Search the Community

Agartha { LFI | RCE | Auth | SQLi | Http-Js } Agartha is a penetration testing tool that creates dynamic payload lists and user access matrix to reveal injection flaws and authentication/authorization issues. There are many different attack payloads that exist, but Agartha creates run-time, systematic, and vendor-neutral payloads with many different possibilities and bypassing methods. It also draws attention to user session and URL relationships, which makes it easy to find user access violations. And additionally, it converts Http requests to JavaScript to help dig up XSS issues. In summary: Payload Generator: It creates payloads/wordlists for different attacks. Directory Traversal/Local File Inclusion: It creates file dictionary lists with various encoding and escaping characters. Remote Code Execution: It creates command dictionary lists for both Unix and Windows environments with different combinations. SQL Injection: It creates Batched Queries, Boolean-Based, Union-Based and Time-Based SQLi wordlist for various databases to help find vulnerable spots. Authorization Matrix: It creates an access role matrix based on user sessions and URL lists to determine authorization/authentication-related access violation issues. And Http Request to JavaScript Converter: It converts Http requests to JavaScript code to be useful for further XSS exploitation and more. [hide][Hidden Content]]

Follow on course: Scrape images, master regular expressions, create dynamic charts and graphs. OOP and AJAX too! What you'll learn Scraping title and images, displaying them in a gallery using bootstrap cards, regular expressions, ajax, front end design, and dynamic charts/graphs. Requirements Ideally, take our basic (zero to pro) web scraping series as a prerequisite. Suggested but not required. Description Don't waste your time on courses that hide behind hundreds of hours. In just five lessons, you will be scraping titles and images with confidence, and using flask, bootstrap and chartist.js to display your scraped data in galleries and dynamically changing charts! You will also finally walk away confident with regular expressions, write OOP code and AJAX and learn a hell of a lot in an extremely short time frame. Happy learning and I do hope you'll really enjoy and benefit from this course. Who this course is for: Beginner Python developers, advanced developers looking to learn web scraping and new techniques Course content 5 sections • 5 lectures • 1h 35m total length [Hidden Content] [hide][Hidden Content]]

Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right now is perfect for teams as small as one person, without costing you much at all to run. And by not much to run at all, I mean, less than 5 bucks a month if you use responsibly, and a free two months with my referral link below. Read more about the economics at the bottom. Packages To Date aquatone httprobe subfinder assetfinder gf masscan sn0int kxss jq SecLists gobuster nmap waybackurls amass anti-burl Golang (setup, path configured, latest version) hakrawler zdns zmap ffuf gau dirb subjack SQLMap fbrobe getjs openvpn projectdiscovery chaos-client projectdiscovery nuclei projectdiscovery chaos projectdiscovery shuffledns dnsprobe dnsvalidator urlprobe oh-my-zsh tmux masscan subgen proxychains w/ Tor setup mosh docker metasploit dalfox subjack [hide][Hidden Content]]

ConfuserEx Unpacker Dynamic Edited copy of cawks confuserex unpacker, this one supports trinity and netguard 4.5 ConfuserEx Unpacker 2 (Supports Trinity & Netguard 4.5) STILL UNDER BETA This is my own "mod" of this unpacker, ive added constant support for 2 parameter decryption support (Netguard 4.5, Ben Mhenni 4.5), and i added support for 3 parameters with string (Trinity). Added support for the packer in trinity and also added many different mutation removers that will come in handy for custom mods. You can easily clean programs piece by piece or however you want by editing the program.cs. //////////////////////////////////////////////////////////// A new and updated version of my last unpacker for confuserex which people actually seem to use so i thought i would update it and actually make it better as that version is very poor this is currently in beta and in its first version will only support confuserex with no modifications or additional options from confuserex itself. this will change as i add more features this will heavily be based off my instruction emulator which makes it much more reliable as long as theres no hidden surprises from modified confuserex i have not used sub modules due to making changes within de4dot.blocks in Int32/64Value i have modified the Shr_Un methods and such to fix a bug (well not really a bug but it prevents some operations from giving correct result) if you have an issue with this unpacker please make an issue report but if you simply go 'does not work on this file please fix' i simply will just close your issue please make a detailed report and explain where it crashes [hide][Hidden Content]]

hello please, Who have valid link for Ratatouille Downloader, Dynamic API Loading, UD, C++ download source code ? thx u in advanced

OWASP D4N155 OWASP Tool Project D4N155The project uses OSINT for a dynamic and smart attack of brute force, using a complex operation and get the word list using expressions find. KEY FEATURES Make smart wordlist based from page content Make smart wordlist based from specific url content Make smart wordlist based from past content FREE SOFTWARE IN LICENSE(GPL V3) AND IN ESSENCE Automatic Report Feature with two options: HTML Where it generates a dynamic graphic for quick visualization PDF People with bad intentions dedicate a long part of their time to read profiles, posts analyzing then, observing reactions with in order to obtain the maximum information about their targets in order to make their list (of passwords) and the door for the attack. Even if you do not have specific knowledge, so you may be using this tool will help you get a sense of how vulnerable you are and consequently take action and prevent a possible attack. Besides this it’s a friendly tool for a pentester with the features of automatics reports the professional can save time, writing extensive reports with pages of print screens, technician reports, and transcription of procedures this tool can make a half of a job for him. Changelog v1.3 🦄 Update getrails for 3.0 🦄 Add new function for GoMutation compilation 🦄 Removing groff report 🌈 Fixing $end for correct and incorrect var 🌈 Fixing msg, colors and replace GoMutation with generator.py 🌈 Fix output kill for progressbar ❤️ Replacing GoMutation with generator.py [HIDE][Hidden Content]]

What is a dynamic programming ? [Hidden Content]

This paper and proof of concept describes the Wiederganger-Attack, a new attack vector that reliably allows to escalate unbounded array access vulnerabilities occurring in specifically allocated memory regions to full code execution on programs running on i386/x86_64 Linux. Wiederganger-attacks abuse determinism in Linux ASLR implementation combined with the fact that (even with protection mechanisms such as relro and glibc's pointer mangling enabled) there exist easy-to-hijack, writable (function) pointers in application memory. View the full article