Search the Community

Showing results for tags 'using'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 50 results

  1. Grawler is the best tool ever, made for automating google dorks it’s a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file, version 1.0 is the more powerful than ever supporting multiple proxies. ( Read in features ) Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yet powerful tool that can be used by anyone, the thing that makes Grawler different in its category is its features. Features The biggest issue faced by tools that automate google dorks is CAPTCHA, but with Grawler, CAPTCHA is not an issue anymore, Grawler comes with a proxy feature that supports three different proxies. Supported Proxies ( The mentioned proxies need you to signup and get the API key, without any credit card information and give you around one thousand free API calls each ) ScraperAPI Scrapingdog Zenscrape Grawler now supports two different modes. Automatic Mode: Automatic mode now comes with many different dork files and supports multiple proxies to deliver a smooth experience. Manual Mode: The manual mode has become more powerful with the Depth feature, now you can select the number of pages you want to scrape results from, proxy feature is also supported by manual mode. Dorks are now categorized in the following categories: Error Messages Extension Java JavaScript Login Panels .Net PHP SQL Injection (7 different files with different dorks) My_dorks file for users to add their own dorks. API keys for proxies are first validated and added to the file. Manual mode allows users to go up to depth 4, but I’d recommend using depth 2 or 3 because the best results are usually on the initial pages. Grawler comes with its own guide to learn google dorks. The results are stored in a file ( filename needs to be specified with txt extension ). URL scraping is better than ever with no garbage URL’s at all. Grawler supports three different search engines are supported (Bing, Google, Yahoo), so if one blocks you another one is available. Multiple proxies with multiple search engines deliver the best experience ever. [hide][Hidden Content]]
  2. In this video we're going to review the widely used tool: OllyDbg. Ollydbg is a tool for debugging used for binary code analysis. It converts the binary language to an assembly language. Assembly language is an ISA (Instruction Set Architecture) based low level language which is user friendly and has an efficient code. It is an application to figure out the bugs in a program, troubleshoot it and run specific parts of it and see how it works. We talk about Pros and Cons of OllyDbg, how to install it and it's uses. [hide][Hidden Content]]
  3. Using Go to implement CobaltStrike’s Beacon This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY [hide][Hidden Content]]
  4. ETHICAL HACKING USING ANDROID DEVICE In This Course You Get Some Videos Tutorials For Learning Hacking Using Android Devices LINK - [Hidden Content]
  5. What you'll learn Get to know the key features of Wireshark Recognize the essential components of network communication Explore the different methods of setting up a packet capture Analyze packets using the Wireshark tool Analyze client to server communication with Wireshark Examine network traffic and identify potentially malicious traffic Examine the data within the network and how it shows up in Wireshark Requirements This course is for you if you have a basic understanding of the command line and general knowledge of what an IP address is and TCP/IP. You should also know about the 7 layers of OSI model. Description This course will cover the process for conducting protocol analysis. This will serve as a foundation for the skill required for a number of different types of careers. Protocol analysis is the technique of analyzing what is or has taken place on a network. This is used by Security Operations Center analysts as well as network forensics investigators. We will take static capture files that you will be provided and show you how to analyze them within the Wireshark tool. You will learn ways to quickly identify anything that is abnormal within a network packet capture. This will provide you with the initial skills for intrusion analysis, and also malware tracking and monitoring. -The course prepares the student for understanding network protocol analysis -After the course you will have the initial skills for security or hacking classes - Anyone who wants to understand the foundation of security skills and have knowledge for analyzing network traffic as well as potential intrusions will benefit from this course. - This course is for beginners or people interested in learning about hacking and don't know where to start. [Hidden Content] [hide][Hidden Content]]
  6. A php curl based twitter tweets scraper API developed by Tufayel Ahmed Purpose This API was built for those who wants to collect tweets programmatically from profiles or those who wants to delete their twitter account but wants to backup their tweets. Some Helpful Information There are 20 tweets returned per each request made. Twitter has rate limiting feature, so don't plan to go mad. I am not hosting this API just to play safe. To bypass rate limit, implement rotating proxies if you plan to use it in production level. [hide][Hidden Content]]
  7. watermark_disabler Disabling "Activate Windows" watermark made simple, the code in this repository is a PoC, and has not been tested above Windows 10 1803. How does this work? The function responsible for drawing whole desktop including the watermark is xxxDesktopPaintCallback located in win32kfull.sys. Both of the approaches used by this project were found while analyzing functions further down in the callstack. [hide][Hidden Content]]
  8. [Hidden Content]
  9. HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV. Features SSL Proxy Aware Upload Function Download Function Error Control AMSI bypass Multiple sessions [only server-multisession.py] Autocomplete PowerShell functions (optional) [only server.py] [hide][Hidden Content]]
  10. cross-platform backdoor using dns txt records What is ddor? ddor is a cross-platform lightweight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both Linux and Windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [hide][Hidden Content]]
  11. THINGS YOU CAN DO USING METASPOLIT FRAMEWORK 1. Pre-engagement interactions: This step defines all the pre-engagement activities and scope definitions, basically everything you need to discuss with the client before the testing starts. 2. Intelligence gathering: This phase is all about collecting information about the target under test, by connecting to the target directly or passively, without connecting to the target at all. 3. Threat modeling: This phase involves matching the information uncovered to the assets to find the areas with the highest threat level. 4. Vulnerability analysis: This involves finding and identifying known and unknown vulnerabilities and validating them. 5. Exploitation: This phase works on taking advantage of the vulnerabilities discovered in the previous phase. This typically means that we are trying to gain access to the target. 6. Post-exploitation: The actual tasks to perform at the target, which involve downloading a file, shutting a system down, creating a new user account on the target, and so on, are parts of this phase. This phase describes what you need to do after exploitation. 7. Reporting: This phase includes summing up the results of the test in a file and the possible suggestions and recommendations to fix the current weaknesses in the target.
