Forwarded from Exploiting Crew (Pr1vAt3)
π¦xx Deep Fake Videos Notes :
---
How Deepfakes Are Created:
#### 1. Understanding Deepfakes
Deepfakes are AI-generated videos or images where someone's face or voice is swapped or synthesized using machine learning techniques. They are often made with deep learning algorithms, particularly Generative Adversarial Networks (GANs) or autoencoders.
---
#### 2. Tools and Technologies Used
Creating deepfakes involves the following tools:
- DeepFaceLab: The most popular open-source tool for creating deepfake videos.
- FaceSwap: Another open-source tool with a user-friendly interface.
- First-Order Motion Model: Generates animations using reference images and motion vectors.
- DeepFakeGenerator: Often used for quick results with less control over quality.
---
#### 3. The Process
1. Collect Data:
- Gather high-quality video/images of the target (person to fake).
- More data = better quality. Include various angles and expressions.
2. Preprocessing:
- Detect and extract the face from all frames using facial recognition tools.
- Tools like
- Align and normalize the faces to make them consistent.
3. Train the Model:
- Use an autoencoder or GAN-based model to train on the extracted faces.
- The model learns to replicate and map the source face onto the target face.
- Training can take days or weeks, depending on hardware and dataset size.
4. Face Swapping:
- Once trained, the model generates fake frames with the source face mapped onto the target video.
5. Postprocessing:
- Use video editing tools to blend the fake face seamlessly with the target.
- Adjust lighting, shadows, and other effects for realism.
6. Generate the Final Output:
- Combine the processed frames back into a video.
---
#### 4. Ethical Considerations
The challenge might also require discussing:
- The risks of misuse, such as in disinformation or explicit content.
- Legal and ethical implications.
- Techniques to detect and prevent deepfakes (e.g., AI-based detection algorithms).
---
#### Sample Code for Basics
Here's a simplified Python example using OpenCV to detect and align faces:
---
### Key Points to Include
- Explain how GANs or autoencoders are essential for deepfake creation.
- Provide examples of tools like DeepFaceLab or code snippets (if allowed).
- Address ethical challenges.
This guide is for educational purposes only.π
---
How Deepfakes Are Created:
#### 1. Understanding Deepfakes
Deepfakes are AI-generated videos or images where someone's face or voice is swapped or synthesized using machine learning techniques. They are often made with deep learning algorithms, particularly Generative Adversarial Networks (GANs) or autoencoders.
---
#### 2. Tools and Technologies Used
Creating deepfakes involves the following tools:
- DeepFaceLab: The most popular open-source tool for creating deepfake videos.
- FaceSwap: Another open-source tool with a user-friendly interface.
- First-Order Motion Model: Generates animations using reference images and motion vectors.
- DeepFakeGenerator: Often used for quick results with less control over quality.
---
#### 3. The Process
1. Collect Data:
- Gather high-quality video/images of the target (person to fake).
- More data = better quality. Include various angles and expressions.
2. Preprocessing:
- Detect and extract the face from all frames using facial recognition tools.
- Tools like
dlib, MTCNN, or OpenCV can help with this.- Align and normalize the faces to make them consistent.
3. Train the Model:
- Use an autoencoder or GAN-based model to train on the extracted faces.
- The model learns to replicate and map the source face onto the target face.
- Training can take days or weeks, depending on hardware and dataset size.
4. Face Swapping:
- Once trained, the model generates fake frames with the source face mapped onto the target video.
5. Postprocessing:
- Use video editing tools to blend the fake face seamlessly with the target.
- Adjust lighting, shadows, and other effects for realism.
6. Generate the Final Output:
- Combine the processed frames back into a video.
---
#### 4. Ethical Considerations
The challenge might also require discussing:
- The risks of misuse, such as in disinformation or explicit content.
- Legal and ethical implications.
- Techniques to detect and prevent deepfakes (e.g., AI-based detection algorithms).
---
#### Sample Code for Basics
Here's a simplified Python example using OpenCV to detect and align faces:
import cv2
# Load pre-trained face detection model
face_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
# Read the image
image = cv2.imread('source_image.jpg')
gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
# Detect faces
faces = face_cascade.detectMultiScale(gray, scaleFactor=1.1, minNeighbors=5)
# Draw rectangles around faces
for (x, y, w, h) in faces:
cv2.rectangle(image, (x, y), (x+w, y+h), (255, 0, 0), 2)
cv2.imshow('Detected Faces', image)
cv2.waitKey(0)
cv2.destroyAllWindows()
---
### Key Points to Include
- Explain how GANs or autoencoders are essential for deepfake creation.
- Provide examples of tools like DeepFaceLab or code snippets (if allowed).
- Address ethical challenges.
This guide is for educational purposes only.π
π¦Cryptographic operations:
---
### 1. [libsodium](https://github.com/jedisct1/libsodium)
- Description: A modern, easy-to-use crypto library designed for security and performance.
- Features:
- Symmetric encryption (secretbox)
- Public-key encryption (box)
- Key derivation, signing, hashing, and random number generation
- Use Case: General-purpose cryptographic operations.
---
### 2. [age](https://github.com/FiloSottile/age)
- Description: A simple, modern, and secure encryption tool.
- Features:
- Designed for encrypting files with minimal configuration.
- Supports passphrases and SSH keys for decryption.
- Use Case: File encryption and secure file sharing.
---
### 3. [PyCryptodome](https://github.com/Legrandin/pycryptodome)
- Description: A self-contained Python package for cryptography.
- Features:
- Symmetric ciphers (AES, ChaCha20, etc.)
- Public-key algorithms (RSA, DSA, ECC)
- Cryptographic hashes (SHA, MD5)
- Use Case: Building encryption into Python applications.
---
### 4. [OpenSSL](https://github.com/openssl/openssl)
- Description: A robust toolkit for SSL/TLS protocols and general-purpose cryptography.
- Features:
- Encryption/decryption using symmetric and asymmetric algorithms.
- SSL/TLS implementation.
- Extensive support for various cipher suites.
- Use Case: Secure communication and application-level encryption.
---
### 5. [Tink](https://github.com/google/tink)
- Description: A multi-language, cross-platform library for cryptographic operations by Google.
- Features:
- Simplified APIs for common cryptographic use cases.
- High-level encryption, decryption, and key management.
- Use Case: Easy-to-use cryptographic operations for developers.
---
### 6. [VeraCrypt](https://github.com/veracrypt/VeraCrypt)
- Description: Disk encryption software based on TrueCrypt.
- Features:
- Full-disk encryption with advanced security features.
- Support for hidden volumes.
- Use Case: Secure storage of sensitive data.
