#phishing
https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Jack Button
How to protect Evilginx using Cloudflare and HTML Obfuscation
Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social…
#phishing
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Levelblue
Trusted Domain, Hidden Danger: Deceptive URL Redirections in Email Phishing Attacks
This blog explores how trusted platforms are increasingly being exploited as redirectors, highlighting the risks and the latest trends that users and businesses should be aware of.
Forwarded from Caster
Я написал более новую версию своего инструмента Above.
Caster - Above v2.2 (Codename: Vettel)
Код, отвечающий за потоки переписан, инструмент работает гораздо стабильнее;
Теперь инструмент может записывать трафик в .pcap файл;
Также Above может парсить записанные дампы трафика (pcap);
Небольшие косметические изменения кода
Link: github.com/wearecaster/Above
Release Link: https://github.com/wearecaster/Above/releases/tag/vettel
Caster - Above v2.2 (Codename: Vettel)
Код, отвечающий за потоки переписан, инструмент работает гораздо стабильнее;
Теперь инструмент может записывать трафик в .pcap файл;
Также Above может парсить записанные дампы трафика (pcap);
Небольшие косметические изменения кода
Link: github.com/wearecaster/Above
Release Link: https://github.com/wearecaster/Above/releases/tag/vettel
SMTP Smuggling - Spoofing E-Mails Worldwide
Вы просто прочитайте ответы вендоров:
Microsoft
"Thank you again for submitting this issue to Microsoft. Currently, MSRC prioritizes vulnerabilities that are assessed as “Important” or “Critical'’ severities for immediate servicing"
Cisco
"As previously mentioned, the "vulnerability" in Cisco Secure Email (Cloud) Gateway is not a bug, but a feature"
Нет слов, держите штаны покрепче...
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Вы просто прочитайте ответы вендоров:
Microsoft
"Thank you again for submitting this issue to Microsoft. Currently, MSRC prioritizes vulnerabilities that are assessed as “Important” or “Critical'’ severities for immediate servicing"
Cisco
"As previously mentioned, the "vulnerability" in Cisco Secure Email (Cloud) Gateway is not a bug, but a feature"
Нет слов, держите штаны покрепче...
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Evilginx ❤️ Gophish
The highly anticipated official integration between Evilginx and Gophish has been unveiled in the latest Evilginx 3.3 update. Alongside this major feature, the update brings numerous quality-of-life enhancements.
https://breakdev.org/evilginx-3-3-go-phish/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
The highly anticipated official integration between Evilginx and Gophish has been unveiled in the latest Evilginx 3.3 update. Alongside this major feature, the update brings numerous quality-of-life enhancements.
https://breakdev.org/evilginx-3-3-go-phish/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Trusted Domain, Hidden Danger
In this blog post describes a prevalent tactic used in phishing attacks, which involves exploiting legitimate platforms for redirection through deceptive links.
Source: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
In this blog post describes a prevalent tactic used in phishing attacks, which involves exploiting legitimate platforms for redirection through deceptive links.
Source: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Forwarded from iOS malware & security
Apple Exploit@iosmalware.zip
6.5 MB
Phishing Apple ID
Fake Home Page
Login and password
Phishing icloud
Exploit
Project: @iOSmalware
Private: @iOSmalwarebot
Topic: https://t.me/MalwareForums/286942
Fake Home Page
Login and password
Phishing icloud
Exploit
Project: @iOSmalware
Private: @iOSmalwarebot
Topic: https://t.me/MalwareForums/286942
Norway.rar
141.5 MB
Norwegian cc otp phishing scams with live panel
-DHL
-DNB BANK
-SpareBank
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
-DHL
-DNB BANK
-SpareBank
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Denmark.rar
91.1 MB
Danish cc otp phishing scams with live panel
-Apple
-DanskeBank
-MobilePay
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
-Apple
-DanskeBank
-MobilePay
Project @PhishingService
LandingMarket @LandingMarketBot
Powered by @MalwareForum
Forwarded from Drainer Service
ETH Smash @DrainerService.zip
2.5 MB
ETH SMASH 1.0 Silver Tier
Works for now but !!!WARNING!!! the token and NFT drainer not work or i think is outdated be careful
ETH DRAIN WORKS PERFECTLY BUT THE USER WHO WILL CONNECT TO THE SITE MUST HAVE ETH_SIGN ENABLED.. but I noticed that it's not a problem.. my advice is to create an html page to connect to the site like ''HOW TO CLAIM '' with all the details to enable it in a safe way.. on this the use of GPT CHAT is very useful to create a large and convincing text. in the .rar I also inserted my favorite program that is used to copy entire tamplates so you don't have to invent anything.. just connect the .js and the buttons and you're done.
another important thing I noticed that enabling eth_sign from mobile is much more practical and faster, both in terms of enabling and when the user will go to sign. do all your tests.
