Search the Community

Showing results for tags 'tools'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 114 results

  1. Clickbait

    Zambie Bulk Ddos Tools

    ZAmbIE is a Toolkit(not finished yet) Made By Lunatic2(me) for recon,information-gathering And it Has a Collection For DDoS Attacks [hide][Hidden Content]]
  2. We are at your service with one of the best software ** WiFi that few people know about it and maybe they do not know its efficiency, I will bring you the latest version of this software. Well, the difference between this software and similar programs like Damper is that Damper software takes a PIN from you. For ** WiFi, which is not sometimes responsive, but this software provides you with 3 pins for each WiFi, which increases the percentage. [Hidden Content]
  3. dEEpEst

    Top 20 Ethical Hacking Tools in 2020

    Top 20 Ethical Hacking Tools in 2020 What are Hacking Tools? Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in computer systems, web applications, servers and networks. There are a variety of such hack tools available in the market. Some of them are open source while others are commercial solution. Following is a handpicked list of Top 20 Best Ethical Hacking Tools, with their popular features and website links. The list contains both open source(free) and commercial(paid) software. 1) Netsparker Netsparker is an easy to use web application security scanner that can automatically find SQL Injection, XSS and other vulnerabilities in your web applications and web services. It is available as on-premises and SAAS solution. Features Dead accurate vulnerability detection with the unique Proof-Based Scanning Technology. Minimal configuration required. Scanner automatically detects URL rewrite rules, custom 404 error pages. REST API for seamless integration with the SDLC, bug tracking systems etc. Fully scalable solution. Scan 1,000 web applications in just 24 hours. 2) Acunetix Acunetix is a fully automated ethical hacking solution that mimics a hacker to keep one step ahead of malicious intruders. The web application security scanner accurately scans HTML5, JavaScript and Single-page applications. It can audit complex, authenticated webapps and issues compliance and management reports on a wide range of web and network vulnerabilities. Features: Scans for all variants of SQL Injection, XSS, and 4500+ additional vulnerabilities Detects over 1200 WordPress core, theme, and plugin vulnerabilities Fast & Scalable – crawls hundreds of thousands of pages without interruptions Integrates with popular WAFs and Issue Trackers to aid in the SDLC Available On Premises and as a Cloud solution. 3) SaferVPN SaferVPN is an indispensable tool in an Ethical hackers arsenal. You may need it to check target in different geographies, simulate nonpersonalized browsing behavior, anonymized file transfers, etc. Features: No Log VPN with high security and anonymity Very fast speeds with 2000+ servers across continents Based in Hongkong, it does not store any data. Split tunneling and 5 simultaneous logins 24/7 support Supports Windows, Mac, Android, Linux, iPhone, etc. 300,000+ IPs Port Forwarding, Dedicated IO and P2P Protection 31 Day Money-Back Guarantee 4) Burp Suite: Burp Suite is a useful platform for performing Security Testing of web applications. Its various hacker tools work seamlessly together to support the entire pen testing process. It spans from initial mapping to analysis of an application's attack surface. Features: It can detect over 3000 web application vulnerabilities. Scan open-source software and custom-built applications An easy to use Login Sequence Recorder allows the automatic scanning Review vulnerability data with built-in vulnerability management. Easily provide wide variety of technical and compliance reports Detects Critical Vulnerabilities with 100% Accuracy Automated crawl and scan Advanced scanning feature for manual testers Cutting-edge scanning logic Download link: [Hidden Content] 5) Ettercap: Ettercap is an ethical hacking tool. It supports active and passive dissection includes features for network and host analysis. Features: It supports active and passive dissection of many protocols Feature of ARP poisoning to sniff on a switched LAN between two hosts Characters can be injected into a server or to a client while maintaining a live connection Ettercap is capable of sniffing an SSH connection in full duplex Allows sniffing of HTTP SSL secured data even when the connection is made using proxy Allows creation of custom plugins using Ettercap's API Download link: [Hidden Content] 6) Aircrack: Aircrack is one of the best, trustable, ethical hacking tool in the market. It cracks vulnerable wireless connections. It is powered by