// ----------------------------------------------------------------------------------------------// // ----------------------------------------------------------------------------------------------//
RSS
Showing posts with label Windows. Show all posts
Showing posts with label Windows. Show all posts

Tortuga: A Sms Spamming Tool Written Inwards Python 2

Posted by Dan's | Labels: ,

About Tortuga: Tortuga is a SMS spamming tool written inwards Python ii for Linux in addition to Windows. Only operate amongst Gmail!

 Install in addition to run Tortuga on Linux
   You bring to install Python ii first:
    * Debian: sudo apt install python2
    * Arch Linux: sudo pacman -S python2

    And then, download Tortuga-master.zip, extract in addition to opened upwards its folder amongst Terminal in addition to enter: python2 sms.py

 Install in addition to run Tortuga on Windows
   First, download in addition to run Python 2.7.x setup file from Python.orgOn Install Python 2.7.x Setup, choose Add python.exe to Path.
   Download in addition to run Git setup file from Git-scm.com and enable Use Git from Windows Command Propmt.
   And then, download Tortuga-master.zip, extract, opened upwards PowerShell or Command Prompt on its folder. After that, hold upwards into this commands: python sms_windows.py

Screenshots of Tortuga

extract in addition to opened upwards its folder amongst Terminal in addition to hold upwards into Tortuga: H5N1 SMS Spamming tool written inwards Python 2
extract in addition to opened upwards its folder amongst Terminal in addition to hold upwards into Tortuga: H5N1 SMS Spamming tool written inwards Python 2

Watch Tortuga video

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Slowloris: A Dos Attacking Tool Written Inwards Python Three For Depression Bandwidth

Posted by Dan's | Labels: ,

Slowloris is basically an HTTP Denial of Service assail that affects threaded servers SlowLoris: H5N1 DoS Attacking tool written inward Python iii for Low Bandwidth
What is Slowloris?
   Slowloris is basically an HTTP Denial of Service assail that affects threaded servers. It industrial plant similar this:
    * We outset making lots of HTTP requests.
    * We post headers periodically (every fifteen seconds) to overstep away along the connections open.
    * We never closed the connectedness unless the server does so. If the server closes a connection, nosotros exercise a novel i overstep away along doing the same thing.

    This exhausts the servers thread puddle together with the server can't response to other people.

 SOCKS5 proxy back upwardly on SlowLoris
   However, if y'all innovation on using the -x pick inward social club to purpose a SOCKS5 proxy for connecting instead of a straight connectedness over your IP address, y'all volition holler for to install the PySocks library (or whatever other implementation of the socks library) every bit well. PySocks is a fork from SocksiPy yesteryear GitHub user @Anorov together with tin easily last installed yesteryear adding PySocks to the pip command higher upwardly or running it in i lawsuit to a greater extent than similar so: sudo pip3 install PySocks

    You tin together with thus purpose the -x pick to activate SOCKS5 back upwardly together with the --proxy-host together with --proxy-port pick to specify the SOCKS5 proxy host together with its port, if they are unlike from the measure 127.0.0.1:8080.

Install together with run SlowLoris
sudo pip3 install slowloris
slowloris [target's address]
   or
git clone https://github.com/gkbrk/slowloris
cd slowloris

python3 slowloris.py [target's address]

 Configuration options: It is possible to modification the demeanor of slowloris amongst command-line arguments.

 License of SlowLoris: The code is licensed nether the MIT License.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Ahmyth-Android-Rat: Android Remote Direction Tool For Linux As Well As Windows

Posted by Dan's | Labels: ,

About AhMyth-Android-RAT
   AhMyth-Android-RAT consists of 2 parts:
    * Server side: desktop application based on electron framework (control panel).
    * Client side: android application (backdoor).

 Install together with run AhMyth-Android-RAT from source code
   You convey to install Electron Framwork (to start the app) and Java (to generate APK backdoor) first
      Install Electron
    * For Windows: Download here. And extract it!
    * For Debian-based: Follow this tutorial. And together with hence hold out inwards the command: sudo npm install electron.

