رفتن به مطلب

Root SmasheЯ

مدیریت کل سایت
  • تعداد ارسال ها

    230
  • تاریخ عضویت

  • آخرین بازدید

  • روز های برد

    2

آخرین بار برد Root SmasheЯ در 18 بهمن 1398

Root SmasheЯ یکی از رکورد داران بیشترین تعداد پسند مطالب است !

اعتبار در سایت

7 Neutral

2 دنبال کننده

درباره Root SmasheЯ

  • دیگر گروه ها ISG Defender Team

آخرین بازدید کنندگان نمایه

260 بازدید کننده نمایه
  1. This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. Download Leonidas [Hidden Content]
  2. Root SmasheЯ

    Sifter-A OSINT, recon & vulnerability scanner

    Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. Download Sifter [Hidden Content]
  3. Root SmasheЯ

    BaseCrack

    BaseCrack is a tool written in Python that can decode all alphanumeric base encoding schemes. This tool can accept single user input, multiple inputs from a file, input from argument, multi-encoded bases and decode them incredibly fast. Decode Base16, Base32, Base36, Base58, Base62, Base64, Base64Url, Base85, Base91, Base92 and more with the best base encoding scheme decoding tool in town. It's useful for CTFs, Bug Bounty Hunting, and Cryptography. Download BaseCrack [Hidden Content]
  4. Root SmasheЯ

    autoRecon

    autoRecon is a automation tool which works on Phases which automates the manual process and give results in HTML file. Features --On the Main domain 1. It will try to find if the domain NS (name server) leaks some Zone transfer file or not. 2. It will try to find the Virtual host on that domain. So to give out info about "How many web application running on single IP". Remember please check if that domain is in scope or not. 3. It will try to parse the CSP header (if set). It will store the domains which are set on CS policy. For ex. CSP:- default-src *.test.com www.test1.com test2.com then it will parse it and store these domains like test.com, www.test1.com, test2.com then it will try to find the JSONp endpoints on those domains through the use of google.com, ask.com. (Intentionally for bypassing CSP). 4 Then it will try to crawl the target and try to find out the vulnerble URL for xss. (If any). Remember it will take one round for crawl. 5. Try to find S3 buckets. --On the Sub-domains. Phase 1: It will find the sub-domains through the use of the sublist3r. Phase 2: It will find the status code of each sub-domain found by the sublist3r and make separate list of each sub-domain with their respective status code. Phase 3: In this phase the tool will try to find the CNAME's entries of 404's sub-domains. NOTE: For this Phase, the main objective is to check for the SUBDOMAIN TAKE-OVER Vuln. Phase 4: In this phase, through the use of Multi-threading, this tool will find the Port status (with Banner Grabbing) running on each Sub-domains. Note: The defined ports are "21, 22, 80, 8080, 443, 8443, 3306, 445". And it will make the two seperate list of URL's which have 21 port open and 80 port open. Phase 5: In this phase the tool will find the *What CMS, Server, Frameworks and versions (if leaks) are using in the domain and Sub-domains. Phase 6: In this Phase, if there is any FTP open found by "Phase 4", then it will try to get the Anonymous login. Phase 7: In that phase it will find the URLs in the WayBack machine but whose domain status code is 401, 403. And will Capture screen-shots of way-back URLs. Phase 8:- It will try to find default files for ex. phpinfo.php, htaccess.txt on each and every sub-domain. Phase 9:- At last if any subdomain is using Cloudflare service then it will go for the DNS history for that subdomain. Now lastly it will give you the results in HTML file. Download autoRecon [Hidden Content]
  5. Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of users to identify which users are valid, using Kerberos. Talon can also perform a password guessing attack against the Kerberos and LDAPS (LDAP Secure) services. Talon can either use a single domain controller or multiple ones to perform these attacks, randomizing each attempt, between the domain controllers and services (LDAP or Kerberos). ./Talon -D STARLABS.LOCAL -Hostfile DCs -Userfile Users -sleep 1 -E __________ ________ ___ ________ ________ |\___ _\\\ __ \|\ \ |\ __ \|\ ___ \ \|___ \ \_\ \ \|\ \ \ \ \ \ \|\ \ \ \\ \ \ \ \ \ \ \ __ \ \ \ \ \ \\\ \ \ \\ \ \ \ \ \ \ \ \ \ \ \ \____\ \ \\\ \ \ \\ \ \ \ \__\ \ \__\ \__\ \_______\ \_______\ \__\\ \__\ \|__| \|__|\|__|\|_______|\|_______|\|__| \|__| (@Tyl0us) [-] 172.16.144.195 STARLABS.LOCAL\asmith: = User Does Not Exist [+] 172.16.144.185 STARLABS.LOCAL\ballen: = User Exist [-] 172.16.144.186 STARLABS.LOCAL\bjohnson: = User Does Not Exist [-] 172.16.144.195 STARLABS.LOCAL\bwayne: = User Does Not Exist [+] 172.16.144.195 STARLABS.LOCAL\csnow: = User Exist [-] 172.16.144.186 STARLABS.LOCAL\jtodd: = User Does Not Exist [+] 172.16.144.186 STARLABS.LOCAL\hwells: = User Exist [-] 172.16.144.186 STARLABS.LOCAL\wwest: = User's Account Locked Download Talon [Hidden Content]
  6. لیست Payload ها Active Directory Attack Cloud - AWS Pentest Cloud - Azure Pentest Cobalt Strike - Cheatsheet Linux - Persistence Linux - Privilege Escalation Metasploit - Cheatsheet Methodology and enumeration Network Pivoting Techniques Network Discovery Reverse Shell Cheatsheet Subdomains Enumeration Windows - Download and Execute Windows - Mimikatz Windows - Persistence Windows - Post Exploitation Koadic Windows - Privilege Escalation Windows - Using credentials [Hidden Content]
  7. ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. _ ____ ____ _ _ _ / \ | _ \ / ___|___ | | | ___ ___ _| |_ ___ _ __ / _ \ | | | | | / _ \| | |/ _ \/ __|_ __/ _ \| '__| / ___ \| |_| | |__| (_) | | | __/ (__ | || (_) | | /_/ \_\____/ \____\___/|_|_|\___|\___| |__/\___/|_| Usage: ADCollector.exe -h --Domain (Default: current domain) Enumerate the specified domain --Ldaps (Default: LDAP) Use LDAP over SSL/TLS --Spns (Default: no SPN scanning) Enumerate SPNs --Term (Default: 'pass') Term to search in user description field --Acls (Default: 'Domain object') Interesting ACLs on an object Example: .\ADCollector.exe --SPNs --Term key --ACLs 'CN=Domain Admins,CN=Users,DC=lab,DC=local' Features Current Domain/Forest information Domains in the current forest (with domain SIDs) Domain Controllers in the current domain [GC/RODC] (with ~~IP,OS Site and ~~Roles) Domain/Forest trusts as well as trusted domain objects[SID filtering status] Privileged users (currently in DA and EA group) Unconstrained delegation accounts (Excluding DCs) Constrained Delegation (S4U2Self, S4U2Proxy, Resources-based constrained delegation) MSSQL/Exchange/RDP/PS Remoting SPN accounts User accounts with SPN set & password does not expire account Confidential attributes () ASREQROAST (DontRequirePreAuth accounts) AdminSDHolder protected accounts Domain attributes (MAQ, minPwdLength, maxPwdAge lockoutThreshold, gpLink[group policies that linked to the current domain object]) LDAP basic info(supportedLDAPVersion, supportedSASLMechanisms, domain/forest/DC Functionality) Kerberos Policy Interesting ACLs on the domain object, resolving GUIDs (User defined object in the future) Unusual DCSync Accounts Interesting ACLs on GPOs Interesting descriptions on user objects Sensitive & Not delegate account Group Policy Preference cpassword in SYSVOL/Cache Effective GPOs on the current user/computer Restricted groups Nested Group Membership Download ADCollector [Hidden Content]
  8. Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!) هشدار: به احتمال زیاد بعد از استفاده از این اسکریپت IP شما توسط شودان بن خواهد شد! فقط در موارد ضروری استفاده کنید. Download Shodanfy [Hidden Content]
  9. Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks for Location Permission and if the target allows it, we can get : Longitude Latitude Accuracy Altitude - Not always available Direction - Only available if user is moving Speed - Only available if user is moving Along with Location Information we also get Device Information without any permissions : Operating System Platform Number of CPU Cores Amount of RAM - Approximate Results Screen Resolution GPU information Browser Name and Version Public IP Address IP Address Reconnaissance Download Seeker [Hidden Content]
  10. Root SmasheЯ

    Tool-X

    Tool-X is a Kali Linux hacking tools installer for Termux and linux system. Tool-X was developed for Termux and linux based systems. Using Tool-X, you can install almost 370+ hacking tools in Termux (android) and other Linux based distributions. Now Tool-X is available for Ubuntu, Debian etc. Tool-X works on any of the following operating systems: • Android (Using the Termux App) • Linux (Debian Based Systems) • Unix Download Tool-X [Hidden Content]
  11. Root SmasheЯ

    Fast Google Dorks Scan

    A script to enumerate web-sites using Google dorks. Features: Looking for the common admin panel Looking for the widespread file types Path traversal Prevent Google banning Download Fast Google Dorks Scan [Hidden Content]
  12. Root SmasheЯ

    SecretFinder

    A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files. SecretFinder is a python script based on LinkFinder.. written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything on js files. Download SecretFinder [Hidden Content]
  13. Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right now is perfect for teams as small as one person, without costing you much at all to run. And by not much to run at all, I mean, less than 5 bucks a month if you use responsibly, and a free two months with my referral link below. Read more about the economics at the bottom. Download Axiom [Hidden Content]
  14. Root SmasheЯ

    HyperDbg Debugger

    HyperDbg is an open-source, user mode and kernel mode Windows debugger with a focus on using hardware technologies to provide new features to the debuggers’ world. It is designed on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging mechanisms, but instead, it uses Second Layer Page Table (a.k.a. Extended Page Table or EPT) extensively to monitor both kernel and user executions. HyperDbg comes with features like hidden hooks, which is as fast as old inline hooks, but also stealth. It mimics hardware debug registers for (read & write) to a specific location, but this time entirely invisible for both Windows kernel and the programs, and of course without any limitation in size or count! Using TLB-splitting, and having features such as measuring code coverage and monitoring all mov(s) to/from memory by a function, makes HyperDbg a unique debugger. Although it has novel features, HyperDbg tries to be as stealth as possible. It doesn’t use any debugging APIs to debug Windows or any application, so classic anti-debugging methods won’t detect it. Also, it resists the exploitation of time delta methods (e.g., RDTSC/RDTSCP) to detect the presence of hypervisors, therefore making it much harder for applications, packers, protectors, malware, anti-cheat engines, etc. to discover the debugger. Download HyperDbg Debugger [Hidden Content]
×
×
  • اضافه کردن...