WEP WPA and WPA 2 encryption Keys. Features: More cards/drivers supported Support all types of OS and platforms New WEP attack: PTW Support for WEP dictionary attack Support for Fragmentation attack Improved tracking speed Download link: [Hidden Content] 7) Angry IP Scanner: Angry IP Scanner is open-source and cross-platform ethical hacking tool. It scans IP addresses and ports. Features: Scans local networks as well as the Internet Free and open-source hack tool Random or file in any format Exports results into many formats Extensible with many data fetchers Provides command-line interface Works on Windows, Mac, and Linux No need for Installation Download link: [Hidden Content] GFI LanGuard: GFI LanGuard is an ethical tool that scan networks for vulnerabilities. It can acts as your 'virtual security consultant' on demand. It allows creating an asset inventory of every device. Features: It helps to maintain a secure network over time is to know which changes are affecting your network and Patch management: Fix vulnerabilities before an attack Analyze network centrally Discover security threats early Reduce cost of ownership by centralizing vulnerability scanning Help to maintain a secure and compliant network Download link: [Hidden Content] 9) Savvius: It is an ethical hacking tool. It performance issues and reduces security risk with the deep visibility provided by Omnipeek. It can diagnose network issues faster and better with Savvius packet intelligence. Features: Powerful, easy-to-use network forensics software Savvius automates the capture of the network data required to quickly investigate security alerts Software and integrated appliance solutions Packet intelligence combines deep analysis Rapid resolution of network and security issues Easy to use Intuitive workflow Expert and responsive technical support Onsite deployment for appliances Commitment to our customers and our products Download link: [Hidden Content] 10) QualysGuard: Qualys guard helps businesses streamline their security and compliance solutions. It also builds security into their digital transformation initiatives. This tool can also check the performance vulnerability of the online cloud systems. Features: It is trusted globally No hardware to buy or manage It is a scalable, end-to-end solution for all aspects of IT security Vulnerability data securely stored and processed on an n-tiered architecture of load-balanced servers It sensor provides continuous visibility Data analyzed in real time It can respond to threats in a real-time Download link: [Hidden Content] 11) WebInspect: WebInspect is automated dynamic application security testing that allows performing ethical hacking techniques. It provides comprehensive dynamic analysis of complex web applications and services. Features: Allows to test dynamic behavior of running web applications to identify security vulnerabilities Keep in control of your scan by getting relevant information and statistics at a glance Centralized Program Management Advanced technologies, such as simultaneous crawl professional-level testing to novice security testers Easily inform management on vulnerability trending, compliance management, and risk oversight Download link: [Hidden Content] 12) Hashcat: Hashcat is a robust password cracking and ethical hackers tool. It can help users to recover lost passwords, audit password security, or just find out what data is stored in a hash. Features: Open-Source platform Multi-Platform Support Allows utilizing multiple devices in the same system Utilizing mixed device types in the same system It supports distributed cracking networks Supports interactive pause/resume Supports sessions and restore Built-in benchmarking system Integrated thermal watchdog Supports automatic performance tuning Download link: [Hidden Content] 13) L0phtCrack: L0phtCrack 6 is useful password audit and recovery tool. It identifies and assesses password vulnerability over local machines and networks. Features: Multicore & multi-GPU support helps to optimize hardware Easy to customize Simple Password Loading Schedule sophisticated tasks for automated enterprise-wide password Fix weak passwords issues by forcing password resets or locking accounts It allows multiple auditing OSes Download link: [Hidden Content] 14) Rainbow Crack: RainbowCrack RainbowCrack is a password cracking and ethical hacking tool widely used for hacking devices. It cracks hashes with rainbow tables. It uses time-memory tradeoff algorithm for this purpose. Features: Full time-memory trade-off tool suites, including rainbow table generation It Support rainbow table of any hash algorithm Support rainbow table of any charset Support rainbow table in raw file format (.rt) and compact file format