2024-05-07
Ai Hacking Assistants, Automated Hacking

awvs

https://github.com/iSafeBlue/TrackRay


https://github.com/kelvinBen/AppInfoScanner

https://github.com/wwong99/pentest-notes

https://github.com/hmaverickadams/Beginner-Network-Pentesting

https://github.com/xiaoy-sec/Pentest_Note


https://github.com/bollwarm/SecToolSet


site:github.com 京峰内部武器库

site:github.com 护网


virus sample and source code

vx underground


you need to engage with hackers, either by reaching out directly, joining hacker groups or setting up honeypot and collect attack vectors


rockyou2009 rockyou2021 rockyou2024 password leak


x-recon


https://getodin.com

https://getodin.com/community


put huge database csv (1GB+ client data, confidential info) into ram filesystem, then search it with rg.


use leaked credentials to query search engine, mask these credentials and collect common keywords, practices finding unknown credentials.


web security tutorials

https://portswigger.net/web-security

https://websec.readthedocs.io/zh/latest/

pentest tools

https://pentestbox.org/

https://github.com/mahyarx/pentest-tools

https://github.com/arch3rpro/pentesttools

https://github.com/gwen001/pentest-tools


query: google dorks site:github.com minecraft dorks shodan dorks censys dorks

https://github.com/CorrieOnly/google-dorks

https://github.com/Ishanoshada/GDorks


1
2
site:github.com poc exp.py

https://github.com/Veraxy00/Shiro-EXP

https://github.com/ATonysan/poc-exp

https://github.com/hi-unc1e/POC-T

https://github.com/ycdxsb/PocOrExp_in_Github

https://github.com/knownsec/pocsuite3

https://github.com/midisec/pocsuite-poc

https://github.com/Cuerz/PoC-ExP

https://github.com/wy876/POC

https://github.com/tr0uble-mAker/POC-bomber

https://github.com/zhzyker/exphub

https://github.com/zhzyker/vulmap

https://github.com/zhzyker/dismap

https://github.com/chaitin/xray

https://github.com/We5ter/Scanners-Box

https://github.com/Tuhinshubhra/CMSeeK

https://github.com/EntySec/Ghost

https://github.com/n0tr00t/Beebeeto-framework

https://github.com/WooYun/TangScan

https://github.com/BugScanTeam/BugScan-Doc

https://github.com/WangYihang/Exploit-Framework

https://github.com/orleven/Tentacle

https://github.com/claroty/opcua-exploit-framework

https://github.com/ronin-rb/ronin

https://github.com/PentestinGxRoot/pysploit

https://github.com/torque59/Nosql-Exploitation-Framework

https://github.com/sullo/nikto

https://github.com/HavocFramework/Havoc

https://github.com/EmpireProject/EmPyre

https://github.com/reverse-shell/routersploit

https://github.com/dark-lbp/isf

https://github.com/beefproject/beef

https://github.com/enaqx/awesome-pentest

https://poc-library.readthedocs.io/en/release/QuickStart.html


https://github.com/topics/exploitation-framework


https://pypi.org/project/pocsuite3

https://pypi.org/project/pocx


gdb assistant

https://github.com/pgosar/ChatGDB


pentest framework in python or ruby:

https://github.com/topics/penetration-testing-framework

https://github.com/topics/pentesting-python

https://github.com/qsecure-labs/overlord

https://github.com/OWASP/Nettacker

https://github.com/AlaBouali/bane

https://github.com/m4n3dw0lf/PytheM

https://github.com/skavngr/rapidscan

https://pypi.org/project/shellfire/

https://pypi.org/project/lockdoor/

https://pypi.org/project/getsploit/

https://pypi.org/project/sploitscan/

https://pypi.org/project/pyExploitDb/


exploit tutorials

https://pypi.org/project/exploit-bianxie-xilie-jiaocheng-1-11/

https://pypi.org/project/windows-exploit-kaifa-jiaocheng-massimiliano-tomassoli/


Cybersec collections:

https://cybersectools.com/

https://github.com/trustedsec/ptf


AI Red teaming and network attack simulated environments:

https://github.com/yyzpiero/RL4RedTeam

https://github.com/Jjschwartz/NetworkAttackSimulator


search for blackhat gpt, blackhat tools etc.

