Step 04: Select the Payload tab, changed the payload type to Numbers and change the payload options as desired and clicked on the attack.
Step 05: As the brute force was in progress I could see length for one of the OTP value is changed from 617 to 2250. Lets check:
π¦Cracking Otp-with pic-
> not written by undercode
> wiki source
> not written by undercode
> wiki source
π¦Stone River eLearning - Common PHP Errors You Will Encounter β165 MB
https://www.oreilly.com/library/view/common-php-errors/100000006A0493/
>Download<
https://www.oreilly.com/library/view/common-php-errors/100000006A0493/
>Download<
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1)git clone https://github.com/medbenali/CyberScan.git
2)cd CyberScan/
3)python CyberScan.py -v
ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:
$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:
$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:
$ CyberScan -s 192.168..... -p udp
β @undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1)git clone https://github.com/medbenali/CyberScan.git
2)cd CyberScan/
3)python CyberScan.py -v
ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:
$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:
$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:
$ CyberScan -s 192.168..... -p udp
β @undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1)git clone https://github.com/medbenali/CyberScan.git
2)cd CyberScan/
3)python CyberScan.py -v
ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:
$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:
$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:
$ CyberScan -s 192.168..... -p udp
β @undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1)git clone https://github.com/medbenali/CyberScan.git
2)cd CyberScan/
3)python CyberScan.py -v
ARP Ping
$ CyberScan -s 192.168.1.0/24 -p arp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
ICMP Ping
In other cases we can use ICMP ping:
$ CyberScan -s 192.168.1.1-254 -p icmp
* Starting Ping ARP for 192.168.1.0/24
Begin emission:
Finished to send 256 packets.
Received 0 packets, got 0 answers, remaining 256 packets
TCP Ping
In case when ICMP echo requests are blocked, we can still use TCP:
$ CyberScan -s 192.168.1.1-254 -p tcp -d 80
UDP Ping
Or even UDP (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed, such as port 0:
$ CyberScan -s 192.168..... -p udp
β @undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Damn Small XSS Scanner
Damn Small XSS Scanner (DSXS) is a fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code.
> As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie.
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/stamparm/DSXS.git
2) cd DSXS
3) python3 dsxs.py -h
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
π¦Usage: dsxs.py options
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-u URL, --url=URL Target URL (e.g. "http://www.target.com/page.htm?id=1")
--data=DATA POST data (e.g. "query=test")
--cookie=COOKIE HTTP Cookie header value
--user-agent=UA HTTP User-Agent header value
--referer=REFERER HTTP Referer header value
--proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")
$ python3 dsxs.py -u "http://testphp.vulnweb.com/search.php?test=query" --data="s
earchFor=foobar"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
scanning GET parameter 'test'
scanning POST parameter 'searchFor'
(i) POST parameter 'searchFor' appears to be XSS vulnerable (">.xss.<", outside
of tags, no filtering)
scan results: possible vulnerabilities found
$ python3 dsxs.py -u "http://public-firing-range.appspot.com/address/location.has
h/replace"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
(i) page itself appears to be XSS vulnerable (DOM)
(o) ...<script>
var payload = window.location.hash.substr(1);location.replace(payload);
</script>...
(x) no usable GET/POST parameters found
scan results: possible vulnerabilities found
β Verified by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Damn Small XSS Scanner
Damn Small XSS Scanner (DSXS) is a fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code.
> As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie.
> termux-linux
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/stamparm/DSXS.git
2) cd DSXS
3) python3 dsxs.py -h
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
π¦Usage: dsxs.py options
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-u URL, --url=URL Target URL (e.g. "http://www.target.com/page.htm?id=1")
--data=DATA POST data (e.g. "query=test")
--cookie=COOKIE HTTP Cookie header value
--user-agent=UA HTTP User-Agent header value
--referer=REFERER HTTP Referer header value
--proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")
$ python3 dsxs.py -u "http://testphp.vulnweb.com/search.php?test=query" --data="s
earchFor=foobar"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
scanning GET parameter 'test'
scanning POST parameter 'searchFor'
(i) POST parameter 'searchFor' appears to be XSS vulnerable (">.xss.<", outside
of tags, no filtering)
scan results: possible vulnerabilities found
$ python3 dsxs.py -u "http://public-firing-range.appspot.com/address/location.has
h/replace"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a
by: Miroslav Stampar (@stamparm)
(i) page itself appears to be XSS vulnerable (DOM)
(o) ...<script>
var payload = window.location.hash.substr(1);location.replace(payload);
</script>...
(x) no usable GET/POST parameters found
scan results: possible vulnerabilities found
β Verified by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from Backup Legal Mega
107 - Java Swing [-PUNISHER-].pdf
7 MB
Forwarded from Backup Legal Mega
109_Java_Programming_From_Problem_Analysis_To_Program_Design_4th.pdf
8.5 MB
Forwarded from Backup Legal Mega
121_Metasploit_The_Penetration_Testers_Guide_2011_PUNISHER_.pdf
6.9 MB
Forwarded from Backup Legal Mega
124 - Msaccessebook [-PUNISHER-].pdf
449.9 KB
Forwarded from Backup Legal Mega
125_Nessus,_Snort,_&_Ethereal_Power_Tools_Customizing_Open_Source.pdf
7.1 MB