Computation on multi-core processor support GPU acceleration with multiple GPUs Runs on Windows OS and Linux Unified rainbow table file format on every supported OS Command line user interface Graphics user interface Download link: [Hidden Content] 15) IKECrack: IKECrack is an open source authentication crack tool. This ethical hacking tool is designed to brute-force or dictionary attack. This tool also allows performing cryptography tasks. Features: IKECrack is a tool that allows performing Cryptography tasks Initiating client sends encryption options proposal, DH public key, random number, and an ID in an unencrypted packet to the gateway/responder. It is freely available for both personal and commercial use. Therefore, it is perfect choice for user who wants an option for Cryptography programs Download link: [Hidden Content] 16) IronWASP: IronWASP is an open source hacking software. It is web application vulnerability testing. It is designed to be customizable so that users can create their custom security scanners using it. Features: GUI based and very easy to use It has powerful and effective scanning engine Supports for recording Login sequence Reporting in both HTML and RTF formats Checks for over 25 types of web vulnerabilities False Positives and Negatives detection support It supports Python and Ruby Extensible using plug-ins or modules in Python, Ruby, C# or VB.NET Download link: [Hidden Content] 17) Medusa Medusa is one of the best online brute-force, speedy, parallel password crackers ethical hacking tool. This hacking toolkit is also widely used for ethical hacking. Features: It is designed in such a way that it is speedy, massively parallel, modular, login brute-forcer The main aim of this tool is to support as many services which allow remote authentication Allows to perform Thread-based parallel testing and Brute-force testing Flexible user input. It can be specified in a variety of ways All the service module exists as an independent .mod file. No modifications are needed to the core application to extend the supported list of services for brute-forcing Download link: [Hidden Content] 18) NetStumbler NetStumbler is used to detect wireless networks on the Windows platform. Features: Verifying network configurations Finding locations with poor coverage in a WLAN Detecting causes of wireless interference Detecting unauthorized ("rogue") access points Aiming directional antennas for long-haul WLAN links Download link: [Hidden Content] 19) SQLMap SQLMap automates the process of detecting and exploiting SQL Injection weaknesses. It is open source and cross platform. It supports the following database engines. MySQL Oracle Postgre SQL MS SQL Server MS Access IBM DB2 SQLite Firebird Sybase and SAP MaxDB It supports the following SQL Injection Techniques; Boolean-based blind Time-based blind Error-based UNION query Stacked queries and out-of-band. Download link: [Hidden Content] 20) Cain & Abel Cain & Abel is a Microsoft Operating System passwords recovery tool. It is used to - Recover MS Access passwords Uncover password field Sniffing networks Cracking encrypted passwords using dictionary attacks, brute-force, and cryptanalysis attacks. Download link: [Hidden Content] 21) Nessus Nessus can be used to perform; Remote vulnerability scanner Password dictionary attacks Denial of service attacks. It is closed source, cross platform and free for personal use. Download link: [Hidden Content] 22) Zenmap Zenmap is the official Nmap Security Scanner software. It is a multi-platform free and open source application. It is easy to use for beginners but also offers advanced features for experienced users. Features: Interactive and graphical results viewing It summarizes details about a single host or a complete scan in a convenient display. It can even draw a topology map of discovered networks. It can show the differences between two scans. It allows administrators to track new hosts or services appearing on their networks. Or track existing services that go down Download link: [Hidden Content] What are Hacking Tools? Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in computer systems, web applications, servers and networks. There is a variety of such tools available on the market. Some of them are open source while others are commercial solution. Is it Legal to use Hacking Tools? It is legal to use Hacking tools for whitehat hacking purposes. It’s important that you take written permission from the target site before you launch a penetration attack. Without a permission any good intented hacking attempt will land you in legal trouble. To Learn Cyber Security and Ethical Hacking, Join our Telegram Channel. Here you will learn all about ethical hacking and cyber security.
