux [HIDE][Hidden Content]]
  20. YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL – Versions and cipher suites supported; common issues. Information Disclosure – Checks for common information leaks. Presence of Files or Directories – Checks for files or directories that could indicate a security issue. Common Vulnerabilities Missing Security Headers This is meant to provide an easy way to perform initial analysis and information discovery. It’s not a full testing suite, and it certainly isn’t Metasploit. The idea is to provide a quick way to perform initial data collection, which can then be used to better target further tests. It is especially useful when used in conjunction with Burp Suite (via the –proxy parameter). Changelog v0.8.0b4 Various improvements Like a Gem: pip3 install yawast Via Docker: docker pull adamcaudill/yawast It’s strongly recommended that you review the installation documentation, to make sure you have the proper dependencies. Tests The following tests are performed: (Generic) Info Disclosure: X-Powered-By header present (Generic) Info Disclosure: X-Pingback header present (Generic) Info Disclosure: X-Backend-Server header present (Generic) Info Disclosure: X-Runtime header present (Generic) Info Disclosure: Via header present (Generic) Info Disclosure: PROPFIND Enabled (Generic) TRACE Enabled (Generic) X-Frame-Options header not present (Generic) X-Content-Type-Options header not present (Generic) Content-Security-Policy header not present (Generic) Public-Key-Pins header not present (Generic) X-XSS-Protection disabled header present (Generic) SSL: HSTS not enabled (Generic) Source Control: Common source control directories present (Generic) Presence of crossdomain.xml or clientaccesspolicy.xml (Generic) Presence of sitemap.xml (Generic) Presence of WS_FTP.LOG (Generic) Presence of RELEASE-NOTES.txt (Generic) Presence of readme.html (Generic) Missing cookie flags (Secure, HttpOnly, and SameSite) (Generic) Search for files (14,169) & common directories (21,332) (Apache) Info Disclosure: Module listing enabled (Apache) Info Disclosure: Server version (Apache) Info Disclosure: OpenSSL module version (Apache) Presence of /server-status (Apache) Presence of /server-info (Apache Tomcat) Presence of Tomcat Manager (Apache Tomcat) Presence of Tomcat Host Manager (Apache Tomcat) Tomcat Manager Weak Password (Apache Tomcat) Tomcat Host Manager Weak Password (Apache Tomcat) Tomcat version detection via invalid HTTP verb (Apache Tomcat) Tomcat PUT RCE (CVE-2017-12617) (Apache Struts) Sample files which may be vulnerable (IIS) Info Disclosure: Server version (ASP.NET) Info Disclosure: ASP.NET version (ASP.NET) Info Disclosure: ASP.NET MVC version (ASP.NET) Presence of Trace.axd (ASP.NET) Presence of Elmah.axd (ASP.NET) Debugging Enabled (nginx) Info Disclosure: Server version (PHP) Info Disclosure: PHP version CMS Detection: Generic (Generator meta tag) [Real detection coming as soon as I get around to it…] SSL Information: Certificate details Certificate chain Supported ciphers Maximum requests using 3DES in a single connection DNS CAA records Checks for the following SSL issues are performed: Expired Certificate Self-Signed Certificate MD5 Signature SHA1 Signature RC4 Cipher Suites Weak (< 128 bit) Cipher Suites SWEET32 Certain DNS information is collected: IP Addresses IP Owner/Network (via api.iptoasn.com) TXT Records MX Records NS Records CAA Records (with CNAME chasing) Common Subdomains (2,354 subdomains) – optional, via --subdomains SRV Records – optional, via --srv In addition to these tests, certain basic information is also displayed, such as IPs (and the PTR record for each IP), HTTP HEAD request, and others. [HIDE][Hidden Content]]
  21. WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL’s with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the terminal, or use the default payloads Default payloads that are guaranteed to produce at least one WAF triggering Ability to bypass firewalls using both SQLi techniques and cross-site scripting techniques Ability to run behind multiple proxy types (socks4, socks5, http, https, and Tor) Ability to use a random user agent, personal user agent, or custom default user agent Auto-assign protocol to HTTP or ability to force protocol to HTTPS A built-in encoder so you can encode your payloads into the discovered bypasses More to come… [Hidden Content]
  22. Konan is an advanced open source tool designed to brute force directories and files names on web/application servers. Support Platforms Linux Windows MacOSX [HIDE][Hidden Content]]
  23. This Metasploit module exploits untrusted serialized data processed by the WAS DMGR Server and Cells in the IBM Websphere Application Server. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset. View the full article
  24. This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access. View the full article