Search the Community

Showing results for tags 'using'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 68 results

  1. Tool To Be Used: Harvester Today we will learn about Information Gathering using theHarvester in Kali Linux. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client. TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server. This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use. The sources supported are: Google – emails, subdomains Google profiles – Employee names Bing search – emails, subdomains/hostnames, virtual hosts Pgp servers – emails, subdomains/hostnames LinkedIn – Employee names Exalead – emails, subdomain/hostnames New features: Time delays between requests XML results export Search a domain in all sources Virtual host verifier Let’s get started, If you are using Kali Linux, open the terminal and type theharvester If not then it can be easily downloaded from here: [Hidden Content] Simply Download and extract it Provide execute permission to: theHarvester.py by [chmod 755 theHavester.py] Then simply run ./theharvester You will see similar to this: Here I am using kali linux. Tutorial: [Hidden Content]
  2. HostHunter A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilizes simple OSINT techniques. It generates a CSV file containing the results of the reconnaissance. Features Works with Python3 Extracts information from SSL/TLS certificates. Supports Free HackerTarget API requests. Takes Screenshots of the target applications. Validates the targets IPv4 address. Supports .txt and .csv output file formats Gathers information from HTTP headers. Verifies Internet access. Retrieves hostname values from services at 21/tcp, 25/tcp, 80/tcp and 443/tcp ports. Supports Nessus target format output. Changelog v1.6 I’ve updated the code to avoid duplicates in the results along with some minor performance improvements. The screenshot-taking function was also adapted to work more reliably. The lastest chromedriver binaries are also included in the git. [hide][Hidden Content]]
  3. Features -> Create a hidden service -> Generate non-staged payload (python/meterpreter_reverse_http) -> Convert url using Tor2Web: a final extension .ws will be added, so url becomes available outside tor network -> Generate batch .rc file for msfconsole [hide][Hidden Content]]
  4. Fully functional ransomware that uses minimum resources to give maximum output TASK LIST Encrypt all files except system specific ones Encrytion must only be decrypted with a special key Send the credentials of the victim to the attacker via secure tunnel, preferably NGROK Pop up box should appear after encryption asking for ransom Create a server to retrieve information sent by the victim Add custom extension to encrypted files Generate an exe file to be sent to victims Graphical User Interface (Victim side) Graphical User Interface (Attacker side) Create Windows Defender bypass script [hide][Hidden Content]]
  5. Burp Automation Performing automated scan using Burp Suite Pro & Vmware Burp Rest API with Robot Framework using Python3. It can be also used in Jenkins to perform automated UI tests. This will initiate an automated spider and crawler by leveraging the power of the Burp Scanner along with the burp extender. Once the scan is complete the report is generated in HTML & CSV which is automatically uploaded in the GDrive What it does One-click run using bash installs all the dependencies with verbose prerequisites. Uses python3 and robot framework which is easy to automate. Uses Burp Suite Rest API and runs Burp Suite Professional (pre-activated) in the headless mode along with multiple Burp Suite extensions like additional-scanner-checks, BurpJSLinkFinder, and active-scan-plus-plus. Automatically performs pentest of API/Web endpoint including scope addition and deletion using robot script. Automatically upload reports in CSV & HTML into Google Drive in YYYY-MM-DD format. Slack integration for real-time alerts. [hide][Hidden Content]]
  6. Welcome to SQLIChecker.Its a bash and python tool that will autometic find you SQL injectable sites using google dorks.There is a huge list of dorks in Dorks.txt file you can use dorks from there but before using this tool you should be aware of some kinds of things. 1.You need a stable internet connection for using this tool. 2.When you are performing SQL Injectable attack and the site took too long respond please skip the site using ctrl+c after 10-15 seconds otherwise it will get an error. 3.If any error occurs withn operation please go to bin folder and delete both out.txt and result.txt before using this tool again. [hide][Hidden Content]]