---
### 7. [cryptography](https://github.com/pyca/cryptography)
- Description: A Python library that provides cryptographic recipes and primitives.
- Features:
- Symmetric and asymmetric encryption.
- X.509 certificate parsing.
- Secure random number generation.
- Use Case: Secure data transmission and application-layer encryption in Python.
---
### 8. [GPG](https://github.com/gpg/gnupg)
- Description: The GNU Privacy Guard, an implementation of OpenPGP.
- Features:
- Encrypt and sign data and communications.
- Key management and public key encryption.
- Use Case: Encrypting emails and files securely.
---
### 9. [rnp](https://github.com/rnpgp/rnp)
- Description: OpenPGP library and CLI tool compatible with GPG.
- Features:
- Encrypting, decrypting, signing, and verifying messages.
- Key generation and management.
- Use Case: OpenPGP encryption in modern applications.
---
### 10. [NaCl (Networking and Cryptography Library)](https://github.com/libsodium/libsodium)
- Description: A low-level cryptography library offering high-performance cryptographic primitives.
- Features:
- Public-key, secret-key, and hash-based cryptographic operations.
- Focus on simplicity and security.
- Use Case: Performance-focused cryptographic solutions.
---
### 11. [CryFS](https://github.com/cryfs/cryfs)
- Description: Cryptographic filesystem for securing cloud storage.
- Features:
- Transparent file encryption.
- Data integrity verification.
- Use Case: Encrypting files in cloud storage services like Dropbox or Google Drive.
---
### 12. [sops](https://github.com/mozilla/sops)
- Description: A tool for managing secrets with encryption.
- Features:
- Encrypts files using AWS KMS, GCP KMS, Azure Key Vault, or PGP.
- Supports YAML, JSON, ENV, and INI files.
- Use Case: Secure storage of configuration files and secrets.
---
### 1. [libsodium](https://github.com/jedisct1/libsodium)
- Description: A modern, easy-to-use crypto library designed for security and performance.
- Features:
- Symmetric encryption (secretbox)
- Public-key encryption (box)
- Key derivation, signing, hashing, and random number generation
- Use Case: General-purpose cryptographic operations.
---
### 2. [age](https://github.com/FiloSottile/age)
- Description: A simple, modern, and secure encryption tool.
- Features:
- Designed for encrypting files with minimal configuration.
- Supports passphrases and SSH keys for decryption.
- Use Case: File encryption and secure file sharing.
---
### 3. [PyCryptodome](https://github.com/Legrandin/pycryptodome)
- Description: A self-contained Python package for cryptography.
- Features:
- Symmetric ciphers (AES, ChaCha20, etc.)
- Public-key algorithms (RSA, DSA, ECC)
- Cryptographic hashes (SHA, MD5)
- Use Case: Building encryption into Python applications.
---
### 4. [OpenSSL](https://github.com/openssl/openssl)
- Description: A robust toolkit for SSL/TLS protocols and general-purpose cryptography.
- Features:
- Encryption/decryption using symmetric and asymmetric algorithms.
- SSL/TLS implementation.
- Extensive support for various cipher suites.
- Use Case: Secure communication and application-level encryption.
---
### 5. [Tink](https://github.com/google/tink)
- Description: A multi-language, cross-platform library for cryptographic operations by Google.
- Features:
- Simplified APIs for common cryptographic use cases.
- High-level encryption, decryption, and key management.
- Use Case: Easy-to-use cryptographic operations for developers.
---
### 6. [VeraCrypt](https://github.com/veracrypt/VeraCrypt)
- Description: Disk encryption software based on TrueCrypt.
- Features:
- Full-disk encryption with advanced security features.
- Support for hidden volumes.
- Use Case: Secure storage of sensitive data.
---
### 7. [cryptography](https://github.com/pyca/cryptography)
- Description: A Python library that provides cryptographic recipes and primitives.
- Features:
- Symmetric and asymmetric encryption.
- X.509 certificate parsing.
- Secure random number generation.
- Use Case: Secure data transmission and application-layer encryption in Python.
---
### 8. [GPG](https://github.com/gpg/gnupg)
- Description: The GNU Privacy Guard, an implementation of OpenPGP.
- Features:
- Encrypt and sign data and communications.
- Key management and public key encryption.
- Use Case: Encrypting emails and files securely.
---
### 9. [rnp](https://github.com/rnpgp/rnp)
- Description: OpenPGP library and CLI tool compatible with GPG.
- Features:
- Encrypting, decrypting, signing, and verifying messages.
- Key generation and management.
- Use Case: OpenPGP encryption in modern applications.
---
### 10. [NaCl (Networking and Cryptography Library)](https://github.com/libsodium/libsodium)
- Description: A low-level cryptography library offering high-performance cryptographic primitives.
- Features:
- Public-key, secret-key, and hash-based cryptographic operations.
- Focus on simplicity and security.
- Use Case: Performance-focused cryptographic solutions.
---
### 11. [CryFS](https://github.com/cryfs/cryfs)
- Description: Cryptographic filesystem for securing cloud storage.
- Features:
- Transparent file encryption.
- Data integrity verification.
- Use Case: Encrypting files in cloud storage services like Dropbox or Google Drive.
---
### 12. [sops](https://github.com/mozilla/sops)
- Description: A tool for managing secrets with encryption.
- Features:
- Encrypts files using AWS KMS, GCP KMS, Azure Key Vault, or PGP.
- Supports YAML, JSON, ENV, and INI files.
- Use Case: Secure storage of configuration files and secrets.
GitHub
GitHub - jedisct1/libsodium: A modern, portable, easy to use crypto library.
A modern, portable, easy to use crypto library. Contribute to jedisct1/libsodium development by creating an account on GitHub.
Forwarded from Exploiting Crew (Pr1vAt3)
YouTube
Hacking Any Windows Machine With IPv6 Vulnerability (CVE 2024-38063)(Ethical Hacking)
Welcome back! In today's video we are going to discuss recent IPv6 vulnerability that targets almost all windows devices (Windows 11, Windows 10, Windows Server 2008-2022). We will take a look at the published article explaining how the vulnerability worksβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Top Decryption Tools 2024-2025:
---
1. CyberChef(https://github.com/gchq/CyberChef)
- Description: A web-based "Cyber Swiss Army Knife" for encryption, decryption, and data manipulation.
- Features:
- Decrypts data encoded with base64, XOR, AES, etc.
- Includes hash crackers and forensic analysis tools.
- Use Case: Universal tool for decryption and data transformation.
---
2. John the Ripper(https://github.com/openwall/john)
- Description: A password cracker supporting numerous encryption formats.
- Features:
- Cracks hashed passwords using brute force and dictionary attacks.
- Supports MD5, SHA, DES, Blowfish, and more.
