Search the Community

Kon-Boot, also known as konboot or kon boot, is a software utility that has become widely popular among computer security experts, particularly those in penetration testing. The primary function of Kon-Boot is to enable users to bypass Microsoft Windows and Apple macOS passwords without causing any lasting changes to the system on which it is executed. It is the first reported tool capable of bypassing Windows 10 online (live) passwords and supporting both Windows and macOS systems. Kon-Boot is a powerful and flexible tool that has become an essential part of many computer security arsenals. It is fast, tiny, and gets the job done efficiently. Its ease of use and excellent features make it an ideal tool for tech repairs, data recovery, and security audits. However, users concerned about tools like Kon-Boot should use disk encryption software such as FileVault, Bitlocker, Veracrypt, etc. as a preventive measure. Kon-Boot is not able to bypass disk encryption, and it is essential to keep this in mind while using it. In addition, it is essential to note that Kon-Boot does not support virtualization or ARM devices such as Apple's M1 chip. It is also worth noting that Kon-Boot since version 3.5 is able to bypass SecureBoot feature, which can be a cause for concern for users. Kon-Boot comes with a range of features that are worth noting. For example, Kon-Boot can change Windows passwords due to the embedded Sticky-Keys feature. After a successful Windows boot with Kon-Boot, the user can tap SHIFT key five times, and Kon-Boot will open a Windows console window running with local system privileges. The fully working console can be used for a variety of purposes, such as changing Windows passwords. Additionally, following the command "net user [username] *," the current Windows password for the selected user will be erased. Kon-Boot also includes an Automatic PowerShell Script Execution feature, which automatically executes a given PowerShell script with full system privileges after Windows boot. In commercial Kon-Boot editions, this feature can be used to automate various tasks, such as performing forensic data gathering tasks, etc. To use this feature, Windows needs to be installed in UEFI mode. In summary, Kon-Boot is a powerful and flexible tool that can bypass Windows and macOS passwords without causing lasting changes to the system on which it is executed. It is easy to use and has become an essential tool for tech repairs, data recovery, and security audits. However, users must be aware of its limitations, including the inability to bypass disk encryption, lack of support for virtualization and ARM devices, and the need to install Windows in UEFI mode to use the Automatic PowerShell Script Execution feature. It is now free program but you can find it on THE PIRATES BAY ([Hidden Content]]). I hope it helps

[Hidden Content] manual helped me learning windows 11 after move from windows 10

Actual Window Guard – The program is what you need to keep your workspace in optimal condition for efficient and comfortable work. It has many settings helping to organize windows on the desktop and keep them in the order you prefer. It means you won’t have to spend time resizing and positioning windows as it will be done automatically. And there are many other features in the program which you can use to skip everyday routine and get better productivity. [Hidden Content] [hide][Hidden Content]]

Black Window 10 v2 Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and it offers the hacking part with a Cerberus Linux system! You can run both and it just works! Any update for Cerberus Linux will be available from apt update && apt upgrade for the windows user and Linux users! Tools Preinstalled Windows : Armitage Metasploit Fuzzbunch Dandensprits Ip hiders Wifi hacking Crackers Cypters and Binders Dork Scanners Dos+DDoser++Flooders Forensic Tools over 100 new KeyLoggers updated Misc. Web Tools over 50 new SQL Injection tools updated over 50 new Network Tools updated over 100 RAT’ s updated SMS & Email Bombers VPNs & Security Admin Page-Login Page Scanners Proxy Grabbers Resolvers Scripts & Source Codes Shells Vulnerable Scanners Worms, Malware, & Virus Makers Entire Elcomsoft