  7. Create fake certs for binaries using windows binaries and the power of bat files Over the years, several cool tools have been released that are capeable of stealing or forging fake signatures for binary files. All of these tools however, have additional dependencies which require Go,python,... This repo gives you the opportunity of fake signing with 0 additional dependencies, all of the binaries used are part of Microsoft's own devkits. I took the liberty of writing a bat file to make things easy. So if you are lazy like me, just clone the git, run the bat, follow the instructions and enjoy your new fake signed binary. With some adjustments it could even be used to sign using valid certs as well ¯\(ツ)/¯ [hide][Hidden Content]]
  8. Beaconator Beaconator is an aggressor script for Cobalt Strike used to generate a raw stageless shellcode and packing the generated shellcode using PEzor. Changelog v1.1 Fixed error check with the use of x86 arch & syscalls Fixed the “null value error” due to missing output folder Fixed issue with options persisting to subsequent payload generations Added PEzor’s BOF format Added the -cleanup option for BOFs Added the -sleep option Added more error checks Cleaned up the code [hide][Hidden Content]]
  9. What is DNSStager? DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting it into chunks and encoding the payload using different algorithms. It can generate a custom agent written in C or GoLang that will resolve a sequence of domains, retrieve the payload, decode it and finally inject it into the memory based on any technique you want. You can edit the code of the DNSStager agent as you wish, and build it using your own custom execution techniques. The main goal of using DNSStager is to help red teamers/pentesters to deliver their payloads in the stealthy channel using DNS. How does it work? Based on your DNS resolution option, DNSStager will split your payload into chunks and save each chunk of the payload as a response for a subdomain. For example, if you choose IPV6 as your option to retrieve the payload, the DNS response will be something like: cloud-srv-1.test.mydnsserver.live. 300 IN AAAA 5648:31d2:6548:8b52:6048:8b52:1848:8b52 Where 5648:31d2:6548:8b52:6048:8b52:1848:8b52 is a part of your payload? So, the agent will resolve some domains to retrieve the payload and then decode it and finally inject it into memory. Currently, DNSStager only supports two records, AAAA and TXT. You can encode your payload using XOR for the AAAA record and by default, it will be encoded as base64 if you choose TXT record. DNSStager key features: DNSStager has some key features such as: Hide and Resolve your payload in IPV6 records. Hide and Resolve your payload in TXT records. XOR encoder to encode your payload. Base64 encoder to encode your payload (only for TXT records). Pure agent wrote in C with the ability to customise it. Pure agent wrote in GoLang with the ability to customise it. The ability to use sleep between each DNS request. AND MUCH MORE TO COME! [hide][Hidden Content]]
  10. Description In this course I will walk you through, how you could build a full working python shell without using IP or PORT forwarding method. Hope you will find useful tips to think outside a box when you always try to build your own program. We use the Simple mail transfer protocol, instead of the SOCKET protocol. I was trying to navigate many of the course published on Udemy but didn’t find a course who use SMPT protocol more than in a keylogger apps. So in this course, I try to take this program to next level, and I build a full script that works even better than what we can build using the SOCKET protocol. Just to list some of them you don’t need to use the IP/Port forwarding method to make your program work outside the local area network. SO you could just use this type of shell outside your network as simple as it is. DISCLAIMER this course is for educational purposes only. SMTP servers are complicated, and if you’re just dipping your toe into the how-email-gets-sent world, it’s easy to feel overwhelmed. To help you navigate your email sending, we’ve put together a list of the most common SMTP server questions we receive, so you’ll be an SMTP expert in no time. What is an SMTP server? An SMTP (Simple Mail Transfer Protocol) server is an application that’s primary purpose is to send, receive, and/or relay outgoing mail between email senders and receivers. An SMTP server will have an address (or addresses) that can be set by the mail client or application that you are using. When you send an email, the SMTP server processes your email, decides which server to send the message to, and relays the message to that server. The recipient’s inbox service provider, such as Gmail or AOL then downloads the message and places it in the recipient’s inbox. You can find more details on SMTP servers on our docs page. Is an SMTP server the same as a normal server? Technically, yes. Like most servers, the SMTP server processes data to send to another server, but it has the very specific purpose of processing data related to the sending, receiving, and relaying of email. An SMTP server is also not necessarily on a machine. It is an application that is constantly running in anticipation of sending new mail. Why are SMTP servers important? Without an SMTP