📃 "Utiliza Proxychains y Tor en Linux para ocultar tu identidad en Internet" https://www.redeszone.net/tutoriales/seguridad/proxychains-tor-linux-ocultar-identidad-internet/
Redes Zone
Utiliza Proxychains y Tor en Linux para ocultar tu identidad en Internet
Ocultar la identidad en Internet utilizando un sistema operativo basado en Linux es realmente muy sencillo, y todo ello sin necesidad de contratar un servicio de VPN como los que existen en la actualidad. Distribuciones como Kali Linux son usadas para auditar…
Vulnerabilidades 0-day explotadas activamente en Internet Explorer, Safari y Chrome
https://unaaldia.hispasec.com/2021/07/vulnerabilidades-0-day-explotadas-activamente-en-internet-explorer-safari-y-chrome.html
https://unaaldia.hispasec.com/2021/07/vulnerabilidades-0-day-explotadas-activamente-en-internet-explorer-safari-y-chrome.html
Una al Día
Vulnerabilidades 0-day explotadas activamente en Internet Explorer, Safari y Chrome
El equipo de detección y análisis de amenazas de Google (Threat Analysis Group) ha detectado tres campañas que hacen un uso activo de cuatro vulnerabilidades de día cero, y que tienen como objetivo a los navegadores Chrome, Internet Explorer 11 y Safari.…
ExploitDB Just tweeted ****************************************** [webapps] Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF) https://t.co/hz81XW3oQF
Exploit Database
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF). CVE-2021-31761 . webapps exploit for Linux platform
➕ USEFUL WEBSITES FOR PENTESTERS & HACKERS ➕
Exploits Database 💥
http://www.exploit-db.com/
http://www.intelligentexploit.com
http://www.shodanhq.com/
http://packetstormsecurity.com/
Vulnerabilities Database 🎯
https://cve.mitre.org/cve/
http://www.cvedetails.com/
https://nvd.nist.gov/
http://osvdb.org/
https://www.kb.cert.org/vuls/
https://secunia.com/community/advisories/search/
http://www.securityfocus.com/bid
http://lwn.net/Vulnerabilities/
http://denimgroup.com/resources-threadfix/
http://www.vulnerability-lab.com
http://www.secdocs.org/
Hacking Tutorials 💻
https://www.offensive-security.com/
http://www.kalitutorials.net/2013/08/kali-linux.html
https://www.youtube.com/user/DEFCONConference
https://www.youtube.com/user/Hak5Darren
https://www.youtube.com/user/sansinstitute
https://en.wikibooks.org/wiki/Metasploit/VideoTutorials
http://www.hacking-tutorial.com/
http://breakthesecurity.cysecurity.org/
http://www.securitytube.net/
http://www.ehacking.net/
https://vimeo.com/channels/fullscopesecurity
http://www.spacerogue.net/wordpress/
Virus Scan 🦠
https://www.virustotal.com/nl/
http://anubis.iseclab.org/
http://virusscan.jotti.org/it
--Not distribute to AV--
http://v2.scan.majyx.net/?page=home
http://fuckingscan.me/
https://anonscanner.com/
http://nodistribute.com/
http://www.file2scan.net/
Tools Download 🛠
http://tools.kali.org/tools-listing
http://insecure.org/
http://www.hackersonlineclub.com/hacking-tools
https://www.concise-courses.com/hacking-tools/
http://www.darknet.org.uk/category/hacking-tools/
http://www.kitploit.com/
http://www.toolswatch.org/
http://www.blackarch.org/tools.html
https://pentest-tools.com/reconnaissance/google-hacking
https://gexos.github.io/Hacking-Tools-Repository/
http://www.romhacking.net/utilities/
Network Online Tools 🌐
http://www.yougetsignal.com/
http://www.dnswatch.info/
http://www.nirsoft.net/countryip/
http://www.tcpiputils.com/
http://www.coffer.com/mac_find/
http://bgp.he.net/
http://www.sockets.com/services.htm
http://services.ce3c.be/ciprg/
IP Lookup 🔎
http://ip-api.com/#
http://www.my-ip-neighbors.com/
http://www.whatismyip.com/
http://www.ip2location.com/demo
http://freegeoip.net/static/index.html