Screenshot Preview : Linux: All tools from Cerberus os! 15 new Cerberus Frameworks : Metapackages , containers with custom scripts within! Exploits (to analyze): EARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploit EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86. ECHOWRECKER remote Samba 3.0.x Linux exploit. EASYBEE appears to be an MDaemon email server vulnerability EASYFUN EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6 EASYPI is an IBM Lotus Notes exploit that gets detected as Stuxnet EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2 EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010) EDUCATEDSCHOLAR is a SMB exploit (MS09-050) EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 (MS10-061) EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2 ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client’s side to send an email to other users EPICHERO 0-day exploit (RCE) for Avaya Call Server ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003 ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010) ETERNALBLUE is a SMBv2 exploit for Windows 7 SP1 (MS17-010) ETERNALCHAMPION is a SMBv1 exploit ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003 ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067) ETRE is an exploit for IMail 8.10 to 8.22 ETCETERABLUE is an exploit for IMail 7.04 to 8.05 FUZZBUNCH is an exploit framework, similar to MetaSploit ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors EXPIREDPAYCHECK IIS6 exploit EAGERLEVER NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release EASYFUN WordClient / IIS6.0 exploit ESSAYKEYNOTE EVADEFRED Utilities: PASSFREELY utility which “Bypasses authentication for Oracle servers” SMBTOUCH check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE ERRATICGOPHERTOUCH Check if the target is running some RPC IISTOUCH check if the running IIS version is vulnerable RPCOUTCH get info about windows via RPC DOPU used to connect to machines exploited by ETERNALCHAMPIONS NAMEDPIPETOUCH Utility to test for a predefined list of named pipes, mostly AV detection. User can add checks for custom named pipes. Scripts Arsenal and Wine Arsenal: 3vilTwinAttacker 911ar a2sv adminfinder AdminPage ADSLPT-WPA wifi-breaker aircracktest airfree-wt airgeddon Airlin airmode Airodump_Scan_Visualizer airport-sniffer airssl airstorm Airvengers agryfuzzer anonsurf anon-manager anonymizer anon-surf-start anon-surf-stop apfucker apk-payload-generator apt2 ARCANUS armitage asleap atscan autoDANE autohsgui automater AutoNessus autopixie auto-reaver autorelay avet backdoor-apk backdoorme backdoorppt BAF Base64ImageEncoder-Decoder BatchVirusGenerator Batch-Virus-Generator belkin4xx belkin-wpspin BinGoo BlackFilePumper BlindSqli BoopSuite Brutal BruteSploit brutespray BruteX BrutusV4.7 BTIHTMLEncoder-Decoder BTIMultiSiteChecker BTIReverseIPDomainCheck bully cangibrina kerbnmap Cewl anon-change-identity CHAOS chap2asleap chapcrack Chap-Crack CloudFail CloudFlareResolver CMSmap cobaltstrike cowpatty CpanelBruteReiluke crackle crackle CrackTheCAP probewpacracker credmap criptator crowbar crunch csrfpocmaker CVE-2017-0199 CVE-2017-7494 cybersac Dagon dedsploit DefacePageCreated dkmc dlinkdecrypter domainhunter DorkFinder Dorktools dotdotpwn doublepulsar-detection d-tect eapmd5hcgen EaST Ebowla EggShell ejacoolas erratasec Eternalblue-Doublepulsar-Metasploit escan EternalsExtensionSpoofer EvilAPDefender evil-droid ExploitOnCLI exploitpack exploits ExploitScanner Extension_Spoofer ezDataBase_Defacer ezsploit F.Society Fakear fakeAP fake-ap3.py FakeAp2 FakeImageExploiter fibercrunch Findsploit fipy firefox-ram gufw anonsurf fluxion gcat generadorDiccio genkeys genpmk Genpy getsploit GhostInTheNet Ghost-fisher gigawordlist Gloom-Framework Goohak hakkuframework Halcyon handshake-extractor HandShaker Hash-Buster hashcatgui hccap hellraiser HellWormsGenerator Her0xDa-Wps-Cracker HighLifeCrypter hostnamechanger hotspot_autologin HT-WPS-Breaker hydra-wizard Illusi0nCrypter Image+TextFileBinder ImageWorm InfamousTool Infoga Injectorist Insanity-Framework InstaBrute ipscan-win32-3_2 IpTool isf isthisipbad Jazztel-StopGo Joomla_Security_Scanner jsql-injection-v0_2_jar KatanaFramework killchain kimi koadic kwetza LALIN