server, your email wouldn’t make it to its destination. Once you hit “send,” your email transforms into a string of code that is then sent to the SMTP server. The SMTP server is able to process that code and pass on the message. If the SMTP server wasn’t there to process the message, it would be lost in translation. Additionally, the SMTP server verifies that the outgoing email is from an active account, acting as the first safeguard in protecting your inbox from illegitimate email. It also will send the email back to the sender if it can’t be delivered. This informs the sender that they have the wrong email address or that their email is being blocked by the receiving server. If you’re looking for more information on SMTP, check out our post, SMTP Service Crash Course. Source (sendgrid/blog/what-is-an-smtp-server/) What we learn on this course? on this course we will build fully functional reverse shell, which could work outside your local area network. what makes this program different from others? on this course we build our reverse shell using SMTP protocol instead of using SOCAT protocol. 2w Who this course is for: Anyone who wants to learn about Ethical hacking and Python programming. What you’ll learn Create reverse shell which could work anywhere in the world WITHOUT using your public IP address or PORT forwarding method. [hide][Hidden Content]]
  11. Naikon APT Group is now using Nebulae Backdoor _________________________________ Hey Learners We Are Back with Another Awsm Things , And Sorry about discontinuing Consistency Of Articles Naikon , A cyberespionage group from China, has been actively employing a new backdoor for multiple cyberespionage operations targeting military organizations in Southeast Asia. The backdoor, identified as Nebulae, is used for gaining persistence on infected systems. What has been Discovered ? A Malicious Activity was conducted by Naikon APT between June 2019 and March 2021. At the beginning of its operation in 2019, the APT had used the Aria-Body loader and Nebulae as the first stage of the attack. Starting September 2020, the APT group included the RainyDay backdoor in its toolkit, while the attribution to Naikon is based on C2 servers and artifacts utilized in its attacks. The APT group now delivers RainyDay (aka FoundCore) as a first-stage payload to propagate second-stage malware and tools, including the Nebulae backdoor. What is Nebulae ? ☆It has the ability to collect LogicalDrive info, manipulate files and folders, download and upload files from and to the C2 server, and terminate/list/execute processes on infected devices. ☆In addition, the malware adds a registry key that automatically runs the malicious code on system reboots after login. It is used as a backup access point for the victim in case of an adverse scenario for actors. Conclusion : Naikon APT group has been running the operation silently for two years and has launched multiple cyberespionage operations. Moreover, the group has been active since 2010 and still poses a severe threat to several military organizations in Southeast Asia. Thus, security agencies and professionals need to keep a strict eye on this threat.
  12. GyoiThon is a growing penetration test tool using Machine Learning. It identifies the software installed on the web server (OS, Middleware, Framework, CMS, etc…) based on the learning data. After that, it executes valid exploits for the identified software using Metasploit. Finally, it generates reports of scan results. It executes the above processing automatically. [hide][Hidden Content]]
  13. WiFi Hacking using Evil Twin Attacks and Captive Portals Description In this course I will show you how to create the most common and effective evil twin attacks using captive portals. You'll learn how to perform evil twin attacks on targets using a wide variety of tools, and create a captive portal that effectively steals the login credentials. All the attacks in this course are highly practical and straight to the point. By the time you've completed this course, you will have the knowledge to create and customize your own evil twin attack for different scenarios. What you’ll learn Set Up an Access Point with a Captive Portal. Create a Fake Captive Portal and use it to Steal Login Information. Customizing the Captive Portal Page. How to Sniff and Inject Packets into a Wireless Network. Use Wireshark Filters to Inspect Packets. Perform an Evil Twin Attack with Airgeddon. Stealing Social Media Accounts using a Captive Portal. How to use Dns Spoofing and BeEF using WiFi Pumpkin. Stealing Login Credentials from a WPA Enterprise Network. Detect and Secure Your System from Evil Twin Attacks. Are there any course requirements or prerequisites? Computer with at least one wireless card to act as an access point. Desire to learn. Who this course is for: For everyone who wants to learn Wi-Fi Hacking using Evil Twin Attacks. [Hidden Content]