  12. DiscoRape is a selfbot for Discord written in python3.8 The original repository I forked this from can be found here made by EC-discord [hide][Hidden Content]]
  13. dEEpEst

    Using Encryption Via SSL

    Using Encryption Via SSL ━━━━━━━━━━━━━ Most legitimate websites use what is called “secure sockets layer” (SSL), which is a form of encrypting data when it is being sent to and from a website. This keeps attackers from accessing that data while it is in transit. Look for the padlock icon in the URL bar, and the “s” in the “[Hidden Content] to make sure you are conducting secure, encrypted transactions online. It’s a good idea to access sites using SSL when: You store or send sensitive data online. If you use the internet to carry out tasks such as filing your taxes, making purchases, renewing your driver’s license, or conducting any other personal business, visiting sites using SSL is a good idea. Your work requires it. Your workplace may have encryption protocols, or it may be subject to regulations that require encryption. In these cases, encryption is a must.
  14. EvilApp - Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA) Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated instagram sessions. [HIDE][Hidden Content]]
  15. Hey guys, long time. Was an official here a while back but life got plans and i ended up getting occupied with it. so was asking a question, is there anyone who can offer links to helpful sites or even a project source for this question? I need to write a loader that loads a linux exe and executes it.It should use a hexdump software as well as mmap for allocating memory. Any help will be greately appreciated. Thanks. Big hello to Top10, Jok3rjok3r and caballo/d33p3st from the times back
  16. OWASP D4N155 OWASP Tool Project D4N155The project uses OSINT for a dynamic and smart attack of brute force, using a complex operation and get the word list using expressions find. KEY FEATURES Make smart wordlist based from page content Make smart wordlist based from specific url content Make smart wordlist based from past content FREE SOFTWARE IN LICENSE(GPL V3) AND IN ESSENCE Automatic Report Feature with two options: HTML Where it generates a dynamic graphic for quick visualization PDF People with bad intentions dedicate a long part of their time to read profiles, posts analyzing then, observing reactions with in order to obtain the maximum information about their targets in order to make their list (of passwords) and the door for the attack. Even if you do not have specific knowledge, so you may be using this tool will help you get a sense of how vulnerable you are and consequently take action and prevent a possible attack. Besides this it’s a friendly tool for a pentester with the features of automatics reports the professional can save time, writing extensive reports with pages of print screens, technician reports, and transcription of procedures this tool can make a half of a job for him. Changelog v1.3 Update getrails for 3.0 Add new function for GoMutation compilation Removing groff report Fixing $end for correct and incorrect var Fixing msg, colors and replace GoMutation with generator.py Fix output kill for progressbar Replacing GoMutation with generator.py [HIDE][Hidden Content]]
  17. Hi all, I was reading RFCs and am now wondering how to use the '*' wildcard char to send emails to all the users mailboxes of a given server with the IP I use IPs instead of domain names for efficiency and the domain name gets translated to IP anyways using DSN and the IP approche lets me get exhaustive list of IPs. Or coarse there are reserved/excluded IPs such as 127.0.0.1 (loopback). For example mail *@1.0.0.1 < email.txt => sends email.txt to all users of [Hidden Content] this approche has several advantages, first its exhaustive. don't need to input all domain names, second you don't get "mail undelivered" email messages bouncing back to mailbox for non existing users. third for stealth (using Tor or coarse) make you email untracable. The only thing the receiving end user sees is "*@*" in "From:" I have tried different approches for *@1.0.0.1 but the command fails even when using mutt, pine, etc any ideas ? thank's
  18. [Hidden Content]
  19. How to become Anonymous using Proxychains and Tor [Hidden Content]
  20. This tool is a bruter tool that is meant to crack any email password using Brute-Force and Dictionary method supported by HTTP Proxies. This tool is a bruter tool that is meant to crack email password. This tool is meant for research purposes only and any malicious usage of this tool is prohibited. Short Description What is LazyBruter? LazyBruter is one of its first-kind Email Bruteforcer. Using only 2 threads, LazyBruter can bruteforce passwords 200% faster than any ordinary bruter, thanks to its 2-inverted-threads. Version This is the Beta version of LazyBruter (v1.2), but we are improving day by day. Features LazyBruters can provide different features (for more information click here) Full support of PHP vulnerable websites It is possible to provide a single target URL, get the list of targets from Burp proxy or WebScrab proxy requests log files, get the whole HTTP request from a text file or get the list of targets. Tests provided GET parameters, POST parameters, HTTP proxies. 2-inverted-threads Algorithm This algorithm excecutes 2x faster, which means passwords are crackable 2x faster than any ordinary bruter. [HIDE][Hidden Content]]
