Leaderboard

Description NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. NetRipper was released at Defcon 23, Las Vegas, Nevada. Abstract The post-exploitation activities in a penetration test can be challenging if the tester has low-privileges on a fully patched, well configured Windows machine. This work presents a technique for helping the tester to find useful information by sniffing network traffic of the applications on the compromised machine, despite his low-privileged rights. Furthermore, the encrypted traffic is also captured before being sent to the encryption layer, thus all traffic (clear-text and encrypted) can be sniffed. The implementation of this technique is a tool called NetRipper which uses API hooking to do the actions mentioned above and which has been especially designed to be used in penetration tests, but the concept can also be used to monitor network traffic of employees or to analyze a malicious application. https://github.com/NytroRST

Salut forum, as vrea sa adaugam niste linkuri de la Mega cu orice cursuri SANS (sau altele) pe care le mai gasiti pe net. O sa incep eu. Pentester Academy Abusing SQL Server Trusts in a Windows domain: https://mega.nz/#F!jjpmASIS!VTc_8DjGuExZBDv4E8-SwA SANS 642: https://mega.nz/#F!enwXQSib!uzuCIvly6E9t8cx8J1pN2Q!miAVhDKZ https://mega.nz/#F!enwXQSib!uzuCIvly6E9t8cx8J1pN2Q SANS SEC560 - 2017: https://mega.nz/#F!tO4TQbga!OvStyzKmOta6MEcZmesP7w SANS 555: https://mega.nz/#F!7KZw2AhR!hE-yr2rrxjRxpHgpt8pRGg SANS 760 vm: https://mega.nz/#!3QpCkDQA!qP24XpGeNGZ3_5EBaUULm2F23jyVbYuwP_0JDk097ts Pentester Academy cursuri: https://mega.nz/#F!2zZXwTzI!4wVK8DOAD-Dj8vsccvoKPg https://mega.nz/#F!CewXwASZ!SrQJtaL0MM9f8CqbvcqZGg Luati si adaugati cat sunt calde!

NetRipper - Added support for Chrome 70 x64 https://github.com/NytroRST/NetRipper

1. Deschizi un terminal 2. Bagi comanda urmatoare: ping 127.0.0.1 # username 3. (In loc de "username" pui username-ul ala gasit de tine). INFO: In response o sa vezi ca primesti niste chestii ca: 4 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.063 ms 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.080 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.135 ms ... 4. Lasi sa primesti vreo 300-400 de astfel de linii si parola o sa fie una din ele astfel: icmp_seq=0 + time. Exemplu 1: icmp_seq=00.063 Exemplu 2: icmp_seq=10.080 ... si tot asa. Ideea e sa ai rabdare sa le iei pe toate la mana si sa nu ratezi nici macar una. Eu asa am spart vreo 20 de d-alea. Sper sa mearga si la tine. (La asta se referea si @u0m3 cand a zis de "bruteforce" sau "phishing"). Nu te lua dupa astia de aici ca sunt rai si nu vor sa ajute oameni. Fundita pls

NetRipper - Added support for cross-compilation on Linux - https://github.com/NytroRST/NetRipper

@unic poti sa mai urci inca o data listele? link-urile nu mai sunt valabile. thx!

Daca esti jucator de poker pe platforme online cred ca sti deja ca nu e permis sa ai mai mult de un cont pe respectiva platforma! Asta ti-o spun ca sa sti ca nu e legal ce incerci sa faci , posibil este si destul de simplu , RDP`s de diferite tari si aia e . https://webpundits.in/buy-ssd-cheap-rdp/ Edit : @Massaro daca omul vrea sa se duca la puscarie ce treaba am eu ?:)))) Nice vote, ty .