Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 09/04/16 in all areas

  1. Nytro
    Blogs, Feeds, Guides & Links I was cleaning out my bookmarks, de-cluttering twitter favourites and closing a few tabs. Re-saw a few 'hidden gems' as well as repeating finding links for people, so I thought I would try and 'dump' them all in one place. These are roughly sorted, if you're wanting something better - I highly recommend having a look at the pentest-bookmarks. Programming/Coding [bash] Advanced Bash-Scripting Guide - http://tldp.org/LDP/abs/html/ [bash] Bash shell scripting tutorial - http://steve-parker.org/sh/sh.shtml [bash] Bourne Shell Reference - http://linuxreviews.org/beginner/bash_GNU_Bourne-Again_SHell_Reference/ [CheatSheet] Scripting Languages: PHP, Perl, Python, Ruby - http://hyperpolyglot.org/scripting Offensive Security's Pentesting With BackTrack (PWB) Course [Pre-course] Corelan Team - http://www.corelan.be [Pre-course] The Penetration Testing Execution Standard - http://www.pentest-standard.org/index.php/Main_Page [Hash] NTLM Decrypter - http://www.md5decrypter.co.uk/ntlm-decrypt.aspx [Hash] reverse hash search and calculator - http://goog.li http://security.crudtastic.com/?p=213 Tunnelling / Pivoting [Linux] SSH gymnastics with proxychains - http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html [Windows] Nessus Through SOCKS Through Meterpreter - http://www.digininja.org/blog/nessus_over_sock4a_over_msf.php WarGames / Online Challenges [WarGames] Title - http://securityoverride.com [WarGames] Title - http://intruded.net [Challenge] The Ksplice Pointer Challenge - http://blogs.oracle.com/ksplice/ [WarGames] Title - http://spotthevuln.com [WarGames] Title - http://cvo-lab.blogspot.com/2011/05/iawacs-2011-forensics-challenge.html [WarGames] Title - http://ftp.hackerdom.ru/ctf-images/ Exploit Development (Programs) [Download] Title - http://www.oldapps.com/ [Download] Title - http://www.oldversion.com/ [Download] Title - http://www.exploit-db.com/webapps/ Misc [RSS] Open Penetration Testing Bookmarks Collection - https://code.google.com/p/pentest-bookmarks/downloads/list [ExploitDev] Data mining Backtrack 4 for buffer overflow return addresses - http://insidetrust.blogspot.com/2010/12/data-mining-backtrack-4-for-buffer.html [DIY] Repair a Broken Ethernet Plug - http://www.instructables.com/id/Repair-a-Broken-Ethernet-Plug/step5/Make-its-Head-Thin/ [Desktop] Ubuntu Security - http://ubuntuforums.org/showthread.php?t=510812 [TechHumor] Title - https://www.xkcd.com [TechHumor] Title - http://www.blackhat.com/presentations/bh-europe-05/BH_EU_05-Long.pdf Exploit Development [Guides] Corelan Team - http://www.corelan.be [Guide] From 0x90 to 0x4c454554, a journey into exploitation. - http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html [Guide] An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities - http://resources.infosecinstitute.com/intro-to-fuzzing/ TiGa's Video Tutorial Series on IDA Pro - http://www.woodmann.com/TiGa/idaseries.html [Guide] Advanced Windows Buffer Overflows - http://labs.snort.org/awbo/ [Guide] Stack Based Windows Buffer Overflow Tutorial - http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.htmlt [Guide] SEH Stack Based Windows Buffer Overflow Tutorial - http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html [Guide] Windows Buffer Overflow Tutorial: Dealing with Character Translation - http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html [Guide] Heap Spray Exploit Tutorial: Internet Explorer Use After Free Aurora Vulnerability< - http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html [Guide] Windows Buffer Overflow Tutorial: An Egghunter and a Conditional Jump - http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html [Linux] Linux exploit development part 1 – Stack overflow. - http://sickness.tor.hu/?p=363 [Linux] Linux