       Install Java
    * For Windows: Download together with install here.
    * For Debian-based: Follow this tutorial.

    And then, opened upwards Terminal together with hold out inwards these command:
git clone https://github.com/AhMyth/AhMyth-Android-RAT
cd AhMyth-Android-RAT/AhMyth-Server
npm start

 Install together with run AhMyth-Android-RAT from binariy files
   You involve install Java to generate APK backdoor
    * Install Java for Windows: Download together with install here.
    * Install Java for Debian-based: Follow this tutorial.

    And then, download together with install .DEB (for Debian-based) or .EXE file (for Windows) from Releases · AhMyth/AhMyth-Android-RAT · GitHub.

    And then, opened upwards Terminal together with hold out inwards sudo ahmyth to start AhMyth-Android-RAT.

 Screenshots of AhMyth-Android-RAT

desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
A listing of victims 
desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
Recording amongst forepart camera
desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
File Manager
desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
Take SMS List
desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
Get Call logs
Video about AhMyth-Android-RAT

Donate to writer of AhMyth-Android-RAT
   Twitter account: @AhMythDev
   You tin forcefulness out donate to writer yesteryear Bitcoin to this address: 1EVwLuwmbsEuej7qJnNquFeQJLsgd2b8Lq. Or scan this QR code!
desktop application based on electron framework AhMyth-Android-RAT: Android Remote Administration Tool for Linux together with Windows
Created yesteryear GithackTools

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Killshot: A Pentesting Framework, Data Gathering Tool Together With Website Vulnerabilities Scanner

Posted by Dan's | Labels: ,


Why should i role KillShot?
   You tin role this tool to Spider your website together with teach of import information together with get together information automaticaly using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms together with to break the vulnerability inwards your website using Cms Exploit Scanner && WebApp Vul Scanner Also You tin role killshot to Scan automaticly multiple type of scan amongst nmap together with unicorn . And With this tool You tin Generate PHP Simple Backdoors upload it manual together with connect to the target using killshot

    This Tool Bearing H5N1 uncomplicated Ruby Fuzzer Tested on VULSERV.exe and Linux Log clear script To alter the content of login paths Spider tin aid y'all to break parametre of the site together with scan XSS together with SQL.

 Use Shodan By targ option
   CreateAccount Here Register together with teach Your aip Shodan AIP And Add your shodan AIP to aip.txt < alone your aip should live present inwards the aip.txt > Use targ To search almost Vulnrable Targets inwards shodan databases.

    Use targ To scan Ip of servers fast amongst Shodan.

KillShot's Installation
   For Linux users, opened upwardly your Terminal together with teach inwards these commands:    If you're a Windows user, follow these steps:
  • First, y'all must download together with move Ruby-lang setup file from RubyInstaller.org, guide Add Ruby executables to your PATH together with Use UTF-8 every bit default external encoding.
  • Then, download together with install curl (32-bit or 64-bit) from Curl.haxx.se/windows. After that, become to Nmap.org/download.html to download together with install the lastest Nmap version.
  • Download killshot-master.zip together with unzip it.
  • Open CMD or PowerShell window at the KillShot folder you've but unzipped together with teach inwards these commands:
    ruby setup.rb
    ruby killshot.rb

KillShot usage examples
   Easy together with fast role of KillShot:

   Use KillShot to break together with scan CMS vulnerabilities (Joomla together with WordPress) together with scan for XSS together with SQL:


References: Vulnrabilities are taken from

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Githacktools: The Best Hacking Together With Pentesting Tools Installer On The World

Posted by Dan's | Labels: ,

About GitHackTools: GitHackTools is a the best Hacking together with PenTesting tools installer on the world. BruteDum tin operate alongside whatever Linux distros or Windows version if they back upwards Python 3.

