Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'target' or ''.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 9 results

  1. [hide][Hidden Content]]
  2. SocialPwned SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin, and Twitter to find the possible credential leaks in PwnDB. The purpose of this tool is to facilitate the search for vulnerable targets during the phase of Footprinting in Ethical Hacking. It is common for employees of a company to publish their emails in social networks, either professional or personal, so if these emails have their credentials leaked, it is possible that the passwords found have been reused in the environment to be audited. If it’s not the case, at least you would have an idea of the patterns that follow this target to create the passwords and be able to perform other attacks with a higher level of effectiveness. SocialPwned uses different modules: Instagram: Making use of the unofficial Instagram API from @LevPasha, different methods were developed to obtain the emails published by users. An Instagram account is required. Linkedin: Using @tomquirk’s unofficial Linkedin API, different methods were developed to obtain a company’s employees and their contact information (email, twitter or phone). In addition, it is possible to add the employees found to your contacts, so that you can later have access to their network of contacts and information. A Linkedin account is required. Twint: Using Twint from @twintproject you can track all the Tweets published by a user looking for some email. A Twitter account is not necessary. PwnDB: Inspired by the tool PwnDB created by @davidtavarez a module has been developed that searches for all credential leaks from the emails found. In addition, for each email, a POST request is made to HaveIBeenPwned to find out the source of the leak. Changelog v2.0 Docker Implementation GHunt Module Dehashed Module Output Enhancement Web Scraping Fix in HaveIBeenPwned Fixed several bugs [hide][Hidden Content]]
  3. Recon The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my own recognition script with all the tools I use most in this step. All construction of this framework is based on the methodologies of @ofjaaah and @Jhaddix. These people were my biggest inspirations to start my career in Information Security and I recommend that you take a look at their content, you will learn a lot! Feature ASN Enumeration metabigor Subdomain Enumeration Assetfinder Subfinder Amass Findomain Sublist3r Knock SubDomainizer GitHub Sudomains RapidDNS Riddler SecurityTrails Alive Domains httprobe httpx WAF Detect wafw00f Domain organization Regular expressions Subdomain Takeover Subjack DNS Lookup Discovering IPs dnsx DNS Enumeration and Zone Transfer dnsrecon dnsenum Favicon Analysis favfreak Shodan Directory Fuzzing ffuf Google Hacking Some Dorks that I consider important CredStuff-Auxiliary Googler GitHub Dorks Jhaddix Dorks Credential Stuffing CredStuff-Auxiliary Screenshots EyeWitness Port Scan Masscan Nmap Naabu Link Discovery Endpoints Enumeration and Finding JS files Hakrawler Waybackurls Gospider ParamSpider Vulnerabilities Nuclei ➔ I used all the default templates 403 Forbidden Bypass Bypass-403 XSS XSStrike Gxss LFI Oneliners gf ffuf RCE My GrepVuln function Open Redirect My GrepVuln function SQLi Oneliners gf sqlmap [hide][Hidden Content]]
  4. BruteX is a shell script and automates the process of analyzing one or many targets. BruteX include Nmap,Hydra & DNS enum. Nmap scan opens ports and defines running on the target server service. Thereafter, start Bruteforce FTP, SSH, and other services using the Hydra, and so on. Automatically brute force all services running on a target: Open Ports Usernames Passwords Changelog v2.3 Updated default credentials for Rasberry Pi/Kali [hide][Hidden Content]]
  5. SocialPwned SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin, and Twitter to find the possible credential leaks in PwnDB. The purpose of this tool is to facilitate the search for vulnerable targets during the phase of Footprinting in Ethical Hacking. It is common for employees of a company to publish their emails in social networks, either professional or personal, so if these emails have their credentials leaked, it is possible that the passwords found have been reused in the environment to be audited. If it’s not the case, at least you would have an idea of the patterns that follow this target to create the passwords and be able to perform other attacks with a higher level of effectiveness. [HIDE][Hidden Content]]
  6. [Hidden Content]
  7. [Hidden Content]
  8. libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. View the full article
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.