Exploit Writing Tutorial Pt 2 – Stack Overflow ASLR bypass Using ret2reg - http://sickness.tor.hu/?p=365 [Linux] Linux exploit development part 3 – ret2libc - http://sickness.tor.hu/?p=368 [Linux] Linux exploit development part 4 – ASCII armor bypass + return-to-plt - http://sickness.tor.hu/?p=378 [TechHumor] Title - [TechHumor] Title - http://amolnaik4.blogspot.com/2011/06/exploit-development-with-monapy.html Exploit Development (Case Studies/Walkthroughs) [Web] Finding 0days in Web Applications - http://www.exploit-db.com/finding-0days-in-web-applications/ [Windows] Offensive Security Exploit Weekend - http://www.corelan.be/index.php/2010/11/13/offensive-security-exploit-weekend/ [Windows] From vulnerability to exploit under 5 min - http://0entropy.blogspot.com/2011/02/from-vulnerability-to-exploit-under-5.html Exploit Development (Patch Analysis) [Windows] A deeper look at ms11-058 - http://www.skullsecurity.org/blog/2011/a-deeper-look-at-ms11-058 [Windows] Patch Analysis for MS11-058 - https://community.qualys.com/blogs/securitylabs/2011/08/23/patch-analysis-for-ms11-058 [Windows] CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation vulnerability - http://j00ru.vexillium.org/?p=893 [Mobile] Analyzing and dissecting Android applications for security defects and vulnerabilities - https://www.net-security.org/article.php?id=1613 Exploit Development (Metasploit Wishlist) [ExplotDev] Metasploit Exploits Wishlist ! - http://esploit.blogspot.com/2011/03/metasploit-exploits-wishlist.html [Guide] Porting Exploits To Metasploit Part 1 - http://www.securitytube.net/video/2118 Passwords & Rainbow Tables (WPA) [RSS] Title - http://ob-security.info/?p=475 [RSS] Title - http://nakedsecurity.sophos.com/2011/06/14/the-top-10-passcodes-you-should-never-use-on-your-iphone/ [RSS] Title - http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html [WPA] Offensive Security: WPA Rainbow Tables - http://www.offensive-security.com/wpa-tables/ [Tool] Ultra High Security Password Generator - https://www.grc.com/passwords.htm [Guide] Creating effective dictionaries for password attacks - http://insidetrust.blogspot.com/2010/07/creating-effective-dictionaries-for.html [Leaked] Diccionarios con Passwords de Sitios Expuestos - http://www.dragonjar.org/diccionarios-con-passwords-de-sitios-expuestos.xhtml [Download] Index of / - http://svn.isdpodcast.com/wordlists/ [Guide] Using Wikipedia as brute forcing dictionary - http://lab.lonerunners.net/blog/using-wikipedia-as-brute-forcing-dictionary [Tool] CeWL - Custom Word List generator - http://www.digininja.org/projects/cewl.php [Download] Title - http://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists [Leaked] Passwords - http://www.skullsecurity.org/wiki/index.php/Passwords Cheat-Sheets [OS] A Sysadmin's Unixersal Translator - http://bhami.com/rosetta.html [WiFi] WirelessDefence.org's Wireless Penetration Testing Framework - http://www.wirelessdefence.org/Contents/Wireless%20Pen%20Test%20Framework.html Anti-Virus [Metasploit] Facts and myths about antivirus evasion with Metasploit - http://schierlm.users.sourceforge.net/avevasion.html [Terms] Methods of bypassing Anti-Virus (AV) Detection - NetCat - http://compsec.org/security/index.php/anti-virus/283-anti-virus-central-methods-of-bypassing-anti-virus-av-detection.html Privilege Escalation [Linux] Hacking Linux Part I: Privilege Escalation - http://www.dankalia.com/tutor/01005/0100501004.htm [Windows] Windows 7 UAC whitelist - http://www.pretentiousname.com/misc/win7_uac_whitelist2.html [Windows] Windows Privilege Escalation Part 1: Local Administrator Privileges - http://www.netspi.com/blog/2009/10/05/windows-privilege-escalation-part-1-local-administrator-privileges/ Metasploit [Guide] fxsst.dll persistence: the evil fax machine - http://www.room362.com/blog/2011/6/27/fxsstdll-persistence-the-evil-fax-machine.html [Guide] Bypassing DEP/ASLR in browser exploits with McAfee and Symantec - http://www.scriptjunkie.us/2011/08/custom-payloads-in-metasploit-4/ [Guides] Metasploit Unleashed - http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training [Guides] Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1 - http://www.securitytube.net/video/1175 Default Generators [WEP] mac2wepkey - Huawei default WEP generator - http://websec.ca/blog/view/mac2wepkey_huawei [WEP] Generator: Attacking SKY default router password - http://sec.jetlib.com/BackTrack_Linux_Forums/2011/01/12/Generator:_Attacking_SKY_default_router_password Statistics [Defacements] Zone-H - http://www.zone-h.org [ExploitKits] CVE Exploit Kit list - http://exploitkit.ex.ohost.de/CVE%20Exploit%20Kit%20List.htm Cross Site Scripting (XSS) [Guide] vbSEO – From XSS to Reverse PHP Shell - http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ [RSS] Title - http://www.thespanner.co.uk/2009/03/25/xss-rays/ Podcasts [Weekly] PaulDotCom - http://pauldotcom.com/podcast/psw.xml [Monthly] Social-Engineer - http://socialengineer.podbean.com/feed/ Blogs & RSS [RSS] SecManiac - http://www.secmaniac.com [Guides] Carnal0wnage & Attack Research - http://carnal0wnage.attackresearch.com [RSS] Contagio - http://contagiodump.blogspot.com [News] THN : The Hacker News - http://thehackernews.com [News] Packet Storm: Full Disclosure Information Security - http://packetstormsecurity.org [Guides] pentestmonkey | Taking the monkey work out of pentesting - http://pentestmonkey.net [RSS] Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security - http://www.darknet.org.uk [RSS] Irongeek - http://www.irongeek.com [Metasploit] Room 363 - http://www.room362.com [Guides] Question Defense: Technology Answers For Technology Questions - http://www.question-defense.com/ [Guides] stratmofo's blog - http://securityjuggernaut.blogspot.com [Guides] TheInterW3bs - http://theinterw3bs.com [Guides] consolecowboys - http://console-cowboys.blogspot.com [Guides] A day with Tape - http://adaywithtape.blogspot.com [Guides] Cybexin's Blog - Network Security Blog - http://cybexin.blogspot.com [RSS] BackTrack Linux - Penetration Testing Distribution - http://www.backtrack-linux.org/feed/ [RSS] Offensive Security - http://www.offensive-security.com/blog/feed/ [RSS] Title - http://www.pentestit.com [RSS] Title - http://michael-coates.blogspot.com [RSS] Title - http://blog.0x0e.org [RSS] Title - http://0x80.org/blog [RSS] Title - http://archangelamael.shell.tor.hu [RSS] Title - http://archangelamael.blogspot.com [RSS] Title - http://www.coresec.org [RSS] Title - http://noobys-journey.blogspot.com [RSS] Title - http://www.get-root.com [RSS] Title - http://www.kislaybhardwaj.com [RSS] Title - https://community.rapid7.com/community/metasploit/blog [RSS] Title - http://mimetus.blogspot.com [RSS] Title - http://hashcrack.blogspot.com [RSS] Title - https://rephraseit.wordpress.com [RSS] Title - http://www.exploit-db.com [RSS] Title - http://skidspot.blogspot.com [RSS] Title - http://grey-corner.blogspot.com [RSS] Title - http://vishnuvalentino.com [RSS] Title - http://ob-security.info Sursa: http://g0tmi1k.blogspot.com/2011/11/blog-guides-links.html
    1 point
  2. Stefan-cel-Mare
    Chiar daca au acces la datele de contact a 20 de miliarde de oameni doar daca deschid facebook-ul,criminalii,hackerii,pedofilii,garda,mafiotii- nu sunt interesati.In schimb, daca un user cu 1 post isi pune datele pe rst,e mancat de viu.Asa ceva...
    1 point
  3. albertynos
    Salut, Easy Way : Facebook -> Press F12 -> In tabul Console -> Paste Next Script and Wait 1-2 mins http://pastebin.com/hqjm9pwp Have fun ! PS: Merge ca l-am testat !
    1 point
  4. Cosminovici
    Salutare! Cum pot accesa Deep Web-ul? Din cate stiu eu am nevoie de browserul TOR si de VPN. Rog seriozitate.
    -1 points
×
×
  • Create New...