 Features of GitHackTools

  • Friend-ly Command Line Interface
  • A huge number bone hacking tools
  • Support Windows together with Linux, or orther OS. Better back upwards on Debian or Arch Linux
  • Move to orther category alongside 1 command
  • ...
GitHackTools installation on Linux
   You must install Python three together with brand first:
  • For Arch Linux together with its distros: sudo pacman -S python3 make
  • For Debian together with its distros: sudo apt install python3 make
   And then, opened upwards Terminal together with instruct inwards this command:
git clone https://github.com/GitHackTools/githacktools

GitHackTools installation on Windows
   Download together with run Python 3.7.x setup file from Python.org. On Install Python 3.7, enable Add Python 3.7 to PATH.
   Download together with run Git setup file from Git-scm.com together with pick out Use Git from Windows Command Propmt.

   After that, opened upwards PowerShell or Command Propmt together with instruct inwards these commands:
git clone https://github.com/GitHackTools/githacktools

   If y'all don't desire to install Git, y'all tin download githacktools-master.zip, extract together with purpose it.

GitHackTools screenshots
GitHackTools Home page on Parrot Security OS
GitHackTools Home page on Manjaro KDE
GitHackTools Home page on Windows 10
A2SV Installer on GitHackTools
Metasploit Installer on GitHackTools
Video demo:

Note: This tool may non install good alongside unopen to tools on unopen to Linux distros. Please say me most your problems on Issues. Thanks!

 Contact to coder:
To-do list:
  • Add to a greater extent than tools.
  • Add to a greater extent than features together with commands.
  • More friend-ly.
  • Fix bugs if they are exist.
  • (Help me please)

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

One-Lin3r: A Light-Weight Framework Gives Y'all All The One-Liners For Pentesting, Privilege Escalation Purposes In Addition To More

Posted by Dan's | Labels: ,

About One-Lin3r
   One-Lin3r is unproblematic modular as well as light-weight framework gives you lot all the one-liners that you lot volition squall for piece penetration testing (Windows, Linux, macOS or fifty-fifty BSD systems) or hacking by as well as large alongside a lot of novel features to brand all of this fully automated (ex: you lot won't fifty-fifty squall for to re-create the one-liners).

 One-Lin3r's Features
 * Influenza A virus subtype H5N1 lot of liners occupation alongside dissimilar purposes, currently are to a greater extent than than 155 liner.
 * The auto-complete characteristic that has been implemented inwards this framework is non the commons 1 you lot e'er see, hither are about highlights:

    * It's designed to cook typos inwards typed commands to the most similar dominance alongside but 1 tab click so search becomes search as well as thence on, fifty-fifty if you lot typed whatever random give-and-take similar to an dominance inwards this framework.
    * For you lot lazy-ones out in that location similar me, it tin strength out predict what liner you lot are trying to occupation yesteryear typing whatever share of it. For illustration if you lot typed use capabilities as well as clicked tab, it would live replaced alongside use linux/bash/list_all_capabilities as well as thence on. I tin strength out come across your smile, You are welcome!
    * If you lot typed whatever incorrect dominance thence pressed enter, the framework volition say you lot what is the nearest dominance to what you lot get got typed which could live the 1 you lot actually wanted.
    * Some less impressive things similar auto-complete for variables later on set command, auto-complete for liners later on use as well as info commands as well as lastly it converts all upper-case missive of the alphabet to lowercase automatically just-in-case you lot switched cases yesteryear fault piece typing.
    * Finally, you'll discovery your normal auto-completion things you lot were using before, similar commands auto-completion as well as persistent history, etc...

 * Automation:
    * You tin strength out automatically re-create the liner you lot desire to clipboard alongside dominance copy <liner> instead of using use <liner> as well as thence copying it which saves a lot of time, of course, if you lot merged it alongside the next features.
    * As you lot may noticed, you lot tin strength out occupation a resources file from command-line arguments earlier starting the framework itself or post commands directly.
    * Inside the framework you lot tin strength out occupation makerc dominance similar inwards Metasploit but this fourth dimension it alone saves the right of import commands.
    * There are history as well as resource commands thence you lot don't squall for to instruct out the framework.
    * You tin strength out execute equally many commands equally you lot desire at the same fourth dimension yesteryear splitting them alongside semi-colon.
    * Searching for whatever liner hither is thence easy, you lot tin strength out search for a liner yesteryear its name, share or fifty-fifty the liner writer name.

