Search the Community

Don't Leach ❤️ [hide][Hidden Content]]

[Hidden Content]

Manual: Specify the folder with logs After the software displays the result with the number of countries, you need to enter which countries need to be sorted. To sort by separateness, you need to enter a list of countries separated by commas, for example: "US, CA, BR", then the software will sort the logs only with US, CA, BR countries. To sort all countries, enter "all" in the console. Importantly! Enter all names of countries capsom, otherwise the software will not sort them, "all" - enter strictly in lower case. After entering the countries, the Result folder will be created next to the program, and the folder "NUMBER OF LOGS DATE-TIME" will be created in it. The folder will contain sorted countries, for example, US, CA, BR folders. Texts countries.txt and Exceptions.txt - informative: in countries.txt the program log is recorded, in Exceptions.txt program errors are recorded. About the minor disadvantages of the program: The counter doesn't work very correctly, so you don't need to tell me about it. If the program could not copy any file from the log, it will not count the folders. The Exceptions text.txt in particular, stores information that the program could not copy any folder from the log, Windows has a limit on the length of the path and file name, if they exceed this limit, the program will not be able to copy the file / folder from the log. [hide][Hidden Content]]

How to make Combolist from logs [Hidden Content]

File .exe + Source Py [hide][Hidden Content]]

APT-Hunter is a Threat Hunting tool for windows event logs which made by the purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity. This tool will make good use of the windows event logs collected and make sure to not miss critical events configured to be detected. If you are a Threat Hunter, Incident Responder, or forensic investigator, I assure you will enjoy using this tool, why? I will discuss the reason in this article and how it will make your life easy just it made mine. Kindly note this tool is heavily tested but still a beta version and may contain bugs. if you are using APT-Hunter you will have : uncover any suspicious activity you don’t know about before it turns to a big incident . Detect APT movements in the system based on events from previous discovered APT attacks. Make a good use of the windows event logs you collected . faster attack detection which will decrease the response time in order to quickly contain and eradicate the attacks. Output configured to be compatible with timesketch so you can do time line analysis . With the important 60 use cases configured in one place you will invest your time in other data sources . Faster investigating multiple servers in short amount of time . it will help you in cases you don’t have much time to do deep investigation . Free Open source tool that will serve you without any limitation . Personally i used it in many incident and helped me uncover events i missed out and allowed me finish the investigations faster . Turn millions of events into hundreds with severity you can use as a filter. Changelog v3.0 New use cases based on new attacks and incidents. More statistics and detection for new log sources (Group Policy , SMB Client , SMB Server) Rebuilt with Multiprocessing to utilize available resources. Specify start and end date to focus on specific time period. lightning-fast Regex Hunt that go through tons of logs in minutes . New Object Access Report. New Process Execution Report. New Summary of Detection Results. New statistics sheet that include the unique powershell commands executed in the systems. New Statistics sheet for RDP client events with events SID automatically resolved to users. New Statistics sheet for executed powershell commands. Now you don’t need to bruteforce EventID 1029 hash to get username . WinRM events SID now automatically resolved to user name. New collected SID report that will provide you all the discovered SID with their user name. New scoring system for powershell detection to let you focus on important events. APT-Hunter now can handle any number or size of windows event logs. Hunting module now allow you to include specific event ID to search. Hunting module now allow you to provide a file with a list of regex [hide][Hidden Content]]

[Hidden Content]

[hide] Video: [Hidden Content] [Hidden Content]]

Run start.exe [hide][Hidden Content]]

[Hidden Content]

Stealer Checker - Get information from RedLine logs [hide][Hidden Content]]

The software searches all logs for Twitter accounts and checks them to the valid. Valid cookies are placed in the Results folder, where it is sorted into folders such as Password Change Required, Suspended, Verify phone number, Working All normal accounts are placed in the Working folder, and what is placed in the other folders is clear from the name of the folders. Only cookies in the .txt format go to these folders, and information about accounts in cookies is stored in the corresponding texts in the Results folder. Here's an example of what it looks like. [hide][Hidden Content]]

