Search the Community

Showing results for tags 'tool'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 269 results

  1. TimWork SaaS is a perfect, robust, lightweight, superfast web application to fulfill all your Team Collaboration, Project Management CRM needs like Managing Projects, Tasks, and Tasks Distribution, Clients, Users, and User Permissions. Save an hours of every day by Managing Projects, Tasks, Clients, and Teams at One Place using TimWork SaaS . [Hidden Content] [hide][Hidden Content]]
  2. WPrecon (WordPress Recon) Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go. Features Detection WAF Fuzzing Backup Files Fuzzing Passwords Random User-Agent Plugin(s) Enumerator Theme(s) Enumerator Scripts Tor Proxy User(s) Enumerator Vulnerability Version Checking (Beta) Changelog v1.0 alpha New: Scripts in LUA Vuln Scan (Beta) Passive Mode User(s) Enumeration Aggressive Mode User(s) Enumeration Passive Mode Plugin(s) Enumeration Aggressive Mode Plugin(s) Enumeration Passive Mode Theme(s) Enumeration Aggressive Mode Theme(s) Enumeration Auto Finding Important File(s) [hide][Hidden Content]]
  3. A Cross Platform multifunctional (Windows/Linux/Mac) RAT. Description A cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform as the server who accepts connections or to perform as the client/target who establish connections to the server. The generate command uses the module pyinstaller to compile the actual payload code. So, in order to generate payload file for your respective platform, you need to be on that platform while generating the file. Moreover, you can directly get the source file as well. Features Built-in Shell for command execution Dumping System Information including drives and rams Screenshot module. Captures screenshot of client screen. Connection Loop (Will continue on connecting to server) Currently, it uses BASE64 encoding. Pure Python Cross Platform. (Tested on Linux. Errors are accepted) Source File included for testing Python 3 To be expected in future Stealth Execution Encryption Storing Sessions from last attempt Pushing Notifications when a client connects [hide][Hidden Content]]
  4. HawkScan Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.6.7 Add: Option –auth for HTTP authentification. Exemple –auth admin:admin Fixed: Bugs [hide][Hidden Content]]
  5. Carnivore – Microsoft External Attack Tool Overview: Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality. Carnivore includes some new post-authentication Skype for Business functionality. In general, the tabs will unlock in-line with what functionality you can use. Ie – the post auth options will unlock after you have discovered valid credentials. Feature Subdomain Enumeration Username Enumeration Smart Enumeration 9 lists of statistically likely usernames Automatically selects likely format Legacy vs Modern Format Password Spraying Discovered Format Pre-built lists Post Compromise [hide][Hidden Content]]
  6. Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go. Features Status Features Random Agent Detection WAF User Enumerator Plugin Scanner Theme Scanner Tor Proxy’s Detection Honeypot Vulnerability Scanner Admin Finder [hide][Hidden Content]]
  7. GDA, a new Dalvik bytecode decompiler, is implemented in C++, which has the advantages of faster execution and lower memory&disk consumption and an stronger ability to decompiling the APK, DEX, ODEX, OAT files(supports JAR, CLASS and AAR files since 3.79). GDA is completely self-independent and works without Java VM and installation, so it works well in any newly installed windows system and virtual machine system without additional configuration. GDA Decompiler project started in 2013 and its first version 1.0 released in 2015 at GDA website. GDA is also a powerful and fast reverse analysis platform. Which does not only supports the basic decompiling operation, but also many excellent functions like Malicious behavior detection, Privacy leaking detection, Vulnerability detection, Path solving, Packer identification, Variable tracking analysis, Deobfuscation, Python& Java scripts, Device memory extraction, Data decryption and encryption etc. All the excellent features as follows: 𝕬 Interactive operation: 1. Cross-references for strings, classes, methods and fields; 2. Searching for strings, classes methods and fields; 3. Comments for java code; 4. Rename methods,fields and classes; 5. Save the analysis results in gda db file. ... 𝕭 Utilities for Assisted Analysis: 1. Extracting DEX from ODEX; 2. Extracting DEX from OAT; 3. XML Decoder (Component filter); 4. Algorithm tool(Support rolling encryption and almost all popular encryption algorithms); 5. Device memory dump(Dump so, odex, dex, oat file); 6. Path solving; 7. Static vulnerability scanner; ... 