  4. What you'll learn Hacking with Termux Android Hacking For Beginners Requirements Should have stable internet connection Should have any Mobile phone to run termux Description Best Hacking Tools and Techniques using Termux on Android For Beginners: In this course you will learn about Hacking with an Android device. I will teach you how to send fake login in pages using termux and how to get their password, Get IP Address Information, SMS Bombing, Call Bombing..etc. This is for educational purpose only.....because someone might do this with you so be aware. :-) I hope it will be a great and interesting session for all of you. hacker is a computer expert who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term "hacker" has become associated in popular culture with a "security hacker" – someone who utilizes their technical know-how of bugs or exploits to break into computer systems and access data which would otherwise be unavailable to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques in order to collect evidence on criminals and other malicious actors. This could include using anonymity tools (such as a VPN, or the dark web) to mask their identities online, posing as criminals themselves.[1][2] Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Oppositely, hacking and cyber-attacks are used extra- and illegally by law enforcement and security agencies (conducting warrantless activities), and employed by State actors as a weapon of both legal and illegal warfare. Who this course is for: Beginner in Hacking [Hidden Content] [hide][Hidden Content]]
  5. WordPress SEO Made Easy Rank Math is the most powerful way to get BEST WordPress SEO tools added to your website. [Hidden Content] [hide][Hidden Content]]
  6. itsMe

    IPTV Tools 1.1.8 Premium + Video

    iptv config meker Fuerza bruta Comprobador M3u corrector M3u_plus Todo en uno Creator Mac (generador) video desmostracion dentro del archivo [hide][Hidden Content]]
  7. A to Z SEO Tools v2 is a Search Engine Optimization Tools. We have more than 50 SEO Tools to keep track your SEO issues and help to improve the visibility of a website in search engines. It also helps to optimize web content by analyzing content for keywords, on-site links and other SEO considerations. [Hidden Content] [hide][Hidden Content]]
  8. English | November 4, 2019 | ISBN: 1705492703 | 177 pages | Rar (PDF, AZW3) | 5.10 MB Do you want to learn about how to hack using Kali Linux within a short time span? Do you want to learn about how to perform an actual attack and become a professional hacker? This handbook will suit your needs, and you will not only learn about Hacking Tools for Computers, but you will also be accorded some guidance on how you can successfully launch your first attack using Kali Linux. By gaining some insight into Hacking Tools for Computers through this handbook, you will also realize that you have saved on time and other resources, depending on your learning needs. [Hidden Content] [hide][Hidden Content]]
  9. Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like performing vulnerability scans, malware analysis, and incident response. With some help from Mono, you can write your own practical security tools that will run on Mac, Linux, and even mobile devices. [Hidden Content] [hide][Hidden Content]]
  10. itsMe

    ConfuserEx Unpacking Tools

    ConfuserExTools ConfuserEx unpacking tools It has only basic support for ConfuserEx (AntiTamper, ReferenceProxy, Constants) because it is a tool for my personal use. Whether it gets further update is based on whether I still need it. NOTE: For constants decryption, it only supports non-cfg mode. [Hidden Content]
  11. WordPress SEO Made Easy Rank Math is the most powerful way to get BEST WordPress SEO tools added to your website. [Hidden Content] [hide][Hidden Content]]
  12. itsMe

    Sexitor - Combo Tools

    [hide][Hidden Content]]
  13. What you'll learn Ethical Hacking Techniques Penetration Testing Techniques Bug Bounty Techniques Nmap Burp Suite Dirsearch Google Hacking Database Google Dorks Github Recon Shodan Censys HTTP Requests XML to CSV for Recon Decoy Scans Bypass Firewalls Exploit PUT to RCE Sensitive Data Exposure Description Welcome to Top 5 Tools & Techniques for Pentesting in Cyber Security Course. This course covers Top 5 Tools and approach for web application attacks and how to earn bug bounties. There is no prerequisite of prior hacking knowledge and you will be able to perform web attacks and hunt bugs on live websites and secure them. This course is not like other hacking or penetration testing course with outdated vulnerabilities and only lab attacks. This course will start with an understanding of each tool that is used in the industry by the experts for Penetration Testing. This