Search the Community

Showing results for tags 'enumeration'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin


There are no results to display.

There are no results to display.

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



About Me










Found 18 results

  1. Domained – Multi Tool Subdomain Enumeration Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting. This produces categorized screenshots, server response headers and signature based default credential checking. It is written in Python heavily leveraging Recon-ng. Download: [Hidden Content]
  2. Turbolist3r - Subdomain Enumeration Tool With Analysis Features For Discovered Domains Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on subdomain takeover. Turbolist3r queries public DNS servers for each discovered subdomain. If the subdomain exists (i.e. the resolver replied with an address), the answer is categorized as CNAME or A record. By examining A records, it is possible to discover potential penetration testing targets for a given domain. Likewise, the process of looking for subdomain takeovers is simple; view the discovered CNAME records and investigate any that point to applicable cloud services. Please do not use for illegal purposes. [HIDE][Hidden Content]]
  3. 0x1

    TIDoS Framework

    The TIDoS Framework The Offensive Web Application Penetration Testing Framework. Highlights :- Here is some light on what the framework is all about: - [x] A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis. - [x] Has 5 main phases, subdivided into __14 sub-phases__ consisting a total of __108 modules__. - [x] Reconnaissance Phase has 50 modules of its own (including active and passive recon, information disclosure modules). - [x] Scanning & Enumeration Phase has got 16 modules (including port scans, WAF analysis, etc) - [x] Vulnerability Analysis Phase has 37 modules (including most common vulnerabilites in action). - [x] Exploits Castle has only 1 exploit. `(purely developmental)` - [x] And finally, Auxillaries have got 4 modules. `more under development` - [x] All four phases each have a `Auto-Awesome` module which automates every module for you. - [x] You just need the domain, and leave everything is to this tool. - [x] TIDoS has full verbose out support, so you'll know whats going on. - [x] Fully user friendly interaction environment. `(no shits)` TIDoS is built to be a comprehensive, flexible and versatile framework where you just have to select and use modules. So to get started, you need to set your own `API KEYS` for various OSINT & Scanning and Enumeration purposes. To do so, open up `` under `files/` directory and set your own keys and access tokens for `SHODAN`, `CENSYS`, `FULL CONTACT`, `GOOGLE` and `WHATCMS`. Finally, as the framework opens up, enter the website name `eg. [Hidden Content]` and let TIDoS lead you. Thats it! Its as easy as that. To update this tool, use `` module under `tools/` folder. Flawless Features :- TIDoS Framework presently supports the following: Other Tools: - Displays information about your network. Located under `tools/`. - Updates the framework to the latest release via signature matching. Located under `tools/`. TIDoS In Action: Lets see some screenshots of TIDoS in real world pentesting action: Version: v1.7 [latest release] [#stable] Upcoming: These are some modules which I have thought of adding: Some more of Enumeraton & Information Disclosure modules. Lots more of OSINT & Stuff (let that be a suspense). More of Auxillary Modules. Some Exploits are too being worked on. More info & Download: [hide][Hidden Content]]
  4. is a Windows file enumeration intel gathering tool. View the full article
  5. Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging. View the full article
  6. 0x1

