🔰 Steps To Perform SQL Injection Using Havij Pro SQL Injection Software 🔰
1⃣Step 1 – Run Havij.exe The software will open a window for you. At ‘Target’ field enter your SQL vulnerable URL – http://www.radiomiriam.com.br/noticia.php?id=5084
2⃣Step 2 – Hit ‘Analyze’ button here.
Havij will start SQL injection to the target URL you have provided.
Havij analyzing Target Site
It perform queries to analyze IP, web server, PHP version, Database MySQL version. Then, using Insertion type (‘) string, it proceeds to find column count, column string, finally Database name. ( Check LOG window)
After it finds out Database name, Status becomes Idle saying “I’m IDLE”.
3⃣Step 3 – Now, from above, go to Tables >> Get Tables. Make sure, the database is selected in the respective screen.
Havij Pro will fetch all the tables for the selected Database.
4⃣Step 4 – Tick the table which you finds important regarding your aim and click Get Columns button. For example, here, I want to know username, password and email ID of this site. So, I have to tick ‘admin‘ and ’emails’ table and then click ‘Get Column‘ button.
This step reveals all the columns in selected table.
5⃣Step 5 – Finally, select important columns of a table (for ex., admin) and click “Get Data” button.
In my case, admin table has columns – id, nome (name), email, senha (password), and nivel (level). (Website is Spanish) As all these columns’ details are important to me so, I selected them all and clicked “Get Data” button.
Username Password Hacked Using Havij Pro
Hence, you can see the result that name, email, password, user ID everything is revealed. Havij Pro have SQL Injected the website and if a hacker want, he can just go ahead using these important confidential information to hack a website.
➖ @HackWormAdmin ➖
1⃣Step 1 – Run Havij.exe The software will open a window for you. At ‘Target’ field enter your SQL vulnerable URL – http://www.radiomiriam.com.br/noticia.php?id=5084
2⃣Step 2 – Hit ‘Analyze’ button here.
Havij will start SQL injection to the target URL you have provided.
Havij analyzing Target Site
It perform queries to analyze IP, web server, PHP version, Database MySQL version. Then, using Insertion type (‘) string, it proceeds to find column count, column string, finally Database name. ( Check LOG window)
After it finds out Database name, Status becomes Idle saying “I’m IDLE”.
3⃣Step 3 – Now, from above, go to Tables >> Get Tables. Make sure, the database is selected in the respective screen.
Havij Pro will fetch all the tables for the selected Database.
4⃣Step 4 – Tick the table which you finds important regarding your aim and click Get Columns button. For example, here, I want to know username, password and email ID of this site. So, I have to tick ‘admin‘ and ’emails’ table and then click ‘Get Column‘ button.
This step reveals all the columns in selected table.
5⃣Step 5 – Finally, select important columns of a table (for ex., admin) and click “Get Data” button.
In my case, admin table has columns – id, nome (name), email, senha (password), and nivel (level). (Website is Spanish) As all these columns’ details are important to me so, I selected them all and clicked “Get Data” button.
Username Password Hacked Using Havij Pro
Hence, you can see the result that name, email, password, user ID everything is revealed. Havij Pro have SQL Injected the website and if a hacker want, he can just go ahead using these important confidential information to hack a website.
➖ @HackWormAdmin ➖
💢 FlexiSPY 💢
FlexiSPY is one of the most advanced iPhone hacking tools in the market. It has some of the most advanced features amongst all other apps. It has the ability to let you listen to live phone calls or record them in secret. You can also activate the microphone so you can listen to what’s happening in the surrounding, or take secret pictures with the camera. However, the reason FlexiSPY is so low in this list because jailbreaking the iPhone is necessary. Furthermore, even the basic package of FlexiSPY is a lot more expensive than the top-end packages of other apps.
➖@HackWormAdmin➖
FlexiSPY is one of the most advanced iPhone hacking tools in the market. It has some of the most advanced features amongst all other apps. It has the ability to let you listen to live phone calls or record them in secret. You can also activate the microphone so you can listen to what’s happening in the surrounding, or take secret pictures with the camera. However, the reason FlexiSPY is so low in this list because jailbreaking the iPhone is necessary. Furthermore, even the basic package of FlexiSPY is a lot more expensive than the top-end packages of other apps.