- Use Case: Decrypting password hashes for security assessments.
---
3. hashcat(https://github.com/hashcat/hashcat)
- Description: An advanced GPU-based password recovery tool.
- Features:
- Supports over 300 hash and encryption algorithms.
- Custom rule sets for password recovery.
- Use Case: Decrypting and recovering encrypted passwords.
---
4. Ciphey(https://github.com/Ciphey/Ciphey)
- Description: Automated decryption tool that uses AI and natural language processing.
- Features:
- Detects encryption methods automatically.
- Decodes ciphertext into human-readable text.
- Use Case: Quick decryption of unknown encrypted data.
---
5. GPG (GNU Privacy Guard)(https://github.com/gpg/gnupg)
- Description: Decrypts data encrypted with the OpenPGP standard.
- Features:
- Decrypts and verifies encrypted emails, files, and data.
- Key management and multi-platform compatibility.
- Use Case: Decrypting communications and files in OpenPGP format.
---
6. OpenSSL(https://github.com/openssl/openssl)
- Description: A toolkit for SSL/TLS protocols with decryption capabilities.
- Features:
- Decrypts SSL/TLS traffic (with private keys).
- Decrypts data encrypted with OpenSSL algorithms.
- Use Case: Secure communication decryption and data recovery.
---
7. decrypt-wpa(https://github.com/mcgrew/decrypt-wpa)
- Description: Tool for decrypting WPA traffic with a known PSK (pre-shared key).
- Features:
- Supports WPA2 capture decryption using Wireshark-compatible files.
- Packet-by-packet decryption.
- Use Case: Analyzing and decrypting WPA-encrypted network traffic.
---
8. CrackStation(https://github.com/CrackStation/crackstation-wordlist)
- Description: A massive password decryption tool using precomputed hash dictionaries.
- Features:
- Decrypts MD5, SHA-1, and other hash formats.
- Includes a comprehensive wordlist for hash matching.
- Use Case: Hash decryption and penetration testing.
---
9. bcrypt-tool(https://github.com/rg3/bcrypt-tool)
- Description: A command-line utility to decrypt bcrypt-encrypted passwords.
- Features:
- Uses brute-force and dictionary attacks for bcrypt hashes.
- High-performance decryption with GPU support.
- Use Case: Decrypting bcrypt-protected passwords.
---
10. Mimikatz(https://github.com/gentilkiwi/mimikatz)
- Description: A popular tool for extracting plaintext passwords and keys from memory.
- Features:
- Decrypts Windows credentials from memory (LSASS process).
- Extracts Kerberos tickets and NTLM hashes.
- Use Case: Forensic and penetration testing to decrypt sensitive credentials.
---
11. Hash-Identifier(https://github.com/blackploit/hash-identifier)
- Description: Identifies the type of hash and prepares for decryption.
- Features:
- Recognizes over 200 hash types.
- Prepares data for tools like John the Ripper or hashcat.
- Use Case: Pre-decryption hash identification.
---
12. AES Crypt(https://github.com/paulej/AESCrypt)
- Description: A file encryption and decryption tool using AES-256.
- Features:
- Command-line interface for secure decryption.
- Cross-platform compatibility.
- Use Case: Secure file decryption for personal and business use.
---
---
1. CyberChef(https://github.com/gchq/CyberChef)
- Description: A web-based "Cyber Swiss Army Knife" for encryption, decryption, and data manipulation.
- Features:
- Decrypts data encoded with base64, XOR, AES, etc.
- Includes hash crackers and forensic analysis tools.
- Use Case: Universal tool for decryption and data transformation.
---
2. John the Ripper(https://github.com/openwall/john)
- Description: A password cracker supporting numerous encryption formats.
- Features:
- Cracks hashed passwords using brute force and dictionary attacks.
- Supports MD5, SHA, DES, Blowfish, and more.
- Use Case: Decrypting password hashes for security assessments.
---
3. hashcat(https://github.com/hashcat/hashcat)
- Description: An advanced GPU-based password recovery tool.
- Features:
- Supports over 300 hash and encryption algorithms.
- Custom rule sets for password recovery.
- Use Case: Decrypting and recovering encrypted passwords.
---
4. Ciphey(https://github.com/Ciphey/Ciphey)
- Description: Automated decryption tool that uses AI and natural language processing.
- Features:
- Detects encryption methods automatically.
- Decodes ciphertext into human-readable text.
- Use Case: Quick decryption of unknown encrypted data.
---
5. GPG (GNU Privacy Guard)(https://github.com/gpg/gnupg)
- Description: Decrypts data encrypted with the OpenPGP standard.
- Features:
- Decrypts and verifies encrypted emails, files, and data.
- Key management and multi-platform compatibility.
- Use Case: Decrypting communications and files in OpenPGP format.
---
6. OpenSSL(https://github.com/openssl/openssl)
- Description: A toolkit for SSL/TLS protocols with decryption capabilities.
- Features:
- Decrypts SSL/TLS traffic (with private keys).
- Decrypts data encrypted with OpenSSL algorithms.
- Use Case: Secure communication decryption and data recovery.
---
7. decrypt-wpa(https://github.com/mcgrew/decrypt-wpa)
- Description: Tool for decrypting WPA traffic with a known PSK (pre-shared key).
- Features:
- Supports WPA2 capture decryption using Wireshark-compatible files.
- Packet-by-packet decryption.
- Use Case: Analyzing and decrypting WPA-encrypted network traffic.
---
8. CrackStation(https://github.com/CrackStation/crackstation-wordlist)
- Description: A massive password decryption tool using precomputed hash dictionaries.
- Features:
- Decrypts MD5, SHA-1, and other hash formats.
- Includes a comprehensive wordlist for hash matching.
- Use Case: Hash decryption and penetration testing.
---
9. bcrypt-tool(https://github.com/rg3/bcrypt-tool)
- Description: A command-line utility to decrypt bcrypt-encrypted passwords.
- Features:
- Uses brute-force and dictionary attacks for bcrypt hashes.
- High-performance decryption with GPU support.
- Use Case: Decrypting bcrypt-protected passwords.
---
10. Mimikatz(https://github.com/gentilkiwi/mimikatz)
- Description: A popular tool for extracting plaintext passwords and keys from memory.
- Features:
- Decrypts Windows credentials from memory (LSASS process).
- Extracts Kerberos tickets and NTLM hashes.
- Use Case: Forensic and penetration testing to decrypt sensitive credentials.
---
11. Hash-Identifier(https://github.com/blackploit/hash-identifier)
- Description: Identifies the type of hash and prepares for decryption.
- Features:
- Recognizes over 200 hash types.
- Prepares data for tools like John the Ripper or hashcat.
- Use Case: Pre-decryption hash identification.