𝕮 New features: 1. Brand new dalvik decompiler in c++ with friendly GUI; 2. Support python script and Java script; 3. Packers Recognition; 4. Multi-DEX supporting; 5. Making and loading signature of the method; 6. Malicious Behavior Scanning by API chains; 7. Taint analysis to preview the behavior of variables; 8. Taint analysis to source the variables; 9. De-obfuscate; 10. API view with x-ref; 11. Association of permissions with modules; 12. Extract all the urls in APK. 13. Apk Forensics Analysis. 14. Static vulnerability scanner based on stack state machine and dynamic rule interpreter.. 15. Smart Rename. 16. Support for .jar files, .class files and .aar files. 17. Dual decompiler mode. 18. Deep URL extraction. 19. Multi-DEX Merge. 20. Personalized and Customizable UI. 21. Privacy leaking scanning. 22. Path solving based on low-level intermediate representation(LIR). [Hidden Content] [Hidden Content]
  8. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference. [hide][Hidden Content]]
  9. Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.6.6 Faster Updated: Less FP with bypass forbidden function Updated: Less errors in principal script Updated: Little modifications in report Fixed: Style and system bugs Added: Auto resize relative to window [hide][Hidden Content]]
  10. Features: Custom Captive Portal Spear Phishing Social Engineering Fake AP Bypass 2FA Credential Harvesting Rogue Access Point Evil Twin Attacks DNS Spoofing [hide][Hidden Content]]
  11. Website analyzer and SEO audit tool Search engine optimization (SEO) or organic search marketing, refers to software designed to improve the ranking of websites in search engine results pages (SERP) without paying for placement. These products provide insights through features, such as keyword analysis and backlink tracking to identify the best strategies for improving search relevance. On-site SEO checker tool SEO Checker is an easy to use website crawler, able to crawl both small and very large websites efficiently, while allowing you to find broken links, analyze the results in real-time, gather on-page SEO data, distinguish internal and external links, check dofollow and nofollow links, analyze titles, META descriptions, headers and various tags. SEO Checker provides you full lists of sitemap, links, internal backlinks, H1 and H2 headers. If you check the "Show Options" feature, it will reveal methods that can further help you when you do a website check. You can modify "connection timeout", "response timeout", "browser agent", "ignore extensions" and "ignore URLs". [Hidden Content] [hide][Hidden Content]]
  12. Requirements Libspotify Sconsify Portaudio [hide][Hidden Content]]
  13. Fawkes - Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine) [hide][Hidden Content]]
  14. Scilla - Information Gathering Tool (DNS/Subdomain/Port Enumeration) Test the functions built Subdomains enumeration DNS enumeration Subdomains enumeration Port enumeration Directories enumeration Print the progress percentage value when CR is pressed (not in output doc) Build an Input Struct and use it as parameter Output color Check input and if it's an IP try to change to hostname when dns or subdomain is active JSON report output PDF report output XML report output (report mode) In all the subdomains found enumerates ports??? Tor support Proxy support [hide][Hidden Content]]
  15. Tool social engineering [Access Webcam & Microphone & Os Password Grabber & Location Finder] With Ngrok Features: Get Device Information Without Any Permissions Access Location [SMARTPHONES] Os Password Grabber [WIN-10] Access Webcam Access Microphone Operating Systems Tested Kali Linux 2020 [hide][Hidden Content]]
  16. Introduction RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. It crack hashes with rainbow tables. Features Rainbow table generation, sort, merge, conversion and lookup Rainbow table of LM, NTLM, MD5, SHA1, SHA256 and customizable hash algorithms Rainbow table of customizable charset GPU acceleration with AMD GPUs (OpenCL technology) GPU acceleration with NVIDIA GPUs (CUDA technology) GPU acceleration with multiple GPUs Command line and graphics user interface Windows and Linux [hide][Hidden Content]]
  17. Proxify Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering, and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. Features Simple and modular code base making it easy to contribute. HTTP and SOCKS5 support for upstream proxy Native MITM support Full traffic dump (request/responses) Traffic Match / Filter with DSL language Traffic Match and Replace support Traffic replay in Burp [hide][Hidden Content]]
  18. MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. Features: Verification Service { Check if email exist } Check social accounts with Socialscan Check data breaches [need API] Find related emails Find related phone numbers Find related domains Scan Pastebin Dumps Google Search DNS Lookup [hide][Hidden Content]]
