(Feed generated with FetchRSS (http://fetchrss.com/))

NekoBot:-- Auto #Exploiter With 500+ #Exploit 2000+ #Shell.

#NekoBot is an auto exploit #tool to facilitate the #penetration of one or many #websites (#Wordpress, #Joomla, #Drupal, #Magento, #Opencart, and Etc).

Features :
[+] Wordpress :

1- Cherry-Plugin
2- download-manager Plugin
3- wysija-newsletters
4- Slider Revolution [#Revslider]
5- gravity-forms
etc.

[+] Joomla

1- Com_adsmanager
2- Com_alberghi
3- Com_CCkJseblod
4- Com_extplorer
5- Com_Fabric
etc.

[+] Drupal :

1- Drupal Add admin geddon1
2- Drupal #RCE geddon2
3- Drupal 8 RCE RESTful
4- Drupal #MailChimp
5- Drupal Php-curl-class
etc.

[+] Magento :

1- Shoplift
2- Magento Default user pass

[+] Oscommerce

1- OsCommerce Core 2.3 RCE Exploit
opencart

[+] OTHER :

1- Env Exploit
2- #SMTP CRACKER
3- CV

#Download #Link:-

https://github.com/tegal1337/NekoBotV1


NekoBot:-- Auto #Exploiter With 500+ #Exploit 2000+ #Shell.

#NekoBot is an auto exploit #tool to facilitate the #penetration of one or many #websites (#Wordpress, #Joomla, #Drupal, #Magento, #Opencart, and Etc).

Features :
[+] Wordpress :

1- Cherry-Plugin
2- download-manager Plugin
3- wysija-newsletters
4- Slider Revolution [#Revslider]
5- gravity-forms
etc.

[+] Joomla

1- Com_adsmanager
2- Com_alberghi
3- Com_CCkJseblod
4- Com_extplorer
5- Com_Fabric
etc.

[+] Drupal :

1- Drupal Add admin geddon1
2- Drupal #RCE geddon2
3- Drupal 8 RCE RESTful
4- Drupal #MailChimp
5- Drupal Php-curl-class
etc.

[+] Magento :

1- Shoplift
2- Magento Default user pass

[+] Oscommerce

1- OsCommerce Core 2.3 RCE Exploit
opencart

[+] OTHER :

1- Env Exploit
2- #SMTP CRACKER
3- CV

#Download #Link:-

https://github.com/tegal1337/NekoBotV1

(Feed generated with FetchRSS (http://fetchrss.com/))

XSS-Keylogger PoC:-- A general #Javascript #keylogger to be used in an #XSS #PoC

This is a simple PoC JavaScript keylogger to attach to an XSS vulnerability disclosure. It is made up of two #PHP servers, one acts like the #victim and the other acts as the attacker's #remote #server.

In a disclosure, you would just need to copy the code between the script tags in the victims index.php file, remove all comments, minify and inject as you see fit (obviously making some adjustments to the target and remote variables);

How to Run:-
1. Turn on each of the servers separately using the shell scripts.
2. Open two #browser tabs, and navigate to each of these addresses:
Victim: http://127.0.0.1:8080
Attacker: http://127.0.0.1:8081
3. Then from the login page on the victim server, enter the following username and password:
Username: admin
Password: c0mpl1c@t3dp4ss
4. Once the form is submitted and you are welcomed by the home.php file open the attacker page.
5. Refresh the attacker page to see the #keystrokes and form data entered into the keystrokes field.

#Download #Link:-

https://github.com/jakemscott/XSS-Keylogger


XSS-Keylogger PoC:-- A general #Javascript #keylogger to be used in an #XSS #PoC

This is a simple PoC JavaScript keylogger to attach to an XSS vulnerability disclosure. It is made up of two #PHP servers, one acts like the #victim and the other acts as the attacker's #remote #server.

In a disclosure, you would just need to copy the code between the script tags in the victims index.php file, remove all comments, minify and inject as you see fit (obviously making some adjustments to the target and remote variables);

How to Run:-
1. Turn on each of the servers separately using the shell scripts.
2. Open two #browser tabs, and navigate to each of these addresses:
Victim: http://127.0.0.1:8080
Attacker: http://127.0.0.1:8081
3. Then from the login page on the victim server, enter the following username and password:
Username: admin
Password: c0mpl1c@t3dp4ss
4. Once the form is submitted and you are welcomed by the home.php file open the attacker page.
5. Refresh the attacker page to see the #keystrokes and form data entered into the keystrokes field.

#Download #Link:-

https://github.com/jakemscott/XSS-Keylogger

(Feed generated with FetchRSS (http://fetchrss.com/))

OSCE-Exploit:-- Re-create in the "#CTP Lab"

#Download #Link:-

https://github.com/Applebois/OSCE-Exploit


OSCE-Exploit:-- Re-create in the "#CTP Lab"

#Download #Link:-

https://github.com/Applebois/OSCE-Exploit

(Feed generated with FetchRSS (http://fetchrss.com/))

قناتنا التلغرام
https://t.me/Programmer_Tech
المدونة
https://www.programmer-tech.com
صفحة الفيسبوك
https://www.facebook.com/ProgrammerTech.net
قناة اليوتيوب 1:
https://www.youtube.com/ahmadkaissar
قناة اليوتيوب 2:
https://www.youtube.com/MuhammadAlush0997

BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.

Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.

#Downlaod #Link:-

https://github.com/AlexisAhmed/BugBountyToolkit


BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.

Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.

#Downlaod #Link:-

https://github.com/AlexisAhmed/BugBountyToolkit

(Feed generated with FetchRSS (http://fetchrss.com/))

PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.

This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.

Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI

#Downlod #Link:-

https://github.com/manstie/PokemonTowerExploit


PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.

This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.

Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI

#Downlod #Link:-

https://github.com/manstie/PokemonTowerExploit

(Feed generated with FetchRSS (http://fetchrss.com/))

OWASP D4N155:-- #Intelligent and #dynamic #wordlist using #OSINT.

It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.

#Download #Link:-

https://github.com/OWASP/D4N155


OWASP D4N155:-- #Intelligent and #dynamic #wordlist using #OSINT.

It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.

#Download #Link:-

https://github.com/OWASP/D4N155