Search the Community

Showing results for tags 'powerful'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 32 results

  1. Invoke-Stealth Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator. This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together, or all of them sequentially with ease, from Windows or Linux. Technique · Chimera: Substitute strings and concatenate variables · BetterXencrypt: Compresses and encrypts with random iterations · PyFuscation: Obfuscate functions, variables and parameters · PSObfuscation: Convert content to bytes and encode with Gzip · ReverseB64: Encode with base64 and reverse it to avoid detections [hide][Hidden Content]]
  2. Shock is a Multi-Tool coded in C# & Python [hide][Hidden Content]]
  3. Rome WebShell A powerful and delightful PHP WebShell This is a lightweight PHP webshell, using only vanilla JavaScript and CSS, no jQuery/Bootstrap bloat. Features Fully interactive file explorer, browser directories, and download files instantly Upload files directly from the browser Execute commands without having to ‘URL encode’ your payloads MD5 Password protection, handy to restrain access during a King of The Hill for exemple Fully CSS animated, responsive, and delightful FlatUI interface Easily customizable, usage of CSS variables makes it easy to use your favorite colors Obfuscated, this repository includes an already obfuscated version [hide][Hidden Content]]
  4. MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats. The new version of MagicRecon has a large number of new tools to automate as much as possible the process of collecting data from a target and searching for vulnerabilities. It also has a menu where the user can select which option he wants to execute. This new version also has the option of "Install dependencies" with which the user can easily install all the tools and dependencies that are needed to run MagicRecon. The script code has been made in a modular way so that any user can modify it to their liking. With MagicRecon you can easily find: Sensitive information disclosure. Missing HTTP headers. Open S3 buckets. Subdomain takeovers. SSL/TLS bugs. Open ports and services. Email spoofing. Endpoints. Directories. Juicy files. Javascript files with senstive info. CORS missconfigurations. Cross-site scripting (XSS). Open Redirect. SQL Injection. Server-side request forgery (SSRF). CRLF Injection. Remote Code Execution (RCE). Other bugs. [hide][Hidden Content]]
  5. HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Features Support for most common executable formats like elf, macho, pe. Support for most common architectures like x64, x86, aarch64, armle, mipsle, mipsbe. Ability to modify shellcode by changing pre-defined offsets. Basic functions There are all HatVenom basic functions that can be used to generate a payload, covert data, or inject shellcode. ip_bytes(ip) – Converts IP address to bytes allowed by the shellcode. port_bytes(port) – Converts numeric port to bytes allowed by the shellcode. string_bytes(string) – Converts a string to bytes allowed by the shellcode. generate(file_format, arch, shellcode, offsets={}) – Generates payload for specified target and with specified shellcode. generate_to(file_format, arch, shellcode, offsets={}, filename=’a.out’) – Generates payload for specified target and with specified shellcode and saves it to the specified file. [hide][Hidden Content]]
  6. wifipumpkin3 is a powerful framework for rogue access point attack, written in Python, that allows and offers to security researchers, red teamers, and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. Main Features Rogue access point attack Man-in-the-middle attack Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web traffic WiFi networks scanning DNS monitoring service Credentials harvesting Transparent Proxies LLMNR, NBT-NS, and MDNS poisoner (Responder3) and more! Changelog v1.0.8 R2 Added added route for getting information of plugins and proxies on restAPI added new attribute on plugins and proxies mode class added logger resource API Removed removed support to Rest API controller temporally Fixed fixed cli error when request restAPI plugins and proxies fixed restApi error when getting exceptions http request fixed wirelesscontroller not started into restAPI mode fixed locale error in docker container [hide][Hidden Content]]
  7. Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator. This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together or all of them sequentially with ease, from Windows or Linux. [hide][Hidden Content]]
  8. Powerful Telegram Members Scraping and Adding Toolkit. Feature ADDS IN BULK[by user id, not by username] Scrapes and adds to public groups Works in Windows systems You can run unlimited accounts at the same time in order to add members CSV files auto-distributer based on number of accounts to use Powerful scraping tool that can scrape active members from any public group You can add members both by username and by user ID Least chances of account ban Script auto-joins public group from all accounts for faster adding Filters banned accounts and remove them, making things easy Genisys can also store unlimited accounts for adding purposes Adding scripts launches automatically based on the number of accounts to use [hide][Hidden Content]]