course is highly practical and is made on Tools used by professionals in the industry to give you the exact environment when you start your penetrating testing or bug hunting journey. We will start from the basics and go till the advance of the particular tool. This course is divided into a number of sections, each section covers how to hunt vulnerability in an ethical manner. In Nmap, We will cover what is Nmap, Installation, Firewall Bypass Techniques, and Nmap cheatsheet. In Burpsuite, We will cover what is Burpsuite, Installation, and We will see practical examples of How Interception Works. We will also solve a CTF based on a realtime example using burpsuite. In Content Discovery, We will cover what is Project Discovery's Data set for subdomains and increase the scope for Bug Bounty Hunting. We will also see tools to scope expansion wherein we can identify mass subdomains are alive, dead based on status codes, Title, etc. In Google Hacking Database, We will cover what is GHDB, How you can hunt for sensitive files for a target, Also you will learn How to become the author of your own Google Dork In Shodan/Censys/Grey Noise, We will cover what is IOT Search Engines, How you can perform banner grabbing, and find out vulnerable and outdated servers running on the targets. We will also see how to use shodan search filters for better active enumeration. In Github Recon, We will cover what is Github Recon both Automated and Manual Way. We will uncover sensitive information from Github repositories that fall under Sensitive Data Exposure as a P1 severity bug. In the Anatomy of an HTTP Request, We will cover what is an HTTP Request, What are different Headers How do they work and its significance. With this course, you get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you as soon as possible. Notes: This course is created for educational purposes only and all the websites I have performed attacks are ethically reported and fixed. Testing any website which doesn’t have a Responsible Disclosure Policy is unethical and against the law, the author doesn’t hold any responsibility. Who this course is for: Anybody interested in learning website & web application hacking / penetration testing. Any Beginner who wants to start with Penetration Testing Any Beginner who wants to start with Bug Bounty Trainer who are willing to start teaching Pentesting Any Professional who working in Cyber Security and Pentesting Developers who wants to fix vulnerabilities and build secure applications [Hidden Content] [Hidden Content]
  14. massExploitConsole a collection of tools with a cli ui Disclaimer Please use this tool only on authorized systems, I’m not responsible for any damage caused by users who ignore my warning I do not own the code of adapted exploits or tools exploits are adapted from other sources, please refer to their author info Please note, due to my limited programming experience (it’s my first Python project), you can expect some silly bugs Feature an easy-to-use cli ui execute any adpated exploits with process-level concurrency some built-in exploits (automated) hide your ip addr using proxychains4 and ss-proxy (built-in) zoomeye host scan (10 threads) google page crawler with gecko and Firefox (not fully working) a simple Baidu crawler (multi-threaded) censys host scan Changelog v2.3.3 proxy_pool fix [hide][Hidden Content]]
  15. Linux evil toolkit is a framework that aims to centralize, standardize, and simplify the use of various security tools for pentest professionals. LETK has few simple commands, one of which is the INIT that allows you to define a target, and thus use all the tools without typing anything else. Is LETK better than setoolkit? Yes and no, there are two that serve the same thing and in a different way, the LETK and an automated attack information automation script. § 1 About use This script was made to automate the steps of gathering information about web targets, the misuse, and the responsibility of the user, to report bugs or make suggestions open a report on github. § 2 About simple_scan Automap was replaced by simple_scan, it is lighter and faster, in addition to being less detectable, now it has different modes of execution that make it possible from a quick and simple execution to more complex modes. § 3 About Console The output of the script can be extremely long, so see if your console, (gnome-terminal, cmd, konsole) is configured to display 1000 lines (I particularly recommend 10,000 lines), for professional purposes it allows the documentation, it records the commands, exits, and formats the text. Changelog v4.7.9 code review code style review update fakedump update Readme fixing many small bugs fixing dependencies update install-module. but not work [hide][Hidden Content]]