---
12. AES Crypt(https://github.com/paulej/AESCrypt)
- Description: A file encryption and decryption tool using AES-256.
- Features:
- Command-line interface for secure decryption.
- Cross-platform compatibility.
- Use Case: Secure file decryption for personal and business use.
---
Forwarded from Exploiting Crew (Pr1vAt3)
π¦ Dark Web Online sites List:
Email Providers
Cock.li xdkriz6cn2avvcr2vks5lvvtmfojz2ohjzj4fhyuka55mvljeso2ztqd.onion
Elude.in eludemailxhnqzfmxehy3bk5guyhlxbunfyhkcksv4gvx6d3wcf6smad.onion
Sonar Tor Messenger sonarmsng5vzwqezlvtu2iiwwdn3dxkhotftikhowpfjuzg7p3ca5eid.onion
ProtonMail protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
RiseUp Email 5gdvpfoh6kb2iqbizb37lzk2ddzrwa47m6rpdueg2m656fovmbhoptqd.onion
Blogs And Personal Sites
qorg11.net lainwir3s4y5r7mqm3kurzpljyf77vty2hrrfkps6wm4nnnqzest4lqd.onion
Course Enigma cgjzkysxa4ru5rhrtr6rafckhexbisbtxwg2fg743cjumioysmirhdad.onion
Kill-9 killnod2s77o3axkktdu52aqmmy4acisz2gicbhjm4xbvxa2zfftteyd.onion
Digdeeper digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion
Spware Watchdog spywaredrcdg5krvjnukp3vbdwiqcv3zwbrcg6qh27kiwecm4qyfphid.onion
MayVaneDay Studios meynethaffeecapsvfphrcnfrx44w2nskgls2juwitibvqctk2plvhqd.onion
Shadow Wiki zsxjtsgzborzdllyp64c6pwnjz5eic76bsksbxzqefzogwcydnkjy3yd.onion
Outer Space reycdxyc24gf7jrnwutzdn3smmweizedy7uojsa7ols6sflwu25ijoyd.onion
Tech Learning Collective lpiyu33yusoalp5kh3f4hak2so2sjjvjw5ykyvu2dulzosgvuffq6sad.onion
Fuwa Fuwa fwfwqtpi2ofmehzdxe3e2htqfmhwfciwivpnsztv7dvpuamhr72ktlqd.onion
S-Config xjfbpuj56rdazx4iolylxplbvyft2onuerjeimlcqwaihp3s6r4xebqd.onion
Hacking
Defcon g7ejphhubv5idbbu3hb3wawrs5adw7tkx7yjabnf65xtzztgg4hcsqqd.onion
InfoCon w27irt6ldaydjoacyovepuzlethuoypazhhbot6tljuywy52emetn7qd.onion
News Sites
ProPublica p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion
Darknetlive darkzzx4avcsuofgfez5zq75cqc4mprjvfqywo45dfcaxrwqg6qrlfid.onion
Open Source Software
OnionShare lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion
Whonix dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion
Qubes OS www.qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion
Keybase.IO keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion
Bitcoin Core 6hasakffvppilxgehrswmffqurlcjjjhd76jgvaqmsg6ul25s7t3rzyd.onion
Wasabi Wallet wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion
The Tor Project 2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
Others
CIA.gov ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion
Internet Archive archivebyd3rzt3ehjpm4c3bjkyxv3hjleiytnvxcn7x32psn2kxcuid.onion
Bible4u bible4u2lvhacg4b3to2e2veqpwmrc2c3tjf2wuuqiz332vlwmr4xbad.onion
Imperial Library kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion
Comic Book Library nv3x2jozywh63fkohn5mwp2d73vasusjixn3im3ueof52fmbjsigw6ad.onion
Tor Paste torpastezr7464pevuvdjisbvaf4yqi4n7sgz7lkwgqwxznwy5duj4ad.onion
Fuck Facebook 4wbwa6vcpvcr3vvf4qkhppgy56urmjcj2vagu2iqgp3z656xcmfdbiqd.onion
Just Another Library libraryfyuybp7oyidyya3ah5xvwgyix6weauoini7zyz555litmmumad.onion
Google Feud lkqx6qn7whctpdjhcoohpoyi6ahtrveuii7kq2m647ssvo5skqp7ioad.onion
NCIDE Police Task Force ncidetfs7banpz2d7vpndev5somwoki5vwdpfty2k7javniujekit6ad.onion
Email Providers
Cock.li xdkriz6cn2avvcr2vks5lvvtmfojz2ohjzj4fhyuka55mvljeso2ztqd.onion
Elude.in eludemailxhnqzfmxehy3bk5guyhlxbunfyhkcksv4gvx6d3wcf6smad.onion
Sonar Tor Messenger sonarmsng5vzwqezlvtu2iiwwdn3dxkhotftikhowpfjuzg7p3ca5eid.onion
ProtonMail protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
RiseUp Email 5gdvpfoh6kb2iqbizb37lzk2ddzrwa47m6rpdueg2m656fovmbhoptqd.onion
Blogs And Personal Sites
qorg11.net lainwir3s4y5r7mqm3kurzpljyf77vty2hrrfkps6wm4nnnqzest4lqd.onion
Course Enigma cgjzkysxa4ru5rhrtr6rafckhexbisbtxwg2fg743cjumioysmirhdad.onion
Kill-9 killnod2s77o3axkktdu52aqmmy4acisz2gicbhjm4xbvxa2zfftteyd.onion
Digdeeper digdeep4orxw6psc33yxa2dgmuycj74zi6334xhxjlgppw6odvkzkiad.onion
Spware Watchdog spywaredrcdg5krvjnukp3vbdwiqcv3zwbrcg6qh27kiwecm4qyfphid.onion
MayVaneDay Studios meynethaffeecapsvfphrcnfrx44w2nskgls2juwitibvqctk2plvhqd.onion
Shadow Wiki zsxjtsgzborzdllyp64c6pwnjz5eic76bsksbxzqefzogwcydnkjy3yd.onion
Outer Space reycdxyc24gf7jrnwutzdn3smmweizedy7uojsa7ols6sflwu25ijoyd.onion
Tech Learning Collective lpiyu33yusoalp5kh3f4hak2so2sjjvjw5ykyvu2dulzosgvuffq6sad.onion
Fuwa Fuwa fwfwqtpi2ofmehzdxe3e2htqfmhwfciwivpnsztv7dvpuamhr72ktlqd.onion
S-Config xjfbpuj56rdazx4iolylxplbvyft2onuerjeimlcqwaihp3s6r4xebqd.onion
Hacking
Defcon g7ejphhubv5idbbu3hb3wawrs5adw7tkx7yjabnf65xtzztgg4hcsqqd.onion
InfoCon w27irt6ldaydjoacyovepuzlethuoypazhhbot6tljuywy52emetn7qd.onion
News Sites
ProPublica p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion
Darknetlive darkzzx4avcsuofgfez5zq75cqc4mprjvfqywo45dfcaxrwqg6qrlfid.onion
Open Source Software
OnionShare lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion
Whonix dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion
Qubes OS www.qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion
Keybase.IO keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion
Bitcoin Core 6hasakffvppilxgehrswmffqurlcjjjhd76jgvaqmsg6ul25s7t3rzyd.onion
Wasabi Wallet wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion
The Tor Project 2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
Others
CIA.gov ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion
Internet Archive archivebyd3rzt3ehjpm4c3bjkyxv3hjleiytnvxcn7x32psn2kxcuid.onion
Bible4u bible4u2lvhacg4b3to2e2veqpwmrc2c3tjf2wuuqiz332vlwmr4xbad.onion
Imperial Library kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion
Comic Book Library nv3x2jozywh63fkohn5mwp2d73vasusjixn3im3ueof52fmbjsigw6ad.onion
Tor Paste torpastezr7464pevuvdjisbvaf4yqi4n7sgz7lkwgqwxznwy5duj4ad.onion
Fuck Facebook 4wbwa6vcpvcr3vvf4qkhppgy56urmjcj2vagu2iqgp3z656xcmfdbiqd.onion
Just Another Library libraryfyuybp7oyidyya3ah5xvwgyix6weauoini7zyz555litmmumad.onion
Google Feud lkqx6qn7whctpdjhcoohpoyi6ahtrveuii7kq2m647ssvo5skqp7ioad.onion
NCIDE Police Task Force ncidetfs7banpz2d7vpndev5somwoki5vwdpfty2k7javniujekit6ad.onion
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Ethereum Hacking:
Mythril for Smart Contracts (Ethereum)
If you want to explore Mythril's use cases (Ethereum-focused):
1. Install Mythril:
2. Run Mythril to analyze a smart contract:
3. Detect vulnerabilities in bytecode:
---
### Commands for Bitcoin Pentesting
Bitcoin pentesting would rely on tools and methods such as analyzing P2SH scripts, transaction structures, and wallet vulnerabilities. Below are specific actionable commands/tools:
#### 1. Bitcoin Script Analysis
Use
#### 2. Transaction Vulnerability Analysis
Decode raw transactions:
#### 3. Wallet Testing
Test wallets using libraries like
#### 4. Cross-Site Blockchain Vulnerabilities
Automate REST API pentesting for wallets or blockchain explorers:
#### 5. Custom Scripts for Exploits
Create Bitcoin raw transactions with custom scripts:
---
### Mythril-like Analysis for Bitcoin Alternatives
1. Analyze multisig transactions for bugs:
2. Debug SegWit scripts:
3. Use btcd or other libraries to craft transactions:
go run btcd_tx_tool.go
This post is made for educational purposes
Mythril for Smart Contracts (Ethereum)
If you want to explore Mythril's use cases (Ethereum-focused):
1. Install Mythril:
pip install mythril
2. Run Mythril to analyze a smart contract:
myth analyze contract.sol
3. Detect vulnerabilities in bytecode:
myth analyze --rpc http://127.0.0.1:8545 -a <CONTRACT_ADDRESS>
---
### Commands for Bitcoin Pentesting
Bitcoin pentesting would rely on tools and methods such as analyzing P2SH scripts, transaction structures, and wallet vulnerabilities. Below are specific actionable commands/tools:
#### 1. Bitcoin Script Analysis
Use
bitcoin-cli to decode and analyze scripts:bitcoin-cli decodescript <HEX_SCRIPT>
#### 2. Transaction Vulnerability Analysis
Decode raw transactions:
bitcoin-cli decoderawtransaction <RAW_TX>
#### 3. Wallet Testing
Test wallets using libraries like
btcpy:from btcpy.structs.transaction import Transaction
tx = Transaction.deserialize(<RAW_TX>)
print(tx)
#### 4. Cross-Site Blockchain Vulnerabilities
Automate REST API pentesting for wallets or blockchain explorers:
sqlmap -u "http://blockchainexplorer.com/api?query=*" --dbs
#### 5. Custom Scripts for Exploits
Create Bitcoin raw transactions with custom scripts:
bitcoin-cli createrawtransaction '[{"txid":"<TXID>","vout":<INDEX>}]' '{"<ADDRESS>":<AMOUNT>}'
---
### Mythril-like Analysis for Bitcoin Alternatives
1. Analyze multisig transactions for bugs:
bitcoin-cli validateaddress <ADDRESS>
2. Debug SegWit scripts:
bitcoin-cli decodescript <HEX_SCRIPT>
3. Use btcd or other libraries to craft transactions:
`bashgo run btcd_tx_tool.go
This post is made for educational purposes
π¦Top Free Local AI
Open LLM Leaderboard
https://huggingface.co/collections/open-llm-leaderboard/open-llm-leaderboard-best-models-652d6c7965a4619fb5c27a03
Open LLM Leaderboard
https://huggingface.co/collections/open-llm-leaderboard/open-llm-leaderboard-best-models-652d6c7965a4619fb5c27a03
huggingface.co
Open LLM Leaderboard best models β€οΈβπ₯ - a open-llm-leaderboard Collection
A daily uploaded list of models with best evaluations on the LLM leaderboard:
π¦ AI models and tools for cybersecurity and hacking research
1. Code Analysis and Security Tools
- CodeBERT: AI model for secure code analysis.
URL: [https://huggingface.co/microsoft/codebert-base](https://huggingface.co/microsoft/codebert-base)
- DeepCode by Snyk: Detects vulnerabilities in codebases.
URL: [https://www.deepcode.ai/](https://www.deepcode.ai/)
- Joern: Open-source code analysis tool designed for vulnerability discovery.
URL: [https://joern.io/](https://joern.io/)
2. Adversarial Models and Simulations
- DeepExploit: Automates penetration testing with AI-driven attacks.
URL: [https://github.com/13o-bbr-bbq/machine_learning_security](https://github.com/13o-bbr-bbq/machine_learning_security)
- TextAttack: Framework for generating adversarial text for NLP systems.
URL: [https://github.com/QData/TextAttack](https://github.com/QData/TextAttack)
- Foolbox: Test the robustness of AI models with adversarial inputs.
URL: [https://foolbox.readthedocs.io/](https://foolbox.readthedocs.io/)
3. Malware Detection and Threat Intelligence
- MalConv: Neural network for malware detection from raw binaries.
