Sign in to follow this
Followers
0
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. VFM is a simple and flexible plug-and-play file manager, easy to use and plenty of options. Send files to your customers, create new users with dedicated folders, or simply use it as your personal file cloud. Access from any device, manage users and general settings from an intuitive administration panel, customize it to your brand.
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Scanning APK file for URIs, endpoints & secrets.
Changelog v2.5
Added patterns:
Facebook Secret Key
Facebook ClientID
Twitter ClientID
Twitter Secret Key
Artifactory API Token
Artifactory Password
Authorization Basic
Authorization Bearer
Basic Auth Credentials
Cloudinary Basic Auth
Mailto
Vault Token
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. FuzzingTool
FuzzingTool is a web penetration testing tool, that handles with fuzzing. After the test is completed, all possible vulnerable entries (and the response data) are saved on a report file.
Changelog v3.11
New features
Allow to insert multiple wordlists (globally or per target)
Assign a wordlist to each target with numerous -w, or a global wordlist using only one -w;
Use multiple wordlists to same target -w 'wordlist1;wordlist2';
Allow to wordlist plugins automatically detects and build their parameters based on target;
Now both the exception and the used payload are written in the logfile;
Added robots.txt plugin to the wordlists;
Updated CLI output options
Added an option to disable the terminal colors --no-colors;
Added an option to simplify the output mode, removing the time label and reducing the other labels -S, --simple-output;
CLI output changes
Updated the program’s progress status: the format is more clean and shows the current payload that are being used;
Updated the PathScanner status codes coloring;
Bugfixes
Fixed the proxy setup on Request;
Fixed the Logger that wasn’t writting in the logfile;
Fixed a bug then more than one method is specified to same target, and the application stops to run;
Fixed an exception when the same target is setted more than one time. Now a target can appear more than one time if all of them do the same type of fuzzing, or by selecting a global scanner plugin;
Exception handling
At now, none of the RequestExceptions will stop the application, instead of it the program will ask for the user if he wants to continue with that target.
The objectCreator method from PluginFactory no longer raises a PluginNotFound exception. This exception was transfered to the classCreator in the same factory.
Code refatored
All the program arguments parsing are now handled by ArgumentParser that extends the argparse.ArgumentParser;
Separate the Dictionary class from the wordlists;
Removed unused anonimous functions on CliOutput;
The blacklist status codes, and actions, was moved to a separated class called BlacklistStatus;
Removed the Response class. Now the Request object will return a tuple of items: the raw response from the requests library, and the RTT. The SubdomainRequest appends the target’s ip to this tuple;
Moved the FuzzingTool results from the python dictionary to a separated class Result
The results are no longer created by the scanners;
Changed the getResult method from the scanners to inspectResult;
Separated the Matcher from the scanners;
Updated base classes to abstract classes;
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Detect It Easy, or abbreviated "DIE" is a program for determining types of files.
"DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS.
Many programs of the kind (PEID, PE tools) allow to use third-party signatures. Unfortunately, those signatures scan only bytes by the pre-set mask, and it is not possible to specify additional parameters. As the result, false triggering often occur. More complicated algorithms are usually strictly set in the program itself. Hence, to add a new complex detect one needs to recompile the entire project. No one, except the authors themselves, can change the algorithm of a detect. As time passes, such programs lose relevance without the constant support.
Detect It Easy has totally open architecture of signatures. You can easily add your own algorithms of detects or modify those that already exist. This is achieved by using scripts. The script language is very similar to JavaScript and any person, who understands the basics of programming, will understand easily how it works. Possibly, someone may decide the scripts are working very slow. Indeed, scripts run slower than compiled code, but, thanks to the good optimization of Script Engine, this doesn't cause any special inconvenience. The possibilities of open architecture compensate these limitations.
DIE exists in three versions. Basic version ("DIE"), Lite version ("DIEL") and console version ("DIEC"). All the three use the same signatures, which are located in the folder "db". If you open this folder, nested sub-folders will be found ("Binary", "PE" and others). The names of sub-folders correspond to the types of files. First, DIE determines the type of file, and then sequentially loads all the signatures, which lie in the corresponding folder. Currently the program defines the following types:
MSDOS executable files MS-DOS
PE executable files Windows
ELF executable files Linux
MACH executable files Mac OS
Binary all other files
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What?
Arkhota is a web (HTTP/S) brute forcer for Android.
Why?
A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device preparation. Also a phone takes less attention rather than a laptop/computer. For this situations here's Arkhota.
Hidden Content
Give reaction to this post to see the hidden content.
-