https://github.com/friuns2/BlackFriday-GPTs-Prompts

https://github.com/Sajibekanti/1000-blackhat-tools

https://ollama.com/jimscard/blackhat-hacker

https://github.com/blackhatethicalhacking/Bug_Bounty_Tools_and_Methodology


all about privileges escalation scripts


haipy detects over 500+ hash types, which is a Python port of haiti

Cyberonix is a cybersecurity resource hub, containing a wide range of hacktool info.


HackerGPT which needs non-temporary email for registration.

Port scanning websites and self-hosted services:

https://alternativeto.net/software/shodan/


Many pentesting models and datasets are released on huggingface. Query words are: pentest 0dai

0dAI has published a series of models and is available on ollama.

Tutorial on how to use it:

https://notluken.github.io/running-0dai-in-ollama.html

It may worth while to collect tool manuals, tutorials, books, security blog posts, and train your custom AI upon them. It works best to let AI interacts with and learns from both simulated and real world environments.

But always remember hacking is an adversarial and highly competitive activity. It involves both high level and low level knowledge and expertise.

Always keep your knowledge base up to date in order to make use of latest vulnerabilities.


Agent hacking tools:

https://github.com/aress31/burpgpt

https://github.com/ipa-lab/hackingBuddyGPT

https://github.com/H4K6/PentestGPT

https://github.com/fr0gger/Awesome-GPT-Agents

https://github.com/GreyDGL/PentestGPT

https://github.com/luijait/DarkGPT

https://github.com/Hacker-GPT/HackerGPT-2.0

https://github.com/Sergio-F20/GPT-FastPentest

https://github.com/tenable/awesome-llm-cybersecurity-tools

https://github.com/Armur-Ai/Auto-Pentest-GPT-AI

Exploit query tools

https://github.com/msd0pe-1/cve-maker

https://pypi.org/project/puncia/

PoC collection (search for proof-of-concept in github for more)

https://github.com/nomi-sec/PoC-in-GitHub

https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC

https://github.com/DSO-Lab/pocscan

https://github.com/xinyisleep/pocscan

https://github.com/erevus-cn/pocscan

https://github.com/vulscanteam/vulscan

Query dorks

https://github.com/humblelad/Shodan-Dorks

https://github.com/RevoltSecurities/ShodanX

Nuclei and templates

https://github.com/projectdiscovery/nuclei

https://github.com/0xmaximus/final_freaking_nuclei_templates

https://github.com/Ostorlab/KEV

Popular topics

https://github.com/topics/0day


GPT-4 can now exploit 1day CVE.


https://github.com/shadow1ng/fscan

Read More

2022-12-07
Tools From Breachforums

  1. Invicti

Invicti is a web application security scanner hacking tool to find SQL Injection, XSS, and vulnerabilities in web applications or services automatically.

  1. Fortify WebInspect

It is used to identify security vulnerabilities by allowing it to test the dynamic behavior of running web applications.

  1. Cain & Abel

It is used to recover the MS Access passwords

  1. Nmap (Network Mapper)

Used in port scanning, one of the phases in ethical hacking, is the finest hacking software ever.

  1. Nessus

Nessus is the world’s most well-known vulnerability scanner, which was designed by tenable network security. It is free and is chiefly recommended for non-enterprise usage.

  1. Nikto

Checks web servers and identifies over 6400 CGIs or files that are potentially dangerous

  1. Kismet

Kismet is basically a sniffer and wireless-network detector that works with other wireless cards and supports raw-monitoring mode.

  1. NetStumbler

Identifying AP (Access Point) network configuration

  1. Acunetix

Integration of scanner results into other platforms and tools

  1. Netsparker

Uniquely verifies identified vulnerabilities, showing that they are genuine, not false positives

  1. Intruder

Integrates with Slack, Jira, and major cloud providers

  1. Nmap

Contains a data transfer, redirection, and debugging tool

  1. Metasploit

Ideal for finding security vulnerabilities

  1. Aircrack-Ng

It can crack WEP keys and WPA2-PSK, and check Wi-Fi cards

  1. Wireshark

Allows coloring rules to packet lists to facilitate analysis

  1. OpenVAS

OpenVAS has the capabilities of various high and low-level Internet and industrial protocols, backed up by a robust internal programming language.

  1. SQLMap

Supports executing arbitrary commands

  1. Ettercap

Live connections sniffer

  1. Maltego

Performs real-time information gathering and data mining

  1. Burp Suite

Uses out-of-band techniques

  1. John the Ripper

Tests different encrypted passwords

  1. Angry IP Scanner

This is a free tool for scanning IP addresses and ports

  1. SolarWinds Security Event Manage

Recognized as one of the best SIEM tools, helping you easily manage memory stick storage

  1. Traceroute NG

Detects paths changes and alerts you about them

  1. LiveAction

Its packet intelligence provides deep analyses

  1. QualysGuard

Responds to real-time threats

  1. WebInspect

Tests dynamic behavior of web applications for the purpose of spotting security vulnerabilities

  1. Hashcat

Supports distributed cracking networks

  1. L0phtCrack

Fixes weak passwords issues by forcing a password reset or locking out accounts

  1. Rainbow Crack

  2. IKECrack

IKECrack is an authentication cracking tool with the bonus of being open source.

  1. Sboxr

Checks for over two dozen types of web vulnerabilities

  1. Medusa

One of the best tools for thread-based parallel testing and brute-force testing

  1. Cain and Abel

uncovers password fields, sniffs networks, recovers MS Access passwords, and cracks encrypted passwords using brute-force, dictionary, and cryptanalysis attacks.

  1. Zenmap

Administrators can track new hosts or services that appear on their networks and track existing downed services

Read More

2022-09-25
日站之随想

为什么要日站

因为自己电脑算力有限 要探索高级人工智能 要运行某些赚钱程序 必须免费白嫖别人的算力

日哪些站

到百度 各大搜索引擎找目标站点 扫描漏洞 不要打大站 先从小站打起走 往全自动化方向打起走

怎么日站

在一个沙箱下面日站 不要在root权限下面日

利用工具 目标站点IP 端口就直接填到工具里面就行 一边学工具一边日站

需要一个repo专门放有关的代码 同时可以同步到每个设备

需要一个可以搜索全文的搜索引擎 搜集我们已有的md文件 提取里面的链接 然后继续clone github的文件 继续搜集md文件 继续寻找链接

日站之后干什么

放传染性病毒 放挖币病毒 或者执行agi实验

Read More

2022-08-05
Resolve Host Name Computer Name From Ip

many methods have been tried. NetBIOS not working. DHCP server not found. nmap script engine(NSE) uses lua to automate sniffing and attacks.

Read More

2022-07-13
Repl For Assembly Code

with processor flags output

https://github.com/yrp604/rappel

msf provided repl

msf-nasm_shell

Read More

2022-07-11
Zeroday Ai, Hacking Assistant: 0Dai

zeroday ai, hacking assistant: 0dai


免杀 av evasion

https://github.com/fdx-xdf/darkPulse

https://www.shellterproject.com/


别动不动就想日站 收集信息 熟悉工具 做好能做到的 把一路学到的经验总结下来

trufflehug find credentials from open sources

stryker: wifi hacking tool includes dust attack, pin attack

found multiple websites on lonely planet tourist guide of america (all over the place!)

oneforall subdomain finder

hack in one including:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Anonymously Hiding Tools
Information gathering tools
Wordlist Generator
Wireless attack tools
SQL Injection Tools
Phishing attack tools
Web Attack tools
Post exploitation tools
Forensic tools
Payload creation tools
Exploit framework
Reverse engineering tools
DDOS Attack Tools
Remote Administrator Tools (RAT)
XSS Attack Tools
Steganograhy tools
Vulnerablities Scanner
IOT Tools
Other tools

all defense tool: 半/全自动化利用工具, 信息收集工具, 漏洞利用工具, 内网渗透工具, 运维&甲方&防守方工具, 安全资料整理

botnet ips are detected by some websites like URLHaus. there’s a tendency to use common passwords to bruteforce the credential for such botnets, such as inori miral cnc scraper, l4tt/Botnet-Reaper. setting botnets by yourself has advantage of connecting to machines without public ip.