URL: [https://github.com/Endermanch/MalwareDatabase](https://github.com/Endermanch/MalwareDatabase)
- Cuckoo Sandbox AI: Analyze malware behavior with AI integration.
URL: [https://cuckoosandbox.org/](https://cuckoosandbox.org/)
- Viper Framework: Malware and binary analysis toolset.
URL: [https://github.com/viper-framework/viper](https://github.com/viper-framework/viper)
4. Image and Data Analysis Tools
- YOLO (You Only Look Once): Detect anomalies or objects in visual data.
URL: [https://github.com/ultralytics/yolov5](https://github.com/ultralytics/yolov5)
- AutoML Vision by Google: Train custom vision models for detecting tampering.
URL: [https://cloud.google.com/automl](https://cloud.google.com/automl)
5. Network and System Monitoring Tools
- SnortAI: Intrusion detection with machine learning enhancements.
URL: [https://www.snort.org/](https://www.snort.org/)
- Zeek AI (Bro): Network analysis framework extended with AI.
URL: [https://zeek.org/](https://zeek.org/)
- DeepPacket: AI-driven analysis of network packet data.
URL: [https://github.com/xiaokexiang/DeepPacket](https://github.com/xiaokexiang/DeepPacket)
6. General Security Tools with AI Features
- TriageML: Machine learning for automating malware triage.
URL: [https://github.com/fireeye/Triage](https://github.com/fireeye/Triage)
- AI-Hunter: AI-driven platform for detecting and investigating cyber threats.
URL: [https://www.criticalstart.com/ai-hunter/](https://www.criticalstart.com/ai-hunter/)
- ELK Stack with AI: Integrate AI plugins with the ELK Stack for advanced threat detection.
URL: [https://www.elastic.co/](https://www.elastic.co/)
1. Code Analysis and Security Tools
- CodeBERT: AI model for secure code analysis.
URL: [https://huggingface.co/microsoft/codebert-base](https://huggingface.co/microsoft/codebert-base)
- DeepCode by Snyk: Detects vulnerabilities in codebases.
URL: [https://www.deepcode.ai/](https://www.deepcode.ai/)
- Joern: Open-source code analysis tool designed for vulnerability discovery.
URL: [https://joern.io/](https://joern.io/)
2. Adversarial Models and Simulations
- DeepExploit: Automates penetration testing with AI-driven attacks.
URL: [https://github.com/13o-bbr-bbq/machine_learning_security](https://github.com/13o-bbr-bbq/machine_learning_security)
- TextAttack: Framework for generating adversarial text for NLP systems.
URL: [https://github.com/QData/TextAttack](https://github.com/QData/TextAttack)
- Foolbox: Test the robustness of AI models with adversarial inputs.
URL: [https://foolbox.readthedocs.io/](https://foolbox.readthedocs.io/)
3. Malware Detection and Threat Intelligence
- MalConv: Neural network for malware detection from raw binaries.
URL: [https://github.com/Endermanch/MalwareDatabase](https://github.com/Endermanch/MalwareDatabase)
- Cuckoo Sandbox AI: Analyze malware behavior with AI integration.
URL: [https://cuckoosandbox.org/](https://cuckoosandbox.org/)
- Viper Framework: Malware and binary analysis toolset.
URL: [https://github.com/viper-framework/viper](https://github.com/viper-framework/viper)
4. Image and Data Analysis Tools
- YOLO (You Only Look Once): Detect anomalies or objects in visual data.
URL: [https://github.com/ultralytics/yolov5](https://github.com/ultralytics/yolov5)
- AutoML Vision by Google: Train custom vision models for detecting tampering.
URL: [https://cloud.google.com/automl](https://cloud.google.com/automl)
5. Network and System Monitoring Tools
- SnortAI: Intrusion detection with machine learning enhancements.
URL: [https://www.snort.org/](https://www.snort.org/)
- Zeek AI (Bro): Network analysis framework extended with AI.
URL: [https://zeek.org/](https://zeek.org/)
- DeepPacket: AI-driven analysis of network packet data.
URL: [https://github.com/xiaokexiang/DeepPacket](https://github.com/xiaokexiang/DeepPacket)
6. General Security Tools with AI Features
- TriageML: Machine learning for automating malware triage.
URL: [https://github.com/fireeye/Triage](https://github.com/fireeye/Triage)
- AI-Hunter: AI-driven platform for detecting and investigating cyber threats.
URL: [https://www.criticalstart.com/ai-hunter/](https://www.criticalstart.com/ai-hunter/)
- ELK Stack with AI: Integrate AI plugins with the ELK Stack for advanced threat detection.
URL: [https://www.elastic.co/](https://www.elastic.co/)
huggingface.co
microsoft/codebert-base Β· Hugging Face
Weβre on a journey to advance and democratize artificial intelligence through open source and open science.
Forwarded from Exploiting Crew (Pr1vAt3)
π¦ Email Tracking:
### π About Zehef
Zehef specializes in:
- Locating public data associated with a specific email address.
- Providing insights into email breaches, pastes, and social media accounts.
---
### π Key Features
1. Breached Data Check:
- Identify if the email has appeared in any public data breaches using sources like Pastebin or others.
2. HudsonRock Integration:
- Leverage HudsonRock to analyze leaks and identify potential compromises.
3. Social Media Account Discovery:
- Check for linked accounts across platforms such as:
- Instagram
- Spotify
- Deezer
- Adobe
- π (formerly Twitter), etc.
4. Email Combination Generation:
- Create possible variations of the target email for further testing or OSINT purposes.
---
### π¦ Installation
#### Prerequisites
- Python: Version 3.10 or later.
- Git: Installed and configured.
#### Steps:
1. Clone the Zehef repository:
2. Install the dependencies:
---
### π² Usage
Run the tool with the following syntax:
#### Example:
#### Available Options:
-
-
---
### π‘ Notes
Zehef is an advanced tool for ethical OSINT practices and should only be used with proper authorization. Misuse could violate laws or terms of service on various platforms.
π GitHub Repository: [Zehef on GitHub](https://github.com/N0rz3/Zehef)
### π About Zehef
Zehef specializes in:
- Locating public data associated with a specific email address.
- Providing insights into email breaches, pastes, and social media accounts.
---
### π Key Features
1. Breached Data Check:
- Identify if the email has appeared in any public data breaches using sources like Pastebin or others.
2. HudsonRock Integration:
- Leverage HudsonRock to analyze leaks and identify potential compromises.
3. Social Media Account Discovery:
- Check for linked accounts across platforms such as:
- Spotify
- Deezer
- Adobe
- π (formerly Twitter), etc.
4. Email Combination Generation:
- Create possible variations of the target email for further testing or OSINT purposes.
