Search the Community

Showing results for tags 'testing'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 58 results

  1. NUUBI is a Recon Tools, Scanners, and tools for penetration testing. Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned. So it is an Incredible fast recon tool for penetration tester which is specially designed for the Reconnaissance phase. Features: Infromation Modules : Banner grabing Subnetlookup Cms detect Certificate Transparency log monitor Dnslookup Extract links GeoIP lookup Httpheaders Nmapscan Subdomain lookup Traceroute Find hosts sharing DNS servers URL and website scanner for potentially malicious websites Github username Whois Crawler Reverse ip Reverse DNS Zonetransfer Nping test Ping Response Check an Autonomous System Number (ASN) Cloudflare Cookie Scraper [hide][Hidden Content]]
  2. Pown Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploit, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is, in fact, a standalone NPM module allowing a greater degree of reuse and flexibility. Creating new modules is a matter of publishing to NPM and tagging them with the correct tags. The rest is handled automatically. [Hidden Content]
  3. Key Features Understand how systems can be bypassed both at the operating system and network level with shellcode, assembly, and Metasploit Learn to write and modify 64-bit shellcode along with kernel-level shellcode concepts A step-by-step guide that will take you from low-level security skills to covering loops with shellcode Book Description Security is always a major concern for your application, your system, or your environment. This book’s main goal is to build up your skills for low-level security exploits, enabling you to find vulnerabilities and cover loopholes with shellcode, assembly, and Metasploit. This book covers topics ranging from memory management and assembly to compiling and extracting shellcode and using syscalls and dynamically locating functions in memory. This book also covers how to compile 64-bit shellcode for Linux and Windows along with Metasploit shellcode tools. Lastly, this book will also show you to how to write your own exploits with intermediate techniques, using real-world scenarios. By the end of this book, you will have become an expert in shellcode and will understand how systems are compromised both at the operating system and at the network level. What you will learn Create an isolated lab to test and inject Shellcodes (Windows and Linux) Understand both Windows and Linux behavior in overflow attacks Learn the assembly programming language Create Shellcode using assembly and Metasploit Detect buffer overflows Debug and reverse-engineer using tools such as gdb, edb, and immunity (Windows and Linux) Exploit development and Shellcode injections (Windows and Linux) Prevent and protect against buffer overflows and heap corruption Who this book is for This book is intended to be read by penetration testers, malware analysts, security researchers, forensic practitioners, exploit developers, C language programmers, software testers, and students in the security field. Readers should have a basic understanding of OS internals (Windows and Linux). Some knowledge of the C programming language is essential, and a familiarity with the Python language would be helpful. Table of Contents Introduction Lab Setup Assembly Language in Linux Reverse Engineering Creating Shellcode Buffer Overflow Attacks Exploit Development – Part 1 Exploit Development – Part 2 Real World scenarios part 1 Real World scenarios part 2 Real World scenarios part 3 Detection and Prevention [Hidden Content] [hide][Hidden Content]]
  4. OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests. Future IoT Scanner Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… ) Asset Discovery & Network Service Analysis Services Brute Force Testing Services Vulnerability Testing HTTP/HTTPS Crawling, Fuzzing, Information Gathering and … HTML, JSON and Text Outputs API & WebUI This project is at the moment in research and development phase and most of the results/codes are not published yet. Changelog v0.0.1 First Release – drawing a line before adding new features and modules. This release is still contains known bugs and is compatible with both Python 2.7 and python 3.6 [hide][Hidden Content]]
  5. KILLSHOT A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner Why KillShot? You Can use this tool to Spider your website and get important information and gather information automatically using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and find the vulnerability in your website using Cms Exploit Scanner && WebApp Vul Scanner Also You can use killshot to Scan automatically multiple types of the scan with nmap and unicorn. And With this tool, You can Generate PHP Simple Backdoors upload it manually and connect to the target using killshot This Tool Bearing A simple Ruby Fuzzer Tested on VULSERV.exe And Linux Log clear script To change the content of login paths Spider can help you to find parameters of the site and scan xss and sql. Menu Site {0} Spider {1} Web technologie {2} WebApp Vul Scanner {3} Port Scanner {4} CMS Scanner {5} Fuzzers {6} Cms Exploit Scanner {7} Backdoor Generation {8} Linux Log Clear WebApp Vul Scanner {1} Xss scanner {2} Sql Scanner {3} Tomcat RCE Port Scanner [0] Nmap Scan [1] Unicorn Scan Nmap Scan [2] Nmap Os Scan [3] Nmap TCP Scan [4] Nmap UDB Scan [5] Nmap All scan [6] Nmap Http Option Scan [7] Nmap Live target In Network Unicorn Scan [8] Services OS [9] TCP SYN Scan on a whole network [01] UDP scan on the whole network Backdoor Generation {1} Generate Shell {2} Connect Shell LAST_Update v 1.5 [+] Fix setup error [+] Fix sql injection detect error [+] Add Typo3 Scanner (+brute force) [+] Detect Of the MX and NS [HIDE][Hidden Content]]
