Search the Community

Showing results for tags 'v2.0'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin


There are no results to display.

There are no results to display.

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



About Me










Found 57 results

  1. itsMe

    3xtract-APK V2.0

    Extract inside apps data like URL,IP ADDRESS, E-MAIL,STRINGS, PARAMETERS etc. [+] Uses Command ==> apt install apktool ==> cd 3xtract-APK ==> chmod +x * ==> ./ APKTOOL files.apk [+] Made by Ghosthub [+] Version 2.0 [hide][Hidden Content]]
  2. Crypto-yank is a clipboard stealer that monitors for crypto addresses and replaces them with your own. Features: Written in Python 3 Support For: Bitcoin (Legacy & Segwit),Etherum,Dash,Doge,Ripple and Monero. Easy setup script. Specific crypto replacement. Comprised of regex to find and match addresses. Logging to log.txt About: crypto-yank is a clipboard stealer that replaces crypto-currency addresses found in the clipboard with your malicious address. When no address is found crypto-yank remains dormant until it finds a match. [hide][Hidden Content]]
  3. Give a Mask to Phishing URL like a PRO MaskPhish is a simple script to hide phishing URL under a normal looking URL( or [hide][Hidden Content]]
  4. itsMe

    BlackUpload v2.0

    BlackUpload is an Anonymus File Uploader Script with Multi File Upload Support It comes with more than 20 features and you can set up it in less than 5 minutes. Features Simple to use and implement 4 Protection levels Mime Type Extensions Size Forbidden names Out Of The Box Functions Bootstrap and jQuery over CDN Multi-File Upload Support BlackUpload PHP Class 20+ Features [hide][Hidden Content]]
  5. Features Paradoxia Console Feature Description Easy to use Paradoxia is extremely easy to use, So far the easiest rat! Root Shell - Automatic Client build Build Paradoxia Client easily with or without the icon of your choice. Multithreaded Multithreaded Console server, You can get multiple sessions. Toast Notifications Desktop notification on new session Configurable Settings Configurable values in paradoxia.ini Kill Sessions Kill Sessions without getting in sesssion. View Session information View Session information without getting in Session. Paradoxia Client Feature Description Stealth Runs in background. Full File Access Full access to the entire file system. Persistence Installs inside APPDATA and has startup persistence via Registry key. Upload / Download Files Upload and download files. Screenshot Take screenshot. Mic Recording Record Microphone. Chrome Password Recovery Dump Chrome Passwords using Reflective DLL (Does not work on latest version) :shipit: Keylogger Log Keystrokes and save to file via Reflective DLL. Geolocate Geolocate Paradoxia Client. Process Info Get Process information. DLL Injection Reflective DLL Injection over Socket, Load your own Reflective DLL, OR use ones available here. Power off Power off the Client system. Reboot Reboot the client system. MSVC + MINGW Support Visual studio project is also included. Reverse Shell Stable Reverse Shell. Small Client Maximum size is 30kb without icon. [hide][Hidden Content]]
  6. What’s PAKURI Sometimes, penetration testers love to perform a complicated job. However, I always prefer the easy way. PAKURI is a semi-automated user-friendly penetration testing tool framework. You can run the popular pentest tools using only the numeric keypad, just like a game. It is also a good entry tool for beginners. They can use PAKURI to learn the flow to penetration testing without struggling with a confusing command line/tools. Abilities of “PAKURI”. Intelligence gathering. Vulnerability analysis. Visualize. Brute Force Attack. Exploitation. Your benefits. By using our PAKURI, you will benefit from the following. For redteam: (a) Red Teams can easily perform operations such as information enumeration and vulnerability scanning. (b) Visualizing the survey results is possible only with the numeric keypad. For blueteam: (c) The Blue Team can experience a dummy attack by simply operating the numeric keypad even they do not have any penetration testing skill. For beginner: (d) PAKURI has been created to support the early stages of penetration testing. These can be achieved with what is included in Kali-Tools. It can be useful for training the entry level pentesters. NOTE If you are interested, please use them in an environment under your control and at your own risk. And, if you execute the PAKURI on systems that are not under your control, it may be considered an attack and you may have legal liability for your action. Features Scan enum4linux Nikto Nmap OpenVAS Skipfish sslscan SSLyze Exploit BruteSpray Metasploit Visualize Faraday CUI-GUI switching PAKURI can be operated with CUI and does not require a high-spec machine, so it can be operated with Raspberry Pi Changelog v1.1.1 This is PAKURI version 2, presented at BlackHat Asia 2020 Arsenal [hide][Hidden Content]]
  7. dEEpEst