➖@HackWormAdmin➖
Script for penetration testing
----> Websites
----> Exploit Scanner
----> vulnerable
----> Find Admin pages
Git: github.com/AlisamTechnology/ATSCAN
➖@HackWormAdmin➖
----> Websites
----> Exploit Scanner
----> vulnerable
----> Find Admin pages
Git: github.com/AlisamTechnology/ATSCAN
➖@HackWormAdmin➖
Learning Shell Scripting: How to Automate Your Tasks
Learn how to Automate Your Tasks using shell programming and solve real-world problems using Bash Scripting
Wirte your first Shell Script
Use Shell Script to Automate Tasks. Such as Collect thousands of Developer Emails from Github
Solving real-world problems with shell scripts,
Deep knowledge of linux command
http://bit.ly/2DoSSb1
Enroll as soon as possible
Learn how to Automate Your Tasks using shell programming and solve real-world problems using Bash Scripting
Wirte your first Shell Script
Use Shell Script to Automate Tasks. Such as Collect thousands of Developer Emails from Github
Solving real-world problems with shell scripts,
Deep knowledge of linux command
http://bit.ly/2DoSSb1
Enroll as soon as possible
Udemy
Online Courses - Anytime, Anywhere | Udemy
Udemy is the world's largest destination for online courses. Discover an online course on Udemy.com and start learning a new skill today.
Group Rules ❗️
No Spamming 🚫
Only Discussions and No Arguments 🤝
No Foul Words and No Abusing Any Individual/Group/Organisation/Institution/Ethnicity or Nationality 😷
Feel free to ask doubts about Hacking here 😇
No External Link/URL
No Self Promotion
No Warning Direct Ban
Keep the Group Clean 😀
https://t.me/joinchat/GOkdVVS7nueAfF3uMFghBg
No Spamming 🚫
Only Discussions and No Arguments 🤝
No Foul Words and No Abusing Any Individual/Group/Organisation/Institution/Ethnicity or Nationality 😷
Feel free to ask doubts about Hacking here 😇
No External Link/URL
No Self Promotion
No Warning Direct Ban
Keep the Group Clean 😀
https://t.me/joinchat/GOkdVVS7nueAfF3uMFghBg
COMMAND INJECTION PRIMER
Command injection is a type of attack in which arbitrary operating system commands are executed on the host via a vulnerable web application. Usually, this occurs when an application passes unsafe user input from a form to the server, but this can also happen with cookies, HTTP headers, and other sources of data.
This type of vulnerability is especially dangerous because of the intrinsic power of system commands. Depending on the level of privilege an application is running with, command injection can lead to an attacker owning an entire system.
Command injection is a type of attack in which arbitrary operating system commands are executed on the host via a vulnerable web application. Usually, this occurs when an application passes unsafe user input from a form to the server, but this can also happen with cookies, HTTP headers, and other sources of data.
This type of vulnerability is especially dangerous because of the intrinsic power of system commands. Depending on the level of privilege an application is running with, command injection can lead to an attacker owning an entire system.
Information Gathering Tool
git clone https://github.com/Moham3dRiahi/Th3inspector.git
cd Th3inspector
chmod +x install.sh && ./install.sh
git clone https://github.com/Moham3dRiahi/Th3inspector.git
cd Th3inspector
chmod +x install.sh && ./install.sh
🔰 How to Get Almost All Udemy Courses for Free [Tested] 🔰
1. Firstly go to http://dislooks.com/wgpwx
2. Search for your Course, or just look around.
3. There will be many courses with 100% discount, get one of those or any if you want.
4. Select your course.
5. Click on "Get Coupon".
6. And you will be redirected to Udemy's website and a coupon will be applied automatically.
🌀That's it! Enjoy your free Courses!🌀
➖ @ElliotMalek ➖
1. Firstly go to http://dislooks.com/wgpwx
2. Search for your Course, or just look around.
3. There will be many courses with 100% discount, get one of those or any if you want.
4. Select your course.
5. Click on "Get Coupon".
6. And you will be redirected to Udemy's website and a coupon will be applied automatically.
🌀That's it! Enjoy your free Courses!🌀
➖ @ElliotMalek ➖
git clone https://github.com/skavngr/rapidscan.git
Once the tool is installed, it can be launched using the following command.
./rapidscan.py <target website>
😈 @HackWormAdmin 😈
Once the tool is installed, it can be launched using the following command.
./rapidscan.py <target website>
😈 @HackWormAdmin 😈
Social Engineering for Absolute Beginners (no coding!)
The most common social engineering attacks every manager should know, because every hacker does!
Identify the most common social engineering attacks (no coding!)
Explain the threat, impact and remediation for the most common attacks
Strengthen your personal firewall!
Coupon Link
https://dislooks.com/YKwWjb
📍Education That Matters📍
The most common social engineering attacks every manager should know, because every hacker does!
Identify the most common social engineering attacks (no coding!)
