Search the Community

DDWPasteRecon Pastesites are websites that allow users to share plain text through public posts called “pastes.” Once attackers compromise the external perimeter and gain access to the internal resources they release the part of data on the “paste” sites like pastebin or hastebin. As these hackers or malicious groups publish dumps on such sites other users can see sensitive information through paste sites. With various malicious groups now using these services as communication channels, temporary storage or sharing, and various other sources being used to trade POC code, I thought it would be a good idea to have an easy tool to help organisations Blue and Red Teams to have visibility into these sites via Google dorks. DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, and password hashes. It also allows members of SOC & Blue Team to gain situational awareness of the organisation’s web exposure on the pastesites. It Utilises Google’s indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats. [hide][Hidden Content]]

🐛 A multi threads web application source leak scanner. [hide][Hidden Content]]

View File Amazon FBA Freedom Formula Course – Leak Includes a lot of information about businesses in general so i recommend you check it out even if u hate Amazon Worth: 400$ Size: 3.4GB Download: free for users PRIV8 Submitter dEEpEst Submitted 16/04/21 Category Libro Online Password ********  

Oblivion Oblivion is a tool focused on real-time monitoring of new data leaks, notifying if the credentials of the user have been leak out. It’s possible to verify if any credential of the user has been leak out before. It has two modes: Oblivion Client: graphical mode. Oblivion Server: mode with API functionalities. NOTE: The Oblivion Client and the Oblivion Server are independents. 🌀 Features 💪 CVEs scan ☑️ Works with powerful APIs 🔗 Works too with Google Dorks 🔎 Checks your password in Word Lists 👀 Checks the last pastes in Pastebin 📄 Output to txt, docx, pdf, xlsx, json, html, xml, db 🔒 Output to encrypted files 📦 Sends result files to multiples Buckets S3 📁 Upload the result files to Google Drive 📡 Cab send result files by SSH (work with EC2) 📢 Notify by Telegram and e-mail 📌 Includes option to hide passwords for demonstrations 🕒 Works with scheduled scans 🔁 Possible to execute loop scans [hide][Hidden Content]]

Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled. For educational/penetration testing use only. [hide][Hidden Content]]

SourceLeakHacker SourceLeakHacker is a multi-threads web directories scanner. Feature Arguments parser. Store scan result into csv file. Support for multiple urls (from file). Add help comments for every params. Update Usage. Adjust dictionary elements order systematically. Change logger in order to suite for both windows and linux. Add log level. Update Screenshots. [HIDE][Hidden Content]]

View File BlackHatProTools Hidden Content Leak BlackHatProTools Hidden Tools And Content Leak HQ Leak Fo BlackHatProTools Link: Free download for Users PRIV8 Submitter dEEpEst Submitted 17/05/20 Category Files Password ********  

Download: [HIDE][Hidden Content]] Password: level23hacktools.com

WebKit suffers from a user-agent shadow root leak in WebCore::ReplacementFragment::ReplacementFragment. View the full article

LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site. View the full article

NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead. View the full article

This script abuses an unauthenticated information leak in the apcupsd daemon. View the full article

Spidermonkey IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can then be used to achieve memory corruption. View the full article

Chrome suffers from an internal object leak vulnerability in ReadableStream. View the full article

Linux Kernel version 4.4 (Ubuntu 16.04) suffers from a snd_timer_user_ccallback() kernel pointer leak vulnerability. View the full article

KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault. View the full article

Linux kernel version 4.13 suffers from a compat_get_timex() kernel pointer leak vulnerability. View the full article

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied. View the full article

Linux Kernel version 4.8 on Ubuntu 16.04 suffers from an sctp kernel pointer leak vulnerability. View the full article

ImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability. View the full article

The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check. View the full article

WINDOWS + Mac IDA Pro 7 with Decompilers Download [HIDE][Hidden Content]]