Browsing tag
byp4xx.sh __ __ __ / /_ __ ______ / // / _ ___ __ / __ / / / / __ / // /_| |/_/ |/_/ / /_/ / /_/ / /_/ /__ __/> <_> < /_.___/__, / .___/ /_/ /_/|_/_/|_| /____/_/ A bash script to bypass “403 Forbidden” responses with well-known methods discussed […]
Researchers recently discovered 2 new critical vulnerabilities in the SHAREit App lets attackers bypass the Android device authentication mechanism and download the arbitrary files in victims device. SHAREit is data sharing cross-platform application for Android, iOS, PC & Mac and the app downloaded by nearly 500 Million users since 2013 when the app was launched. […]
WhatsApp recently introduced the ability for iOS users to access the app via Touch ID or Face ID for added security. Now, it seems like the new feature is not as secure after all, as hinted by a Reddit user. According to the Reddit user, iPhone users can launch WhatsApp without verification through Touch ID or […]
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. How works In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links: […]
Author: Colin Harper If you’ve ever dealt in Bitcoin, you may have suffered through hour-long (or at worst, day-long) transaction times. It’s becoming commonplace for Bitcoin to have backlogs of 150k+ unconfirmed transactions at times of high transaction volume, and when we couple this with its exorbitant fees, it’s a wonder how you’re ever gonna […]
Author: Alex Moskov What is Litecoin? Litecoin (LTC) is a decentralized peer-to-peer cryptocurrency that was released on October 7th, 2011 and went live on October 13th, 2011. The silver to Bitcoin’s gold. Bitcoin’s little brother that doesn’t get out much. These are just a few of the things you might hear being tossed around when […]
HatCloud is built in Ruby. It tries to bypass CloudFlare and discover real IP. This can be useful if you need to test your web server and website. HatCloud simply uses another website to pull the data and the script is not making any use of a vulnerability or bug within CloudFlare. Installation and Usage: […]
OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP, SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for […]
WhatWaf is an advanced firewall detection tool who’s goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/–url […]
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks. Features+ Generated executable properties: The executable size is smaller compared to other droppers generated the […]
A new Antivirus design flaw has discovered and named as AVGater for the Windows Local Privilege Escalation Vulnerability which is presented in many antiviruses that can be abused and bypassed using restore from quarantine Method. Quarantine is a special storage suspicious (probably infected) objects used by Antivirus engine. A function of antivirus software that isolates infected […]
Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ – will work on any x86-64 Debian-based OS BASH – the whole script Limitations: Stack needs to be executable (-z execstack) Binary has to be exploited through arguments locally (not file, socket or input) No […]
A wrapper tool for shadowsocks to consistently bypass firewalls. Quick start Automatically connect The easiest way to run this tool is just type ssct in terminal, and ssct will acquire available shadowsocks servers from ishadowsocks and connect to it automatically. Connect to a specific server First, show all ss servers by –list option. ssct –list […]
WAFNinja is a CLI tool written in Python. It is the best tool for penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to be easily extendable, simple to use and usable in a team environment. Many payloads and fuzzing strings, which are […]
Today i’m going to show you guys how to bypass android lockscreen using two methods. Method 1 What you need: Windows or Linux based PC Android screenlockbypass.apk – Download here ADB – Download here This will be much easier if your target device has usb debugging enabled. If usb debugging is enabled on target phone: […]