π£DDoS Tools
πΉAnevicon - Powerful UDP-based load generator, written in Rust.
πhttps://github.com/rozgo/anevicon
πΉD(HE)ater - D(HE)ater sends forged cryptographic handshake messages to enforce the Diffie-Hellman key exchange.
πhttps://github.com/Balasys/dheater
πΉHOIC - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures.
πhttps://sourceforge.net/projects/high-orbit-ion-cannon/
πΉLow Orbit Ion Canon (LOIC) - Open source network stress tool written for Windows.
πhttps://github.com/NewEraCracker/LOIC
πΉMemcrashed - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API.
πhttps://github.com/649/Memcrashed-DDoS-Exploit
πΉSlowLoris - DoS tool that uses low bandwidth on the attacking side.
πhttps://github.com/gkbrk/slowloris
πΉT50 - Faster network stress tool.
πhttps://gitlab.com/fredericopissarra/t50/
πΉUFONet - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
πhttps://github.com/epsylon/ufonet
Join:π’@hacker_habeshaπͺπΉ
πΉAnevicon - Powerful UDP-based load generator, written in Rust.
πhttps://github.com/rozgo/anevicon
πΉD(HE)ater - D(HE)ater sends forged cryptographic handshake messages to enforce the Diffie-Hellman key exchange.
πhttps://github.com/Balasys/dheater
πΉHOIC - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures.
πhttps://sourceforge.net/projects/high-orbit-ion-cannon/
πΉLow Orbit Ion Canon (LOIC) - Open source network stress tool written for Windows.
πhttps://github.com/NewEraCracker/LOIC
πΉMemcrashed - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API.
πhttps://github.com/649/Memcrashed-DDoS-Exploit
πΉSlowLoris - DoS tool that uses low bandwidth on the attacking side.
πhttps://github.com/gkbrk/slowloris
πΉT50 - Faster network stress tool.
πhttps://gitlab.com/fredericopissarra/t50/
πΉUFONet - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
πhttps://github.com/epsylon/ufonet
Join:π’@hacker_habeshaπͺπΉ
GitHub
GitHub - c0r0n3r/dheater: D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through whichβ¦
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange. (read-only clon...
β€2π₯1π₯°1
β
HOW TO BYPASS OTP VERIFICATION
πBypass OTP verifications from Paypal, Instagram.. and many others, using a Discord Bot and telegram Bot or the private API.
π Tool List
πhttps://github.com/Oriyomi12/otp-bot
πhttps://github.com/jonahtanjz/OTP-Bot
πhttps://github.com/hahnavi/telbot-otp
πhttps://github.com/Master-Bruno/Hack-Telegram
πhttps://github.com/MR-ROGUE/anonymous_sms
πhttps://github.com/mddanish/Vulnerable-OTP-Application
πhttps://github.com/ghost-OTPBOT/ghost-OTPBOT.github.io
πhttps://github.com/GrabITOwner/GrabIT-OTPBOT
πhttps://github.com/CoinCeap/OTP-Bot-One-Time-Password-Verification-Bank-Paypal-Bypass-2-fa-main
Join:π’@hacker_habeshaπͺπΉ
πBypass OTP verifications from Paypal, Instagram.. and many others, using a Discord Bot and telegram Bot or the private API.
π Tool List
πhttps://github.com/Oriyomi12/otp-bot
πhttps://github.com/jonahtanjz/OTP-Bot
πhttps://github.com/hahnavi/telbot-otp
πhttps://github.com/Master-Bruno/Hack-Telegram
πhttps://github.com/MR-ROGUE/anonymous_sms
πhttps://github.com/mddanish/Vulnerable-OTP-Application
πhttps://github.com/ghost-OTPBOT/ghost-OTPBOT.github.io
πhttps://github.com/GrabITOwner/GrabIT-OTPBOT
πhttps://github.com/CoinCeap/OTP-Bot-One-Time-Password-Verification-Bank-Paypal-Bypass-2-fa-main
Join:π’@hacker_habeshaπͺπΉ
β€2π₯1π1
Here is another Training and Internship opportunity π Apply here ππ
https://nas.io/cybersecuredindia
https://nas.io/cybersecuredindia
π2π₯°1π1
πͺHTTP Cookie Explained
πΉWhat?
πΉHow it works?
πΉSet-Cookie
πΉCookie
πΉPurposes
Join:π’@hacker_habeshaπͺπΉ
πΉWhat?
πΉHow it works?
πΉSet-Cookie
πΉCookie
πΉPurposes
Join:π’@hacker_habeshaπͺπΉ
β€2π1π₯°1
πThe Ultimate SQLmap Tutorial: Master SQL Injection and Vulnerability Assessment!