  19. Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x) This script uses “WafW00f” to detect the WAF in the first step. This script uses “Sublist3r” to scan subdomains. This script uses “waybacktool” to check in waybackmachine. Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak, index.php~ …) Check header information Check DNS information Check whois information User-agent random or personal Extract files Keep a trace of the scan Check @mail in the website and check if @mails leaked CMS detection + version and vulns Subdomain Checker Backup system (if the script stopped, it take again in the same place) WAF detection Add personal prefix Auto-update script Auto or personal output of scan (scan.txt) Check Github Recursive dir/file Scan with an authentication cookie Option –profil to pass profil page during the scan HTML report Work it with py2 and py3 Add option rate-limit if the app is unstable (–timesleep) Check-in waybackmachine Response error to WAF Check if DataBase firebaseio exist and accessible Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30 Search S3 buckets in source code page Testing bypass of waf if detected Testing if it’s possible scanning with “localhost” host Changelog v1.6 Add: degoogle tools for google dork queries, faster and less of google captcha Update: Code optimization [hide][Hidden Content]]
  20. Features: Hacker Dashboard Hacker News [thehackernews.com/] New Exploits [Exploit-db.com] Hacking Tutorials Video [youtube.com] The Latest Prices OF Digital Currencies [Rials , Usd] Information Gathering Bypass Cloud Flare Cms Detect Trace Toute Reverse IP Port Scan IP location Finder Show HTTP Header Find Shared DNS Whois DNS Lookup Exploits Reference exploit-db.com Social Engineering [Support Ngrok] Get system Information with link Screen Captrue With Link Play Sound With Link [hide][Hidden Content]]
  21. Hacking Tool Powerfull keylogger Advanced with keywords! Only Propuses Educatives [hide][Hidden Content]]
  22. h4rpy is an automated WPA/WPA2 PSK attack tool, wrapper of aircrack-ng framework. h4rpy provides clean interface for automated cracking of WPA/WPA2 PSK networks. h4rpy enables monitor mode on selected wireless interface, scans the wireless space for access points, tries to capture WPA/WPA2 4-way handshake for the acess point, and starts a dictionary attack on the handshake. It is also possible to send disassociate packets to clients associated with access point. [hide][Hidden Content]]
  23. Oblivion Oblivion is a tool focused on real-time monitoring of new data leaks, notifying if the credentials of the user have been leak out. It’s possible to verify if any credential of the user has been leak out before. It has two modes: Oblivion Client: graphical mode. Oblivion Server: mode with API functionalities. NOTE: The Oblivion Client and the Oblivion Server are independents. Features CVEs scan Works with powerful APIs Works too with Google Dorks Checks your password in Word Lists Checks the last pastes in Pastebin Output to txt, docx, pdf, xlsx, json, html, xml, db Output to encrypted files Sends result files to multiples Buckets S3 Upload the result files to Google Drive Cab send result files by SSH (work with EC2) Notify by Telegram and e-mail Includes option to hide passwords for demonstrations Works with scheduled scans Possible to execute loop scans [hide][Hidden Content]]
  24. Obfuscar is a basic obfuscator for .NET assemblies. It uses massive overloading to rename metadata in .NET assemblies (including the names of methods, properties, events, fields, types, and namespaces) to a minimal set, distinguishable in most cases only by signature. For example, if a class contains only methods that accept different parameters, they can all be renamed ‘A’. If another method is added to the class that accepts the same parameters as an existing method, it could be named ‘a’. It makes the decompiled code very difficult to follow. Basically, Obfuscar scrambles the metadata in a set of assemblies. It renames everything to the minimal set of names that can be used to identify them, given signatures and type information. Since these new names are shorter than the old ones, it also dramatically shrinks the executable size. Feature Simple Configuration Hide everything private, while keeping everything public. You can achieve such simply via default settings. Name Obfuscation Hide class/method/property/event names that you don’t want to expose. This is irreversible. String Compression String contents can be compressed so that end-users won’t easily learn them. However, this is reversible by certain tools. Changelog v2.2.29 Bumped dependencies Fixed #82 Merged #300 Fixed a minor issue on SuppressIldasmAttribute. [hide][Hidden Content]]