rukov

Confuser EX 0.4 si toate versiunile care o sa apara or sa fie in blacklist din cauza ca toti care au gandaci si sobolani isi vor proteja cu el creatiile.Si firmele de antivirus sa nu se mai complice pune in blacklist protectorul la fel ca si TheMida si altele. Uitate aici https://www.virustotal.com/en/file/862e50927486f20a6e6b577373df311c602a605dcf12b74edcd1eef0a2da6710/analysis/1420023537/ De exemplu la Avira TR/Confuser.87040.1 e doar o chestiune de timp pana cand toti isi fac update si sa il puna in blacklist si noua versiune.

Apare din cauza protectorului ca el este in blacklist nu si programu in sine neprotejat.

@io.kent iti apare asa ca este impachetat cu ConfuserEx v0.4.0 care este in blacklist antivirusilor.

Instaleaza AdGuard https://rstforums.com/forum/91182-adguard-5-10-1167-5997-a.rst?highlight=AdGuard

Free edition contains: CryptoLocker, copycat, and other ransomware protection (malware that encrypts your files for a ransom.) Definitions based protection system for executable file types (v7.3 and above.) Protection from fake file extensions and other attacks found in most trojan based malware. Almost 200 policy rules created to block malicious executables depending on options selected. Options to disable certain types of protection or rules, and optionally to remove rules individually as necessary. Event viewer for examining the event details and the rule that blocked any application. Manual updating of both the application and definition files. Download http://download.foolishit.com/CryptoPreventSetup.exe

DotNet Patcher v4.0.0.4 Postby rukov » 28 Dec 2014 02:22 Zoom in (real dimensions: 603 x 597)Image [FEATURES] --> Showing selected file informations (Assembly name, target CPU, Version) --> Detect and showing the result if the binary file was obfuscated or packed. Supported list : - Rpx (Packer) - ILProtector (Packer) - NetZ .NET (Packer) - NetPack (Packer) - Mpress .NET (Packer) - DotNetPatcher (Packer/Obfuscator) - CodeFort Obfuscator (Obfuscator) - Manco.NET Obfuscator (Obfuscator) - Skater .NET Obfuscator (Obfuscator) - EazObfuscator (Obfuscator) - Spices.Net (Obfuscator) - Goliath.NET (Obfuscator) - Dotfuscator (Obfuscator) - Crypto Obfuscator (Obfuscator) - Code Veil (Obfuscator) - Agile.NET (Obfuscator) - Babel Obfuscator (Obfuscator) - SmartAssembly (Obfuscator) - Macrobject (Obfuscator) --> Modify the File "VersionInfos" Informations --> Requested level execution Detection/Changer (asInvoker, requireAdministrator, highestAvailable) --> Dependencies Detection/Merging --> Obfuscator/Packer (Types, Methods, Properties, Fields, Events, strings encryption, integers & booleans encoding, Anti Debug/Tamper/Dumper/IlDasm, public calls hidding) --> Resources compression & encryption --> Resources content renaming --> Icon changer Download http://wallace87000.upd.fr/DotNetPatcher.exe

Sa stii ca baieti de aici nu au puteri supranaturale sa iti modifice tie ceva la care nu ai acces.

Nustiu de ce mi sa adresat mie.Nu lucrez la ambasada. PS: Pentru toti nu sunt din rusia baieti

Eu am primit asta acum 2-3 zile. salut cum pot obtine azil politic in ucraina sau rusia?

The Mobile-Sandbox provides static and dynamic malware analysis combined with machine learning techniques for Android applications.

@Coco incearca asta Zippyshare.com nustiu cum functioneaza ca eu nu am iphone, ipad, imar

