Search the Community

Showing results for tags 'using'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 43 results

  1. watermark_disabler Disabling "Activate Windows" watermark made simple, the code in this repository is a PoC, and has not been tested above Windows 10 1803. How does this work? The function responsible for drawing whole desktop including the watermark is xxxDesktopPaintCallback located in win32kfull.sys. Both of the approaches used by this project were found while analyzing functions further down in the callstack. [hide][Hidden Content]]
  2. [Hidden Content]
  3. HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV. Features SSL Proxy Aware Upload Function Download Function Error Control AMSI bypass Multiple sessions [only server-multisession.py] Autocomplete PowerShell functions (optional) [only server.py] [hide][Hidden Content]]
  4. cross-platform backdoor using dns txt records What is ddor? ddor is a cross-platform lightweight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both Linux and Windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [hide][Hidden Content]]
  5. THINGS YOU CAN DO USING METASPOLIT FRAMEWORK 1. Pre-engagement interactions: This step defines all the pre-engagement activities and scope definitions, basically everything you need to discuss with the client before the testing starts. 2. Intelligence gathering: This phase is all about collecting information about the target under test, by connecting to the target directly or passively, without connecting to the target at all. 3. Threat modeling: This phase involves matching the information uncovered to the assets to find the areas with the highest threat level. 4. Vulnerability analysis: This involves finding and identifying known and unknown vulnerabilities and validating them. 5. Exploitation: This phase works on taking advantage of the vulnerabilities discovered in the previous phase. This typically means that we are trying to gain access to the target. 6. Post-exploitation: The actual tasks to perform at the target, which involve downloading a file, shutting a system down, creating a new user account on the target, and so on, are parts of this phase. This phase describes what you need to do after exploitation. 7. Reporting: This phase includes summing up the results of the test in a file and the possible suggestions and recommendations to fix the current weaknesses in the target.
  6. DiscoRape is a selfbot for Discord written in python3.8 The original repository I forked this from can be found here made by EC-discord [hide][Hidden Content]]
  7. dEEpEst

    Using Encryption Via SSL

    Using Encryption Via SSL ━━━━━━━━━━━━━ Most legitimate websites use what is called “secure sockets layer” (SSL), which is a form of encrypting data when it is being sent to and from a website. This keeps attackers from accessing that data while it is in transit. Look for the padlock icon in the URL bar, and the “s” in the “[Hidden Content] to make sure you are conducting secure, encrypted transactions online. It’s a good idea to access sites using SSL when: You store or send sensitive data online. If you use the internet to carry out tasks such as filing your taxes, making purchases, renewing your driver’s license, or conducting any other personal business, visiting sites using SSL is a good idea. Your work requires it. Your workplace may have encryption protocols, or it may be subject to regulations that require encryption. In these cases, encryption is a must.
  8. EvilApp - Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA) Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated instagram sessions. [HIDE][Hidden Content]]
  9. Hey guys, long time. Was an official here a while back but life got plans and i ended up getting occupied with it. so was asking a question, is there anyone who can offer links to helpful sites or even a project source for this question? I need to write a loader that loads a linux exe and executes it.It should use a hexdump software as well as mmap for allocating memory. Any help will be greately appreciated. Thanks. Big hello to Top10, Jok3rjok3r and caballo/d33p3st from the times back
  10. OWASP D4N155 OWASP Tool Project D4N155The project uses OSINT for a dynamic and smart attack of brute force, using a complex operation and get the word list using expressions find. KEY FEATURES Make smart wordlist based from page content Make smart wordlist based from specific url content Make smart wordlist based from past content FREE SOFTWARE IN LICENSE(GPL V3) AND IN ESSENCE Automatic Report Feature with two options: HTML Where it generates a dynamic graphic for quick visualization PDF People with bad intentions dedicate a long part of their time to read profiles, posts analyzing then, observing reactions with in order to obtain the maximum information about their targets in order to make their list (of passwords) and the door for the attack. Even if you do not have specific knowledge, so you may be using this tool will help you get a sense of how vulnerable you are and consequently take action and prevent a possible attack. Besides this it’s a friendly tool for a pentester with the features of automatics reports the professional can save time, writing extensive reports with pages of print screens, technician reports, and transcription of procedures this tool can make a half of a job for him. Changelog v1.3 Update getrails for 3.0 Add new function for GoMutation compilation Removing groff report Fixing $end for correct and incorrect var Fixing msg, colors and replace GoMutation with generator.py Fix output kill for progressbar Replacing GoMutation with generator.py [HIDE][Hidden Content]]