  14. Learn Step By Step How To Create Stunning Graphics Using Photoshop Quickly And Easily. What you'll learn How to get started with Photoshop. How to get use to the interface and configure your settings. How to create your first image and which features to select when doing it. How to work with the settings when editing images. How to quickly and easily enhance an image. How to generate images with multiple extension. How to use the configuration settings and be creative. Requirements Any version of Adobe Photoshop. No previous knowledge or experience with Photoshop required. Description Dear Friend, What if you can finally create amazing graphic designs without spending a dime? If you’ve given this a thought and you want to find a solution... ...then this will be the most important letter you will ever read. No Need To Hire A Graphic Designer !!! Heard of Adobe Photoshop? Even if you are new to the world of design, it is easy to get started with Photoshop. From beginners to seasoned professionals, Photoshop has all the tools and features you need. It's simple to use and easy to understand. Photoshop can turn a beginner into an expert in no time at all. The more you get use to this software, the easier it gets to create high quality designs without the need to hire a graphic designer. Photoshop is the #1 tool for anyone looking to create amazing graphic designs and if you're not using it, then you're missing out big time. Over 10 Million Users Before we go any further, let me give you some insights about Photoshop… Photoshop was launched by 2 brothers Thomas and John Knoll in 1988. The first version of the powerful graphics design software was designed in 1990. Since then it has become the most used software among web developers and designers alike. The first major Photoshop update, Photoshop CS was released in 2003, it was the 8th version of the software and it completely changed the face of the platform. Until this day, 28 versions of Photoshop have been released so far. In an effort to increase accessibility, Photoshop is distributed in 20 different languages. Currently, Photoshop has more than 10 million users worldwide. The software is currently used by both amateurs and professionals. Why You Need To Get Started Now: Photoshop is easy to use and remains one of the go to graphics platform. Photoshop provides versatility. Fast, convenient and reliable. Photoshop has a good number of useful courses. Cost-effective graphics management tool. Here’s What You’ll Discover Inside This Course: How to get started with Photoshop. Learn how to get use to the interface and configure your settings. Learn how to create your first image and which features to select when doing it. Learn how to work with the settings when editing images. How to quickly and easily enhance an image. How to generate images with multiple extension. How to use the configuration settings and be creative. Graphic Designs Like The Pros There’s nothing like this course. This course will save you the cost of hiring a graphic designer. I reveal my best tips for using some unknown tactics that only a few elite few knows. You get to see everything. I explain everything to you. There will be no guesswork. *************************************************************************************** 30-Day Money Back Guarantee - Risk-Free! **************************************************************************************** Udemy has an unconditional 30 day money back guarantee so there is no risk. You have a 30-day money-back guarantee. Lets start success together! Click on the “take this course" link at the top right of this page right NOW! Don't let another minute go by not living your dreams. The Elite Team Group professionals of Entrepreneurs, Market Experts and Online Tutors. Who this course is for: Anyone who wants to start using Photoshop Quickly & Easily. Anyone who wants to create stunning graphics using Photoshop. This course is great for beginner level Photoshop users. [Hidden Content] [hide][Hidden Content]]
  15. For Linux and Windows Email_with_attachment (For Gmail) [hide][Hidden Content]]
  16. How To Remove All Viruses From Computer Using Rescue USB Disk Today, we are going to share a few best methods to create a bootable USB of antivirus. So have a look at the complete steps discussed below. Step 1: First of all, connect a removable USB device to your computer. Step 2: Now you need, to download the ISO image of Kaspersky Rescue Disk. Step 3: Now follow the instructions given by Kaspersky to create a USB bootable Rescue disk. Step 6: Now Restart the computer with USB inserted and press F11 when the computer started to boot your USB. Step 7: Now Kaspersky interface will appear, proceed till you find the option to select from Graphic mode or Text mode, select the graphic mode. Step 8: Once Graphical User Interface fully loads onto the screen, you can perform a scan and remove all detected threats. That’s it! You are done. This is how you can use Kaspersky Rescue Disk to remove all viruses from Windows 10 computer.