  9. This ia an simple and powerful stealer that steals victim credentials and send to your discord server... This File Steals: 1. Ip address 2. Screenshot 3. Discord token 4. Mac Address 5. System Information [hide][Hidden Content]]
  10. Laralink is a link shortener, which allows you to manage links from a simple dashboard with advanced analytics. [Hidden Content] [hide][Hidden Content]]
  11. wifipumpkin3 is a powerful framework for rogue access point attack, written in Python, that allows and offers to security researchers, red teamers, and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack.wifipumpkin3 Main Features Rogue access point attack Man-in-the-middle attack Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web traffic WiFi networks scanning DNS monitoring service Credentials harvesting Transparent Proxies LLMNR, NBT-NS, and MDNS poisoner (Responder3) and more! Changelog v1.0.8 R1 Added added inactivity poll default value to 60 min #67 added check if process hostapd is running before start threads added settings binary path of iptables editable added waitforfinish on Qprocess for add rules iptables added frist restful api implementation added DHCP command to select the dhcp server configuration added stop all modules with the command stop or exit is running added new module for performing dns spoof attack with AP enable Removed removed dependencies that be standard library #105 Fixed fixed hide error object of type QProcess on WorkProcess class #93 fixed settings dhcp for allow to change dhcp configuration fixed error when execute from github actions fixed set restport by default 1337 fixed process init hostapd duplicated fixed clean code and code format improves fixed github actions error when try to run pytests fixed dhcp command for apply configurations on same session [hide][Hidden Content]]
  12. OneForAll is a powerful subdomain collection toolsubdomain collection The importance of information collection in penetration testing is self-evident. Subdomain collection is an essential and very important part of information collection. At present, there are many open-source tools for subdomain collection on the Internet, but there are always some of the following problems: Not powerful enough,there are not enough interfaces to collect subdomains automatically, and there are no functions such as automatic subdomain resolve, verification, FUZZ, and information expansion. Not friendly enough,although the command line module is more convenient, but when there are a lot of optional parameters and the operation to be implemented is complex, using command line mode is a bit unfriendly. If there is a good interaction, With a highly operable front end, the experience will be much better. Lack of maintenance,Many tools have not been updated once in years, what issues and PR are, do not exist. Efficiency issues,do not take advantage of multi-process, multi-threading and asynchronous cooperation technology, the speed is slow. Features Powerful collection capability,For more information, please see collection module description. Collect subdomains using certificate transparency (there are currently 6 modules: censys_api,certspotter,crtsh,entrust,google,spyse_api) General check collection subdomains (there are currently 4 modules: domain transfer vulnerability exploitationaxfr, cross-domain policy file cdx, HTTPS certificate cert, content security policy csp, robots file robots, and sitemap file sitemap. Check NSEC record, NSEC3 record and other modules will be added later). Collect subdomains using web crawler files (there are currently 2 modules: archirawl, commoncrawl, which is still being debugged and needs to be added and improved). Collect subdomains using DNS datasets (there are currently 23 modules: binaryedge_api, bufferover, cebaidu, chinaz, chinaz_api, circl_api, dnsdb_api, dnsdumpster, hackertarget, ip138, ipv4info_api, netcraft, passivedns_api, ptrarchive, qianxun, rapiddns, riddler, robtex, securitytrails_api, sitedossier, threatcrowd, wzpc, ximcx) Collect subdomains using DNS queries (There are currently 5 modules: collecting subdomains srv by enumerating common SRV records and making queries, and collecting subdomains by querying MX,NS,SOA,TXT records in DNS records of domain names). Collect subdomains using threat intelligence platform data (there are currently 6 modules: alienvault, riskiq_ api, threatbook_ api, threatkeeper , virustotal, virustotal_ api, which need to be added and improved). Use search engines to discover subdomains (there are currently 18 modules: