Search the Community

This is a powershell reverse shell that executes the commands and or scripts that you add to the powerreverse.ps1 file as well as a small library of Post-Exploitation scripts. This also can be used for post-exploitation and lateral movement even. Please use it at your own risk I am not and will not be responsible for your actions. Also, this reverse shell currently is not detected by Windows Defender. If you want to use this make sure to set up a Digital Ocean VPS and have the script connect back there or your C2. Happy Hacking! Key Features Reverse Shell Simply Change The IP & Port & Let It Do Its Magic Blue Screen Of Death (BSOD) Basically will call winit.exe and give a blue screen and shutdown the computer Disable Windows Defender (Needs Admin Priv Of Course) Get Computer Information Disable Input (Needs Admin Priv) Disable Monitor Exclude File Extensions (Needs Admin Priv) Exclude Folder (Needs Admin Priv) Exclude Process (Needs Admin Priv) Get USB History GPS Location (Gets The Lat & Long Then Performs A Reverse GEO Lookup & Spits Out The Exact Address) Grab Wifi Credentials Ifconfig List Antivirus Running List External IP Logoff Mayhem Window Popup Send A Message Box Network Scan (Internal Scan The Network For Open Ports & IPs) Restart Rickroll Scare Window Screenshot The Screen System Time Webcam List [hide][Hidden Content]]

Learn how to build a site that receives approval without the need for blog entries. Get the inside scoop on traffic as well. What you’ll learn Adsense: Everything You Need to Know. 3 types of Adsense-approved websites and how to build a full website for about $26. Make money by saving money. Without content, how can you receive AdSense approval? My tried-and-true method for working with live samples Top sites I’ve already built and gotten Adsense approval for won’t have any content in 2022. You can get free software and tools that let you set up a website without spending any money, as long as you pay for hosting and a name. How can I get 10,000 people to visit my website? After Adsense approval, how to convert the site to a WordPress site, an eCommerce shop, or a forum blog of your choosing. In only three steps, you can establish a sitemap, enable analytics, and connect your site to all search engines and webmaster tools for free. Requirements No programming is necessary. There is no need for subsistence. No need for blog postings. No traffic is required. There’s no need to spend additional money. Description There are numerous ways to make money online, but there are far too few tried and true methods that work worldwide, and the top of our list is Google Adsense. Someone who wants to earn money online but hasn’t gone through the process of building a website. Those who have previously built a website but have yet to get Adsense approval This training is for those who are new to internet business. Google Adsense is, without a doubt, the best way to make money online. If you already have a website, this course will teach you how to gain Adsense approval without any content and how to generate 10k daily visitors for Adsense. Three types of advertising sites are approved. We have the most common, which is a blog. It requires a large amount of material while also being time-consuming. The second is a YouTube channel that requires high-quality videos as well. However, the third, which is a tool site, requires no material at all, which I will provide for you. By just putting the terms “3 kinds of sites for Adsense” into Google, you may access the official Adsense site and view these three types of websites. Why don’t you let me teach you how to make a site that gets Adsense approval quickly? What is Google Adsense and why does it matter? Google Adsense is a network of publishers that lets bloggers and people who build websites put ads on their sites and get paid when people click on them. Between January and March 2022, proof of work: I established seoimplifiedseo.com, seoanalyer.com with my buddy from education, and three additional sites as evidence that this kind of site that receives Adsense approval without content exists, and they are all monetized with Adsense. Projects are scheduled from April to December 2022. I have set up a digitizer.com and am now in the 14-day waiting period. I’ll show you the advertisement on the site after 14 days. Why not find out how to get Adsense approval without content and join the winning team? No/B I had a prior course on this issue that was just about Adsense approval and had no content, but students complained that it was too costly, so I put up a condensed and updated version that is more current and also includes techniques to drive traffic to the site. Who this course is for: Anyone interested in making money online can For beginners interested in starting a blog and earning money online, [Hidden Content] [hide][Hidden Content]]

About This File CPA – Changing Post Author This allows your staff to change post author, it also works for topic starter. [hide][Hidden Content]]