PWCT is not a Wizard for creating your application in 1 2 3 steps. PWCT is a general-purpose visual programming tool designed for novice and expert programmers. A novice programmer can use PWCT to learn programming concepts like Data Structure, Control Structure, Programming Paradigm,..etc. An expert programmer can use PWCT to develop large and/or complex software. Using PWCT we developed a textual programming language Compiler and Virtual Machine, This language called Supernova (Supernova programming language | SourceForge.net). Another projects developed using PWCT are the Smart POS System (Smart POS System | SourceForge.net) and the Critical Nodes Application (Critical Nodes | SourceForge.net). You can see/edit the generated source code. PWCT support Harbour, Supernova, C, Python, & C#.NET and you can extend PWCT to support code generation in any text based programming language. Features Free-Open Source - GNU General Public License v2.0. You can use PWCT to create commercial closed source applications Visual Programming - More than one dimension. Visual Programming - Programming using a GUI. Visual Programming - No Syntax Errors. Visual Programming - Time Dimension. Visual Programming - Colors. Practical Editor - Autocomplete (IntelliSense) Practical Editor - Keyboard shortcuts (high writability). Practical Editor - Customization (Max. Readability & Writability). Practical Editor - Cut/Copy/Paste & Search/Replace. Practical Editor - Syntax Directed Editor. Practical Editor - Free Editor & VPL Compiler. Programming Paradigm - Don't force a programming paradigm. Programming Paradigm - Imperative Programming. Programming Paradigm - Procedural Programming. Programming Paradigm - Object Oriented Programming. Programming Paradigm - Event Driven Programming. Programming Paradigm - Super Server programming (New) Compatable (Optional) - See/Edit the generated source code. Compatable (Optional) - You can support any textual programming language. Compatable (Optional) - Support C, Python, C# , Harbour & Supernova. Programming Scope - General Purpose. Programming Scope - Create Large scale Applications/Systems. Programming Scope - High Level Programming. Programming Scope - Low Level Programming. Framework & Extension - Create/use Visual Programming Languages. Framework & Extension - Comes with more than one VPL. Framework & Extension - Create new components. Framework & Extension - Programs update after components modification. Operating System - Microsoft Windows product. Operating System - Works fine on Linux using Wine Operating System - Create Windows Applications. Operating System - Create Multiplatform Applications Dynamic Generation instead of Drag & Drop. General and Practical. Samples/Tutorial/Movies Manager. Play programs as movie. Run programs in the past. Download Download Programming Without Coding Technology from SourceForge.net

Binary executable decompiler Decompiler reads program binaries, decompiles them, infers data types, and emits structured C source code. It currently supports x86 fully and 68k, PowerPC partially. Both command-line and GUI operation are supported. Download Download Decompiler from SourceForge.net

sendfile.su :: ?????? ????? enjoy

RAS is a privacy enhancing firefox addon which aims to hinder browser fingerprinting. It does this by changing the browser/device profile on a timer. Each browser profile has been tailored to match the actual values used by the target browser as much as possible, within the limits set by firefox. It also supports other privacy enhancing options Features Allows the user to choose a browser profile at random (From all available profiles or desktop profiles only) Allows the user to specify the interval at which the random profiles are chosen. Interval can also be random, a specific time period or per session if not set Allows the user to exclude profiles from random selection. Persistently remembers the users choice of user agent and time interval if set. Provides a quick toggle to enable/disable the addon via right clicking the icon as well as a checkbox in the UI. Provides option to toggle notifications of user agent changes. Allows vendor spoofing that was removed in firefox 24 Sets other privacy attributes such as buildid, oscpu and platform where the values are known. It has a left click menu of expandable lists to allow users to quickly choose specific profiles It has a large list of profiles (nearly 400 at this time). Option to limit local dom storage Option to disable browser cache Option to limit fonts to a standard set (monospace, serif, times new roman) Option to limit tab history to two Option to disable geolocation support Option to disable dns prefetching Option to disable link prefetching Option to disable webgl Option to disable webRTC Option to disable canvas element support Option to set referer header Option to set do not track header Options to send spoofed headers including via, x-forwarded-for and if-none-match. Options to spoof the accept headers: documents, encoding and language (US English) so they match the spoofed profile. Option to override timezone offset to a random timezone, send nothing, specify one from a list or use the default one. Option to spoof screen and window sizes to a specific size or set at random Download https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/

@badboy17 link-ul este invalid la ora asta poti sa faci un upload? Multumesc

@io.kent eu in locul tau as face asa.As da conturile numai la cei cu un numar de posturi.Daca lumea abuzeaza de ele nu le mai posta pentru toata lumea.