    Linux Smart Enumeration

    Linux enumeration tool for pentesting and CTFs with verbosity levels Unlike LinEnum, lse tries to gradualy expose the information depending on its importance from a privesc point of view. What is it? This script will show relevant information about the security of the local Linux system. It has 3 levels of verbosity so you can control how much information you see. In the default level you should see the highly important security flaws in the system. The level 1 (./ -l1) shows interesting information that should help you to privesc. The level 2 (./ -l2) will just dump all the information it gathers about the system. By default it will ask you some questions: mainly the current user password (if you know it so it can do some additional tests. How to use it? The idea is to get the information gradually. First you should execute it just like ./ If you see some green yes!, you probably have already some good stuff to work with. If not, you should try the level 1 verbosity with ./ -l1 and you will see some more information that can be interesting. If that does not help, level 2 will just dump everything you can gather about the service using ./ -l2. In this case you might find useful to use ./ -l2 | less -r. You can also select what tests to execute by passing the -s parameter. With it you can select specific tests or sections to be executed. For example ./ -l2 -s usr010,net,pro will execute the test usr010 and all the tests in the sections net and pro. Use: ./ [options] OPTIONS -c Disable color -i Non interactive mode -h This help -l LEVEL Output verbosity level 0: Show highly important results. (default) 1: Show interesting results. 2: Show all gathered information. -s SELECTION Comma separated list of sections or tests to run. Available sections: usr: User related tests. sud: Sudo related tests. fst: File system related tests. sys: System related tests. sec: Security measures related tests. ret: Recurren tasks (cron, timers) related tests. net: Network related tests. srv: Services related tests. pro: Processes related tests. sof: Software related tests. ctn: Container (docker, lxc) related tests. Specific tests can be used with their IDs (i.e.: usr020,sud) Source & Download : [Hidden Content]
  7. CentOS Control Web Panel (CWP) version suffers from a user enumeration vulnerability. View the full article
  8. CentOS Control Web Panel (CWP) versions through suffer from a user enumeration vulnerability. View the full article
  9. CentOS Control Web Panel version suffers from a user enumeration vulnerability. View the full article
  10. 0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration Using 0xsp mongoose you will be able to scan a targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux os system at the same time with high performance, without spending time looking inside the terminal or text file for what is found, mongoose shorten this way by allowing you to send this information directly into web application friendly interface through easy API endpoint. project is divided into two sections server & agent . server has been coded with PHP(codeigniter) you need to install this application into your preferred environment, you can use it online or on your localhost. user is free to choice .also contribution to enhancing features are most welcomed. Agent has been coded as ELF with Lazarus Free Pascal will be released with (32, 64 bit) while executing Agent on targeted system with all required parameters. user is free to decide whether willing to communicate with Server App to store results and explore them easily . or he can also run this tool without Web API Connection. Agent Features High performance , stability , Output results Generated while executing no delays Ability to execute most of functions with intelligent techniques . results are being sent to Quick Web API Exception Handling . inbuilt Json Data set for publicly disclosed Exploits . Fast As Mongoose [Hidden Content]
  11. The Microsoft Windows kernel's Registry Virtualization does not safely open the real key for a virtualization location leading to enumerating arbitrary keys resulting in privilege escalation. View the full article
  12. ManageEngine ServiceDesk Plus version 9.3 suffers from a user enumeration vulnerability. View the full article
  13. CUJO Firewall suffered from authorization bypass, denial of service, and user enumeration vulnerabilities. View the full article
  14. 1337day-Exploits

    OpenSSH User Enumeration

    OpenSSH versions prior to 7.7 suffer from a user enumeration vulnerability. View the full article
  15. Zimbra Collaboration User Enumeration Script (CVE-2018-10949) How to use The argument --host must be the hostname or IP address of Zimbra Collaboration Web Application root page, and --userlist an list of usernames to check against it. [email protected]# ./ --host [Hidden Content] --userlist /tmp/emails.txt And it should spill out valid e-mails! [Hidden Content]
  16. CVE-2018-15473-Exploit Exploit written in Python for CVE-2018-15473 with threading and export formats Threading - default 5 If more than 10 are used, often the OpenSSH service gets overwhelmed and causes retries Single username evaluation via username parameter Multiple username evaluation via userList parameter Multiple username evaluation file output via outputFile parameter Multiple output formats (list, json, csv) via outputFormat parameter An example username input file is given in exampleInput.txt An example results output file in List format is given in exampleOutput.txt An example results output file in JSON format is given in exampleOutput.json An example results output file in CSV format is given in exampleOutput.csv Build the image: docker build -t cve-2018-15473 . Run the exploit: docker run cve-2018-15473 -h Delete containers and image: docker ps -a | awk '$2 == "cve-2018-15473" {print $1}' | xargs docker rm docker rmi cve-2018-15473 [Hidden Content]
  17. Microsoft Active Directory Federated Services (ADFS) suffers from a time-based user enumeration vulnerability. View the full article
  18. 1337day-Exploits

    OpenSSH 7.x Username Enumeration

    OpenSSH versions 2.3 up to 7.4 suffer from a username enumeration vulnerability. View the full article