ask, baidu, bing, bing_api, duckduckgo, exalead, fofa_api, gitee, github, github_api, google, google_api, shodan_api, so, sogou, yahoo, yandex, zoomeye_api), except for special search engines in the search module. General search engines support automatic exclusion of search, full search, recursive search. Support subdomain blasting,This module has both conventional dictionary blasting and custom fuzz mode. It supports batch blasting and recursive blasting, and automatically judges pan-parsing and processing. Support subdmain verification,default to enable subdomain verification, automatically resolve subdomain DNS, automatically request subdomain to obtain title and banner, and comprehensively determine subdomain survival. Support subdomain takeover,By default, subdomain takeover risk checking is enabled. Automatic subdomain takeover is supported (only Github, remains to be improved at present), and batch inspection is supported. Powerful processing feature,The found subdomain results support automatic removal, automatic DNS parsing, HTTP request detection, automatic filtering of valid subdomains, and expansion of Banner information for subdomains. The final supported export formats are rst, csv, tsv, json, yaml, html, xls, xlsx, dbf, latex, ods. Very fast,collection module uses multithreaded calls, blasting module uses massdns, the speed can at least reach 10000pps under the default configuration, and DNS parsing and HTTP requests use asynchronous multiprogramming in subdomain verification. Multithreaded check subdomain takeover risk. Good experience,Each module has a progress bar, and the results of each module are saved asynchronously. [hide][Hidden Content]]
  13. OneForAll is a powerful subdomain collection tool The importance of information collection in penetration testing is self-evident. Subdomain collection is an essential and very important part of information collection. At present, there are many open-source tools for subdomain collection on the Internet, but there are always some of the following problems: Not powerful enough,there are not enough interfaces to collect subdomains automatically, and there are no functions such as automatic subdomain resolve, verification, FUZZ, and information expansion. Not friendly enough,although the command line module is more convenient, but when there are a lot of optional parameters and the operation to be implemented is complex, using command line mode is a bit unfriendly. If there is a good interaction, With a highly operable front end, the experience will be much better. Lack of maintenance,Many tools have not been updated once in years, what issues and PR are, do not exist. Efficiency issues,do not take advantage of multi-process, multi-threading and asynchronous cooperation technology, the speed is slow. Features Powerful collection capability,For more information, please see collection module description. Collect subdomains using certificate transparency (there are currently 6 modules: censys_api,certspotter,crtsh,entrust,google,spyse_api) General check collection subdomains (there are currently 4 modules: domain transfer vulnerability exploitationaxfr, cross-domain policy file cdx, HTTPS certificate cert, content security policy csp, robots file robots, and sitemap file sitemap. Check NSEC record, NSEC3 record and other modules will be added later). Collect subdomains using web crawler files (there are currently 2 modules: archirawl, commoncrawl, which is still being debugged and needs to be added and improved). Collect subdomains using DNS datasets (there are currently 23 modules: binaryedge_api, bufferover, cebaidu, chinaz, chinaz_api, circl_api, dnsdb_api, dnsdumpster, hackertarget, ip138, ipv4info_api, netcraft, passivedns_api, ptrarchive, qianxun, rapiddns, riddler, robtex, securitytrails_api, sitedossier, threatcrowd, wzpc, ximcx) Collect subdomains using DNS queries (There are currently 5 modules: collecting subdomains srv by enumerating common SRV records and making queries, and collecting subdomains by querying MX,NS,SOA,TXT records in DNS records of domain names). Collect subdomains using threat intelligence platform data (there are currently 6 modules: alienvault, riskiq_ api, threatbook_ api, threatkeeper , virustotal, virustotal_ api, which need to be added and improved). Use search engines to discover subdomains (there are currently 18 modules: ask, baidu, bing, bing_api, duckduckgo, exalead, fofa_api, gitee, github, github_api, google, google_api, shodan_api, so, sogou, yahoo, yandex, zoomeye_api), except for special search engines in the search module. General search engines support automatic exclusion of search, full search, recursive search. Support subdomain blasting,This module has both conventional dictionary blasting and custom fuzz mode. It supports batch blasting and recursive blasting, and automatically judges pan-parsing and processing. Support subdmain verification,default to enable subdomain verification, automatically