 * You tin strength out add together your ain liners yesteryear following these steps to create a liner equally a python file. After that you lot tin strength out brand a Pull asking alongside it thence it volition live added inwards the framework as well as credited alongside your squall of course.
 * The might to reload the database if you lot added whatever liner without restarting the framework.
 * You tin strength out add together whatever platform to the liners database but yesteryear making a folder inwards liners folder as well as creating a ".liner" file there.
 * And More...

Note: The liners database is non besides large but it volition instruct bigger alongside updates as well as contributions.
One-Lin3 Usage
   Command-line arguments
   Framework commands
Prerequisites earlier install One-Lin3r
 * Python 3.x.
 * Any OS, it should come about all but it's tested on Kali 2018+, Ubuntu 18+, Windows 10, Android alongside termux as well as MacOs 10.11

 Installing as well as running
pip install one-lin3r
one-lin3r -h

 Updating the framework or the database
pip install one-lin3r --upgrade
Note: As the liners are written equally python modules, it considered equally a share of the framework. So every novel liner added to the framework, its version volition instruct updated. 
One-Lin3r's screenshots

 Contact to coder:
   Twitter: D4Vinci
   Telegram: D4Vinci_Ox

Donate to coder: If his move has been useful for you, experience costless to give cheers him yesteryear buying him a java or to a greater extent than :) Buy a coffee 

Disclaimer nigh One-Lin3r
   One-Lin3r is created to attention inwards penetration testing as well as it's non responsible for whatever misuse or illegal purposes.
   Copying a code from this tool or using it inwards about other tool is accepted equally you lot advert where you lot got it from 😄.
Pull requests are e'er welcomed :D
Credits as well as references:

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Weebdns: Dns Enumeration Faster Than Other Normal Tools

Posted by Dan's | Labels: ,


About WeebDNS
   Written by: FuzzyRabbit
   WeebDNS is a DNS Enumeration Tool alongside Asynchronicity made alongside Python iii which makes it much faster than normal tools.

 WeebDNS requirements: Python 3, Git, pip3

 WeebDNS installation

Bugs as well as enhancements: For põrnikas reports or enhancements, delight opened upwards an issue here.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Spykeyboard: An Undetectable Python Keylogger Which Sends The Captured Keys To Your Gmail

Posted by Dan's | Labels: ,

About Spykeyboard
   Spykeyboard is a Python ii script which allows us to generate an undetectable keylogger which sends the captured keys to our Gmail draw of piece of job concern human relationship address. Once nosotros generated our keylogger, nosotros would accept to leave of absence the .py file to a Windows machine to convert it to an .exe. The tool is inwards development.
 
Spykeyboard Installation in addition to Running
   For Windows users, you lot must inwards install Python 2 first, only you lot don't accept to install Git if you lot want:

  • First, download in addition to piece of job Python 2.7.x setup file from Python.org. On Install Python 2.7.x Setup, pick out Add python.exe to Path. 
  • Download in addition to piece of job Git setup file from Git-scm.com in addition to enable Use Git from Windows Command Propmt.
   For Linux users, Python ii is already installed on your GNU/Linux distro.
 
   Then, opened upwards Terminal in addition to motion into these ascendence to download Spykeyboard, install requirements, generate in addition to convert .py keylogger file to .exe file to piece of job inwards Windows.
Spykeyboard screenshots
Enter your Gmail address in addition to password to generate keylogger
Compile .py keylogger file to .exe file

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Owasp-Zsc: A Shellcode/Obfuscate Customized Code Generating Tool

Posted by Dan's | Labels: ,


About OWASP-ZSC
   OWASP ZSC is opened upwards source software written inwards python which lets yous generate customized shellcodes too convert scripts to an obfuscated script. This software tin dismiss endure run on Windows/Linux/OSX amongst Python two or 3.

