[ HOME ]  [ 개인정보 보호정책 ]  [ 0day ]  [ 업무 합작 ]  [ 해킹 서비스 ]  [ 프로젝트 개발 ]  [ faq ]  [ 연락하기 ]  [ 원격 제어 트로이 목마 ]  [ 지불 ]    사용자: 25793     
Telegram

검색 결과

  1. K

    VulnNodeApp - A Vulnerable Node.Js Application

    A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Setup Clone this repository git clone https://github.com/4auvar/VulnNodeApp.git Application setup: Install the latest node.js version with npm. Open...
  2. K

    XMGoat - Composed of XM Cyber terraform templates that help you learn about common Azure security issues

    XM Goat is composed of XM Cyber terraform templates that help you learn about common Azure security issues. Each template is a vulnerable environment, with some significant misconfigurations. Your job is to attack and compromise the environments. Here's what to do for each environment: Run...
  3. K

    Extrude - Analyse Binaries For Missing Security Features, Information Disclosure And More...

    Analyse binaries for missing security features, information disclosure and more. Extrude is in the early stages of development, and currently only supports ELF and MachO binaries. PE (Windows) binaries will be supported soon. Usage Usage: extrude [flags] [file] Flags: -a, --all...
  4. K

    BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!

    A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor Twitter Notable Contributions Bobby Cooke @0xBoku Project original author and maintainer Santiago Pecin @s4ntiago_p Reflective...
  5. K

    Volana - Shell Command Obfuscation To Avoid Detection Systems

    Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealth. For this reason you should clear your tracks after your passage. Nevertheless, many infrastructures log command and send them to a SIEM in a real time making the afterwards cleaning...
  6. K

    CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding, Compression And Data Analysis

    CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data...
  7. K

    NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)

    NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams). NTOpenProcessToken and NtAdjustPrivilegeToken to get the "SeDebugPrivilege"...
  8. K

    Sttr - Cross-Platform, Cli App To Perform Various Operations On String

    sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl...
  9. K

    PIP-INTEL - OSINT and Cyber Intelligence Tool

    Pip-Intel is a powerful tool designed for OSINT (Open Source Intelligence) and cyber intelligence gathering activities. It consolidates various open-source tools into a single user-friendly interface simplifying the data collection and analysis processes for researchers and cybersecurity...
  10. K

    Thief Raccoon - Login Phishing Tool

    Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating systems. This tool is intended to raise awareness about cybersecurity threats and help users understand the importance of security measures like 2FA and password...
  11. K

    X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans

    A utility for identifying web page inputs and conducting XSS scanning. Features: Subdomain Discovery: Retrieves relevant subdomains for the target website and consolidates them into a whitelist. These subdomains can be utilized during the scraping process. Site-wide Link Discovery: Collects...
  12. K

    제목 : Apache Shiro 인증 우회 취약성 재발 (CVE-2016-6802)

    0x00 漏洞详情 Shiro가 경로를 제어 할 때 들어오는 URL 인코딩을 해독하지 못해 공격자가 필터를 우회하고 필터링 된 경로에 액세스 할 수있었습니다. 0x01 漏洞影响 Shrio 1.3.2 0x02 环境搭建 이 버전에는 Shiro-Spring-Boot-Starter가 없으므로 아직 GitHub에서 https://github.com/godzeo/shiro_1.2.4_sample/archive/master.zip로 프로젝트를 얻을 수 있습니다. 다음으로 샘플/웹/pom.xml 파일에서 JSTL 버전을 1.2로...
  13. K

    Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

    This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT (currently working on implementing this for RPM and other package managers). This...
  14. K

    EvilSlackbot - A Slack Bot Phishing Framework For Red Teaming Exercises

    EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Disclaimer This tool is intended for Security Professionals only. Do not use this tool against any Slack workspace without explicit permission to test. Use at your own risk. Background...
  15. K

    Reaper - Proof Of Concept On BYOVD Attack

    Reaper is a proof-of-concept designed to exploit BYOVD (Bring Your Own Vulnerable Driver) driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions. Reaper was...
  16. K

    Ars0N-Framework - A Modern Framework For Bug Bounty Hunting

    Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...
  17. K

    Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers

    Install To install headerpwn, run the following command: go install github.com/devanshbatham/[email protected] Usage headerpwn allows you to test various headers on a target URL and analyze the responses. Here's how to use the tool: Provide the target URL using the -url flag. Create a file...
  18. K

    LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts

    A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain accounts. Features The bigger the domain is, the better the wordlist will be. [x] Creates a wordlist based on the following information found in the LDAP: [x] User: name and...
  19. K

    Pyrit - The Famous WPA Precomputed Cracker

    Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one...
  20. K

    SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts

    SherlockChain is a powerful smart contract analysis framework that combines the capabilities of the renowned Slither tool with advanced AI-powered features. Developed by a team of security experts and AI researchers, SherlockChain offers unparalleled insights and vulnerability detection for...

Partner Website: HACKHUB TW hacker Team Black hat dark Web hacking team HACKING FOURM HACKER.BZ UKhacker
대한민국 최대 해커 포럼:본 사이트의 튜토리얼, 글, 도구 및 기타 관련 내용은 학습과 연구용으로만 제공되며, 그 목적은 대중의 인터넷 보안의식과 보안능력을 제고하는 것입니다.
우리는 어떤 형식의 불법 활동이든 강력히 반대하며, 타인의 네트워크 시스템에 침입하거나 공격하거나 파괴하는 허가 없는 행위를 금지한다.
Copyright © 2013-2025 KRHACK 당신은 우리의 텔레그램에 연락해서 업무 협력을 할 수 있다: @APTs37  웹 싸이트 지도Sitemap
뒤로
상단