Forwarded from Biała Bł
Scriptkiddi3: Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools
https://github.com/thecyberneh/scriptkiddi3
https://github.com/thecyberneh/scriptkiddi3
🤩2
This media is not supported in your browser
VIEW IN TELEGRAM
Anonymous Spoof 😂😂 Porkies (pakistan/Bhikaristan)
Now Real Anonymous Be Like:
Humko barbad kardo B*******
Now Real Anonymous Be Like:
Humko barbad kardo B*******
😁8
Wait is over!
Here is the second part of the bug hunting series
Bug hunting with OSINT
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-2/
Haven't seen the first part? Don't worry here is the link for that:
Link for part 1:
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-1/
Join our group for such amazing and exclusive content
Don't miss here is the link to join our group
t.me/ethicalhackingtechofide
Here is the second part of the bug hunting series
Bug hunting with OSINT
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-2/
Haven't seen the first part? Don't worry here is the link for that:
Link for part 1:
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-1/
Join our group for such amazing and exclusive content
Don't miss here is the link to join our group
t.me/ethicalhackingtechofide
👍1
Forwarded from Biała Bł
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon
https://github.com/lutfumertceylan/top25-parameter
https://github.com/lutfumertceylan/top25-parameter
GitHub
GitHub - lutfumertceylan/top25-parameter: For basic researches, top 25 vulnerability parameters that can be used in automation…
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙 - lutfumertceylan/top25-parameter
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Commix
Automated All-in-One OS Command Injection Exploitation Tool.
https://github.com/commixproject/commix
#best #redteam
Automated All-in-One OS Command Injection Exploitation Tool.
https://github.com/commixproject/commix
#best #redteam
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Awesome ADB
The Android Debug Bridge (ADB) is a toolkit included in the Android SDK package, it is not only a powerful tool for Android developers and testers, but also a good toy for Android fans.
https://github.com/mzlogin/awesome-adb/blob/master/README.en.md
The Android Debug Bridge (ADB) is a toolkit included in the Android SDK package, it is not only a powerful tool for Android developers and testers, but also a good toy for Android fans.
https://github.com/mzlogin/awesome-adb/blob/master/README.en.md
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Graphcat
Generate graphs and charts based on password cracking result. Simple script to generate graphs and charts on hashcat (and john) potfile and ntds.
https://github.com/Orange-Cyberdefense/graphcat
Generate graphs and charts based on password cracking result. Simple script to generate graphs and charts on hashcat (and john) potfile and ntds.
https://github.com/Orange-Cyberdefense/graphcat
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
CeWL
Custom Word List generator
Based on a discussion on PaulDotCom (episode 129) about creating custom word lists spidering a targets website and collecting unique words I decided to write CeWL, the Custom Word List generator. CeWL is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.
By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.
https://github.com/digininja/CeWL
Custom Word List generator
Based on a discussion on PaulDotCom (episode 129) about creating custom word lists spidering a targets website and collecting unique words I decided to write CeWL, the Custom Word List generator. CeWL is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.
By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.
https://github.com/digininja/CeWL
Forwarded from 𝐈𝐍𝐃𝐈𝐀𝐍 𝐂𝐘𝐁𝐄𝐑 𝐅𝐎𝐑𝐂𝐄 (.)
https://check-host.net/check-report/eb87291kd91
https://check-host.net/check-report/eb878d7k490
https://check-host.net/check-report/eb89a8bk9e8
https://check-host.net/check-report/eb89dc7k992
https://check-host.net/check-report/eb8a508k8e5
https://check-host.net/check-report/eb8a788kea7
https://check-host.net/check-report/eb8aa9fkfdd
https://check-host.net/check-report/eb8addck24f
https://check-host.net/check-report/eb8b2b1k5d
https://check-host.net/check-report/eb8ba6bk896
Fuck Pakistan
Bhen chod Team Insane PK
Check Out These Sites
🤣🤣🤣🤣😂😂🤣😂🤣😂
https://check-host.net/check-report/eb878d7k490
https://check-host.net/check-report/eb89a8bk9e8
https://check-host.net/check-report/eb89dc7k992
https://check-host.net/check-report/eb8a508k8e5
https://check-host.net/check-report/eb8a788kea7
https://check-host.net/check-report/eb8aa9fkfdd
https://check-host.net/check-report/eb8addck24f
https://check-host.net/check-report/eb8b2b1k5d
https://check-host.net/check-report/eb8ba6bk896
Fuck Pakistan
Bhen chod Team Insane PK
Check Out These Sites
🤣🤣🤣🤣😂😂🤣😂🤣😂
❤🔥3
Forwarded from 卩ro 爪Cracker
Media is too big
VIEW IN TELEGRAM
🔥🔥🔥REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB(CVE-2022-44563, Toc-ToU race condition vuln can be exploited to achieve arbitrary code execution )
This is a new vulnerability in a proprietary mode called “SD-Update”, which can once again be used to achieve arbitrary code execution in the recovery mode, enabling unauthentic firmware updates, firmware downgrades to a known vulnerable version or other system modifications. Taszk advisory for the vulnerability is published here. The story of exploiting this vulnerability was made interesting by the fact that, since the exploit abuses wrong assumptions about the behavior of an external SD card, we needed some hardware-fu to actually be able to trigger it. In this blog post, Lorant Szabo describe how we went about creating “FaultyUSB” - a custom Raspberry Pi based setup that emulates a maliciously behaving USB flash drive - and exploiting this vulnerability to achieve arbitrary code execution as root!
This is a new vulnerability in a proprietary mode called “SD-Update”, which can once again be used to achieve arbitrary code execution in the recovery mode, enabling unauthentic firmware updates, firmware downgrades to a known vulnerable version or other system modifications. Taszk advisory for the vulnerability is published here. The story of exploiting this vulnerability was made interesting by the fact that, since the exploit abuses wrong assumptions about the behavior of an external SD card, we needed some hardware-fu to actually be able to trigger it. In this blog post, Lorant Szabo describe how we went about creating “FaultyUSB” - a custom Raspberry Pi based setup that emulates a maliciously behaving USB flash drive - and exploiting this vulnerability to achieve arbitrary code execution as root!
👍1
Forwarded from 卩ro 爪Cracker
CVE-2022-39952_PoC.zip
2 KB
🔥🔥🔥Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs
An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.
🔖PoC exploit here
An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.
🔖PoC exploit here
A blog on Nmap
Let's learn how to use Nmap.
Nmap commands
Nmap cheat sheet
Nmap techniques
Here is a link to the blog
https://techofide.com/blogs/nmap-commands-how-to-use-nmap-tool-nmap-cheat-sheet/
Join our group for more exclusive cyber security content
t.me/ethicalhackingtechofide
Let's learn how to use Nmap.
Nmap commands
Nmap cheat sheet
Nmap techniques
Here is a link to the blog
https://techofide.com/blogs/nmap-commands-how-to-use-nmap-tool-nmap-cheat-sheet/
Join our group for more exclusive cyber security content
t.me/ethicalhackingtechofide
This media is not supported in your browser
VIEW IN TELEGRAM
BREAKING: Russian hacker group Phoenix announces hacking major ministries of Pakistan Govt.
The group called the hack "hacking the whole Pakistan."
ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।
समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।
https://twitter.com/_treeni/status/1628089198929670150
🔺Just In: @AngrySaffron
The group called the hack "hacking the whole Pakistan."
ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।
समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।
https://twitter.com/_treeni/status/1628089198929670150
🔺Just In: @AngrySaffron
👌4
⚡2