  6. ANDRAX v5R NH-Killer - Penetration Testing on Android ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! The development of ANDRAX began on 08/09/2016 (DD/MM/YYYY) only for people in Brazil ANDRAX has been fully redefined and reloaded on 05/10/2018 (DD/MM/YYYY) open to the international public. ANDRAX enable to all Android device with root access enabled and a good unlocked rom become a weapon for advanced Penetration Testing. Why is Android so powerful? Simple, everyone has a smartphone and spends all the time with it! We have the possibility to camouflage easily in the middle of everyone, the processor architecture of most Android smartphones is ARM a modern and robust architecture extremely superior to the rest, With touch screens we can run the tools with great agility and take advantage of the graphical interface of Android, we can get in almost anywhere with our smartphones... In technical terms, ANDRAX and NetHunter should never be compared, ANDRAX is a penetration testing platform for Android smartphones and NetHunter is just a Debian emulator running with chroot. Termux is not our enemy, Termux is an application that allows installation of many Linux packages using a Debian environment running natively on Android. ANDRAX and Termux have a similar development, ANDRAX and Termux share many libs and GNU/Linux resources. But Termux is not a penetration testing platform, it's software to bring basic tools found in a Debian environment. Penetration tests are not something basic! But advanced techniques that involve advanced tools and a advanced environment to conduct good tests! So you can install many tools manually in Termux but it would be extremely difficult to optimize and configure them to take 100% of the required potential for penetration testing. Termux runs without root privileges and this makes it very difficult to use advanced tools. ANDRAX promotes the use of more than 900 advanced tools for Hacking, Cracking and Penetration Testing. CHANGELOG: v5 BUILD:1 [ 20/05/2020 ] Core rewrited from scratch BusyBox removed (No more needed) Fixed some crashes Added more tools than you can use in your hole life [HIDE][Hidden Content]]
  7. InQL Burp Suite Extension Since version 1.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the capabilities of the stand-alone script plus a handy user interface to manipulate queries. Using the inql extension for Burp Suite, you can: Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website Search for exposed GraphQL development consoles (GraphiQL, GraphQL Playground, and other common consoles) Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL Leverage the templates generation by sending those requests to Burp's Repeater tool Configure the tool by using a custom settings tab [HIDE][Hidden Content]]
  8. 9 downloads

    90+ Videos to take you from a beginner to advanced in website hacking. Create a hacking lab & needed software (on Windows, OS X and Linux). Discover, exploit and mitigate a number of dangerous web vulnerabilities. Exploit these vulnerabilities to hack into web servers. Bypass security & advanced exploitation of these vulnerabilities. Advanced post exploitation - hack other websites on the same server, dump the database, privilege escalation....etc Bypass security & filters. Intercept requests using a proxy. Adopt SQL queries to discover and exploit SQL injections in secure pages. Gain full control over target server using SQL injections. Discover & exploit blind SQL injections. Install Kali Linux - a penetration testing operating system. Learn linux commands and how to interact with the terminal. Learn linux basics. Understand how websites & web applications work. Understand how browsers communicate with websites. Gather sensitive information about websites. Discover servers, technologies & services used on target website. Discover emails & sensitive data associated with a specific website. Find all subdomains associated with a website. Discover unpublished directories & files associated with a target website. Find all websites hosted on the same server as the target website. Discover, exploit and fix file upload vulnerabilities. Exploit advanced file upload vulnerabilities & gain full control over the target website. Discover, exploit and fix code execution vulnerabilities. Exploit advanced code execution vulnerabilities & gain full control over the target website. Discover, exploit & fix local file inclusion vulnerabilities. Exploit local file inclusion vulnerabilities to to get a shell. Exploit advanced local file inclusion vulnerabilities & gain full control over the target website. Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website. Discover, fix, and exploit SQL injection vulnerabilities. Bypass login forms and login as admin using SQL injections. Writing SQL queries to find databases, tables and sensitive data such as usernames ad passwords using SQL injections Bypass filtering, and login as admin without password using SQL injections. Bypass filtering and security measurements. Read / Write files to the server using SQL injections. Patch SQL injections quickly. Learn the right way to write SQL queries to prevent SQL injections. Discover basic & advanced reflected XSS vulnerabilities. Discover basic & advanced stored XSS vulnerabilities. How to use BeEF framwork. Hook users to BeEF using reflected & XSS vulnerabilities. Steal credentials from hooked targets. Run javascript code on hooked targets. Create undetectable backdoors. Hack computers using XSS vulnerabilities. Fix XSS vulnerabilities & protect yourself from them as a user. What do we mean by brute force & wordlist attacks. Create a wordlist or a dictionary. Launch a wordlist attack and guess admin's password. Discover all of the above vulnerabilities automatically using a web proxy. Run system commands on the target webserver. Access the file system (navigate between directories, read/write files). Download, upload files. Bypass security measurements. Access all websites on the same webserver. Connect to the database and execute SQL queries or download the whole database to the local machine. Discover, exploit and mitigate CSRF vulnerabilities. DOWNLOAD FREE FOR USERS PRIV8

    $100.00 PRIV8

  9. View File Learn Website Hacking / Penetration Testing From Scratch 90+ Videos to take you from a beginner to advanced in website hacking. Create a hacking lab & needed software (on Windows, OS X and Linux). Discover, exploit and mitigate a number of dangerous web vulnerabilities. Exploit these vulnerabilities to hack into web servers. Bypass security & advanced exploitation of these vulnerabilities. Advanced post exploitation - hack other websites on the same server, dump the database, privilege escalation....etc Bypass security & filters. Intercept requests using a proxy. Adopt SQL queries to discover and exploit SQL injections in secure pages. Gain full control over target server using SQL injections. Discover & exploit blind SQL injections. Install Kali Linux - a penetration testing operating system. Learn linux commands and how to interact with the terminal. Learn linux basics. Understand how websites & web applications work. Understand how browsers communicate with websites. Gather sensitive information about websites. Discover servers, technologies & services used on target website. Discover emails & sensitive data associated with a specific website. Find all subdomains associated with a website. Discover unpublished directories & files associated with a target website. Find all websites hosted on the same server as the target website. Discover, exploit and fix file upload vulnerabilities. Exploit advanced file upload vulnerabilities & gain full control over the target website. Discover, exploit and fix code execution vulnerabilities. Exploit advanced code execution vulnerabilities & gain full control over the target website. Discover, exploit & fix local file inclusion vulnerabilities. Exploit local file inclusion vulnerabilities to to get a shell. Exploit advanced local file inclusion vulnerabilities & gain full control over the target website. Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website. Discover, fix, and exploit SQL injection vulnerabilities. Bypass login forms and login as admin using SQL injections. Writing SQL queries to find databases, tables and sensitive data such as usernames ad passwords using SQL injections Bypass filtering, and login as admin without password using SQL injections. Bypass filtering and security measurements. Read / Write files to the server using SQL injections. Patch SQL injections quickly. Learn the right way to write SQL queries to prevent SQL injections. Discover basic & advanced reflected XSS vulnerabilities. Discover basic & advanced stored XSS vulnerabilities. How to use BeEF framwork. Hook users to BeEF using reflected & XSS vulnerabilities. Steal credentials from hooked targets. Run javascript code on hooked targets. Create undetectable backdoors. Hack computers using XSS vulnerabilities. Fix XSS vulnerabilities & protect yourself from them as a user. What do we mean by brute force & wordlist attacks. Create a wordlist or a dictionary. Launch a wordlist attack and guess admin's password. Discover all of the above vulnerabilities automatically using a web proxy. Run system commands on the target webserver. Access the file system (navigate between directories, read/write files). Download, upload files. Bypass security measurements. Access all websites on the same webserver. Connect to the database and execute SQL queries or download the whole database to the local machine. Discover, exploit and mitigate CSRF vulnerabilities. DOWNLOAD FREE FOR USERS PRIV8 Submitter dEEpEst Submitted 26/02/20 Category Libro Online Password ********  
  10. Host Header Attack Vulnerability Demonstration | POC | Penetration Testing Video Tutorial [Hidden Content]