ProtonMail "logs" and delivers activist IP logs End-to-end encrypted email service provider ProtonMail has come under fire after it gave in to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a " legally binding order from the Swiss Federal Department of Justice " relating to a collective called Youth for Climate, which it was " obliged to comply with, " forcing it to hand over the IP address and related information. type of device used by the group to access the ProtonMail account. On its website, ProtonMail announces that: " No personal information is required to create your secure email account. By default, we do not keep any IP logs that can be linked to your anonymous email account. Your privacy comes first. ". Despite its claims that there are no IP logs, the company acknowledged that while it is illegal for the company to comply with requests from non-Swiss law enforcement authorities, it will be asked to do so if Swiss agencies agree to assist services. foreigners such as Europol in their investigations. " There was no possibility of appealing or rejecting this particular request because in fact an act contrary to Swiss law was carried out (and this was also the final determination of the Federal Department of Justice that makes a legal review of each case) ", the the company said in a lengthy response posted on Reddit. Simply put, ProtonMail will not only have to comply with orders from the Swiss government, but will be forced to hand over relevant data when people use the service for activities deemed illegal. This includes monitoring users' IP addresses in " extreme criminal cases ," according to its transparency report. " Proton must comply with Swiss law. As soon as a crime is committed, privacy protections can be suspended and we are required by Swiss law to respond to requests from Swiss authorities , "ProtonMail founder and CEO Andy Yen tweeted, adding:" It is regrettable that The legal tools for serious crimes are being used in this way. But by law, [ProtonMail] must comply with Swiss criminal investigations. Obviously, this is not done by default, but only if it is legally enforced . " In any case, ProtonMail users who are concerned about the visibility of their IP addresses should use a VPN or access the email service through the Tor network for additional anonymity. " The prosecution in this case seems quite aggressive. Unfortunately, this is a pattern that we have seen more and more in recent years around the world (for example, in France, where anti-terrorism laws are used inappropriately). " the company said. Update In a blog post titled " Important Clarifications on Arrest of a Climate Activist ," Andy Yen said the company " it may be forced to collect information on the accounts of users under Swiss criminal investigation. Obviously this is not done by default, but only if Proton obtains a legal order for a specific account . " Also, in a revision of its privacy policy, ProtonMail now explicitly explains that it will be forced to record the IP addresses of the users if found to be in violation of Swiss law: " By default, we do not keep permanent IP logs in connection with your use of the Services. However, IP logs may be temporarily kept to combat abuse and fraud, and your IP address may be permanently retained if you engage in activities that violate our terms and conditions (spam, DDoS attacks against our infrastructure, brute force attacks, etc. .). The legal basis for this processing is our legitimate interest in protecting our Services against nefarious activities. If you are breaking Swiss law, ProtonMail may be legally compelled to register your IP address as part of a Swiss criminal investigation ”. Note- The title of the article has been revised to reflect that ProtonMail may allow the registration of IP addresses in accordance with Swiss court orders.

