🦶Foot Printing

🔹Domain Name
🔹IP Adress
🔹Phone Numbers
🔹Email Address
🔹Employees Information
🔹Namespaces

Join:🟢@hacker_habesha🇪🇹

Awesome Github Scripts & Tools | Part #1

Article : https://lnkd.in/d-JK8MMn

Join:🟢@hacker_habesha🇪🇹

🛡Cyber security Acronyms

Join:🟢@hacker_habesha🇪🇹

🟢⚔️Common Types of Password Attacks

🔹Brute Force Attack
🔹Dictionary Attack
🔹Rainbow Table Attack
🔹Social Engineering Attacks
🔹Credential Stuffing Attack

Join:🟢@hacker_habesha🇪🇹

🟢Common Types Of Wireless Attacks

🔹Packet Sniffing
🔹Rogue Access Point
🔹Jamming
🔹Evil Twin
🔹War Driving
🔹Bluejacking
🔹Bluesnarfing
🔹War Chalking
🔹WPS Attack

Join:🟢@hacker_habesha🇪🇹

🟢Types of Cyber Attacks

Join:🟢@hacker_habesha🇪🇹

🧬The DNS System Hierarchy

1️⃣Client
2️⃣DNS Cache
3️⃣DNS Resolver
4️⃣Root Server
5️⃣TLD Server
6️⃣Authoratative Server

Join:🟢@hacker_habesha🇪🇹

🎭Create a fake Access Point

📝Think twice before connecting to a free public wireless hotspot at a coffee shop, airport or hotel. Ever wondered if the public Wi-Fi you just connected to is safe or if it could be an Evil Twin hotspot?

🔗https://en.iguru.gr/dimiourgiste-ena-pseftiko-access-point/

Join:🟢@hacker_habesha🇪🇹

Join:🟢@hacker_habesha🇪🇹

💣DDoS Tools

🔹Anevicon - Powerful UDP-based load generator, written in Rust.
🔗https://github.com/rozgo/anevicon

🔹D(HE)ater - D(HE)ater sends forged cryptographic handshake messages to enforce the Diffie-Hellman key exchange.
🔗https://github.com/Balasys/dheater

🔹HOIC - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures.
🔗https://sourceforge.net/projects/high-orbit-ion-cannon/

🔹Low Orbit Ion Canon (LOIC) - Open source network stress tool written for Windows.
🔗https://github.com/NewEraCracker/LOIC

🔹Memcrashed - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API.
🔗https://github.com/649/Memcrashed-DDoS-Exploit

🔹SlowLoris - DoS tool that uses low bandwidth on the attacking side.
🔗https://github.com/gkbrk/slowloris

🔹T50 - Faster network stress tool.
🔗https://gitlab.com/fredericopissarra/t50/

🔹UFONet - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
🔗https://github.com/epsylon/ufonet

Join:🟢@hacker_habesha🇪🇹

🎣Phishing Email Check

Join:🟢@hacker_habesha🇪🇹

✅HOW TO BYPASS OTP VERIFICATION

📝Bypass OTP verifications from Paypal, Instagram.. and many others, using a Discord Bot and telegram Bot or the private API.

🛠Tool List

🔗https://github.com/Oriyomi12/otp-bot

🔗https://github.com/jonahtanjz/OTP-Bot

🔗https://github.com/hahnavi/telbot-otp

🔗https://github.com/Master-Bruno/Hack-Telegram

🔗https://github.com/MR-ROGUE/anonymous_sms

🔗https://github.com/mddanish/Vulnerable-OTP-Application

🔗https://github.com/ghost-OTPBOT/ghost-OTPBOT.github.io

🔗https://github.com/GrabITOwner/GrabIT-OTPBOT

🔗https://github.com/CoinCeap/OTP-Bot-One-Time-Password-Verification-Bank-Paypal-Bypass-2-fa-main

Join:🟢@hacker_habesha🇪🇹

Here is another Training and Internship opportunity 🚀 Apply here 👇👇

https://nas.io/cybersecuredindia

🍪HTTP Cookie Explained

🔹What?
🔹How it works?
🔹Set-Cookie
🔹Cookie
🔹Purposes

Join:🟢@hacker_habesha🇪🇹

💉The Ultimate SQLmap Tutorial: Master SQL Injection and Vulnerability Assessment!

📝SQL Injection is a type of cyber attack where malicious actors exploit vulnerabilities in web applications to inject malicious SQL code into backend databases. This can lead to the exposure of sensitive data, unauthorized access to systems, and even complete system compromise.

SQLmap is a powerful open-source tool used to automate the process of detecting and exploiting SQL Injection vulnerabilities in web applications. It is a command-line tool that can be used to enumerate databases, extract data, and even execute operating system commands on the underlying system.

🔗https://en.hacks.gr/2023/12/15/the-ultimate-sqlmap-tutorial-master-sql-injection-and-vulnerability-assessment/

Join:🟢@hacker_habesha🇪🇹

🟢WEB APPLICATION SECURITY TESTING COURSES

▫️Web Application Security Testing Encoding, Filtering & Evasion Basics (4.36GB)
▫️Web Application Penetration Testing File & Resource Attacks (4.61GB)
▫️Web Application Security Testing Web Service Security Testing (3.37GB)
▫️Web Application Security Testing Testing for Common Attacks (3.23GB)
▫️Web Application Security Testing CMS Security Testing (6.31GB)

🔗https://mega.nz/folder/byp2CIra#Jvj3A1qZCgUFeawGL_3Wxg

Join:🟢@hacker_habesha🇪🇹

🟢⚡Automatic Vulnerability Scanning for APIs Using OWASP ZAP (crAPI as an exmaple)

🕵️Vulnerability Scanning is the technique with which we will try to find vulnerabilities in the system and/or web application, API, Mobile App, using some sort of an automated scanner to get security misconfigurations.

⚒️there are many vulnerability scanners that are great tools to pentesters. Such as Acunetix, Netsparker, Nessus, Openvas, Burp Suite Professional, etc. But in this article we will be using the free and opensource OWASP ZAP as our Vulnerability Scanner.

⚙️APIs are a bit different than normal Web Applications and sometimes using Automated tools like Nikto won’t show us any good results.

🔗https://en.hacks.gr/2023/12/15/automatic-vulnerability-scanning-for-apis-using-owasp-zap-crapi-as-an-exmaple/

Join:🟢@hacker_habesha🇪🇹

⛏Virtual Host Enumeration for Uncovering Hidden Subdomains

📝Tools and Techniques for efficient virtual host discovery

🔗https://en.hacks.gr/2023/12/12/virtual-host-enumeration-for-uncovering-hidden-subdomains/

Join:🟢@hacker_habesha🇪🇹

⚡️Bypass SSL Pinning for Flutter

📝Flutter is an open source framework by Google for building beautiful, natively compiled, multi-platform applications from a single codebase.

When Flutter launched in 2018, it mainly supported mobile app development. Flutter now supports application development on six platforms: iOS, Android, the web, Windows, MacOS, and Linux.

🔗https://en.hacks.gr/2023/12/19/bypass-ssl-pinning-for-flutter/

Join:🟢@hacker_habesha🇪🇹