Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'tool '.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Categories

  • Files
  • Online Book
  • Services

Categories

  • Hacking

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. BX RAT V1.3 PREVIEW DOWNLOAD: kosred: [hide][Hidden Content]] upload.ee: [hide][Hidden Content]]
  2. Unzip Password is 1 [Hidden Content]
  3. Since I love game hacking, I have been looking for ida pro for a long time, but the price is very high, so I wanted to share it. This crack does not belong to me. I first tested it on the virtual machine, then I used it on my main machine. It has been about 4 months and I have not experienced any problems, but you are still responsible. 😀 (Sory for my bad eng) [Hidden Content] Thanks - kedi
  4. Discord Webhook Flooder for free. Virustotal scan: [Hidden Content] Some may show positive on virus, but those are false positives (there are only two). [hide][Hidden Content]]
  5. + Undo & Redo + Sorting & Filtering + Splitter & Extracters + Some Other Actions Available [Hidden Content]
  6. It’s an AV/EDR Evasion tool created to bypass security tools for learning, until now the tool is FUD. Features: Module Stomping for Memory scanning evasion DLL Unhooking by fresh ntdll copy IAT Hiding and Obfuscation & API Unhooking ETW Patching for bypassing some security controls Included sandbox evasion techniques & Basic Anti-Debugging Fully obfuscated (Functions – Keys – Shellcode) by XOR-ing Shellcode reversed and Encrypted Moving payload into hallowed memory without using APIs Runs without creating new thread & Suppoers x64 and x86 arch [hide][Hidden Content]]
  7. [Hidden Content]
  8. ZaiwriteAI is the best AI content-writing script. Using ZaiwriteAI you can easily get more than 70+ premade templates and write content in 30+ languages. ZaiwriteAI is an advanced AI writing tool that can help you create high-quality content quickly and easily. Whether you need to write an article, a report, a blog post, or any other type of written content, ZaiwriteAI can assist you in generating unique and engaging text. [Hidden Content] [hide][Hidden Content]]
  9. An osint tool that uses Ahmia.fi to get Tor hidden services and descriptions that match with the users query. [Hidden Content]
  10. Obfu[DE]scate is a Python tool designed to simplify the process of de-obfuscating and comparing two versions of an Android APK - even if the functions have been renamed as part of obfuscation. With fuzzy comparison logic, Obfu[DE]scate can identify similarities between functions and help you uncover changes between APK versions. [hide][Hidden Content]]
  11. A free and efficient obfuscator for JavaScript (including support of ES2022). Make your code harder to copy and prevent people from stealing your work. This tool is a Web UI to the excellent (and open source) [email protected] created by Timofey Kachalov. [Hidden Content]
  12. Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating public repositories that utilize self-hosted runners. GitHub recommends that self-hosted runners only be utilized for private repositories, however, there are thousands of organizations that utilize self-hosted runners. Who is it for? Security engineers who want to understand the level of access a compromised classic PAT could provide an attacker Blue teams that want to build detections for self-hosted runner attacks Red Teamers Bug bounty hunters who want to try and prove RCE on organizations that are utilizing self-hosted runners Features GitHub Classic PAT Privilege Enumeration GitHub Code Search API-based enumeration GitHub Action Run Log Parsing to identify Self-Hosted Runners Bulk Repo Sparse Clone Features GitHub Action Workflow Parsing Automated Command Execution Fork PR Creation Automated Command Execution Workflow Creation SOCKS5 Proxy Support HTTPS Proxy Support [hide][Hidden Content]]
  13. An automatic Blind ROP exploitation python tool Abstract BROP (Blind ROP) was a technique found by Andrew Bittau from Stanford in 2014. Original paper Slides Most servers like nginx, Apache, MySQL, and forks then communicate with the client. This means canary and addresses stay the same even if there is ASLR and PIE. So we can use some educated brute force to leak information and subsequently craft a working exploit. Flow of exploitation Find buffer overflow offset Find canary Find saved registers (RBP / RIP) Find stop gadgets Find brop gadgets Find a Write function (write / dprintf / puts / …) Leak the binary [hide][Hidden Content]]
  14. jsleak is a tool to find secret , paths or links in the source code during the recon. It is easy-to-use command-line tool designed to uncover secrets and links in JavaScript files or source code. Features: Discover secrets in JS files such as API keys, tokens, and passwords. Identify links in the source code. Complete Url Function Concurrent processing for scanning of multiple Urls Check status code if the url is alive or not [Hidden Content]
  15. MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner. On Macro-enabled Office documents we can quickly use oletools mraptor to determine whether document is malicious. If we want to dissect it further, we could bring in oletools olevba or oledump. To dissect malicious MSI files, so far we had only one, but reliable and trustworthy lessmsi. However, lessmsi doesn't implement features I was looking for: quick triage Binary data extraction YARA scanning Hence this is where msidump comes into play. Here we can see that input MSI is injected with suspicious VBScript and contains numerous executables in it. Now we want to take a closer look at this VBScript by extracting only that record. [Hidden Content]
  16. Geogramint is an OSINT tool that uses Telegram’s API to find nearby users and groups. Inspired by Tejado’s Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative. Geogramint only finds Telegram users and groups which have activated the nearby feature. Per default, it is deactivated. The tool is fully supported on Windows and partially supported on Mac OS and Linux distributions. [hide][Hidden Content]]
  17. The US Cybersecurity and Infrastructure Protection Agency (CISA) has released an open source incident response tool, which makes it easy to detect signs of malicious activity in Microsoft cloud environments. You can see the tool at this link:
  18. All-in-One malware analysis tool for analyze Windows, Linux, OSX binaries, Document files and APK files. You can get: What DLL files are used. Functions and APIs. Sections and segments. URLs, IP addresses and emails. Android permissions. File extensions and their names. Qu1cksc0pe Can Analyze Currently Files Analysis Type Windows Executables (.exe, .dll, .msi, .bin) Static, Dynamic Linux Executables (.elf, .bin) Static, Dynamic MacOS Executables (mach-o) Static Android Files (.apk, .jar) Static, Dynamic(for now .apk only) Golang Binaries (Linux) Static Document Files (.doc, .docx, .pdf, .xls, .xlsx) Static [hide][Hidden Content]]
  19. 0.8: New year, new release Latest Main functions refactorization Correct wordling Update golang.org/x/text from 0.3.7 to 0.3.8 to fix a security vulnerability Added feature: parse from requestFile (BurpSuite's Repeater syntax) Some minor errors fix [hide][Hidden Content]]
  20. Accenture made a tool called Spartacus, which finds DLL hijacking opportunities on Windows. Using Spartacus as a starting point, we created Crassus to extend Windows privilege escalation finding capabilities beyond simply looking for missing files. The ACLs used by files and directories of privileged processes can find more than just looking for missing files to achieve the goal. Features Parsing ProcMon PML files natively. The log (PML) parser has been implemented by porting partial functionality to C# from [Hidden Content]. You can find the format specification here. Crassus will create source code for proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Crassus will create version.cpp and version.def files for you with all the exports included in it. By default, the proxy DLLs will launch calc.exe. Build scripts are included to build the DLLs on Visual Studio or MinGW. For other events of interest, such as creating a process or loading a library, the ability for unprivileged users to modify the file or any parts of the path to the file is investigated. Able to process large PML files and store all events of interest in an output CSV file. [hide][Hidden Content]]
  21. WAF bypass Tool is an open-source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by the Nemesida WAF team with the participation of the community. Payloads Depending on the purpose, payloads are located in the appropriate folders: FP – False Positive payloads API – API testing payloads CM – Custom HTTP Method payloads GraphQL – GraphQL testing payloads LDAP – LDAP Injection etc. payloads LFI – Local File Include payloads MFD – multipart/form-data payloads NoSQLi – NoSQL injection payloads OR – Open Redirect payloads RCE – Remote Code Execution payloads RFI – Remote File Inclusion payloads SQLi – SQL injection payloads SSI – Server-Side Includes payloads SSRF – Server-side request forgery payloads SSTI – Server-Side Template Injection payloads UWA – Unwanted Access payloads XSS – Cross-Site Scripting payloads Write your own payloads When compiling a payload, the following zones, methods, and options are used: URL – request’s path ARGS – request’s query BODY – request’s body COOKIE – request’s cookie USER-AGENT – request’s user-agent REFERER – request’s referer HEADER – request’s header METHOD – request’s method BOUNDARY – specifies the contents of the request’s boundary. Applicable only to payloads in the MFD directory. ENCODE – specifies the type of payload encoding (Base64, HTML-ENTITY, UTF-16) in addition to the encoding for the payload. Multiple values are indicated with a space (e.g. Base64 UTF-16). Applicable only to for ARGS, BODY, COOKIE and HEADER zone. Not applicable to payloads in API and MFD directories. Not compatible with option JSON. JSON – specifies that the request’s body should be in JSON format BLOCKED – specifies that the request should be blocked (FN testing) or not (FP) [hide][Hidden Content]]
  22. ZaiwriteAI is the best AI content-writing script. Using ZaiwriteAI you can easily get more than 70+ premade templates and write content in 30+ languages. ZaiwriteAI is an advanced AI writing tool that can help you create high-quality content quickly and easily. Whether you need to write an article, a report, a blog post, or any other type of written content, ZaiwriteAI can assist you in generating unique and engaging text. [Hidden Content] [hide][Hidden Content]]
  23. What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. What’s it do tho? feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application but are still accessible by an attacker. feroxbuster uses brute force combined with a wordlist to search for unlinked content in target directories. These resources may store sensitive information about web applications and operational systems, such as source code, credentials, internal network address, etc… This attack is also known as Predictable Resource Location, File Enumeration, Directory Enumeration, and Resource Enumeration. Changelog v2.9.2 changed default value for --extract-links to true => added --dont-extract-links to turn off the new default behavior by @epi052 in #834 can load a wordlist from its url over http/https by @epi052 in #834 updated README with alternative installation methods for brew and chocolatey by @aancw in #824 fixed divide by zero error by @epi052 in #834 added check for forced recursion when directory listing detected by @epi052 in #834 [hide][Hidden Content]]
  24. SubFinder is a subdomain discovery tool that uses various techniques to discover massive amounts of subdomains for any target. It has been aimed at a successor to the sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebin, Internet Archives, etc to find subdomains, and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors. Features Simple and modular code base making it easy to contribute. Fast And Powerful Resolution and wildcard elimination module Curated passive sources to maximize results (26 Sources as of now) Multiple Output formats supported (Json, File, Stdout) Optimized for speed, very fast and lightweight on resources Stdin and stdout support for integrating in workflows Changelog v2.5.7 Fixed Docker file to avoid version mismatch by @olearycrew in #771 Added self update option (-update) + version check by @RamanaReddy0M in #780 [hide][Hidden Content]]
  25. Mr.Holmes is a information gathering tool (OSINT). The main purpose is to gain information about domains,username and phone numbers with the help of public source avaiable on the internet also it use the google dorks attack for specific researchers. It also use proxies for make your requests completley anonymous and a WhoIS Api for getting more information about a domain. DISCLAIMER This Tool is Not 100% Precise so it can fail somtimes. Also this tool is made for educational and research purposes only..use it wisely. [hide][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.