I recommend this combo because with the tool that copies the tamplates it's very simple to make a site. (I strongly recommend copying simple tamplates) just go to twitter and write ''airdrop'' billions of sites will come out from which you can take inspiration or copy. if you have a minimum of familiarity you can do everything in 10 minutes since the drainer only needs the ETH receiver.
Password archive: @drainerservice
Group: @DrainingService
Market: @DrainerMarketBot
All Projects: @MalwareLinks
Works for now but !!!WARNING!!! the token and NFT drainer not work or i think is outdated be careful
ETH DRAIN WORKS PERFECTLY BUT THE USER WHO WILL CONNECT TO THE SITE MUST HAVE ETH_SIGN ENABLED.. but I noticed that it's not a problem.. my advice is to create an html page to connect to the site like ''HOW TO CLAIM '' with all the details to enable it in a safe way.. on this the use of GPT CHAT is very useful to create a large and convincing text. in the .rar I also inserted my favorite program that is used to copy entire tamplates so you don't have to invent anything.. just connect the .js and the buttons and you're done.
another important thing I noticed that enabling eth_sign from mobile is much more practical and faster, both in terms of enabling and when the user will go to sign. do all your tests.
I recommend this combo because with the tool that copies the tamplates it's very simple to make a site. (I strongly recommend copying simple tamplates) just go to twitter and write ''airdrop'' billions of sites will come out from which you can take inspiration or copy. if you have a minimum of familiarity you can do everything in 10 minutes since the drainer only needs the ETH receiver.
Password archive: @drainerservice
Group: @DrainingService
Market: @DrainerMarketBot
All Projects: @MalwareLinks
Drainer Market!
We offer the most effective and reliable drainers for cryptocurrency transactions. As well as landing pages for their promotion.
@DrainerMarketBot
15 % discounts with this promo code
https://t.me/DrainerMarketBot?start=promo15
We offer the most effective and reliable drainers for cryptocurrency transactions. As well as landing pages for their promotion.
@DrainerMarketBot
15 % discounts with this promo code
https://t.me/DrainerMarketBot?start=promo15
Please open Telegram to view this post
VIEW IN TELEGRAM
We invite people to the traffic chat
Join the group and it will become one of the most popular in telegram
You will be able to find or search for the information or people you need
Advertising is prohibited, discussion only
https://t.me/TrafficForums
Join the group and it will become one of the most popular in telegram
You will be able to find or search for the information or people you need
Advertising is prohibited, discussion only
https://t.me/TrafficForums
Telegram
Traffic Forums
Publish high-quality content, you can get rewards and cash out!!!
Share your expertise, experience, hacking tools, leaked databases, etc. to get bonus points, which can be exchanged for USDT
Powered by @MalwareForums
Share your expertise, experience, hacking tools, leaked databases, etc. to get bonus points, which can be exchanged for USDT
Powered by @MalwareForums
Forwarded from 🐍MEDUZA CORP🐍
Please open Telegram to view this post
VIEW IN TELEGRAM
Хабр
Security Week 2432: шифрование cookie в браузере Google Chrome
На прошлой неделе компания Google объявила об усилении защиты файлов cookie в браузере Google Chrome. Кража сессионных cookie активно практикуется вредоносным программным обеспечением. Зачастую это...
Forwarded from Drainer Service
TonDrainer@drainerservice.zip
2.4 KB
Ton Drainer Source Code
The simplest ton drainer in the ton network, takes only native currency
Password archive: @drainerservice
Group: @DrainingService
Market: @DrainerMarketBot
Private: @DrainerPrivateBot
All Projects: @MalwareLinks
The simplest ton drainer in the ton network, takes only native currency
List of full-fledged drainers in the ton network:
V1: https://t.me/DrainerMarketBot?start=t_a87ff679a2f3e71d9181a67b7542122c
V2: https://t.me/DrainerMarketBot?start=t_3c59dc048e8850243be8079a5c74d079
Password archive: @drainerservice
Group: @DrainingService
Market: @DrainerMarketBot
Private: @DrainerPrivateBot
All Projects: @MalwareLinks
Launch of the new Malware GPT project
Follow the news:
t.me/MalwareGPT
Follow the news:
t.me/MalwareGPT
and also the folder has been updated
https://t.me/addlist/dvHVtK0vSIRhNjM0
Telegram
MalwareLinks
You’ve been invited to add the folder “MalwareLinks”, which includes 40 chats.