    Recox v2.0

    Recox v2.0 The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP addr for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that requires throughout a manual penetration test. Video: [Hidden Content] Download: [Hidden Content]
  8. SubDomainizer SubDomainizer is a tool designed to find hidden subdomains and secrets present is either webpage, Github, and external javascript present in the given URL. This tool also finds S3 buckets, cloudfront URL’s and more from those JS files which could be interesting like S3 bucket is open to read/write, or subdomain takeover and a similar case for cloudfront. It also scans inside the given folder which contains your files. Cloud Storage Services Supported: SubDomainizer can find URL for following cloud storage services: 1. Amazon AWS services (cloudfront and S3 buckets) 2. Digitalocean spaces 3. Microsoft Azure 4. Google Cloud Services 5. Dreamhost 6. RackCDN. Changelog v2.0 SANs Feature: Added a feature to find Subject Alternative Names for already found subdomains from different sources. Two options can be used with -san argument i.e. all or same. same will find only subdomains for TLD of the URL. all will find all (sub)domains having the same SAN for a given subdomain. Secret Location Feature: Added a feature to display the location of secrets. Inline in case if secret(s) found within the page (used in -u argument) URL of file in case if secret(s) found on External JS file or Github URL or File path (in case of the folder). [hide][Hidden Content]]
  9. [hide][Hidden Content]]
  10. Description A security framework for enterprises and Red Team personnel, supports CobaltStrike's penetration testing of other platforms (Linux / MacOS / ...), supports custom modules, and includes some commonly used penetration modules. ChangeLog release v2.0 : -fix Fix the problem of path errors caused by backslashes when uploading files in the file management office -fix Long-term testing in various scenarios in the real environment, fixing some hidden problems, and now more stable +support Support for lower kernel version systems +support Environment variables are automatically set at startup +support Delete sensitive env records at startup +support The background service process can be linked to the init process at startup +support Increase session spawn function +support Increase the function of session setting environment variables +support Increase the privilege escalation function of session getsystem +support Increase session analysis function to handle multiple merge tasks +support Increase Mac & Linux lateral movement function [hide][Hidden Content]]
  11. ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes: ADCollector is not an alternative to the powerful PowerView, it just automates enumeration to quickly identify juicy information without thinking too much at the early Recon stage. Functions implemented in ADCollector are ideal for enumeration in a large Enterprise environment with lots of users/computers, without generating lots of traffic and taking a large amount of time. It only focuses on extracting useful attributes/properties/ACLs from the most valuable targets instead of enumerating all available attributes from all the user/computer objects in the domain. You will definitely need PowerView to do more detailed enumeration later. The aim of developing this tool is to help me learn more about Active Directory security in a different perspective as well as to figure out what’s behind the scenes of those PowerView functions. I just started learning .NET with C#, the code could be really terrible~ It uses S.DS namespace to retrieve domain/forest information from the domain controller(LDAP server). It also utilizes S.DS.P namespace for LDAP searching. Enumeration Current Domain/Forest information Domains in the current forest (with domain SIDs) Domain Controllers in the current domain [GC/RODC] (with ~~IP, OS Site and ~~Roles) Domain/Forest trusts as well as trusted domain objects[SID filtering status] Privileged users (currently in DA and EA group) Unconstrained delegation accounts (Excluding DCs) Constrained Delegation (S4U2Self, S4U2Proxy, Resources-based constrained delegation) MSSQL/Exchange/RDP/PS Remoting SPN accounts User accounts with SPN set & password does not expire account Confidential attributes () ASREQROAST (DontRequirePreAuth accounts) AdminSDHolder protected accounts Domain attributes (MAQ, minPwdLength, maxPwdAge lockoutThreshold, gpLink[group policies that linked to the current domain object]) LDAP basic info(supportedLDAPVersion, supportedSASLMechanisms, domain/forest/DC Functionality) Kerberos Policy Interesting ACLs on the domain object, resolving GUIDs (User-defined object in the future) Unusual DCSync Accounts Interesting ACLs on GPOs Interesting descriptions on user objects Sensitive & Not delegate account Group Policy Preference cpassword in SYSVOL/Cache Effective GPOs on the current user/computer Restricted groups Nested Group Membership Changelog v2.0 1. Complete Rewrite (more extensible) 2. Add Interactive Menu with command line choice 3. Use direct API call to enumerate Trust relationship 4. Update Applied GPO Enumeration with Security Filtering and WMI Filtering (WMIFilter needs to be checked manually) 5. Add LDAP DNS Record Enumeration 6. RunAs: Run ADCollector under another user context 7. Flexible SPN Scan, DNS Records, Nested Group Membership, ACL Enumeration 8. Add NetSessionEnum, NetLocalGroupGetMembers and NetWkstaUserEnum [hide][Hidden Content]]
  12. [hide][Hidden Content]]
  13. Description: uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from (Google Hacking Database: [Hidden Content]). [hide][Hidden Content]]
  14. Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes “copysploit” to copy any exploit-db exploit to the current directory and “compilesploit” to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). Changelog v2.0 Updated all NMap/Metasploit modules 7/26/2020 [hide][Hidden Content]]
  15. itsMe

