#Download #Link:--

https://github.com/n1nj4sec/pupy

(Feed generated with FetchRSS (http://fetchrss.com/))

Photos from National Cyber Security Services's post


Android Application Analyzer:-- The #tool is used to #analyze the content of the #android #application in local storage.

Install the dependency using following #command:-
1. chmod +x setup.sh
2. ./setup.sh
Use the following command to run the tool:
1. python3 main.py

In order to run "Fridump" and "Frida #universal #ssl unpinning" script, #Frida client must be installed on base machine

#Download #Link:-

https://github.com/NotSoSecure/android_application_analyzer

(Feed generated with FetchRSS (http://fetchrss.com/))

CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.

#Download #Link:-

https://github.com/padovah4ck/CVE-2020-0683


CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.

#Download #Link:-

https://github.com/padovah4ck/CVE-2020-0683

(Feed generated with FetchRSS (http://fetchrss.com/))

Trojan-Qt5:-- A #cross-platform #trojan #GUI #client, based on Shadowsocks-qt.

Requirement:-

1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)

#Download #Link:-

https://github.com/TheWanderingCoel/Trojan-Qt5


Trojan-Qt5:-- A #cross-platform #trojan #GUI #client, based on Shadowsocks-qt.

Requirement:-

1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)

#Download #Link:-

https://github.com/TheWanderingCoel/Trojan-Qt5

(Feed generated with FetchRSS (http://fetchrss.com/))

.

.

😊الليلة بقدر الامكان حاول انزلكم شروحات كتيرة عشان احتمال اختفي لان ممتحن 😊

اول شرح ح ابدأ nmap :
في ناس بتعرف تستخدم nmap بطريقة full options وناس بتعرف تستخدمها ك basic



طيب اهم طرق للبحث واخذ gathering info :

طرق الهجوم :

للبحث عن subnet نكتب الامر مثلا:


nmap 172.25.40.0/24

غالبا بكون (24-21-18-28)

طيب عاوزين نعمل range لل ip مثلا نكتب :

nmap 172.25.40.100-200

بعمل range لل ip بشوف متاح منها وبديك info عنه 😊


عاوز تعمل بحث عن ports لي مجموعة كبيرة من ip واضعهم في ملف مثلا
sd.txt
تكتب الاتي :
nmap -iL sd.txt


مثلا عاوز تعمل detect لل os or service تكتب :

nmap -A 172.25.40.132


عاوز تعمل aggressive service :
nmap -sV -version-inteversion-intenstversion-inteversion-intensity 10 172.25.40.132


طيب نخش في script مهم جدا :

الامر help لل script


nmap -script-help=ssl-heartbleed


عاوز تعرف netbois :

nmap -sU -script nbtstat.nse -p 172.25.40.140

عاوز تعرف paths لل ip او موقع :

nmap --script=http-enum


هذا الامر حلو جدا : لمعرفة وعمل ddos على UDP :

nmap -sU -A -PN -n -pu:92.53.121.161 - script=ntp-monlist,dns-recursion,snmp-sysdescr 172.16.44.2/24

#tipsnmap 😍

AWSBucketDump:-- #Security #Tool to Look For Interesting Files in #S3 #Buckets.

#AWSBucketDump is a tool to quickly enumerate #AWS S3 buckets to look for loot. It's similar to a #subdomain #bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to quickly fill up your #hard#drive.

Pre-Requisites:-
Non-Standard Python Libraries:-
1. xmltodict
2. requests
3. argparse

#Download #Link:-

https://github.com/jordanpotti/AWSBucketDump


AWSBucketDump:-- #Security #Tool to Look For Interesting Files in #S3 #Buckets.

#AWSBucketDump is a tool to quickly enumerate #AWS S3 buckets to look for loot. It's similar to a #subdomain #bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to quickly fill up your #hard#drive.

Pre-Requisites:-
Non-Standard Python Libraries:-
1. xmltodict
2. requests
3. argparse

#Download #Link:-

https://github.com/jordanpotti/AWSBucketDump

(Feed generated with FetchRSS (http://fetchrss.com/))