LANs.py LegionEliteProxiesGrabber leviathan LFiExploiter LFiFreak LFISuite liffy LinDrop litesploit mac2wepkey macchanger MakeWordlistForBrute Maskgen MassBleed MassDorkScanner massExpConsole Matroschka MaXIsploit md5crack mergedict Meterpreter_Paranoid_Mode-SSL MITMf mitm-rogue-WiFi-AP MooreRPortScanner morpheus morphHTA mpc ms17 msfvenom_custom_encoding netattack2 netdiscover-0.3-pre-beta7 netool-toolkit netsec-framework NetZapper NoSQLMap nps_payload nsa NSA-exploits nsa-gui NXcrypt ONO_Netgear_WPA2_Hack operative-framework OSPTF OWASP-Nettacker p0iz0nProxyProcessor pandora-manager pastezort pasv-agrsv PAYLOAD-MAKER PenBox penetrator-wps penmode pentesting-multitool pentestly pentest-machine PiWAT pixiewps Policygen portSpider PowerScript-KatanaFramework Pr0xYGrabber PRET ProPort ProxyFinder PureNetworks Pybelt PyBozoCrack pydictor python_gdork_sqli python-hacklib pyxiewps_WPS pyxiewps_WPShack-Python Quack reaver reaver.rd reaver-spoof reaver-webui reaver-wps-fork-t6x-master ReconDog RED_HAWK reGeorg riwifshell Rt2rtc Rtc2rt Rtgen Rtsort Rulegen saint scanless scapy-deauth scythian SEF sgen ShadowBatchVirusGenMOD shellsploit shocker ShockLabsFileBinder shodanwave SigPloit SimpleBinder simple-ducky smap smod Sn1per SPF SpiderMail SQLExploitScanner SqliColCount SQLiDumper sqlihelperv_2_7 sqli-scanner sqlitebrowser sqliv sqliscan SQL-nightmare anon-i2p-start Stitch anon-i2p-stop String-generator Struts2Shell Sublist3r SuperMicro-Password-Scanner TeraBitClient The-Auto-Pentest fatrat theharvestergui TNscan torghost tor_ip_switcher toriptables2 TPLink-AttackDictionary tplmap trape TripleX-Crypter Trity tulpar TuxCut 417 U-Cracker Umbrella V3n0M Vanquish varmacreaversav9-93 varmacscan2-8 VBSVirusMaker Vbswg Veil-Ordnance venomdroid3 Virus-O-Matic viSQL VMR-MDK w3af waidps WarChild WeBaCoo webpwn Webscan weeman wePWNise Wi-fEye wifiarnet wifiarp wifi-autopwner wifi_check wifi-contour wificurse wifidns wifi-hacker wifi-harvester wifi-honey wifijammer wifi-linux-rssi wifimonster wifiphisher wifiping WifiScanAndMap wifitap wifite wifite2 wifite-mod-pixiewps Wifite_ng wifuzz wiki_wordlist_generator Winpayloads wireless-ids wireless-info Wireless-Sniffer wirespy wlanreaver wordlist50 word-list-compress Wordlists wordpress-exploit-framework WormGen WPA2-HalfHandshake-Crack wpa-autopwn wpa-bruteforcer wpaclean Wpspin wpa-extractor wpaforhashcat wperf wps-connect wpscrack wpsdb WPSIG wpspin WPSPIN Wpspingenerator wps_scanner wsuxploit wwcleaner XAttacker xerosploit xerxes-dos xpath xsscrapy XssPy XSSTracer XSStrike zarp ZeusCrypter zirikatu Extra Tools: DandenSpritz FuzzBunch More tools: acccheck ace-voip Amap Automater bing-ip2hosts braa CaseFile CDPSnarf cisco-torch Cookie Cadger copy-router-config DMitry dnmap dnsenum dnsmap DNSRecon dnstracer dnswalk DotDotPwn enum4linux enumIAX Faraday Fierce Firewalk fragroute fragrouter Ghost Phisher GoLismero goofile hping3 ident-user-enum InTrace iSMTP lbd Maltego Teeth masscan Metagoofil Miranda nbtscan-unixwiz Nmap ntop p0f Parsero Recon-ng SET smtp-user-enum snmp-check SPARTA sslcaudit SSLsplit sslstrip SSLyze THC-IPV6 theHarvester TLSSLed twofi URLCrazy Wireshark WOL-E Xplico Vulnerability Analysis BBQSQL BED cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch copy-router-config DBPwAudit Doona DotDotPwn HexorBase Inguma jSQL Lynis Nmap ohrwurm Oscanner Powerfuzzer sfuzz SidGuesser SIPArmyKnife sqlmap Sqlninja sqlsus THC-IPV6 tnscmd10g unix-privesc-check Yersinia Exploitation Tools Armitage Backdoor Factory BeEF cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch Commix crackle exploitdb jboss-autopwn Linux Exploit Suggester Maltego Teeth Metasploit Framework RouterSploit SET ShellNoob sqlmap THC-IPV6 Yersinia Wireless Attacks Aircrack-ng Asleap Bluelog BlueMaho Bluepot BlueRanger Bluesnarfer Bully coWPAtty crackle eapmd5pass Fern Wifi Cracker Ghost Phisher GISKismet Gqrx gr-scan hostapd-wpe kalibrate-rtl KillerBee Kismet mdk3 mfcuk mfoc mfterm Multimon-NG PixieWPS Reaver redfang RTLSDR Scanner Spooftooph Wifi Honey wifiphisher Wifitap Wifite Forensics Tools Binwalk bulk-extractor Capstone chntpw Cuckoo dc3dd ddrescue DFF diStorm3 Dumpzilla extundelete Foremost Galleta Guymager iPhone Backup Analyzer p0f pdf-parser pdfid pdgmail peepdf