Description An Akamai Report from 2018 described SQLi (SQL Injection), LFI (Local File Injection) and XSS (Cross-Site Scripting) as the most common web attacks. ([Hidden Content]) There are multiple types of web attacks. This course will review these attacks and teach you how to use the web application logs to identify them. To do this, the student will need to learn how to read a log and how to extract some of the key information from the log. Subsequently, this first analysis of real world web server log examples will be used to get a better understanding of the attack. We will also use some scripts to find the information faster. Following the log analysis of the web attacks, students will learn about some of the networks that can affect the web application like DDOS (Distributed Denial of Service) and other types of flooding. Upon completion of the course, the student should be able to read a web application log thatoriginated from the web server and identify some of the most common web attacks. Prerequisites: Basic Computer Network knowledge OSI and TCP/IP Model Basic knowledge in common application and technology Firewalls,DNS,IPS/IDS HTTP/HTTPS Course Goals By the end of this course, students should be able to: Identify key information on web server logs Identify malicious actions by analyzing logs Identify web attacks after analyzing logs In the Log Analysis training course, students will participate in a lab where they will learn to review different log files related to the Windows operating system. Students will learn to configure systems to log events, as well as to analyze system events. What is Log Analysis? All networks, computers, and other IT systems generate a record of system activities. The document that shows those activities is called an audit trail record or log. Log analysis is the process of reviewing and evaluating the records of system activities to help organizations mitigate certain risks and stay in compliance with regulations. How Does Log Analysis Work? Logs are typically created by operating systems, network devices, applications, and smart devices. They consist of several messages that are arranged chronologically and then stored in a file, on a disk, or in an application. Once the log information is collected, it can be analyzed to identify patterns and anomalies, like network intrusions. Log analysis components work together to identify the root causes for the anomalies or other unstructured data. Regular log analysis helps reduce and avoid various risks that are associated with the enterprise. The analysis provides evidence of what happened, the factors that determined the cause, and the impact of what occurred. This allows IT professionals to build countermeasures and models to mitigate risks. Log analysis is usually performed due to security or audit compliance, security incident responses, forensics, or system troubleshooting. Why is Log Analysis Important? There are many reasons that log analysis is important. It can serve various different purposes including: Maintaining compliance with internal cybersecurity policies and external regulations and audits To understand and mitigate data breaches and other types of security incidents To understand user behavior To conduct forensics for investigations To troubleshoot computers, systems, or networks For some types of organizations, conduction of log analysis is mandatory if they are to be certified as compliant with certain regulations. However, log analysis can be very useful to all types of organizations as it saves time when attempting to diagnose a problem, resolve an issue, or manage infrastructure or applications. What is Involved in This Log Analysis Training Course? In this log analysis training, students will gain a foundational understanding of log analysis. They will be introduced to the tools that are needed to help identify network intrusion. The students will participate in lab activities that cover processing logs with the Windows operating system and applying learned analytical skills to configure systems to log events, as well as to analyze system events. The course will explain log analysis methodology, how to evaluate and analyze log files, how to extract information from the log files, and how to arrange log file data. Upon completion of the course, students will receive a Certificate of Completion. If you are interested in learning more about log analysis, our Log Analysis training course including lab activities is a great place to start. It’s easy to enroll, just click on the Register button in the top right corner of this screen to begin. [Hidden Content] [hide][Hidden Content]]

Our upload services lets you upload files such as .exe .dll .scr .bat .doc .pdf and much more anonymously. Just drag and drop a file to the upload box, or you can click the box and select a file to upload. After upload u will get direct link to your file so u are able to share it instantly. [Hidden Content]

Stealer + Clipper + Keylogger Stealer written on C#, logs will be sent to Telegram bot. Disclaimer I, the creator, am not responsible for any actions, and or damages, caused by this software. You bear the full responsibility of your actions and acknowledge that this software was created for educational purposes only. This software's main purpose is NOT to be used maliciously, or on any system that you do not own, or have the right to use. By using this software, you automatically agree to the above. Functions AntiAnalysis (VirtualBox, SandBox, Emulator, Debugger, VirusTotal, Any.Run) Steal system info (Version, CPU, GPU, RAM, IPs, BSSID, Location, Screen metrics) Chromium based browsers (passwords, credit cards, cookies, history, autofill, bookmarks) Firefox based browsers (db files, cookies, history, bookmarks) Internet explorer/Edge (passwords) Saved wifi networks & scan networks around device (SSID, BSSID) File grabber (Documents, Images, Source codes, Databases, USB) Detect banking & cryptocurrency services in browsers Install keylogger & clipper Steam, Uplay, Minecraft session Desktop & Webcam screenshot ProtonVPN, OpenVPN, NordVPN Cryptocurrency Wallets Telegram sessions Pidgin accounts Discord tokens Filezilla hosts Process list Directories structure Product key Autorun module [hide][Hidden Content]] Scan

Log Killer is a tool for [Linux/Windows] Servers. This tool will delete all your logs, just download the tool and run it on the server. If your server OS is Windows then download the batch file and run it as administrator but if your server Linux, then you should run the php script [HIDE][Hidden Content]]

MyBB IP History Logs plugin version 1.0.2 suffers from a cross site scripting vulnerability. View the full article