resolve subdomain DNS, automatically request subdomain to obtain title and banner, and comprehensively determine subdomain survival. Support subdomain takeover,By default, subdomain takeover risk checking is enabled. Automatic subdomain takeover is supported (only Github, remains to be improved at present), and batch inspection is supported. Powerful processing feature,The found subdomain results support automatic removal, automatic DNS parsing, HTTP request detection, automatic filtering of valid subdomains, and expansion of Banner information for subdomains. The final supported export formats are rst, csv, tsv, json, yaml, html, xls, xlsx, dbf, latex, ods. Very fast,collection module uses multithreaded calls, blasting module uses massdns, the speed can at least reach 10000pps under the default configuration, and DNS parsing and HTTP requests use asynchronous multiprogramming in subdomain verification. Multithreaded check subdomain takeover risk. Good experience,Each module has a progress bar, and the results of each module are saved asynchronously. [hide][Hidden Content]]
  14. Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say that bopscrk is a wordlist generator situated between them, taking the best of each one. The challenge was to try to apply the Cupp’s idea to more generic-situations and amplify the shoot-range of the resultant wordlist, without losing this custom-wordlist-profiler feature. Changelog v2.3.1 2.3.1 version notes fixing namespace bug (related to aux.py module, renamed to auxiliars.py) when running on windows systems unittest (and simple unitary tests for transforms, excluders and combinators functions) implemented. 2.3 version notes (15/10/2020) Customizable configuration for artists and lyrics transforms using the cfg file Requirements at setup.py updated Multithreads logic improved Leet and case order reversed to improve operations efficiency BUG FIXED in lyrics space replacement BUG FIXED when remove duplicates (Type Error: unhashable type: ‘list’) Memory management and efficiency improved SPLIT INTO MODULES to improve project structure BUG FIXED in wordlists-exclusion feature 2.2 version notes (11/10/2020 Configuration file implemented NEW FEATURE: Allow to create custom charsets and transforms patterns trough the config file NEW FEATURE: Recursive leet transforms implemented (disabled by default, can be enabled in cfg file) 2.2~beta version notes (10/10/2020) The lyricpass integration have been updated to run with last version released by initstring --lyrics-all option removed (feature integrated in other options) [hide][Hidden Content]]
  15. The World's Most Powerful Code Editor Build Environment Build or compile your project, then double-click on an error message in the Build window to jump to that location. Errors and warnings are marked with an icon in the left margin. In addition, the overview bar, positioned alongside the vertical scrollbar, marks the position of errors and warnings relative to the current scroll position in the document. To quickly scroll a marked location into view, you can drag the scrollbar slider to the mark, or click on the mark itself. Debugging SlickEdit's integrated debugging provides a convenient and easy to use front-end for many debuggers. Set breakpoints, step, inspect the stack, view variables/members - all the features you expect from a debugger. SlickEdit supports debugging for: GNU C/C++, Java, WinDbg, Clang C/C++ LLDB, Google Go, Python, Perl, Ruby, PHP, XCode, Scala, C# using Mono, Visual Basic using Mono, and Android JVM/NDK. [Hidden Content] [hide][Hidden Content]]
  16. Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say that bopscrk is a wordlist generator situated between them, taking the best of each one. The challenge was to try to apply the Cupp’s idea to more generic-situations and amplify the shoot-range of the resultant wordlist, without losing this custom-wordlist-profiler feature. How it works You have to provide some words which will act as a base. The tool will generate all possible combinations between them. To generate more combinations, it will add some common separators (e.g. “-“, “_”, “.”), random numbers, and special chars. You can enable leet and case transform to increase your chances. If you enable lyricpass mode, the tool will ask you about artists and it will download all his songs’ lyrics. Each line will be added as a new word. Then it will be transformed in several ways (leet, case, only first letters, with and without spaces…). Artist names will be added too. You can provide wordlists that you already tried against the target in order to exclude all these words from the resultant wordlist (-x). Changelog v2.3 Customizable configuration for artists and lyrics transforms using the cfg file Requirements at setup.py updated Multithreads logic improved Leet and case order reversed to improve operations efficiency BUG FIXED in lyrics space replacement BUG FIXED when removing duplicates (Type Error: unhashable type: ‘list’) Memory management and efficiency improved SPLIT INTO MODULES to improve project structure BUG FIXED in wordlists-exclusion feature [hide][Hidden Content]]