http://whatstheirip.com
http://ipaddress.com
http://www.ip-adress.com/ipaddresstolocation/
Encrypt / Decrypt ⛓
http://crypo.in.ua/tools/
http://www.tools4noobs.com/online_tools/decrypt/
http://codebeautify.org/encrypt-decrypt
http://textmechanic.com/Encryption-Generator.html
http://www.yellowpipe.com/yis/tools/encrypter/
Online Hash Crackers 🧱
http://www.hashkiller.co.uk/
http://www.md5online.org/
http://www.cmd5.org/
http://www.md5crack.com/
http://www.netmd5crack.com/cracker/
http://md5decryption.com/
http://md5.rednoize.com/
http://www.md5this.com/index.php
http://www.tydal.nu/article/md5-crack/
http://passcracking.com/
https://hdb.insidepro.com/en
https://crackstation.net/
http://www.cloudcracker.net/
https://isc.sans.edu/tools/reversehash.html
http://www.onlinehashcrack.com/ [$]
http://hashcrack.in/en [$]
File Upload 📁
https://mega.co.nz/
https://www.mediafire.com/
https://infotomb.com/m/welcome
http://sharesend.com/
http://www.wss-coding.com/upload
http://zippyshare.com/
http://filetolink.com/
http://ge.tt/
http://largedocument.com/
http://rghost.net/
http://dox.abv.bg/files/share
http://secureupload.eu/
Anonymous Test 🕵️
https://ipleak.net/
https://www.dnsleaktest.com/
https://diafygi.github.io/webrtc-ips/
Torcheck 🧅
http://5deqglhxcoy3gbx6.onion - Xenobite
http://tmkloc6vhxos3nde.onion
SMS 📩
http://receive-sms-now.com/
http://www.receive-sms-online.info/
http://www.receivesmsonline.net/
Fake Identity 🙃
http://www.fakenamegenerator.com/
https://fakena.me/
http://names.igopaygo.com/people/fake_person
Exploits Database 💥
http://www.exploit-db.com/
http://www.intelligentexploit.com
http://www.shodanhq.com/
http://packetstormsecurity.com/
Vulnerabilities Database 🎯
https://cve.mitre.org/cve/
http://www.cvedetails.com/
https://nvd.nist.gov/
http://osvdb.org/
https://www.kb.cert.org/vuls/
https://secunia.com/community/advisories/search/
http://www.securityfocus.com/bid
http://lwn.net/Vulnerabilities/
http://denimgroup.com/resources-threadfix/
http://www.vulnerability-lab.com
http://www.secdocs.org/
Hacking Tutorials 💻
https://www.offensive-security.com/
http://www.kalitutorials.net/2013/08/kali-linux.html
https://www.youtube.com/user/DEFCONConference
https://www.youtube.com/user/Hak5Darren
https://www.youtube.com/user/sansinstitute
https://en.wikibooks.org/wiki/Metasploit/VideoTutorials
http://www.hacking-tutorial.com/
http://breakthesecurity.cysecurity.org/
http://www.securitytube.net/
http://www.ehacking.net/
https://vimeo.com/channels/fullscopesecurity
http://www.spacerogue.net/wordpress/
Virus Scan 🦠
https://www.virustotal.com/nl/
http://anubis.iseclab.org/
http://virusscan.jotti.org/it
--Not distribute to AV--
http://v2.scan.majyx.net/?page=home
http://fuckingscan.me/
https://anonscanner.com/
http://nodistribute.com/
http://www.file2scan.net/
Tools Download 🛠
http://tools.kali.org/tools-listing
http://insecure.org/
http://www.hackersonlineclub.com/hacking-tools
https://www.concise-courses.com/hacking-tools/
http://www.darknet.org.uk/category/hacking-tools/
http://www.kitploit.com/
http://www.toolswatch.org/
http://www.blackarch.org/tools.html
https://pentest-tools.com/reconnaissance/google-hacking
https://gexos.github.io/Hacking-Tools-Repository/
http://www.romhacking.net/utilities/
Network Online Tools 🌐
http://www.yougetsignal.com/
http://www.dnswatch.info/
http://www.nirsoft.net/countryip/
http://www.tcpiputils.com/
http://www.coffer.com/mac_find/
http://bgp.he.net/
http://www.sockets.com/services.htm
http://services.ce3c.be/ciprg/
IP Lookup 🔎
http://ip-api.com/#
http://www.my-ip-neighbors.com/
http://www.whatismyip.com/
http://www.ip2location.com/demo