πSQL Injection is a type of cyber attack where malicious actors exploit vulnerabilities in web applications to inject malicious SQL code into backend databases. This can lead to the exposure of sensitive data, unauthorized access to systems, and even complete system compromise.
SQLmap is a powerful open-source tool used to automate the process of detecting and exploiting SQL Injection vulnerabilities in web applications. It is a command-line tool that can be used to enumerate databases, extract data, and even execute operating system commands on the underlying system.
πhttps://en.hacks.gr/2023/12/15/the-ultimate-sqlmap-tutorial-master-sql-injection-and-vulnerability-assessment/
Join:π’@hacker_habeshaπͺπΉ
πSQL Injection is a type of cyber attack where malicious actors exploit vulnerabilities in web applications to inject malicious SQL code into backend databases. This can lead to the exposure of sensitive data, unauthorized access to systems, and even complete system compromise.
SQLmap is a powerful open-source tool used to automate the process of detecting and exploiting SQL Injection vulnerabilities in web applications. It is a command-line tool that can be used to enumerate databases, extract data, and even execute operating system commands on the underlying system.
πhttps://en.hacks.gr/2023/12/15/the-ultimate-sqlmap-tutorial-master-sql-injection-and-vulnerability-assessment/
Join:π’@hacker_habeshaπͺπΉ
β€2π₯1π1
π’WEB APPLICATION SECURITY TESTING COURSES
β«οΈWeb Application Security Testing Encoding, Filtering & Evasion Basics (4.36GB)
β«οΈWeb Application Penetration Testing File & Resource Attacks (4.61GB)
β«οΈWeb Application Security Testing Web Service Security Testing (3.37GB)
β«οΈWeb Application Security Testing Testing for Common Attacks (3.23GB)
β«οΈWeb Application Security Testing CMS Security Testing (6.31GB)
πhttps://mega.nz/folder/byp2CIra#Jvj3A1qZCgUFeawGL_3Wxg
Join:π’@hacker_habeshaπͺπΉ
β«οΈWeb Application Security Testing Encoding, Filtering & Evasion Basics (4.36GB)
β«οΈWeb Application Penetration Testing File & Resource Attacks (4.61GB)
β«οΈWeb Application Security Testing Web Service Security Testing (3.37GB)
β«οΈWeb Application Security Testing Testing for Common Attacks (3.23GB)
β«οΈWeb Application Security Testing CMS Security Testing (6.31GB)
πhttps://mega.nz/folder/byp2CIra#Jvj3A1qZCgUFeawGL_3Wxg
Join:π’@hacker_habeshaπͺπΉ
π2β€1π₯°1
π’β‘Automatic Vulnerability Scanning for APIs Using OWASP ZAP (crAPI as an exmaple)
π΅οΈVulnerability Scanning is the technique with which we will try to find vulnerabilities in the system and/or web application, API, Mobile App, using some sort of an automated scanner to get security misconfigurations.
βοΈthere are many vulnerability scanners that are great tools to pentesters. Such as Acunetix, Netsparker, Nessus, Openvas, Burp Suite Professional, etc. But in this article we will be using the free and opensource OWASP ZAP as our Vulnerability Scanner.
βοΈAPIs are a bit different than normal Web Applications and sometimes using Automated tools like Nikto wonβt show us any good results.
πhttps://en.hacks.gr/2023/12/15/automatic-vulnerability-scanning-for-apis-using-owasp-zap-crapi-as-an-exmaple/
Join:π’@hacker_habeshaπͺπΉ
π΅οΈVulnerability Scanning is the technique with which we will try to find vulnerabilities in the system and/or web application, API, Mobile App, using some sort of an automated scanner to get security misconfigurations.
βοΈthere are many vulnerability scanners that are great tools to pentesters. Such as Acunetix, Netsparker, Nessus, Openvas, Burp Suite Professional, etc. But in this article we will be using the free and opensource OWASP ZAP as our Vulnerability Scanner.
βοΈAPIs are a bit different than normal Web Applications and sometimes using Automated tools like Nikto wonβt show us any good results.
