Skip to main content

Posts

Showing posts with the label tools

How to exploit android device with FatRat on kali linux

 How to exploit android device with FatRat on kali linux  in this video we will learn how can we use fatrat to exploit android lets get the trust ;)

SQLmap GUI

SQLmap GUI  download link

drAFL: fuzzing binaries with no source code on Linux

drAFL Original AFL supports black-box coverage-guided  fuzzing  using QEMU mode. Fuzzing is one of the most powerful and proven strategies for identifying security issues in real-world software; it is responsible for the vast majority of remote code execution and privilege escalation bugs found to date in security-critical software. Unfortunately, fuzzing is also relatively shallow; blind, random mutations make it very unlikely to reach certain code paths in the tested code, leaving some vulnerabilities firmly outside the reach of this technique. There have been numerous attempts to solve this problem. One of the early approaches – pioneered by Tavis Ormandy – is corpus distillation. The method relies on coverage signals to select a subset of interesting seeds from a massive, high-quality corpus of candidate files, and then fuzz them by traditional means. The approach works exceptionally well, but requires such a corpus to be readily available. In addition, block ...

WORDPRESS online scanner

WORDPRESS online scanner  فاحص مدونات ورد بريس اونلاين اللينك بالاسفل  scanner link

routersploit: Router Exploitation Framework

  RouterSploit  Router Exploitation Framework github download source Installation Requirements gnureadline (OSX only) requests paramiko beautifulsoup4 pysnmp Installation on Kali git clone https://github.com/reverse-shell/routersploit cd routersploit ./rsf.py Installation on Ubuntu 16.04 sudo apt-get install python-dev python-pip libncurses5-dev git git clone https://github.com/reverse-shell/routersploit cd routersploit pip install -r requirements.txt ./rsf.py Installation on OSX git clone https://github.com/reverse-shell/routersploit cd routersploit sudo easy_install pip sudo pip install -r requirements.txt ./rsf.py Running on Docker git clone https://github.com/reverse-shell/routersploit cd routersploit docker build -t routersploit:latest -f Dockerfile . ./run_docker.sh Update Update RouterSploit Framework often. The project is under heavy development and new modules are shipped almost every day. cd routersploit git pull Usage ...

OnionShare: Securely and anonymously share file

OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn’t require setting up a server on the internet somewhere or using a third party file-sharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you. Features: A user-friendly drag-and-drop graphical user interface that works in Windows, Mac OS X, and Linux Ability to share multiple files and folders at once Support for multiple people downloading files at once Automatically copies the unguessable URL to your clipboard Shows you the progress of file transfers When file is done transferring, automatically closes OnionShare to reduce the attack surface Localized into several languages, and su...

Best Vulnerability Scanners Tools

Best Vulnerability Scanners Tools    The scanners which assess the vulnerability of a network or a computer to security attacks are known as Vulnerability Scanners. The tools might function differently, however all of them aim to provide an analysis on how vulnerable the system or a network is. Here is a list of the best ones:   Nessus Nessus is the world’s most popular vulnerable scanner topping the list in the years 2000, 2003 and in the year 2006 survey on security tools. It’s a free to use vulnerability scanner for personal use in the non enterprise environment. OpenVAS This scanner is tipped by many to be the most advanced vulnerability scanner in the world and is a powerful and comprehensive tool for scanning as well as providing solutions for vulnerability management. It is free software and is maintained daily. Nipper It is a parser for network infrastructure and its full form is Network Infrastructure Parser. This open sour...

How To access Deep Anonymous web and know its Secretive and Mysterious activities

How To access Deep Anonymous web and know its Secretive and Mysterious activities What is Deep Web The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason. The opposite term to the deep web is the surface web. The deep web includes many very common uses such as web mail, online banking but also paid for services with a paywall such as video on demand, and many more. This part of the Internet is known as the Deep Web, and it is about 500 times the size of the Web that we know. The Deep Web vs. The Dark Web Deep Web is  the portion of the Internet that is hidden from conventional search engines, as by encryption; the aggregate of unindexed websites The  Dark Web   on the other hand, is defined as “the portion of the Internet that is intentionally hidden from search engines, uses masked IP addresses, and is accessible only with a special web browser: ...

Hack-with-Github/Kali-Linux

Hack-with-Github/Kali-Linux   for more information press here  

WAFNinja – Tool to attack Web Application Firewall

WAFNinja – Tool to attack Web Application Firewall WAFNinja is a tool which contains two functions to attack Web Application Firewalls. WAFNinja - Penetration testers favorite for WAF Bypassing WAFNinja is a CLI tool written in Python. It shall help penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to be easily extendible, simple to use and usable in a team environment. Many payloads and fuzzing strings, which are stored in a local database file come shipped with the tool. WAFNinja supports HTTP connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. Also, an intercepting proxy can be set up. Usage: wafninja.py [-h] [-v] {fuzz, bypass, insert-fuzz, insert-bypass, set-db} ... EXAMPLE: fuzz : python wafninja.py fuzz -u "http://www.target.com/index.php?id=FUZZ...

Veil 3.0 released: antivirus evasion and evading detection

Veil 3.0 released: antivirus evasion and evading detection   The Veil-Framework is a collection of red team security tools that implement various attack methods focused on antivirus evasion and evading detection. Antivirus ‘solutions’ don’t often catch the bad guys, but they do often catch pen-testing during assignment. This tool came about as a way to execute existing shellcode in a way that could evade AV engines without rolling a new backdoor each time. Today, in International Security Conference 2017, the leader of Veil project – Christopher Truncer was released Veil 3.0 What’s new : You can get AntiVirus Evasion Reconstructed – Veil 3.0 paper here Installing apt-get -y install git git clone https://github.com/Veil-Framework/Veil.git cd Veil/ cd setup sudo ./setup.sh -c  Usage