RegRipper Volatility Xplico Web Applications apache-users Arachni BBQSQL BlindElephant Burp Suite CutyCapt DAVTest deblaze DIRB DirBuster fimap FunkLoad Gobuster Grabber jboss-autopwn joomscan jSQL Maltego Teeth PadBuster Paros Parsero plecost Powerfuzzer ProxyStrike Recon-ng Skipfish sqlmap Sqlninja sqlsus ua-tester Uniscan Vega w3af WebScarab Webshag WebSlayer WebSploit Wfuzz WPScan XSSer zaproxy Stress Testing DHCPig FunkLoad iaxflood Inundator inviteflood ipv6-toolkit mdk3 Reaver rtpflood SlowHTTPTest t50 Termineter THC-IPV6 THC-SSL-DOS Sniffing & Spoofing Burp Suite DNSChef fiked hamster-sidejack HexInject iaxflood inviteflood iSMTP isr-evilgrade mitmproxy ohrwurm protos-sip rebind responder rtpbreak rtpinsertsound rtpmixsound sctpscan SIPArmyKnife SIPp SIPVicious SniffJoke SSLsplit sslstrip THC-IPV6 VoIPHopper WebScarab Wifi Honey Wireshark xspy Yersinia zaproxy Password Attacks acccheck Burp Suite CeWL chntpw cisco-auditing-tool CmosPwd creddump crunch DBPwAudit findmyhash gpp-decrypt hash-identifier HexorBase THC-Hydra John the Ripper Johnny keimpx Maltego Teeth Maskprocessor multiforcer Ncrack oclgausscrack PACK patator phrasendrescher polenum RainbowCrack rcracki-mt RSMangler SQLdict Statsprocessor THC-pptp-bruter TrueCrack WebScarab wordlists zaproxy Maintaining Access CryptCat Cymothoa dbd dns2tcp http-tunnel HTTPTunnel Intersect Nishang polenum PowerSploit pwnat RidEnum sbd U3-Pwn Webshells Weevely Winexe Hardware Hacking android-sdk apktool Arduino dex2jar Sakis3G smali Reverse Engineering apktool dex2jar diStorm3 edb-debugger jad javasnoop JD-GUI OllyDbg smali Valgrind YARA Reporting Tools CaseFile CutyCapt dos2unix Dradis KeepNote MagicTree Metagoofil Nipper-ng pipal Download: [Hidden Content] Password: [Hidden Content]

Black Window Enterprise 10 v1 Codename : Arachni Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and it offers the hacking part with a Cerberus Linux system! You can run both and it just works! Any update for Cerberus Linux will be available from apt update && apt upgrade for the windows user and Linux users! Teaser Tools Preinstalled Windows Armitage Metasploit Fuzzbunch Dandensprits Ip hiders Wifi hacking Crackers Crypters and Binders Dork Scanners Dos+DDoser++Flooders Forensic Tools over 100 new KeyLoggers updated Misc. Web Tools over 50 new SQL Injection tools updated over 50 new Network Tools updated over 100 RAT’ s updated SMS & Email Bombers VPNs & Security Admin Page-Login Page Scanners Proxy Grabbers Resolvers Scripts & Source Codes Shells Vulnerable Scanners Worms, Malware, & Virus Makers Entire Elcomsoft DOWNLOAD [HIDE][Hidden Content]] zip pass is BlackWindowOs or ArachniOs please follow this tutorial to extract the iso from the zip file HOW TO INSTALL BLACK WINDOW V1

ABOUT: BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. DEMO VIDEO: FEATURES: Automatically collect all URL's from a target website Automatically collect all dynamic URL's and parameters from a target website Automatically collect all subdomains from a target website Automatically collect all phone numbers from a target website Automatically collect all email addresses from a target website Automatically collect all form URL's from a target website Automatically scan/fuzz for common OWASP TOP vulnerabilities Automatically saves all data into sorted text files LINUX INSTALL: cp blackwidow /usr/bin/blackwidow cp injectx.py /usr/bin/injectx.py pip install -r requirements.txt USAGE: blackwidow -u [Hidden Content] - crawl target.com with 3 levels of depth. blackwidow -d target.com -l 5 -v y - crawl the domain: target.com with 5 levels of depth with verbose logging enabled. blackwidow -d target.com -l 5 -c 'test=test' - crawl the domain: target.com with 5 levels of depth using the cookie 'test=test' blackwidow -d target.com -l 5 -s y -v y - crawl the domain: target.com with 5 levels of depth and fuzz all unique parameters for OWASP vulnerabilities with verbose logging on. injectx.py -u [Hidden Content] -v y - Fuzz all GET parameters for common OWASP vulnerabilities with verbose logging enabled. SAMPLE REPORT: DOCKER: [hide]git clone [Hidden Content]] cd BlackWidow docker build -t blackwidow . docker run -it blackwidow # Defaults to --help Download: [hide][Hidden Content]]