MHDDoS best ddos tool (someone may make living on that), providing multiple WAF bypass techniques (what about Akamai?)

although sqlmap is somehow out-of-date (wracked by WAF, unable to exploit latest nodedb library), there is a tendency to combine subdirectory/url collector like subfinder with it like codewatchorg/sqlipy and zt2/sqli-hunter, automate the exploitation. search for sql injection (deep/machine learning) in github for latest tools and wiki.

undetectable credential stealer created by psauxxx. is it coincidence?

psauxx (twitter) created multiple accounts on github. the original one (in archive) is deactivated, now named as l4tt. vulnnr (auto exploiter) has some tutorials from geekforgeeks and xploitlab (linked to other interesting tools), and is renamed as uscan. search for vulnnr in github and there is a favourite hack tool collection

socialfish clone website and collect credentials (phishing) with web controller interfaces

sploitus search for latest sploits and POC-code (usually after patching is done)

bearSG 符合国人习惯的社工密码生成器 java开发 自带GUI

cupper 社工密码生成器

社会工程工具列表security list的一部分 其中推荐独立开发者怎么赚钱 (有免费API接口介绍 但是有的站已经没了) -> 国内独立开发者项目列表 -> bufpay 免签支付 (需要按月交费)

内容包括:

1
2
3
4
5
6
7
8
9
虚拟身份
钓鱼框架
网站克隆
邮件伪造
服务密码爆破
测试字典集
密码破解还原
在线密码破解

mosint email osint

payloadallthethings (40k stars!) by swisskyrepo

openai written phishing and directory bruteforcing

ghunt google osint

scarecrow payload generator targeting win 10-11

scarecrow cobalt strike plugin

cryptographic related python libraries gmpy2 pycryptodome libnum yafu rsa-wiener-attack RsaCtfTool

ciphery auto decryption

pwntools used by fmyy and more doc

angr to reverse engineer binaries, mostly in ctf? docs

angr ctf use cases: case 1 case 2

angr ctf reverse binaries and print “good job”

angr ctf build binaries from source

defcon ctf quals 2021 ooo

factordb.com find prime numbers, decomposition for rsa

reverse shell generator while shellcode cannot have null bytes, you need to xor your things with tool or assembly.

挖0day 或者利用现成漏洞 fuzzers for kali

kali tools

blackarch tools

all in one hacking tool

villainbackdoorgenerator

don’t aim big, aim small. things like bilibili password database dump, or some Intel internal data leak, are done by professional hackers on professional hardware. some corp will even attempt to retaliate like nvidia. you have been warned.

To exploit zerodays, you need rasp, aka ‘is my application doing something undefined/unexpected?’

利用公共WiFi 比如用WiFi炮连接远处的WiFi 控制云端的攻击服务器

黑客第一步是找目标 (CTF可能不会教你怎么找目标 白帽也不会 因为目标很单一)不管漏洞存不存在 目标究竟是个啥目标 是人(联系方式?)还是机器(URL?)还是AI (验证码?)怎么交互(可能)是什么漏洞 以及采取什么攻击措施 都得先把目标罗列清楚 可以借助搜索引擎 fofa漏洞搜索 邮箱信息 社交软件的信息 木马跟踪他人的信息 大多数人访问的信息 爬虫信息 监控本地软件访问网络的记录 或者直接随便扫描 存到数据库里面