About This File Plugin to add reputation information, days won, etc. to the user's dashboard in the topics. There are settings for selecting the desired display elements. The settings are divided into two sections – Abbreviated and Full. Include: Standard design of the Post Container. Number of posts. Number of topics. Number of reputations. Number of decisions. Number of days won. The number of registered days on the forum. Custom fields. Achievement badges. In full: Non-standard Post Container with tiles. Adjust shadows for dark and light themes. Add a profile background. Hide the standard group (name + icon). Hide a standard group (name). Add a group. Add a secondary group. Add a rank. Number of posts. Number of topics. Number of reputations. Number of decisions. Number of days won. Number of subscribers. The number of registered days on the forum. Date of registration. The ID of the profile. The last activity on the forum. Time zone. The sign-in device. Custom fields. Additional panel with sending drugs, adding to the emergency, etc. Achievement badges. Flexible Post Container settings. Tested on templates: Standard, Magnum, Fluent. Compatible with: Advanced Online Indicator. Recommendations: For correct operation, it is desirable to have a standard Post Container. Version Compatibility 4.6x [hide][Hidden Content]]

VFX for Instagram Post in Adobe After Effects with M Jake In this class we will make simple yet cool VFX video inspired by Kevin Parry instagram post! We will throw fist into a cup! It’s a great way to learn After Effects while making something fun! [Hidden Content] [hide][Hidden Content]]

A Post exploitation tool written in C# uses either CIM or WMI to query remote systems. Introduction SharpStrike is a C# rewrite and expansion on @Matt_Grandy_'s CIMplant and @christruncer's WMImplant. SharpStrike allows you to gather data about a remote system, execute commands, exfil data, and more. The tool allows connections using Windows Management Instrumentation, WMI, or Common Interface Model, CIM ; well more accurately Windows Management Infrastructure, MI. CIMplant requires local administrator permissions on the target system. [hide][Hidden Content]]

[hide][Hidden Content]]

SmartPost is a social marketing tool which helps you to easily schedule and auto post to your favourite social network platforms. SmartPost comes with 9 social networking platform which includes Facebook, Twitter, VK, Youtube, Google Business, LinkedIn, Tumblr and Instagram. It will increase your Traffic. [Hidden Content] [hide][Hidden Content]]

SHAD0W is a modular C2 framework designed to successfully operate in mature environments. It will use a range of methods to evade EDR and AV while allowing the operator to continue using tooling tradecraft they are familiar with. It’s powered by Python 3.8 and C, using Donut for payload generation. By using Donut alongside the process injection capabilities of SHAD0W it gives the operator the ability to execute .NET assemblies, EXEs, DLLs, VBS, JS, or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. The main features of the SHAD0W C2 are: Built For Docker – It runs fully inside docker allowing cross-platform usage Live Proxy & Mirror – The C2 server is able to mirror any website in real-time, relaying all non C2 traffic to that site making it look less subject when viewed in a web browser HTTPS C2 Communication – All traffic between beacons and the C2 will be encrypted and transmitted over HTTPS Modern CLI – The CLI is built on prompt-toolkit JSON Based Protocol – Custom beacons are able to built and used easily with an easy to implement the protocol Extremely Modular – Easy to create new modules to interact and task beacons The main features of SHAD0W beacons are: Shellcode, EXE, Powershell & More – Beacons can be generated and used in many different formats Process Injection – Allowing you to migrate, shinject, dllinject and more Bypass AV – Payloads are frequently updated to evade common Anti-Virus products Highly configurable – Custom jitters, user agents and more Proxy Aware – All callbacks will use the current system proxy HTTPS C2 Communication – Traffic to and from the C2 is encrypted via HTTPS Current Modules: GhostPack – With the binary compiled nightly via an Azure pipeline. Thanks to @Flangvik Unmanaged Powershell – With built-in AMSI bypass Ghost In The Logs – Disable ETW & Sysmon, more info can be found here Elevate – Built-in PrivEsc exploits SharpSocks – Reverse socks proxy over HTTPS SharpCollection – A ton of .NET offensive tools, more info can be found here Mimikatz – For all your credential theft needs Upload & Download – Easy data exfiltration StdAPI – Common commands to interact with the file system [hide][Hidden Content]]