http://freegeoip.net/static/index.html
http://whatstheirip.com
http://ipaddress.com
http://www.ip-adress.com/ipaddresstolocation/
Encrypt / Decrypt ⛓
http://crypo.in.ua/tools/
http://www.tools4noobs.com/online_tools/decrypt/
http://codebeautify.org/encrypt-decrypt
http://textmechanic.com/Encryption-Generator.html
http://www.yellowpipe.com/yis/tools/encrypter/
Online Hash Crackers 🧱
http://www.hashkiller.co.uk/
http://www.md5online.org/
http://www.cmd5.org/
http://www.md5crack.com/
http://www.netmd5crack.com/cracker/
http://md5decryption.com/
http://md5.rednoize.com/
http://www.md5this.com/index.php
http://www.tydal.nu/article/md5-crack/
http://passcracking.com/
https://hdb.insidepro.com/en
https://crackstation.net/
http://www.cloudcracker.net/
https://isc.sans.edu/tools/reversehash.html
http://www.onlinehashcrack.com/ [$]
http://hashcrack.in/en [$]
File Upload 📁
https://mega.co.nz/
https://www.mediafire.com/
https://infotomb.com/m/welcome
http://sharesend.com/
http://www.wss-coding.com/upload
http://zippyshare.com/
http://filetolink.com/
http://ge.tt/
http://largedocument.com/
http://rghost.net/
http://dox.abv.bg/files/share
http://secureupload.eu/
Anonymous Test 🕵️
https://ipleak.net/
https://www.dnsleaktest.com/
https://diafygi.github.io/webrtc-ips/
Torcheck 🧅
http://5deqglhxcoy3gbx6.onion - Xenobite
http://tmkloc6vhxos3nde.onion
SMS 📩
http://receive-sms-now.com/
http://www.receive-sms-online.info/
http://www.receivesmsonline.net/
Fake Identity 🙃
http://www.fakenamegenerator.com/
https://fakena.me/
http://names.igopaygo.com/people/fake_person
Exploit-Db
OffSec’s Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
Vulnerabilidad de 16 años en impresoras permite escalar privilegios
https://blog.segu-info.com.ar/2021/07/vulnerabilidad-de-16-anos-en-impresoras.html
https://blog.segu-info.com.ar/2021/07/vulnerabilidad-de-16-anos-en-impresoras.html
Segu-Info - Ciberseguridad desde 2000
Vulnerabilidad de 16 años en impresoras permite escalar privilegios
PowerShell Gallery: Recurso Gratuito para Encontrar Scripts
https://esgeeks.com/powershell-gallery-encontrar-scripts/?feed_id=8479&_unique_id=60f71563892d2
https://esgeeks.com/powershell-gallery-encontrar-scripts/?feed_id=8479&_unique_id=60f71563892d2
Fortinet fixes bug letting unauthenticated hackers run code as root.
https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/
https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/
BleepingComputer
Fortinet fixes bug letting unauthenticated hackers run code as root
Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges.
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines.
https://www.bleepingcomputer.com/news/security/16-year-old-bug-in-printer-software-gives-hackers-admin-rights/
https://www.bleepingcomputer.com/news/security/16-year-old-bug-in-printer-software-gives-hackers-admin-rights/
BleepingComputer
16-year-old bug in printer software gives hackers admin rights
A 16-year-old security vulnerability found in HP, Xerox, and Samsung printers drivers allows attackers to gain admin rights on systems using the vulnerable driver software.
New Windows 10 vulnerability allows anyone to get admin privileges
https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/
https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/
BleepingComputer
New Windows 10 vulnerability allows anyone to get admin privileges
Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files.
#exploit
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora
Es muy común confundir la Deep Web con la Dark Web. Sin embargo, es importante que nosotros, como investigadores, conozcamos sus diferencias, porque... ¡no son lo mismo!