第二步就是交互 利用漏洞 装后门 控制目标 比如挖矿 继续收集网站信息 密码信息 cookies 继续散播病毒 拓展攻击面

第三步持久作战 持续提高反侦查意识 学习收集信息工具 提高黑客能力 利用各种方法 比如社会工程学 利用匿名账号或者免费邮箱账号 传播带木马的免费应用程序 病毒邮件 坚持就是胜利

https://github.com/mikaelkall/HackingAllTheThings

https://github.com/akenofu/HackAllTheThings

memory editing, game hacking:

https://github.com/qb-0/pyMeow

https://github.com/srounet/Pymem

mirai botnet

defcon for news, intro, wiki

infocon for software, code, wordlists

mec mass exploiting

notes

pc微信hook 获取二维码

pc微信逆向

几个觉得还不错的靶场

封神台:https://hack.zkaq.cn/index

Hack The Box :https://www.hackthebox.com/

htb邀请码获取方法:https://www.mad-coding.cn/2019/11/11/hackthebox%E5%88%9D%E6%8E%A2%E4%B9%8B%E8%8E%B7%E5%8F%96%E9%82%80%E8%AF%B7%E7%A0%81/#0x00-%E5%89%8D%E8%A8%80

Vulhub:https://www.vulnhub.com/

Pikachu:https://github.com/zhuifengshaonianhanlu/pikachu

search engines

youcode search engine for coders, enter coding question to get result

self-hosted recon intelligence tool: osint

ivre network recon framework

publicwww: search for html/css/js source code in website

searchpedia: search engine collection

top 5 recon/intelligence/information gathering tools

search engine hacking, manual and automation

best hacker search engines

scripting

writing nmap scripts

information gathering

uncover quickly discover hosts using multiple search engines

dirsearch scan web paths

1
2
pip3 install dirsearch

virus, botnet

botnet with super escalation system for linux and windows, automatically spread the virus out

webshell 免杀

Hacking tutorials

maybe you should follow kali/parrot/blackarch tutorials first?

暗网 社工库 数据库 暗网黑客教学

暗网自由社区,中文社区,无下限讨论

zuw2gvomnfx5mt6g626srambeqo2yxmac5jpoccttq54z7se36svmlyd.onion

the payload, dedicated tutorial

https://github.com/swisskyrepo/PayloadsAllTheThings

sure it needs everything to hack. the assembly, the tools, the experience, the examples, the automation, the persistence, the vision.

all in one hack tool:

https://github.com/Z4nzu/hackingtool

awesome hacking:

https://github.com/Hack-with-Github/Awesome-Hacking

hacking tutorials and tools:

https://github.com/carpedm20/awesome-hacking

https://github.com/sundowndev/hacker-roadmap

https://github.com/jekil/awesome-hacking

https://github.com/carlospolop/hacktrick

ctf tutorials and tools:

https://github.com/xtiankisutsa/awesome-mobile-CTF

https://github.com/Naetw/CTF-pwn-tips

https://github.com/firmianay/CTF-All-In-One

https://github.com/taviso/ctftool

https://github.com/UnaPibaGeek/ctfr

https://github.com/RsaCtfTool/RsaCtfTool

https://github.com/Gallopsled/pwntools

https://github.com/0Chencc/CTFCrackTools

https://github.com/google/google-ctf

https://github.com/ctf-wiki/ctf-wiki

https://github.com/apsdehal/awesome-ctf

https://github.com/p4-team/ctf

https://github.com/zardus/ctf-tools

some other tools and resources

https://github.com/jopohl/urh

https://github.com/sundowndev/hacker-roadmap

all in one hacking tool for kali linux

https://github.com/edoardottt/awesome-hacker-search-engines

hacker pro hacktool for termux and linux, maybe macos?

sql/xxs scanner, dos, bruteforce ftp/ssh/mail accounts

https://github.com/hacktoolspack/hack-tools

https://github.com/hahwul/WebHackersWeapons

https://github.com/jekil/awesome-hacking

Read More

2022-06-09
Source Code Semantic Search Tool

Source code semantic search tool audit tool

can be used to analysis bilibili source code or large code base

sourcegraph/sourcegraph:

in go

github/semantic:

in haskell

sonarqube:

code audit tool

Read More