Introduction Bashark aids pentesters and security researchers during the post-exploitation phase of security audits. [hide][Hidden Content]]

SmartPost is a social marketing tool which helps you to easily schedule and auto post to your favourite social network platforms. SmartPost comes with 9 social networking platform which includes Facebook, Twitter, VK, Youtube, Google Business, LinkedIn, Tumblr and Instagram. It will increase your Traffic. [Hidden Content] [hide][Hidden Content]]

Introduction Bashark aids pentesters and security researchers during the post-exploitation phase of security audits. Features Single Bash script Lightweight and fast Multi-platform: Unix, OSX, Solaris etc. No external dependencies Immune to heuristic and behavioural analysis Built-in aliases of often used shell commands Extends system shell with post-exploitation oriented functionalities Stealthy, with custom cleanup routine activated on exit Easily extensible (add new commands by creating Bash functions) Full tab completion [HIDE][Hidden Content]]

Format Title: [STORM] | [OPENBULLET] | [OPENBULLET2] | [SENTRY] | [WOXY] Format Post: Proxies: Yes or Not Bots: 100/etc Combos: Email:Pass / User:Pass / Both Capture: (not allowed (YES) yes What? Say what capture) Expire Date / Plan, etc ----------------------------------------------------------------------------------------------- Check if the config have hit stealer or NOT, its your work - you post the config! Dont post here un-checked configs or out-dated configs

Enumdb is a brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By default, enumdb will use newly discovered credentials to search for sensitive information in the host’s databases via keyword searches on the table or column names. This information can then be extracted and reported to a .csv or .xlsx output file. See the Usage and All Options sections for more detailed usage and examples. The latest version, enumdb v2.0, has been adapted for larger environments: Keyword searches can now be conducted on table or column names to identify sensitive information. These terms can be customized at the top of enumdb.py. Threading has been added to expedite brute forcing and enumeration on larger networks. Enumdb no longer generates reports by default. Reporting (csv/xlsx) must be defined in the command line arguments. When extracting data for reports, users can now define a limit on the number of rows selected. The default value of 100, can be modified at the top of enumdb.py. Enumdb’s output formatting has been modified to provide more concise feedback when enumerating large amounts of data. Changelog v2.1 Reformat code structure [HIDE][Hidden Content]]

ADOBE SPARK POST GRAPHIC DESIGN MADE EASY V3.6.5 [UNLOCKED] Adobe Spark Post is the fun, fast and easy way to create stunning graphics for any occasion — no design skill necessary! Link : [Hidden Content]

This Metasploit module exploits an unauthenticated HTTP POST SEH-based buffer overflow in File Sharing Wizard version 1.5.0. View the full article

Microsoft DirectWrite / AFDKO suffers from multiple bugs in OpenType font handling related to the "post" table. View the full article

Account was marked as inactive, but can't post when I cannot view any topics so yeah a heads up.

Facebook SpiderLink – Make your Facebook posts GO VIRAL (Capture users LIKES and COMMENTS) & Collect REAL email addresses, REAL people names. Demo: [Hidden Content] [HIDE][Hidden Content]]

[Hidden Content]

vBulletin version 4.2.5 with Thread Post Bookmarking version 1.2.0 suffers from an open redirection vulnerability. View the full article

[Hidden Content] [Hidden Content]

Kingposter is a facebook auto poster tool developed to help you post your Text / links / Images / Videos on facebook groups and pages. Kingposter alows you to share your content and drive Facebook traffic to your website / blog / page. Demo: [Hidden Content] [HIDE][Hidden Content]] Pass: level23hacktools.com

MiniShare version 1.4.1 suffers from multiple buffer overflow vulnerabilities. View the full article

WordPress Universal Post Manager plugin version 1.5.0 suffers from a database disclosure vulnerability. View the full article