πhttps://en.hacks.gr/2023/12/15/automatic-vulnerability-scanning-for-apis-using-owasp-zap-crapi-as-an-exmaple/
Join:π’@hacker_habeshaπͺπΉ
π2β€1π€©1
βVirtual Host Enumeration for Uncovering Hidden Subdomains
πTools and Techniques for efficient virtual host discovery
πhttps://en.hacks.gr/2023/12/12/virtual-host-enumeration-for-uncovering-hidden-subdomains/
Join:π’@hacker_habeshaπͺπΉ
πTools and Techniques for efficient virtual host discovery
πhttps://en.hacks.gr/2023/12/12/virtual-host-enumeration-for-uncovering-hidden-subdomains/
Join:π’@hacker_habeshaπͺπΉ
π5β€1π1
β‘οΈBypass SSL Pinning for Flutter
πFlutter is an open source framework by Google for building beautiful, natively compiled, multi-platform applications from a single codebase.
When Flutter launched in 2018, it mainly supported mobile app development. Flutter now supports application development on six platforms: iOS, Android, the web, Windows, MacOS, and Linux.
πhttps://en.hacks.gr/2023/12/19/bypass-ssl-pinning-for-flutter/
Join:π’@hacker_habeshaπͺπΉ
πFlutter is an open source framework by Google for building beautiful, natively compiled, multi-platform applications from a single codebase.
When Flutter launched in 2018, it mainly supported mobile app development. Flutter now supports application development on six platforms: iOS, Android, the web, Windows, MacOS, and Linux.
πhttps://en.hacks.gr/2023/12/19/bypass-ssl-pinning-for-flutter/
Join:π’@hacker_habeshaπͺπΉ
π4β€1π₯°1
πHackers Search Engines
πSecurity researchers, analysts, and others can use hacker-friendly search engines. In the field of security operations, these tools can help in the discovery of vulnerable devices, tracking of threats, planning for spear phishing simulations, and much more.
This list includes special search engines that assist security professionals in finding information on connected devices, private data on individuals (in a more curated manner than traditional search engines offer), breached credentials, and other topics.
πhttps://en.iguru.gr/shodan-pio-epikindyni-michani-anazitisis-ston-kosmo/
JOIN:π’@hacker_habeshaπͺπΉ
πSecurity researchers, analysts, and others can use hacker-friendly search engines. In the field of security operations, these tools can help in the discovery of vulnerable devices, tracking of threats, planning for spear phishing simulations, and much more.
This list includes special search engines that assist security professionals in finding information on connected devices, private data on individuals (in a more curated manner than traditional search engines offer), breached credentials, and other topics.
πhttps://en.iguru.gr/shodan-pio-epikindyni-michani-anazitisis-ston-kosmo/
JOIN:π’@hacker_habeshaπͺπΉ
π5π1π€©1
π±Android Pentesting 101: A Noviceβs Handbook to Getting Started
πAndroid pentesting is the process of evaluating the security of an Android application by identifying its vulnerabilities and weaknesses. It involves analyzing the applicationβs source code, binary files, and network traffic to find security flaws. There are mainly 2 parts Static and Dynamic analysis
Static analysis involves examining an applicationβs code and configuration files without executing it, while dynamic analysis involves testing the application in a running state to observe its behavior and interactions. Both approaches are important for testing the security of an Android application.
πhttps://en.hacks.gr/2023/12/20/android-pentesting-101-a-novices-handbook-to-getting-started/
Join:π’@hacker_habeshaπͺπΉ
πAndroid pentesting is the process of evaluating the security of an Android application by identifying its vulnerabilities and weaknesses. It involves analyzing the applicationβs source code, binary files, and network traffic to find security flaws. There are mainly 2 parts Static and Dynamic analysis
Static analysis involves examining an applicationβs code and configuration files without executing it, while dynamic analysis involves testing the application in a running state to observe its behavior and interactions. Both approaches are important for testing the security of an Android application.
πhttps://en.hacks.gr/2023/12/20/android-pentesting-101-a-novices-handbook-to-getting-started/
Join:π’@hacker_habeshaπͺπΉ
π3π₯°1
πPractical Ethical Hacking from Beginning to Advance!
πA Complete Free Course: Learn Ethical Hacking From Scratch!
πhttps://drive.google.com/drive/u/0/mobile/folders/1if6MCeBCj8sxWwJIKhtgwU0GBuBW8uLx?s=09&pli=1
Join:π’@hacker_habeshaπͺπΉ
πA Complete Free Course: Learn Ethical Hacking From Scratch!
πhttps://drive.google.com/drive/u/0/mobile/folders/1if6MCeBCj8sxWwJIKhtgwU0GBuBW8uLx?s=09&pli=1
Join:π’@hacker_habeshaπͺπΉ
π₯2π₯°1π€©1
β οΈDLL Hijacking Basics
πDLL Hijacking is a type cyberattack where a malicious actor takes advantage of a systemβs search order for dynamic link libraries (DLL) to load and execute malicious code instead of legitimate libraries. In other words, it refers to tricking a program to load a harmful code library instead of the intended safe one. Before going into details, letβs take a look at DLL Files.