Te cuento esto y más en mi último artículo:
https://ciberpatrulla.com/deep-web-vs-dark-web/
Te cuento esto y más en mi último artículo:
https://ciberpatrulla.com/deep-web-vs-dark-web/
CiberPatrulla
Deep Web vs Dark Web >> Diferencias + Cómo acceder a ellas
Todavía confundes la Internet Profunda y la Internet Oscura? En este post te explico las diferencias (y cómo navegar por ellas)
How To Install Windows 11? How To Bypass the TPM Requirement and Install the Windows 11 https://youtu.be/jWXkYKnjJ2w
VulnHub — VulnCMS:1 Walkthrough https://infosecwriteups.com/vulnhub-vulncms-1-walkthrough-d4f8a071e61?source=rss----7b722bfd1b8d---4
Medium
VulnHub — VulnCMS:1 Walkthrough
VulnCMS:1 is an easy level, Mr. Robot themed boot2root CTF challenge where you have to enumerate the box , find the CMS version, and…
VulnHub — Hacksudo: ProximaCentauri Walkthrough https://infosecwriteups.com/vulnhub-hacksudo-proximacentauri-walkthrough-327aff6acfb6?source=rss----7b722bfd1b8d---4
Medium
VulnHub — Hacksudo: ProximaCentauri Walkthrough
VulnHub — Hacksudo:ProximaCentauri is a medium level boot2root challenge where you have to enumerate the machine thoroughly and exploit a…
Criptógrafos vulneran el protocolo de cifrado de Telegram https://unaaldia.hispasec.com/2021/07/criptografos-vulneran-el-protocolo-de-cifrado-de-telegram.html/
Una al Día
Criptógrafos vulneran el protocolo de cifrado de Telegram
Un grupo de criptógrafos internacionales descubrieron cuatro vulnerabilidades asociadas al protocolo de cifrado de Telegram.
📃 "Herramientas ingeniería inversa" https://blog.elhacker.net/2021/05/herramientas-ingenieria-inversa.html
🛠 x64dbg https://x64dbg.com
🛠 WinDbg https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/
🛠 IDA Disassembler https://www.hex-rays.com/products/ida/
🛠 Radare2 https://rada.re/
🛠 GHIDRA https://ghidra-sre.org/
🛠 Binary Ninja https://binary.ninja/
🛠 Detect it Easy (DiE) https://ntinfo.biz/
🛠 ExeInfoPE https://exeinfo-pe.en.uptodown.com/
🛠 HIEW http://www.hiew.ru/
🛠 Pestudio https://www.winitor.com/
🛠 PE-bear https://hshrzd.wordpress.com/pe-bear/
🛠 Fakenet-NG https://github.com/fireeye/flare-fakenet-ng
🛠 ProcessExplorar https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
🛠 RegShot https://sourceforge.net/projects/regshot/
🛠 RCPView https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
🛠 Resource Hacker http://www.angusj.com/resourcehacker/
🛠 Process Hacker https://github.com/processhacker/processhacker
https://t.me/Pen7esting
🛠 x64dbg https://x64dbg.com
🛠 WinDbg https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/
🛠 IDA Disassembler https://www.hex-rays.com/products/ida/
🛠 Radare2 https://rada.re/
🛠 GHIDRA https://ghidra-sre.org/
🛠 Binary Ninja https://binary.ninja/
🛠 Detect it Easy (DiE) https://ntinfo.biz/
🛠 ExeInfoPE https://exeinfo-pe.en.uptodown.com/
🛠 HIEW http://www.hiew.ru/
🛠 Pestudio https://www.winitor.com/
🛠 PE-bear https://hshrzd.wordpress.com/pe-bear/
🛠 Fakenet-NG https://github.com/fireeye/flare-fakenet-ng
🛠 ProcessExplorar https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
🛠 RegShot https://sourceforge.net/projects/regshot/
🛠 RCPView https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
🛠 Resource Hacker http://www.angusj.com/resourcehacker/
🛠 Process Hacker https://github.com/processhacker/processhacker
https://t.me/Pen7esting
Blog elhacker.NET
Herramientas ingeniería inversa: análisis de malware estático y dinámico
Blog sobre informática, tecnología y seguridad con manuales, tutoriales y documentación sobre herramientas y programas
Proxy para telegram.
El proxy genera un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
https://t.me/proxy?server=www.co.in.Allow--Deny.dynu.com..&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
El proxy genera un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
https://t.me/proxy?server=www.co.in.Allow--Deny.dynu.com..&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
cve-2021-33909
#exploit
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora
#exploit
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora