Search results

Nightmangle is post-exploitation Telegram Command and Control (C2/C&C) Agent Nightmangle uses Telegram as a C2 server to communicate between the attacker and the client. However, it can only set one Telegram bot API per payload. This means that if you want to infect another machine, you need to...

thank you, I needed this information, now I will try it.

without much explanation, they are steps with punctual information... a few small notes... :) - Material https://www.vagrantup.com/ > allows to make portable machines https://developer.hashicorp.com/vagrant/install/vmware#windows https://www.packer.io/...

sorry, this is the link, I got confused when I typed it. 😓 https://github.com/helviojunior/knowsmore

KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync). https://github.com/helviojunior/knowsmorepentesting Microsoft Active Directory Main features Analyse the quality of password (length , lower case, upper case, digit...

interesting article, thanks man for the passwords, I will add it to my dictionary 😀

40,000+ Nuclei templates for security scanning and detection across diverse web applications and services ;) https://github.com/linuxadi/40k-nuclei-templates

Vulnerable app with examples showing how to not use secrets Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and...

Here are Google dorks to help you find target storage buckets left in the open: site:s3.amazonaws.com "target.com" site:blob.core.windows.net "target.com" site:googleapis.com "target.com" site:drive.google.com "target.com" site:dev.azure.com "target[.]com" site:onedrive.live.com "target[.]com"...

nice list, thanks, what kind of vulnerabilities do they have? to know if we have found the right thing or not. Or is it because they are http pages?

thanks for sharing bro! and something extra to add is to always have your nginx updated, I almost always see on pages that it is out of date haha.

nice tutorial bro, its always good to learn new things

hey guys where do you get your sources for current cybersecurity news? :)

great list man! Thanks for sharing it, it comes in handy

I share with you this guide for bug hunting, enjoy :) Title: Real-world bug hunting A field guide to web hacking Author: Peter Yaworski Content: Chapter 1: Bug Bounty Basics Chapter 2: Open Redirect Chapter 3: HTTP Parameter Pollution Chapter 4: Cross-Site Request Forgery Chapter 5: HTML...

Recognition tool fetchmeurls: https://www.blackhatethicalhacking.com/tools/fetchmeurls/ fetchmeurls is a robust reconnaissance tool crafted for Bug Bounty Hunters, enabling swift retrieval of URLs across various domains, whether within a small or extensive scope, through both active and...

thanks for sharing bro, how can I use the sleep function in a payload during a pentest?

great!, good content, thanks bro for sharing, quality member, I'll take a look. 👏

thanks, I use FoxiProxy, I will try the tool you shared, it looks nice 😶‍🌫️

Analyze is a free and open source digital forensics tool that provides a graphical user interface for the Forensic Investigation Toolkit (SIFT) which acquires, processes, analyzes and reports on digital evidence. The tool is also extensible, allowing users to add new modules and tools to meet...