  16. Andriller CE (Community Edition) Andriller – is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications. Extraction and decoders produce reports in HTML and Excel formats. Features Automated data extraction and decodingThis feature allows importing individual App database files for automated parsing of the data. There are decoders mainly for Android and some for Apple iOS Apps. Once successfully decoded, reports will be shown on your web browser. Databases can be exported from mainstream forensic tools, such as XRY, UFED Cellebite, Oxygen Forensic, and imported into Andriller for individual decoding. The output from Andriller offers cleaner output data. Data extraction of non-rooted without devices by Android Backup (Android versions 4.x, varied/limited support) Data extraction with root permissions: root ADB daemon, CWM recovery mode, or SU binary (Superuser/SuperSU) Data parsing and decoding for Folder structure, Tarball files (from nanddroid backups), and Android Backup (backup.ab files)This will parse folder structures from Android filesystems and will produce Andriller style reports. These could be exports of the filesystem from raw image files, or from ‘adb pull /data’ extractions, or unpacked ‘.tar’ files content.Tarball Files This will parse and decode nanddroid backup files such as ‘data.tar’ (including concatenated files), and will produce Andriller style reports. Nanddroid tarball backups are usually produced by custom recoveries, such as ClockWorkMod and TWRP.Android Backup Files This will parse and decode ‘backup.ab’ files, and will produce Andriller style reports. Selection of individual database decoders for Android apps Decryption of encrypted WhatsApp archived databases (.crypt to .crypt12, must have the right key file) Lockscreen cracking for Pattern, PIN, Password (not gatekeeper) Unpacking the Android backup files Screen capture of a device’s display screen Changelog v3.5.2 Switched timeouts to wrapt_timeout_decorator to fix bug with Python 3.8 [hide][Hidden Content]]
  17. PHP Tools for Visual Studio Turn Visual Studio into a powerful PHP development environment [Hidden Content] [Hidden Content]
  18. El tema Malware es algo que no se ve mucho en los cursos de seguridad, si en los que yo realizo, es un tema interesante como mínimo; asi que podemos empezar un tema aquí, para Malware en Ciberseguridad y bueno, estaba buscando el conjunto de herramientas que vienen en Mooding tools, osea el sofware modding tools. Como considero que este es uno de los mejores foros, por no decir el mejor de los que regento, queria pediros por favor si podeis pasarme cierta herramienta, pues tengo todas las que tiene o digamos todas las que necesito para el método Hexing y mas, pues como sabeis la gran mayoria hay dos tipos de MODDING: Binario y Source; para los que no saben programar, (yo no soy programador) eso no quiere decir que no sepa de programación, simplemente no me puedo dedicar a todo, enseño a gente que son programadores, sobre temas de ciberseguridad, así que si podeis ayudarme, como siempre lo a habeis hecho os lo agradecería, he mirado por encima y no la encuentro y me parece muy raro, pues es una herramienta muy buena. Gracias, un saludo a [email protected]
  19. NUUBI is a Recon Tools, Scanners, and tools for penetration testing. Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned. So it is an Incredible fast recon tool for penetration tester which is specially designed for the Reconnaissance phase. Features: Infromation Modules : Banner grabing Subnetlookup Cms detect Certificate Transparency log monitor Dnslookup Extract links GeoIP lookup Httpheaders Nmapscan Subdomain lookup Traceroute Find hosts sharing DNS servers URL and website scanner for potentially malicious websites Github username Whois Crawler Reverse ip Reverse DNS Zonetransfer Nping test Ping Response Check an Autonomous System Number (ASN) Cloudflare Cookie Scraper [hide][Hidden Content]]
  20. PwnFox PwnFox is a Firefox/Burp extension that provides usefull tools for your security audit. If you are a chrome user you can check [Hidden Content]. Single click BurpProxy Connect to Burp with a simple click, this will probably remove the need for other add-ons like foxyProxy. However, if you need the extra features provided by foxyProxy you can leave this unchecked. Containers Profiles PwnFox gives you fast access to Firefox containers. This allows you to have multiple identities in the same browser. When PwnFox and the Add container header option are enabled, PwnFox will automatically add an X-PwnFox-Color header to highlight the query in Burp. PwnFoxBurp will automatically highlight and strip the header, but you can also specify your own behavior with addons like logger++. Security header remover Sometimes it’s easier to work with the security header disabled. You can now do it with a single button press. Don’t forget to reenable them before testing your final payload. Headers stripped: Content-Security-Policy X-XSS-Protection X-Frame-Options X-Content-Type-Options [hide][Hidden Content]]