    What is shellcode?: Shellcode is a pocket-sized codes inwards Assembly language which could endure used equally the payload inwards software exploitation. Other usages are inwards malwares, bypassing antiviruses, obfuscated codes...

    You tin dismiss read to a greater extent than about OWASP-ZSC inwards these link:
Why usage OWASP-ZSC?
   Another skillful argue for obfuscating files or generating shellcode amongst OWASP-ZSC is that it tin dismiss endure used during your pen-testing. Malicious hackers usage these techniques to bypass anti-virus too charge malicious files inwards systems they accept hacked using customized shellcode generators. Anti-virus locomote amongst signatures inwards lodge to set harmful files. When using rattling good known encoders such equally msfvenom, files generated past times this programme mightiness endure already flagged past times Anti-virus programs.

    Our role is non to render a way to bypass anti-virus amongst malicious intentions, instead, nosotros desire to render pen-testers a way to challenge the safety provided past times Anti-virus programs too Intrusion Detection systems during a pen test.In this way, they tin dismiss verify the safety merely equally a black-hat volition do.

    According to other shellcode generators same equally Metasploit tools too etc, OWASP-ZSC  using novel encodes too methods which antiviruses won't detect. OWASP-ZSC encoders are able to generate musical rhythm codes amongst random encodes too that allows yous to generate thousands of novel dynamic shellcodes amongst the same project inwards merely a second, that means, yous volition non larn the same code if yous usage random encodes amongst same commands, And that brand OWASP-ZSC one of the best! During the Google Summer of Code nosotros are working on to generate Windows Shellcode too novel obfuscation methods. We are working on the side past times side version that volition allow yous to generate OSX.

 OWASP-ZSC Installation:
   You must install Metasploit and Python two or three first:
  • For Debian-based distro users: sudo apt install python2 python3 metasploit-framework
  • For Arch Linux based distro users: sudo pacman -S python2 python3 metasploit
  • For Windows users: Download Python too Metasploit here.
   And then, locomote inwards these ascendancy (If you're Windows user, don't locomote inwards sudo):
DISCLAIMER: THIS SOFTWARE WAS CREATED TO CHALLENGE ANTIVIRUS TECHNOLOGY, RESEARCH NEW ENCRYPTION METHODS, AND PROTECT SENSITIVE OPEN SOURCE FILES WHICH INCLUDE IMPORTANT DATA. CONTRIBUTORS AND OWASP FOUNDATION WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.

 An example of OWASP-ZSC

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's

Spaghetti: A Website Applications Safety Scanner

Posted by Dan's | Labels: ,


About Spaghetti
   Author: m4ll0k    Spaghetti is an Open Source spider web application scanner, it is designed to discovery diverse default in addition to insecure files, configurations, in addition to misconfigurations. Spaghetti is built on Python 2.7 in addition to tin run on whatever platform which has a Python environment.

 Spaghetti Installation:

Spaghetti's Features:
   Fingerprints:
  • Server:
  • Web Frameworks (CakePHP,CherryPy,...)
  • Web Application Firewall (Waf)
  • Content Management System (CMS)
  • Operating System (Linux,Unix,..)
  • Language (PHP,Ruby,...)
  • Cookie Security
   Discovery:
  • Bruteforce:Admin Interface
    Common Backdoors
    Common Backup Directory
    Common Backup File
    Common Directory
    Common FileLog File
  • Disclosure: Emails, Private IP, Credit Cards
   Attacks:
  • HTML Injection
  • SQL Injection
  • LDAP Injection
  • XPath Injection
  • Cross Site Scripting (XSS)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
   Other:
  • HTTP Allow Methods
  • HTML Object
  • Multiple Index
  • Robots Paths
  • Web Dav
  • Cross Site Tracing (XST)
  • PHPINFO
  • .Listing
   Vulns:
  • ShellShock
  • Anonymous Cipher (CVE-2007-1858)
  • Crime (SPDY) (CVE-2012-4929)
  • Struts-Shock
Spaghetti Example:
python spaghetti --url example.com --scan 0 --random-agent --verbose

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Dan's
Subscribe to: Posts (Atom)