Explain the threat, impact and remediation for the most common attacks
Strengthen your personal firewall!
Coupon Link
https://dislooks.com/YKwWjb
📍Education That Matters📍
🔰 Search Engine For Hackers 🔰
1. Censys.io
2. Shodan.io
3. Viz.Greynoise.io/table
4. Zoomeye.org
5. Fofa.so
6. Onyphe.io
7. App.binaryedge.io
8. Hunter.io
9. Wigle.net
10. Ghostproject.fr
1. Censys.io
2. Shodan.io
3. Viz.Greynoise.io/table
4. Zoomeye.org
5. Fofa.so
6. Onyphe.io
7. App.binaryedge.io
8. Hunter.io
9. Wigle.net
10. Ghostproject.fr
Dehash password using Termux
Its purpose is to encode your desired hash text.
Encode & Decode as follows:
1. md5 [encode]
2. sha1 [encode]
3. sha224 [encode]
4. sha256 [encode]
5. sha384 [encode]
6. sha512 [encode]
7. base64 [encode/decode]
8. binary [encode/decode]
9. hexa decimal [encode/decode]
10. cipher of cesar [encode/decode]
11. reverse text
12. reverse words
🔰Requirements :- • python 3.x
How to Install
$ apt install git
$ apt install python
$ git clone https://github.com/Sup3r-Us3r/HashCode
How to use
RUN:
$ cd HashCode
$ chmod +x *
$ python3 hashcode-en.py
Change Language:
$ ./hashcode-pt.py // For portuguese - mode text
$ ./hashcode-en.py / For english - mode text
Open GUI:
$ ./hashcodegui.py
Its purpose is to encode your desired hash text.
Encode & Decode as follows:
1. md5 [encode]
2. sha1 [encode]
3. sha224 [encode]
4. sha256 [encode]
5. sha384 [encode]
6. sha512 [encode]
7. base64 [encode/decode]
8. binary [encode/decode]
9. hexa decimal [encode/decode]
10. cipher of cesar [encode/decode]
11. reverse text
12. reverse words
🔰Requirements :- • python 3.x
How to Install
$ apt install git
$ apt install python
$ git clone https://github.com/Sup3r-Us3r/HashCode
How to use
RUN:
$ cd HashCode
$ chmod +x *
$ python3 hashcode-en.py
Change Language:
$ ./hashcode-pt.py // For portuguese - mode text
$ ./hashcode-en.py / For english - mode text
Open GUI:
$ ./hashcodegui.py
GitHub
GitHub - Sup3r-Us3r/HashCode: Its purpose is to encode your desired hash text
Its purpose is to encode your desired hash text. Contribute to Sup3r-Us3r/HashCode development by creating an account on GitHub.
Installation
$ apt-get install git python
$ git clone https://github.com/jaxBCD/Zeebsploit.git
$ cd Zeebsploit
$ python -m pip install -r requirements.txt
$ python zsf.py
$ * and follow instruction
exploits 17
scanners 11
footprinting 10
-- @ElliotMalek --
$ apt-get install git python
$ git clone https://github.com/jaxBCD/Zeebsploit.git
$ cd Zeebsploit
$ python -m pip install -r requirements.txt
$ python zsf.py
$ * and follow instruction
exploits 17
scanners 11
footprinting 10
-- @ElliotMalek --
🌏 PhishX –Spear Phishing Tool for Capturing Credentials 🌏
PhishX is a python tool that can capture user credentials using a spear phishing attack. Spear phishing is a targeted form of phishing attack that is launched against specific individuals. Therefore, some information about an individual is required in order to launch such an attack. Since PhishX is used to capture user’s credentials, the tool generates fake pages and adds target information to said pages. The pages are shared with the target users. If the users share any data on the fake pages, the information is captured by the interface on the attacker’s machine. The pages that can be used (cloned) for spear phishing attack include Facebook, Google, Twitter, Instagram, LinkedIn, Pinterest, Quora, and Steam. All the available pages support the mobile version except LinkedIn.
PhishX is a python tool that can capture user credentials using a spear phishing attack. Spear phishing is a targeted form of phishing attack that is launched against specific individuals. Therefore, some information about an individual is required in order to launch such an attack. Since PhishX is used to capture user’s credentials, the tool generates fake pages and adds target information to said pages. The pages are shared with the target users. If the users share any data on the fake pages, the information is captured by the interface on the attacker’s machine. The pages that can be used (cloned) for spear phishing attack include Facebook, Google, Twitter, Instagram, LinkedIn, Pinterest, Quora, and Steam. All the available pages support the mobile version except LinkedIn.