---
### π¦ Installation
#### Prerequisites
- Python: Version 3.10 or later.
- Git: Installed and configured.
#### Steps:
1. Clone the Zehef repository:
git clone https://github.com/N0rz3/Zehef.git
cd Zehef
2. Install the dependencies:
pip3 install -r requirements.txt
---
### π² Usage
Run the tool with the following syntax:
python3 zehef.py [email]
#### Example:
python3 zehef.py target@example.com
#### Available Options:
-
email: The email address for which you want to retrieve information.-
-h, --help: Displays help information.---
### π‘ Notes
Zehef is an advanced tool for ethical OSINT practices and should only be used with proper authorization. Misuse could violate laws or terms of service on various platforms.
π GitHub Repository: [Zehef on GitHub](https://github.com/N0rz3/Zehef)
GitHub
GitHub - N0rz3/Zehef: Zehef is an osint tool to track emails
Zehef is an osint tool to track emails. Contribute to N0rz3/Zehef development by creating an account on GitHub.
Forwarded from Exploiting Crew (Pr1vAt3)
π¦ To "run a script" on a quantum computer, you typically use a quantum programming language like Qiskit (for IBM Quantum), Cirq (for Google's quantum devices), or others like Braket (Amazon)
Quantum Script Using Qiskit
---
### What It Does:
1. Hadamard Gate (H): Places the qubit in a superposition, meaning it's in a mix of
2. Measurement: Collapses the qubit to either
3. Simulation: Runs the quantum program multiple times (e.g., 1024 shots) on a classical simulator to emulate quantum results.
---
### Output Example:
After running, you might see:
---
### Running on a Real Quantum Computer:
If you have access to IBM Quantum or a similar quantum platform:
1. Replace the simulator with an actual quantum backend:
Quantum computing is still in its infancy, and scripts generally focus on demonstrating concepts or solving specific problems (e.g., optimization or quantum chemistry simulations). Let me know if you'd like to explore further!
Quantum Script Using Qiskit
# Import necessary libraries
from qiskit import QuantumCircuit, Aer, execute
# Step 1: Create a quantum circuit with one qubit and one classical bit
qc = QuantumCircuit(1, 1)
# Step 2: Apply a Hadamard gate to put the qubit in superposition
qc.h(0)
# Step 3: Measure the qubit
qc.measure(0, 0)
# Step 4: Simulate the quantum circuit
simulator = Aer.get_backend('qasm_simulator') # Classical simulation of a quantum computer
result = execute(qc, simulator, shots=1024).result()
# Step 5: Retrieve and display results
counts = result.get_counts()
print("Measurement Results:", counts)
# Optional: Visualize the circuit
print(qc)
---
### What It Does:
1. Hadamard Gate (H): Places the qubit in a superposition, meaning it's in a mix of
|0β© and |1β©.2. Measurement: Collapses the qubit to either
|0β© or |1β© probabilistically upon measurement.3. Simulation: Runs the quantum program multiple times (e.g., 1024 shots) on a classical simulator to emulate quantum results.
---
### Output Example:
After running, you might see:
Measurement Results: {'0': 511, '1': 513}
βββββ β βββ
q_0: β€ H βββββ€Mβ
βββββ β ββ₯β
c_0: βββββββββ¨β---
### Running on a Real Quantum Computer:
If you have access to IBM Quantum or a similar quantum platform:
1. Replace the simulator with an actual quantum backend:
from qiskit import IBMQ
IBMQ.load_account()
provider = IBMQ.get_provider(hub='ibm-q')
backend = provider.get_backend('ibmq_qasm_simulator') # Use an actual quantum device here
result = execute(qc, backend, shots=1024).result()
Quantum computing is still in its infancy, and scripts generally focus on demonstrating concepts or solving specific problems (e.g., optimization or quantum chemistry simulations). Let me know if you'd like to explore further!
π¦ Reverse engineering:
π₯οΈ Static Analysis Tools
1. IDA Pro
- Industry-standard disassembler and debugger for analyzing binaries.
- Includes a powerful scripting engine.
- Website: [Hex-Rays](https://hex-rays.com/)
2. Ghidra
- Open-source reverse engineering suite developed by the NSA.
- Features include decompilation and support for various architectures.
- GitHub: [Ghidra](https://github.com/NationalSecurityAgency/ghidra)
3. Radare2
- Advanced open-source framework for analyzing binaries, debugging, and patching.
- Command-line focused but has GUI support via Cutter.
- GitHub: [Radare2](https://github.com/radareorg/radare2)
4. Binary Ninja
- Lightweight reverse engineering platform with an emphasis on automation.
- Features include powerful APIs for custom analysis.
- Website: [Binary Ninja](https://binary.ninja/)
5. Capstone
- A lightweight disassembly framework supporting multiple architectures.
- Often used as a backend for other tools.
- GitHub: [Capstone](https://github.com/capstone-engine/capstone)
---
### π Dynamic Analysis Tools
1. OllyDbg
- Classic debugger for Windows binaries.
- Focused on malware and exploit analysis.
2. WinDbg
- A powerful Windows debugger.
- Commonly used for debugging Windows kernel and drivers.
3. x64dbg
- Open-source debugger for Windows applications.
- Provides a user-friendly GUI and scripting capabilities.
- GitHub: [x64dbg](https://github.com/x64dbg/x64dbg)
4. Frida
- Dynamic instrumentation toolkit.
- Ideal for analyzing mobile apps and binaries during runtime.
- GitHub: [Frida](https://github.com/frida/frida)
5. Qiling Framework
- Advanced binary emulation framework for testing and debugging.
- Supports multiple architectures.
- GitHub: [Qiling Framework](https://github.com/qilingframework/qiling)
---
### π± Mobile App Reverse Engineering Tools
1. APKTool
- Decompiles Android APK files to view the source code and resources.
- Ideal for analyzing Android malware or app vulnerabilities.
- GitHub: [APKTool](https://github.com/iBotPeaches/Apktool)
2. Jadx
- Decompiler for Android DEX and APK files.
- Converts binary code into readable Java code.
- GitHub: [Jadx](https://github.com/skylot/jadx)
3. Hopper Disassembler
- User-friendly disassembler and debugger for macOS and iOS binaries.
- Website: [Hopper](https://www.hopperapp.com/)
---
### βοΈ Firmware Reverse Engineering Tools
1. Binwalk
- Tool for extracting and analyzing firmware images.
- Frequently used in IoT and embedded system analysis.
- GitHub: [Binwalk](https://github.com/ReFirmLabs/binwalk)
2. GHIDRA Firmware Analyzer
- Part of Ghidra; supports firmware disassembly and analysis.
3. Firmadyne
- Emulation and analysis of Linux-based firmware.