    BlackUpload v2.0

    BlackUpload is an Anonymus File Uploader Script with Multi File Upload Support It comes with more than 20 features and you can set up it in less than 5 minutes. Features Simple to use and implement 4 Protection levels Mime Type Extensions Size Forbidden names Out Of The Box Functions Bootstrap and jQuery over CDN Multi-File Upload Support BlackUpload PHP Class 20+ Features [hide][Hidden Content]]
  16. Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. How it works You have to provide some words which will act as a base. The tool will generate all possible combinations between them. To generate more combinations, it will add some common separators (e.g. “-“, “_”, “.”), random numbers, and special chars. You can enable leet and case transform to increase your chances. If you enable lyricpass mode, the tool will ask you about artists and it will download all his songs’ lyrics. Each line will be added as a new word. Then it will be transformed in several ways (leet, case, only first letters, with and without spaces…). Artist names will be added too. You can provide wordlists that you already tried against the target in order to exclude all these words from the resultant wordlist (-x). bopscrk-2.0 Python 3 supported. [hide][Hidden Content]]
  17. itsMe

    BaseCrack v2.0

    Best Decoder Tool For Base Encoding Schemes BaseCrack is a tool written in Python that can decode all alphanumeric base encoding schemes. This tool can accept single user input, multiple inputs from a file, input from argument, multi-encoded bases and decode them incredibly fast. Decode Base16, Base32, Base36, Base58, Base62, Base64, Base64Url, Base85, Base91, Base92 and more with the best base encoding scheme decoding tool in town. It's useful for CTFs, Bug Bounty Hunting, and Cryptography. What's new in v2.0: Now BaseCrack supports both Python2 and Python3 Magic Mode Now you can decode multi-encoded bases of any pattern in a single shot. Have you ever stumbled upon that one lame CTF challenge that gives you an encoded string which is just encoded over and over with Base64, Base91, Base85 and so on? Just give that to BaseCrack and you're done with it! ;) Supported Encoding Schemes Base16 Base32 Base36 Base58 Base62 Base64 Base64Url Base85 Base91 Base92 Main Features Can decode multi-encoded bases of any pattern. Can decode multiple base encodings from a file. Generate a wordlist/output with the decoded bases. Predicts the type of encoding scheme. [hide][Hidden Content]]
  18. itsMe