  21. Deep Exploit Fully automatic penetration test tool using Machine Learning. Deep Exploit is fully automated penetration tool linked with Metasploit. Deep Exploit has two exploitation modes. Intelligence mode Deep Exploit identifies the status of all opened ports on the target server and executes the exploit at pinpoint based on past experience (trained result). Brute force mode Deep Exploit executes exploits using all combinations of “exploit module”, “target” and “payload” corresponding to a user’s indicated product name and port number. Deep Exploit’s key features are following. Efficiently execute exploit. If “intelligence mode”, Deep Exploit can execute exploits at pinpoint (minimum 1 attempt). If “Brute force mode”, Deep Exploit can execute exploits thoroughly corresponding to user’s indicated product name and port number. Deep penetration. If Deep Exploit succeeds the exploit to the target server, it further executes the exploit to other internal servers. Operation is very easy. Your only operation is to input one command. It is very easy!! Self-learning. Deep Exploit doesn’t need the “learning data”. Deep Exploit can learn how to method of exploitation by itself (uses reinforcement learning). Learning time is very fast. Deep Exploit uses distributed learning by multi-agents. So, we adopted an advanced machine learning model called A3C. Current Deep Exploit’s version is a beta. But, it can automatically execute following actions: Intelligence gathering. Threat Modeling. Vulnerability analysis. Exploitation. Post-Exploitation. Reporting. [HIDE][Hidden Content]]
  22. Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [HIDE][Hidden Content]]
  23. Complete Kali Linux Tutorial,Complete penetration testing training,Learn Hacking Created by Vishal Patel English What Will I Learn? Footprinting,Scanning,Enumeration,System Hacking,Trojan and Backdoors,Viruses and worms,Denial-of-service,Sniffing,Session Hijacking,Wireless Hacking,Firewall,IDS,Honeypots,Buffer Overflows,Penetration Testing,Cryptography Requirements Basic IT Skill Internet Users You will gain a comprehensive understanding of vulnerability assessment and the tools used in this process. What kind of security measures do you take to protect your facilities, equipment, resources, personnel, and property from damage caused by unauthorized access? In this course, Physical Security, these are questions that we will be answering. Footprinting is the gathering of information related to a particular computer and its users and systems. Reconnaissance is an exploration that is conducted to gain information. Network scanning is the scanning of public or private networks to find out which systems are running, their IP addresses, and which services they are running. In Port Scanning, you will learn how ports can be scanned, how a hacker can break into your network through the ports, and the countermeasures you can take to protect your device or network. Banner grabbing is a technique used to grab information about computer systems on a network and the services running its open ports. In this course you will be introduced to enumeration and the many different uses it has in computer systems. This course will include demos on the different tools and uses of enumeration. In this course you will be learning the fundamentals of Linux. We will be pairing this course with demos with a more in-depth look into some of the fundamentals and tools of Linux. Pentesting is an attack on a system in hopes of finding security weaknesses. In the course Configuring Linux for Pentesting, you will be learning the steps to configure Linux for pentesting and tools used for pentesting on a Linux system. Whenever we login to a computer system, we provide information to identify ourselves. We refer to this as authentication. Ensure that you know everything involved in securing a Windows system against attack. During this course you’ll get into Windows passwords — how they’re created, how they’re stored, and different methods used to crack them. You will take a good look at spyware, the activities it performs, different types of spyware, and the countermeasures needed in order to prevent hackers from utilizing these types of techniques against your company. You will also spend time studying different types of keyloggers. There are three different types of keyloggers that we see used in today’s environments: hardware, software, and kernel/driver keyloggers. Covering Tracks will be going over various ways that attackers have at their disposal to cover any tracks that may lead to their unwanted eviction, or worse yet, to an audit trail that would lead directly back to them. Trojans and Backdoors is the course where our software is going to be going undercover. You will discover what viruses and worms are and how they can infect computers and systems. Sniffers is our course where we take a look at Network Sniffing. Social engineering is the art of extorting employees for information. Become familiar with the following concepts: denial-of-service, distributed denial-of-service, and how the denial-of-service and distributed denial-of-service attacks take place. In the course Session Hijacking, you will learn details about session hijacking, well-known techniques employed by aggressors, the steps involved in session hijacking, various types of session hijacking, tools for hijacking sessions, ways you can protect yourselves from session hijacking, and how pentesting can be used to identify vulnerabilities. Hacking Web and Application Servers, is a course that will give you a good idea about vulnerabilities and attacks available for web servers and web applications. In our course our course Advanced Exploitation Techniques, you will learn what advanced exploitation techniques are and how you can use them in your penetration testing. Who is the target audience? Anyone want to learn how to hack IT Professionals Engineers IT Students Computer Known Network Engineers Internet Users Size: 2.34 GB [torrent file] [HIDE][Hidden Content]]