! BUG Fix! Entry: Compiler: Microsoft Visual C++ (RTL: __crtGetStringTypeA) misdetected ! BUG Fix! Entry: Compiler: Microsoft Visual C++ (RTL: __crtLCMapStringA) misdetected * ZLib better detect * Borland Turbo C 1.0 better detect * MinGW32 better detect * PowerBasic CC 3.x better detect (EP) * CheckSum Adler32() better detect (RFC 1950) * Borland Delphi version better detect * Borland Delphi DCU Hdr magics * Borland C++ Builder better detect * Microsoft Visual C++ x64 better detect * NIST B571 better detect * LZX better detect * Tiny Primes array better detect * Hash padding array detection method changed * WinZip SFX better detect + GCC Algo group + MINGW Algo group + QT Algo group + ACSS Crypt + MinGW32 2.x..4.x DLL (EP) + MinGW64 2.x..4.x DLL (EP) + Qt strings detect (use QT Algo) + Aladdin HASP SRM + Rar 5.x Archive Signature + Confuser .NET Obfuscator (String) + LZXC2 Hdr marker + SnakeSoftware ExeBook + Photodex Installer + Map: Bits in byte count lookup table + Map: Power 2 table + eLicense initial detect Usage: cc.exe [AlgoGroupName] wildcards * Built to find everything Available AlgoGroup names are: AES AES Block Cipher * Search ALL - try as last resort BLACK A few known blacklisted names BLOWFISH Blowfish Block Cipher BORLAND Some Borland common sigz CAST CAST Block Cipher COM COM-specific text strings CRACK Some words relative to crack CRC CRC16/32 Hash function DES DES Block Cipher DITTO Search for Ditto values EBOOK e-books EXCEPTION Exceptions EXTRA Extra search - Generate a Lot of Junk FERMAT A few Fermat's numbers GFX Common graphics formats HAVAL Haval Hash function HASH Some Hash specific values IMUL Some strange IMUL immediate values IRREDUCIBLE Some Irreducible polynomials LOCKBOX Some LockBox sigz LZX Some LZX archiver sigz MAGIC Some common Magic values MARKER Some common markers MARS Mars Block Cipher MASK Some common Mask values MD MD Family Hash functions MICROSOFT Some M$ common sigz MSG WinAPI Message reference NUMS A few common Numerical values PRNG A few common PRNG sigz Q128 Q128 Block Cipher RSA RC5/6 Block Cipher etc. SMALL_PRIMES 90,000+ small Prime numbers (> 65,521) SNEFRU Snefru Hash function STL STL-containers names TBYTE System@Pow10 TByte arrays TEXT Rough ASCIIZ strings dumper (5..1040 chrs) TIME Date/Time calculation relative TINY_PRIMES 6,000+ tiny Prime numbers (< 65,537) WAKE Wake Block Cipher WIDE Borland Wide strings dumper ZIP A few (PK)Zip sigz Download https://github.com/nihilus/IDA-CC

Redline, Mandiant’s premier free tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile. With Redline, users can: Thoroughly audit and collect all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history. Analyze and view imported audit data, including narrowing and filtering results around a given timeframe using Redline’s Timeline functionality with the TimeWrinkle™ and TimeCrunch™ features. Streamline memory analysis with a proven workflow for analyzing malware based on relative priority. Identify processes more likely worth investigating based on the Redline Malware Risk Index (MRI) score. Perform Indicator of Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline Portable Agent is automatically configured to gather the data required to perform the IOC analysis and an IOC hit result review Download https://dl.mandiant.com/EE/library/Redline-1.12.msi

Mandiant’s Memoryze is free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis. Mandiant’s Memoryze features: image the full range of system memory (not reliant on API calls). image a process’ entire address space to disk. This includes a process’ loaded DLLs, EXEs, heaps and stacks. image a specified driver or all drivers loaded in memory to disk. enumerate all running processes (including those hidden by rootkits). For each process, Memoryze can: report all open handles in a process (for example, all files, registry keys, etc.). list the virtual address space of a given process including: displaying all loaded DLLs. displaying all allocated portions of the heap and execution stack. list all network sockets that the process has open, including any hidden by rootkits. specify the functions imported by the EXE and DLLs. specify the functions exported by the EXE and DLLs. hash the EXE and DLLs in the process address space (MD5, SHA1, SHA256. This is disk based.) hash the EXE and DLLs in the process address space. (This is a MemD5 of the binary in memory). verify the digital signatures of the EXE and DLLs. (This is disk based.) output all strings in memory on a per process basis. identify all drivers loaded in memory, including those hidden by rootkits. For each driver, Memoryze can: specify the functions the driver imports. specify the functions the driver exports. hash the driver. (MD5, SHA1, SHA256. this is disk based.) verify the digital signature of the driver (This is disk based.) output all strings in memory on a per driver base. report device and driver layering, which can be used to intercept network packets, keystrokes and file activity. identify all loaded kernel modules by walking a linked list. identify hooks (often used by rootkits) in the System Call Table, the Interrupt Descriptor Tables (IDTs) and driver function tables (IRP tables). Mandiant’s Memoryze can perform all these functions on live system memory or memory image files – whether they were acquired by Memoryze or other memory acquisition tools. Memoryze officially supports: Windows 2000 Service Pack 4 (32-bit) Windows XP Service Pack 2 and Service Pack 3 (32-bit) Windows Vista Service Pack 1 and Service Pack 2 (32-bit) *Windows Vista Service Pack 2 (64-bit) Windows 2003 Service Pack 2 (32-bit and 64-bit) Windows 7 Service Pack 0 (32-bit and 64-bit) *Windows 2008 Service Pack 1 and Service Pack 2 (32-bit) Windows 2008 R2 Service Pack 0 (64-bit) *Windows 8 Service Pack 0 (32-bit and 64-bit) *Windows Server 2012 Service Pack 0 (64-bit) Download https://dl.mandiant.com/EE/library/MemoryzeSetup3.0.msi