  21. Pipe different tools with google dork Scanner [hide][Hidden Content]]
  22. Some Pentest Tools. Install and keep up to date some pentesting tools. I used this to pass my OSCP exam. Why I was looking for a way to manage and keep up to date some tools that are not include in Kali-Linux. For exemple, I was looking for an easy way to manage privilege escalation scripts. One day I saw sec-tools from eugenekolo (which you can see at the bottom of the page) and it gave me the motivation to start working on mine right away. But keep in mind that is different. I built this for people that are working with Kali. Should work on others distro but I didn't include tool like Burp Suite or SQLmap because it comes in Kali by default. [hide][Hidden Content]]
  23. r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command line hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, … radare2 is portable. The main tool of the whole framework. It uses the core of the hexadecimal editor and debugger. radare2 allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on. It implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, and visualizing. It can be scripted with a variety of languages, including Python, Ruby, JavaScript, Lua, and Perl. Architectures: 6502, 8051, CRIS, H8/300, LH5801, T8200, arc, arm, avr, bf, blackfin, xap, dalvik, dcpu16, gameboy, i386, i4004, i8080, m68k, malbolge, mips, msil, msp430, nios II, powerpc, rar, sh, snes, sparc, tms320 (c54x c55x c55+), V810, x86-64, zimg, risc-v. File Formats: ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems. Operating Systems: Windows (since XP), GNU/Linux, OS X, [Net|Free|Open]BSD, Android, iOS, OSX, QNX, Solaris, Haiku, FirefoxOS Bindings: Vala/Genie, Python (2, 3), NodeJS, Lua, Go, Perl, Guile, php5, newlisp, Ruby, Java, OCaml, … radare2 v4.6 has been released. [hide][Hidden Content]]
  24. Coding With Python: The Essential Course To Master In A Smart Way Software Concepts, Tools English | 2020 | ASIN: B08DVC7SZX | 83 Pages | PDF/AZW3/KINDLE | 8.11 MB Do you want to learn the basics concepts of Phyton coding? Do you want to know more about Phyton and make things work in no time? Then this book is for you! The first thing we need to look at here is the keywords. These seem pretty straightforward, but it is so important to understand that they tell the compiler how it needs to act and behave with the projects that you are doing. These keywords are ones that are reserved to tell the compiler what it needs to do. Since they are reserved, the computer programmer needs to remember to use them properly so that the compiler can take that command and get things done. You need only to use them in the specified parts of the code, or it leads to error messages and other problems. If you properly use them, the compiler will be given command of what you want it to do, and it can then execute the code in the right way. These words are essential to the whole code and learning what they are is going to make code writing more comfortable as well. You will be able to notice a lot of these keywords as we progress through this guidebook and write some of our codes. [hide][Hidden Content]]
  25. Introduction Pixload is an advanced set of tools that allows you to hide payloads within image files by either creating or injecting the intended payload into the desired image. Pixload: Image Payload Creating & Injecting Tools This set of tools has the ability to give you an access to some sophisticated hacking functions. Through it, you can create Polyglot files that can be used to sidestep the standard CSP security procedures by injecting the necessary attack scripts into a given image file. Polyglot files can be very effective when exploiting browsers such as Firefox, IE11, Edge, and Safari. One of the advantages of this type of exploit is that it can allow you to deploy attack files in the form of JavaScript or image files. The payloads which have been deployed can also be easily extracted without applying any external script during an attack. With Pixload you can also be able to exploit server-side misconfigurations by scripting malicious codes into the available system files.Through GD file manipulation PHP shells can be restructured in the form of PNG and IDAT chunks. Features: Bypassing CSP using polyglot JPEGs Encoding Web Shells in PNG IDAT chunks Hidden malvertising attacks (with Polyglot images) XSS payload revisiting (in PNG and IDAT chunks) XSS Facebook upload (Wonky and PNG content) [hide][Hidden Content]]