- GitHub: [Firmadyne](https://github.com/firmadyne/firmadyne)
---
### π Encryption and Obfuscation Tools
1. Uncompyle6
- Decompiler for Python bytecode back into readable Python source code.
- GitHub: [Uncompyle6](https://github.com/rocky/python-uncompyle6)
2. Procyon
- Java decompiler that supports modern Java features.
- GitHub: [Procyon](https://github.com/mstrobel/procyon)
3. Snowman Decompiler
- Lightweight decompiler for C/C++ binaries.
- GitHub: [Snowman](https://github.com/yegord/snowman)
---
### π‘ Other Useful Tools
1. YARA
- Helps identify and classify malware through pattern matching.
- GitHub: [YARA](https://github.com/VirusTotal/yara)
2. RETool
- Web-based reverse engineering toolkit.
- Ideal for quick analysis without heavy installations.
- Website: [RETool](https://reverseengineeringtool.com/)
3. DiE (Detect It Easy)
- Identifies obfuscation, packers, and encryption in binaries.
- GitHub: [Detect It Easy](https://github.com/horsicq/Detect-It-Easy)
π₯οΈ Static Analysis Tools
1. IDA Pro
- Industry-standard disassembler and debugger for analyzing binaries.
- Includes a powerful scripting engine.
- Website: [Hex-Rays](https://hex-rays.com/)
2. Ghidra
- Open-source reverse engineering suite developed by the NSA.
- Features include decompilation and support for various architectures.
- GitHub: [Ghidra](https://github.com/NationalSecurityAgency/ghidra)
3. Radare2
- Advanced open-source framework for analyzing binaries, debugging, and patching.
- Command-line focused but has GUI support via Cutter.
- GitHub: [Radare2](https://github.com/radareorg/radare2)
4. Binary Ninja
- Lightweight reverse engineering platform with an emphasis on automation.
- Features include powerful APIs for custom analysis.
- Website: [Binary Ninja](https://binary.ninja/)
5. Capstone
- A lightweight disassembly framework supporting multiple architectures.
- Often used as a backend for other tools.
- GitHub: [Capstone](https://github.com/capstone-engine/capstone)
---
### π Dynamic Analysis Tools
1. OllyDbg
- Classic debugger for Windows binaries.
- Focused on malware and exploit analysis.
2. WinDbg
- A powerful Windows debugger.
- Commonly used for debugging Windows kernel and drivers.
3. x64dbg
- Open-source debugger for Windows applications.
- Provides a user-friendly GUI and scripting capabilities.
- GitHub: [x64dbg](https://github.com/x64dbg/x64dbg)
4. Frida
- Dynamic instrumentation toolkit.
- Ideal for analyzing mobile apps and binaries during runtime.
- GitHub: [Frida](https://github.com/frida/frida)
5. Qiling Framework
- Advanced binary emulation framework for testing and debugging.
- Supports multiple architectures.
- GitHub: [Qiling Framework](https://github.com/qilingframework/qiling)
---
### π± Mobile App Reverse Engineering Tools
1. APKTool
- Decompiles Android APK files to view the source code and resources.
- Ideal for analyzing Android malware or app vulnerabilities.
- GitHub: [APKTool](https://github.com/iBotPeaches/Apktool)
2. Jadx
- Decompiler for Android DEX and APK files.
- Converts binary code into readable Java code.
- GitHub: [Jadx](https://github.com/skylot/jadx)
3. Hopper Disassembler
- User-friendly disassembler and debugger for macOS and iOS binaries.
- Website: [Hopper](https://www.hopperapp.com/)
---
### βοΈ Firmware Reverse Engineering Tools
1. Binwalk
- Tool for extracting and analyzing firmware images.
- Frequently used in IoT and embedded system analysis.
- GitHub: [Binwalk](https://github.com/ReFirmLabs/binwalk)
2. GHIDRA Firmware Analyzer
- Part of Ghidra; supports firmware disassembly and analysis.
3. Firmadyne
- Emulation and analysis of Linux-based firmware.
- GitHub: [Firmadyne](https://github.com/firmadyne/firmadyne)
---
### π Encryption and Obfuscation Tools
1. Uncompyle6
- Decompiler for Python bytecode back into readable Python source code.
- GitHub: [Uncompyle6](https://github.com/rocky/python-uncompyle6)
2. Procyon
- Java decompiler that supports modern Java features.
- GitHub: [Procyon](https://github.com/mstrobel/procyon)
3. Snowman Decompiler
- Lightweight decompiler for C/C++ binaries.
- GitHub: [Snowman](https://github.com/yegord/snowman)
---
### π‘ Other Useful Tools
1. YARA
- Helps identify and classify malware through pattern matching.
- GitHub: [YARA](https://github.com/VirusTotal/yara)
2. RETool
- Web-based reverse engineering toolkit.
- Ideal for quick analysis without heavy installations.
- Website: [RETool](https://reverseengineeringtool.com/)
3. DiE (Detect It Easy)
- Identifies obfuscation, packers, and encryption in binaries.
- GitHub: [Detect It Easy](https://github.com/horsicq/Detect-It-Easy)
Hex-Rays
Hex-Rays: State-of-the-Art Binary Code Analysis Tools
Professional binary analysis with IDA Pro disassembler and decompiler. Tools for reverse engineering, malware analysis, and vulnerability research.
Forwarded from Exploiting Crew (Pr1vAt3)
π¦ New Working list of Google Dorks :
### Files Containing Passwords
1.
2.
3.
4.
### Various Online Devices
5.
### Vulnerable Servers
6.
7.
8.
9.
### Files Containing Juicy Info
10.
11.
12.
13.
### Files Containing Usernames
14.
15.
### Files Containing Passwords
1.
site:github.com "BEGIN OPENSSH PRIVATE KEY" 2.
ext:nix "BEGIN OPENSSH PRIVATE KEY" 3.
intext:"aws_access_key_id" | intext:"aws_secret_access_key" filetype:json | filetype:yaml 4.
intitle:index of /etc/ssh ### Various Online Devices
5.
inurl:home.htm intitle:1766 ### Vulnerable Servers
6.
intitle:"SSL Network Extender Login" -checkpoint.com 7.
intext:"siemens" & inurl:"/portal/portal.mwsl" 8.
Google Dork Submisson For GlobalProtect Portal 9.
inurl:"cgi-bin/koha" ### Files Containing Juicy Info
10.
intext:"proftpd.conf" "index of" 11.
site:.edu filetype:xls "root" database 12.
intext:"dhcpd.conf" "index of" 13.
site:uat.* * inurl:login ### Files Containing Usernames
14.
"START test_database" ext:log 15.
"Header for logs at time" ext:log