    Admin Finder v2.0

    Scan admin login with this tools! Simple 870 Admin Panel Scan Using list.txt to bruteforce admin panel [hide][Hidden Content]]
  19. [Hidden Content]
  20. [HIDE][Hidden Content]]
  21. Recaf Recaf is an open-source Java bytecode editor based on Objectweb’s ASM. ASM is a library that abstracts away the constant pool and class-file attributes. Since keeping track of the constant pool or managing proper stack frames are no longer necessary, complex changes can be made with relative ease. With additional features to assist in the process of editing Recaf is the most feature-rich free bytecode editor available. Changelog v2.0 This has been a long time coming, but the redesign branch for version 2.0.0 has finally been merged into master. What does this mean? For the past year me and other contributors have re-made Recaf from the ground up and made it into something that is much more user-friendly. When you have the time please come check the project on GitHub and look over the new documentation. There is a lot that has changed. With this in mind, this release is not the full package of what I intended 2.0.0 to be... however with the standard I wanted to strive for that day may still be a year or so in the future. But as it is right now, I feel that 2.0.0 is better in almost every possible way than the latest release of 1.15, and making a better tool was the whole point. Now here we are. Please do not hesitate to give feedback on this release. We have a discord server and you can always create an issue on Github. I hope you enjoy this update as much as I have enjoyed writing it. If you want to stay on 1.15 you can change the update frequency in the config menu to "Never". [HIDE][Hidden Content]]
  22. Recaf Recaf is an open-source Java bytecode editor based on Objectweb’s ASM. ASM is a library that abstracts away the constant pool and class-file attributes. Since keeping track of the constant pool or managing proper stack frames are no longer necessary, complex changes can be made with relative ease. With additional features to assist in the process of editing Recaf is the most feature-rich free bytecode editor available. Libraries used: ASM – Class editing abilities CFR – Decompilation Simple-Memory-Compiler – Recompilation of decompiled code JIMFS – Virtual file system ControlsFX – Custom controls (Used in pretty much everything) RichTextFX – Decompiler code highlighting JRegex – Pattern matching for decompiler code highlighting minimal-json – Json reading/writing for config storage Commonmark – Markdown parsing picocli – Command line argument parsing Changelog v2.0 Bug Fixes Hex cells render cut off in windows 10 (44b0b3e) Line number cells show unintentional spacing in windows 10 (e317467) Minor debug info not copied relating to annotations (dc1c9a0) Selection of enum references shows no context menu (35f6878) Features Mapping menu allows applying mapping files to primary resource in workspace (5256c11) [HIDE][Hidden Content]]
  23. [HIDE][Hidden Content]]
  24. BlackDir-Framework [1] Spider Directories [2] Find Sub Domain [3] Advanced Dorks Search [4] Scan list of Dorks [5] Scan WebSites [Xss,Sql] [6] Reverse Ip Lookup [7] Port Scan [HIDE][Hidden Content]]
  25. Vulnx v2.0 - An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS (Wordpress , Joomla , Drupal , Prestashop ...) Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting each and every shell manually like all the other tools do, VulnX analyses the target website checking the presence of a vulnerabilitie if so the shell will be Injected.searching urls with dorks Tool. Features Detects cms (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia) Target informations gatherings Target Subdomains gathering Multi-threading on demand Checks for vulnerabilities Auto shell injector Exploit dork searcher Ports Scan High Level Dns-Servers Dump Input multiple target to scan. Dorks Listing by Name& by ExploitName. Export multiple target from Dorks into a logfile. Joomla Com Jce Com Jwallpapers Com Jdownloads Com Jdownloads2 Com Weblinks Com Fabrik Com Fabrik2 Com Jdownloads Index Com Foxcontact Com Blog Com Users Com Ads Manager Com Sexycontactform Com Media Mod_simplefileupload Com Facileforms Com Facileforms Com extplorer Wordpress Simple Ads Manager InBoundio Marketing WPshop eCommerce Synoptic Showbiz Pro Job Manager Formcraft PowerZoom Download Manager CherryFramework Catpro Blaze SlideShow Wysija-Newsletters Drupal Add Admin Drupal BruteForcer Drupal Geddon2 PrestaShop attributewizardpro columnadverts soopamobile pk_flexmenu pk_vertflexmenu nvn_export_orders megamenu tdpsthemeoptionpanel psmodthemeoptionpanel masseditproduct blocktestimonial soopabanners Vtermslideshow simpleslideshow productpageadverts homepageadvertise homepageadvertise2 jro_homepageadvertise advancedslider cartabandonmentpro cartabandonmentproOld videostab wg24themeadministration fieldvmegamenu wdoptionpanel Opencart Opencart BruteForce [HIDE][Hidden Content]]