  11. Hi all, I was reading RFCs and am now wondering how to use the '*' wildcard char to send emails to all the users mailboxes of a given server with the IP I use IPs instead of domain names for efficiency and the domain name gets translated to IP anyways using DSN and the IP approche lets me get exhaustive list of IPs. Or coarse there are reserved/excluded IPs such as 127.0.0.1 (loopback). For example mail *@1.0.0.1 < email.txt => sends email.txt to all users of [Hidden Content] this approche has several advantages, first its exhaustive. don't need to input all domain names, second you don't get "mail undelivered" email messages bouncing back to mailbox for non existing users. third for stealth (using Tor or coarse) make you email untracable. The only thing the receiving end user sees is "*@*" in "From:" I have tried different approches for *@1.0.0.1 but the command fails even when using mutt, pine, etc any ideas ? thank's
  12. [Hidden Content]
  13. How to become Anonymous using Proxychains and Tor [Hidden Content]
  14. This tool is a bruter tool that is meant to crack any email password using Brute-Force and Dictionary method supported by HTTP Proxies. This tool is a bruter tool that is meant to crack email password. This tool is meant for research purposes only and any malicious usage of this tool is prohibited. Short Description What is LazyBruter? LazyBruter is one of its first-kind Email Bruteforcer. Using only 2 threads, LazyBruter can bruteforce passwords 200% faster than any ordinary bruter, thanks to its 2-inverted-threads. Version This is the Beta version of LazyBruter (v1.2), but we are improving day by day. Features LazyBruters can provide different features (for more information click here) Full support of PHP vulnerable websites It is possible to provide a single target URL, get the list of targets from Burp proxy or WebScrab proxy requests log files, get the whole HTTP request from a text file or get the list of targets. Tests provided GET parameters, POST parameters, HTTP proxies. 2-inverted-threads Algorithm This algorithm excecutes 2x faster, which means passwords are crackable 2x faster than any ordinary bruter. [HIDE][Hidden Content]]
  15. Deep Exploit Fully automatic penetration test tool using Machine Learning. Deep Exploit is fully automated penetration tool linked with Metasploit. Deep Exploit has two exploitation modes. Intelligence mode Deep Exploit identifies the status of all opened ports on the target server and executes the exploit at pinpoint based on past experience (trained result). Brute force mode Deep Exploit executes exploits using all combinations of “exploit module”, “target” and “payload” corresponding to a user’s indicated product name and port number. Deep Exploit’s key features are following. Efficiently execute exploit. If “intelligence mode”, Deep Exploit can execute exploits at pinpoint (minimum 1 attempt). If “Brute force mode”, Deep Exploit can execute exploits thoroughly corresponding to user’s indicated product name and port number. Deep penetration. If Deep Exploit succeeds the exploit to the target server, it further executes the exploit to other internal servers. Operation is very easy. Your only operation is to input one command. It is very easy!! Self-learning. Deep Exploit doesn’t need the “learning data”. Deep Exploit can learn how to method of exploitation by itself (uses reinforcement learning). Learning time is very fast. Deep Exploit uses distributed learning by multi-agents. So, we adopted an advanced machine learning model called A3C. Current Deep Exploit’s version is a beta. But, it can automatically execute following actions: Intelligence gathering. Threat Modeling. Vulnerability analysis. Exploitation. Post-Exploitation. Reporting. [HIDE][Hidden Content]]
  16. Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [HIDE][Hidden Content]]
  17. Complete Kali Linux Tutorial,Complete penetration testing training,Learn Hacking Created by Vishal Patel English What Will I Learn? Footprinting,Scanning,Enumeration,System Hacking,Trojan and Backdoors,Viruses and worms,Denial-of-service,Sniffing,Session Hijacking,Wireless Hacking,Firewall,IDS,Honeypots,Buffer Overflows,Penetration Testing,Cryptography Requirements Basic IT Skill Internet Users You will gain a comprehensive understanding of vulnerability assessment and the tools used in this process. What kind of security measures do you take to protect your facilities, equipment, resources, personnel, and property from damage caused by unauthorized access? In this course, Physical Security, these are questions that we will be answering. Footprinting is the gathering of information related to a particular computer and its users and systems. Reconnaissance is an exploration that is conducted to gain information. Network scanning is the scanning of public or private networks to find out which systems are running, their IP addresses, and which services they are running. In Port Scanning, you will learn how ports can be scanned, how a hacker can