πhttps://en.hacks.gr/2023/12/20/dll-hijacking-basics/
Join:π’@hacker_habeshaπͺπΉ
πDLL Hijacking is a type cyberattack where a malicious actor takes advantage of a systemβs search order for dynamic link libraries (DLL) to load and execute malicious code instead of legitimate libraries. In other words, it refers to tricking a program to load a harmful code library instead of the intended safe one. Before going into details, letβs take a look at DLL Files.
πhttps://en.hacks.gr/2023/12/20/dll-hijacking-basics/
Join:π’@hacker_habeshaπͺπΉ
π₯°3π1
π©ΈExploit Eternal Blue (MS17β010) for Window 7 and higher (custom payload)
πThis article shows you how to exploit the MS17β010 vulnerability on Windows 7 or higher.
πhttps://en.hacks.gr/2023/12/22/exploit-eternal-blue-ms17-010-for-window-7-and-higher-custom-payload/
Joinπ’@hacker_habeshaπͺπΉ
πThis article shows you how to exploit the MS17β010 vulnerability on Windows 7 or higher.
πhttps://en.hacks.gr/2023/12/22/exploit-eternal-blue-ms17-010-for-window-7-and-higher-custom-payload/
Joinπ’@hacker_habeshaπͺπΉ
β€3π₯°1
π’This year we made a ranking with the most popular tools between January and December 2023.π
The tools of this year encompass a diverse range of cybersecurity disciplines, including AI-Enhanced Penetration Testing, Advanced Vulnerability Management, Stealth Communication Techniques, Open-Source General Purpose Vulnerability Scanning, and more.π€
Without going into further details, we have prepared a useful list of the most popular tools in Kitploit 2023:π
π’ (https://www.kitploit.com/2022/12/top-20-most-popular-hacking-tools-in.html)
Join:π’@hacker_habeshaπͺπΉ
The tools of this year encompass a diverse range of cybersecurity disciplines, including AI-Enhanced Penetration Testing, Advanced Vulnerability Management, Stealth Communication Techniques, Open-Source General Purpose Vulnerability Scanning, and more.π€
Without going into further details, we have prepared a useful list of the most popular tools in Kitploit 2023:π
π’ (https://www.kitploit.com/2022/12/top-20-most-popular-hacking-tools-in.html)
Join:π’@hacker_habeshaπͺπΉ
Kitploit
Kitploit β Maintenance in Progress
Kitploit is temporarily under maintenance. Weβll be back shortly with improvements.
β€2π₯1π₯°1
π§°CrackMapexec | SMB & AD Enumeration Simplified!
πHave you ever found yourself staring at a Windows network, wondering how to find vulnerabilities and security holes? Donβt worry, CrackMapExec is here to save the day! Itβs like having a Swiss Army knife for your penetration testing needs.
πhttps://en.hacks.gr/2023/12/15/crackmapexec-smb-ad-enumeration-simplified/
Join:π’@hacker_habeshaπͺπΉ
πHave you ever found yourself staring at a Windows network, wondering how to find vulnerabilities and security holes? Donβt worry, CrackMapExec is here to save the day! Itβs like having a Swiss Army knife for your penetration testing needs.
πhttps://en.hacks.gr/2023/12/15/crackmapexec-smb-ad-enumeration-simplified/
Join:π’@hacker_habeshaπͺπΉ
β€3π1
π£ Buffer Overflow
πFrom memory structure and ROP to Linux and Windows 11 real examples.
πΉPart 1 https://en.hacks.gr/2023/10/28/buffer-overflow-part-i/
πΉPart 2 https://en.hacks.gr/2023/10/29/buffer-overflow-part-ii/
πΉPart 3 https://en.hacks.gr/2023/11/08/buffer-overflow-part-iii/
πΉPart 4 https://en.hacks.gr/2023/11/09/buffer-overflow-part-iv/
Join: π’@hacker_habeshaπͺπΉ
πFrom memory structure and ROP to Linux and Windows 11 real examples.
πΉPart 1 https://en.hacks.gr/2023/10/28/buffer-overflow-part-i/
πΉPart 2 https://en.hacks.gr/2023/10/29/buffer-overflow-part-ii/
πΉPart 3 https://en.hacks.gr/2023/11/08/buffer-overflow-part-iii/
πΉPart 4 https://en.hacks.gr/2023/11/09/buffer-overflow-part-iv/
Join: π’@hacker_habeshaπͺπΉ
π3π₯1