Detekt is a free tool that scans your Windows computer for traces of FinFisher and Hacking Team RCS, commercial surveillance spyware that has been identified to be also used to target and monitor human rights defenders and journalists around the world. Download https://github.com/botherder/detekt/releases/latest

Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces. Inception aims to provide a relatively quick, stable and easy way of performing intrusive and non-intrusive memory hacks against live computers using DMA. How it works Inception’s modules work as follows: By presenting a Serial Bus Protocol 2 (SBP-2) unit directory to the victim machine over the IEEE1394 FireWire interface, the victim operating system thinks that a SBP-2 device has connected to the FireWire port. Since SBP-2 devices utilize Direct Memory Access (DMA) for fast, large bulk data transfers (e.g., FireWire hard drives and digital camcorders), the victim lowers its shields and enables DMA for the device. The tool now has full read/write access to the lower 4GB of RAM on the victim. Once DMA is granted, the tool proceeds to search through available memory pages for signatures at certain offsets in the operating system’s code. Once found, the tool manipulates this code. For instance, in the unlock module, the tool short circuits the operating system’s password authentication module that is triggered if an incorrect password is entered. After running that module you should be able to log into the victim machine using any password. An analogy for this operation is planting an idea into the memory of the machine; the idea that every password is correct. In other words, the equivalent of a memory inception. Download https://github.com/carmaa/inception

EasyAuth (EZA) is a proof-of-concept authentication system based on client SSL certificates that doesn't require users to remember any secrets. It's much easier on your users than the typical password and secret question systems. Ordinary people just can't create and remember random passwords for every site. This system stops attackers who can find out or guess security questions or guess or brute-force passwords. These are the same kind of attacks that have worked again and again against many celebrities, website owners, and ordinary people. Because EZA uses modern crypto, malicious websites with fake login pages that can steal passwords won't work. You can re-use the same certificate on all websites and unlike re-used passwords, even if one site got hacked or was malicious itself, you'll still be secure on the other sites. Or you can easily use different certificates to maintain anonymity. This system even stops advanced attackers who can "man-in-the-middle" your connection and strip the encryption of other sites with fraudulent certificates. Hundreds of organizations can issue certificates and many have issued bad certificates before. This system doesn't rely on trusting any of those organizations, since it verifies your actual key! This system supports two factor (or 3 factor or 4 factor or...) authentication that's stronger than even other multi-factor authentication systems. EZA has stronger account reset processes, using multiple devices and/or a printed or mailed reset code, not like the typical insecure account reset questions whose answers are all too easy to guess or find out. EZA even supports smart cards for users that have them, for true multi-factor authentication and the highest level of security. EZA does not require any new hardware, and it is compatible with almost every browser and platform in use today. Download https://github.com/scriptjunkie/EasyAuth/

Accessing processes remotely, also system processes when running as Administrator; Memory scanning for primitive types, strings and byte sequences; Filtering scan results (a.k.a. Next scan); Supports relative addresses and offsets; Creating, saving and reusing address tables containing scan results. Changing values at memory addresses and freeze them; Viewing PE (Portable Executable) information about the opened process; Viewing and dumping sections; Viewing threads, change priority, suspend, resume and create threads remotely; Viewing, injecting, ejecting, dumping and hiding modules, and restore PE headers from a file on the disk; Allocating memory blocks remotely; Generating code snippets from address tables; Hotkeys to automate actions that do not require user input; Viewing import address table of loaded process and its modules; Settings hooks on the IAT of a process and its modules and restoring export addresses; Viewing PEB and TEB's for loaded process and its threads, including manipulation of certain associated information; Viewing and closing handles in the loaded process; Disassembling executable pages in a process to provide memory view and program flow control; Walking heaps in the opened process as side feature of the disassembler; Debugging executable code and data to find out what the flow of a program is; Plugin system featuring CrySearch extensions to be written in MASM, C or C++; Generate signatures and byte-arrays from selected disassembly; Create memory dissections of specific parts of the process' memory and save them to the address table. Download Zippyshare.com