break into your network through the ports, and the countermeasures you can take to protect your device or network. Banner grabbing is a technique used to grab information about computer systems on a network and the services running its open ports. In this course you will be introduced to enumeration and the many different uses it has in computer systems. This course will include demos on the different tools and uses of enumeration. In this course you will be learning the fundamentals of Linux. We will be pairing this course with demos with a more in-depth look into some of the fundamentals and tools of Linux. Pentesting is an attack on a system in hopes of finding security weaknesses. In the course Configuring Linux for Pentesting, you will be learning the steps to configure Linux for pentesting and tools used for pentesting on a Linux system. Whenever we login to a computer system, we provide information to identify ourselves. We refer to this as authentication. Ensure that you know everything involved in securing a Windows system against attack. During this course you’ll get into Windows passwords — how they’re created, how they’re stored, and different methods used to crack them. You will take a good look at spyware, the activities it performs, different types of spyware, and the countermeasures needed in order to prevent hackers from utilizing these types of techniques against your company. You will also spend time studying different types of keyloggers. There are three different types of keyloggers that we see used in today’s environments: hardware, software, and kernel/driver keyloggers. Covering Tracks will be going over various ways that attackers have at their disposal to cover any tracks that may lead to their unwanted eviction, or worse yet, to an audit trail that would lead directly back to them. Trojans and Backdoors is the course where our software is going to be going undercover. You will discover what viruses and worms are and how they can infect computers and systems. Sniffers is our course where we take a look at Network Sniffing. Social engineering is the art of extorting employees for information. Become familiar with the following concepts: denial-of-service, distributed denial-of-service, and how the denial-of-service and distributed denial-of-service attacks take place. In the course Session Hijacking, you will learn details about session hijacking, well-known techniques employed by aggressors, the steps involved in session hijacking, various types of session hijacking, tools for hijacking sessions, ways you can protect yourselves from session hijacking, and how pentesting can be used to identify vulnerabilities. Hacking Web and Application Servers, is a course that will give you a good idea about vulnerabilities and attacks available for web servers and web applications. In our course our course Advanced Exploitation Techniques, you will learn what advanced exploitation techniques are and how you can use them in your penetration testing. Who is the target audience? Anyone want to learn how to hack IT Professionals Engineers IT Students Computer Known Network Engineers Internet Users Size: 2.34 GB [torrent file] [HIDE][Hidden Content]]
  18. Lo que aprenderás 45+ Lectures to teach you how to use your android device to hack into other computers & networks Root and unlock your Android device (For nexus devices only) Spy on computers wirelessly (ARP Spoofing) or by connecting to them using the USB cable (BadUSB Attack) Gain full control over Windows/OSX/Linux devices as soon as you connect your Android device to them Bypass OSX/Windows login screens Create a fake access point with internet connection & spy on clients Install NetHunter on your Android Device (For nexus devices only) Gain full control over any computer in the same network using a number of methdos Install other apps needed for penetration testing Install Kali Linux as a virtual machine inside windows or OSX Discover all wifi networks around you and gather information about them Prepare your Android device to be used to crack Wi-Fi passwords (WEP/WPA/WPA2) Discover devices in the same network & their OS, open ports, running services ...etc Carry out a number of man-in-the-middle attacks Analyse packet files using Wireshark Setup your android device to execute OS commands as soon as connected to a target computer Combine a number of methods to represent real life senarios Secure yourself against the discussed attacks [Hidden Content] [HIDE][Hidden Content]]
  19. Ghostfuscator Obfuscate python scripts making them password-protected using AES Encryption Usage Just execute the script, and follow the menu. Info Once an script is obfuscated, when running it a password asking prompt will appear, after submiting the correct password, the script will execute decrypting it's decrypted content in the memory [HIDE][Hidden Content]]
  20. Using open Adb ports we can exploit an Andriod device. you can find open ports here [Hidden Content] To find out how to access a local device --> [Hidden Content] Recent News (New Update v.1.2) Port Forwarding NetStat Grab wpa_supplicant Turn WiFi On/Off Show Mac/Inet Remove Password Extract apk from app Use Keycode Get Battery Status Get Current Activity [Hidden Content]
  21. OnePlus 7 Pro Fingerprint Scanner Hacked In a Minutes Using a Fake Fingerprint [Hidden Content]