  17. The phases of the development that will be described in detail are: set up the development environment with Mingw-w64 and LLVM shellcode injection with syscall inlining via NTDLL in-memory scraping (x86-64 only) user-land hooks removal from in-memory NTDLL to retrieve correct syscall numbers upgrade the shellcode injector to a full PE packer with Donut ensure the produced shellcode is always different at each build with sgn ensure the compiled loader is always different at each build with LLVM obfuscation implement some simple anti-debug tricks for the initial loader For the details of the techniques, please read the blog. [hide][Hidden Content]]
  18. Laralink is a link shortener, which allows you to manage links from a simple dashboard with advanced analytics. [Hidden Content] [hide][Hidden Content]]
  19. Features Autorun Information of system Browse directories, delete files / folders View all processes Ability to delete a process Real time keylogger Encrypting files and directories Shutting down the operating system Throw Error MessageBox [hide][Hidden Content]]
  20. PwnXSS A powerful XSS scanner made in python 3.7. Main features crawling all links on a website ( crawler engine ) POST and GET forms are supported many settings that can be customized Advanced error handling Multiprocessing support. ETC… [hide][Hidden Content]]
  21. Powerful web directory fuzzer to locate existing and/or hidden files or directories. Similar to dirb or gobuster, but with a lot of mutation options. Features Proxy support Cookie support Basic Auth Digest Auth Retries (for slow servers) Persistent and non-persistent HTTP connection Request methods: GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS Custom HTTP header Mutate POST, PUT and PATCH payloads Mutate with different request methods Mutate with different HTTP headers Mutate with different file extensions Mutate with and without trailing slashes Enumerate GET parameter values [hide][Hidden Content]]
  22. Wifipumpkin3 wifipumpkin3 is a powerful framework for rogue access point attack, written in Python, that allows and offers to security researchers, red teamers, and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. Main Features Rogue access point attack Man-in-the-middle attack Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web traffic WiFi networks scanning DNS monitoring service Credentials harvesting Transparent Proxies LLMNR, NBT-NS and MDNS poisoner (Responder3) and more! Changelog v1.0.7 Added added WorkProcess class for execute comand with Qprocess added correctly package beautifulsoup4 into requirements.txt added command banner: display an awesome wp3 banner added many improvements into system modules added improves module for running in background added command kill: terminate a module in background by id added option on captiveflask to force redirect sucessful template added set ssid with any caracter utf8 Changed moved command info to extensions directory changed more flexible python version into dependencies #36 improves the architecture files extensions commands Deprecated Removed removed folder core/controls from file structure arch removed bs4==0.0.1 Dummy package for Beautiful Soup Fixed fixed improves method setIptables from wirelessmode default mode fixed clear dependencies not used from requirements files fixed include message: the module not found or failed to import. fixed typo name proxys to proxies fixed version of dnslib from pydns_server #49 restricting version module problems fixed description tool on setup.py file fixed mode docker parser command line #56 [hide][Hidden Content]]
  23. Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. How it works You have to provide some words which will act as a base. The tool will generate all possible combinations between them. To generate more combinations, it will add some common separators (e.g. “-“, “_”, “.”), random numbers, and special chars. You can enable leet and case transform to increase your chances. If you enable lyricpass mode, the tool will ask you about artists and it will download all his songs’ lyrics. Each line will be added as a new word. Then it will be transformed in several ways (leet, case, only first letters, with and without spaces…). Artist names will be added too. You can provide wordlists that you already tried against the target in order to exclude all these words from the resultant wordlist (-x). bopscrk-2.0 Python 3 supported. [hide][Hidden Content]]
  24. Portal Pro is a bold gaming & esports inspired theme for Xenforo 2 forum. Loaded with powerful features and four preset themes, Portal Pro is a great solution for any gaming community. [Hidden Content] [hide][Hidden Content]]
  25. [Hidden Content] [HIDE][Hidden Content]]