  17. What you'll learn Hacking with Termux Android Hacking For Beginners Requirements Should have stable internet connection Should have any Mobile phone to run termux Description Best Hacking Tools and Techniques using Termux on Android For Beginners: In this course you will learn about Hacking with an Android device. I will teach you how to send fake login in pages using termux and how to get their password, Get IP Address Information, SMS Bombing, Call Bombing..etc. This is for educational purpose only.....because someone might do this with you so be aware. :-) I hope it will be a great and interesting session for all of you. hacker is a computer expert who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term "hacker" has become associated in popular culture with a "security hacker" – someone who utilizes their technical know-how of bugs or exploits to break into computer systems and access data which would otherwise be unavailable to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques in order to collect evidence on criminals and other malicious actors. This could include using anonymity tools (such as a VPN, or the dark web) to mask their identities online, posing as criminals themselves.[1][2] Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Oppositely, hacking and cyber-attacks are used extra- and illegally by law enforcement and security agencies (conducting warrantless activities), and employed by State actors as a weapon of both legal and illegal warfare. Who this course is for: Beginner in Hacking [Hidden Content] [hide][Hidden Content]]
  18. Grawler is the best tool ever, made for automating google dorks it’s a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file, version 1.0 is the more powerful than ever supporting multiple proxies. ( Read in features ) Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yet powerful tool that can be used by anyone, the thing that makes Grawler different in its category is its features. Features The biggest issue faced by tools that automate google dorks is CAPTCHA, but with Grawler, CAPTCHA is not an issue anymore, Grawler comes with a proxy feature that supports three different proxies. Supported Proxies ( The mentioned proxies need you to signup and get the API key, without any credit card information and give you around one thousand free API calls each ) ScraperAPI Scrapingdog Zenscrape Grawler now supports two different modes. Automatic Mode: Automatic mode now comes with many different dork files and supports multiple proxies to deliver a smooth experience. Manual Mode: The manual mode has become more powerful with the Depth feature, now you can select the number of pages you want to scrape results from, proxy feature is also supported by manual mode. Dorks are now categorized in the following categories: Error Messages Extension Java JavaScript Login Panels .Net PHP SQL Injection (7 different files with different dorks) My_dorks file for users to add their own dorks. API keys for proxies are first validated and added to the file. Manual mode allows users to go up to depth 4, but I’d recommend using depth 2 or 3 because the best results are usually on the initial pages. Grawler comes with its own guide to learn google dorks. The results are stored in a file ( filename needs to be specified with txt extension ). URL scraping is better than ever with no garbage URL’s at all. Grawler supports three different search engines are supported (Bing, Google, Yahoo), so if one blocks you another one is available. Multiple proxies with multiple search engines deliver the best experience ever. [hide][Hidden Content]]
  19. In this video we're going to review the widely used tool: OllyDbg. Ollydbg is a tool for debugging used for binary code analysis. It converts the binary language to an assembly language. Assembly language is an ISA (Instruction Set Architecture) based low level language which is user friendly and has an efficient code. It is an application to figure out the bugs in a program, troubleshoot it and run specific parts of it and see how it works. We talk about Pros and Cons of OllyDbg, how to install it and it's uses. [hide][Hidden Content]]
  20. Using Go to implement CobaltStrike’s Beacon This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY [hide][Hidden Content]]
  21. ETHICAL HACKING USING ANDROID DEVICE In This Course You Get Some Videos Tutorials For Learning Hacking Using Android Devices LINK - [Hidden Content]
  22. What you'll learn Get to know the key features of Wireshark Recognize the essential components of network communication Explore the different methods of setting up a packet capture Analyze packets using the Wireshark tool Analyze client to server communication with Wireshark Examine network traffic and identify potentially malicious traffic Examine the data within the network and how it shows up in Wireshark Requirements This course is for you if you have a basic understanding of the command line and general knowledge of what an IP address is and TCP/IP. You should also know about the 7 layers of OSI model. Description This course will cover the process for conducting protocol analysis. This will serve as a foundation for the skill required for a number of different types of careers. Protocol analysis is the technique of analyzing what is or has taken place on a network. This is used by Security Operations Center analysts as well as network forensics investigators. We will take static capture files that you will be provided and show you how to analyze them within the Wireshark tool. You will learn ways to quickly identify anything that is abnormal within a network packet capture. This will provide you with the initial skills for intrusion analysis, and also malware tracking and monitoring. -The course prepares the student for understanding network protocol analysis -After the course you will have the initial skills for security or hacking classes - Anyone who wants to understand the foundation of security skills and have knowledge for analyzing network traffic as well as potential intrusions will benefit from this course. - This course is for beginners or people interested in learning about hacking and don't know where to start. [Hidden Content] [hide][Hidden Content]]