  11. Fuxi-Scanner Fuxi Scanner is an open-source network security vulnerability scanner, it comes with multiple functions. Vulnerability detection & management Authentication Tester IT asset discovery & management Port scanner Subdomain scanner Acunetix Scanner (Integrate Acunetix API) [HIDE][Hidden Content]]
  12. [Hidden Content]
  13. A Penetration Testing Framework, you will have the very script that a hacker needs Fsociety Contains All Tools Used In Mr. Robot Series Menu Fsociety Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Contributors Install & Update Information Gathering : Nmap Setoolkit Host To IP WPScan CMS Scanner XSStrike Dork – Google Dorks Passive Vulnerability Auditor Scan A server’s Users Crips Password Attacks : Cupp Ncrack Wireless Testing : reaver pixiewps Bluetooth Honeypot Exploitation Tools : ATSCAN sqlmap Shellnoob Commix FTP Auto Bypass JBoss Autopwn Sniffing & Spoofing : Setoolkit SSLtrip pyPISHER SMTP Mailer Web Hacking : Drupal Hacking Inurlbr WordPress & Joomla Scanner Gravity Form Scanner File Upload Checker WordPress Exploit Scanner WordPress Plugins Scanner Shell and Directory Finder Joomla! 1.5 – 3.4.5 remote code execution Vbulletin 5.X remote code execution BruteX – Automatically brute force all services running on a target Arachni – Web Application Security Scanner Framework Private Web Hacking Get all websites Get Joomla websites Get wordpress websites Control Panel Finder Zip Files Finder Upload File Finder Get server users SQli Scanner Ports Scan (range of ports) ports Scan (common ports) Get server Info Bypass Cloudflare Post Exploitation Shell Checker POET Weeman [HIDE][Hidden Content]]
  14. Pown Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM module allowing greater degree of reuse and flexibility. Creating new modules is a matter of publishing to NPM and tagging it with the correct tags. The rest is handled automatically. [HIDE][Hidden Content]]
  15. Black Widow black-widow is one of the most useful, powerful and complete offensive penetration testing tool. It provides easy ways to execute many kinds of information gatherings and attacks. Fully Open Source Written in Python Continuously updated and extended Features: Localhost Web GUI Sniffing Website crawling Web page parsing SQL injection Injected database management Brute force attacks Cluster between other black-widows Multiple asynchronous requests Multiple targets management Useful CTF features [HIDE][Hidden Content]]
  16. fsociety Hacking Tools Pack – A Penetration Testing Framework Fsociety Hacking Tools Pack A Penetration Testing Framework, you will have every script that a hacker needs Fsociety Contains All Tools Used in Mr. Robot Series Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Contributors Install & Update Information Gathering: Nmap Setoolkit Host To IP WPScan CMS Scanner XSStrike Dork - Google Dorks Passive Vulnerability Auditor Scan A server's Users Crips Password Attacks: Cupp Ncrack Wireless Testing: Reaver Pixiewps Bluetooth Honeypot Exploitation Tools: ATSCAN sqlmap Shellnoob Commix FTP Auto Bypass JBoss Autopwn Sniffing & Spoofing: Setoolkit SSLtrip pyPISHER SMTP Mailer Web Hacking: Drupal Hacking Inurlbr Wordpress & Joomla Scanner Gravity Form Scanner File Upload Checker Wordpress Exploit Scanner Wordpress Plugins Scanner Shell and Directory Finder Joomla! 1.5 - 3.4.5 remote code execution Vbulletin 5.X remote code execution BruteX - Automatically brute force all services running on a target Arachni - Web Application Security Scanner Framework Private Web Hacking: Get all websites Get joomla websites Get wordpress websites Control Panel Finder Zip Files Finder Upload File Finder Get server users SQli Scanner Ports Scan (range of ports) Ports Scan (common ports) Get server Info Bypass Cloudflare Post Exploitation: Shell Checker POET Weeman Installation Installation Linux bash <(wget -qO- [Hidden Content]) Follow This Video: [Hidden Content] Installation Download Termux bash <(wget -qO- [Hidden Content]) Follow This Video Arif - Tech Installation Windows Download Linux Bash Like Cygwin Download Python Use Google Cloud Console Cloud Shell Or Use Free Ubuntu VPS c9.io Docker Usage Dependecies Docker Docker-compose docker-compose build docker-compose up -d docker-compose exec fsociety fsociety docker-compose down # destroys instance Screenshots Download: [HIDE][Hidden Content]]
  17. [Hidden Content]
  18. ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! The development of ANDRAX began on 08/09/2016 (DD/MM/YYYY) only for people in Brazil ANDRAX has been fully redefined and reloaded on 05/10/2018 (DD/MM/YYYY) open to the international public. ANDRAX enable to all Android device with root access enabled and a good unlocked rom become a weapon for advanced Penetration Testing. CHANGELOG: v4 BUILD:1 [ 25/11/2019 ] [HIDE][Hidden Content]]
  19. The world’s most used penetration testing framework Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game. [HIDE][Hidden Content]]
  20. Mobile Application Penetration Testing Cheat Sheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics and checklist, which is mapped OWASP Mobile Risk Top 10 for conducting pentest. [Hidden Content]