learning resource and bug bounty

https://www.hacker101.com

https://www.hackerone.com

https://www.hacker101.com/resources

open source virus/malware in your arsenal

powershell obfuscator advanced, will bypass any av

post-exploit framework, evasion

https://github.com/PowerShellMafia/PowerSploit

https://github.com/cobbr/SharpSploit

https://github.com/EmpireProject/Empire

thefatrat is an exploiting tool which compiles a malware with famous payload, and then the compiled maware can be executed on Linux , Windows , Mac and Android. TheFatRat Provides An Easy way to create Backdoors and Payload which can bypass most anti-virus. the author has some tools to share.

pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

venom - C2 shellcode generator/compiler/handler

virus samples

the malware repo

open source virus

thezoo A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

malwares codebase, botnet

open source malware on github, repo list

virus for win10

kafan virus samples

vbgood

debugman reverse engineering

official blackhat arsenal under toolswatch category arsenal

massive hacking tools collection

burpa burp suite automation tool

twitter token generator register twitter in batch, has a large proxy list

i0gan some hacker with automated tools like awd_script

ichunqiu ctf educational resources

cyberchief online ctf interactive tools suite

bugku tools

ctftools curated online tool list

ctf online tools

kanxue home page, articles

52pojie hack tools

kanxue knowledge base

ctfshow

ctfhub tools

渗透师导航

resources recommended by ctfwiki

shellcode storm database can be queried via api

exploitdb find exploits, poc code, google hacking database for finding juicy information/urls, shellcodes with an advanced search interface

cracking.org

OSINT: open source (public source) intelligence is the practice of collecting information from published or otherwise publicly available sources

osint tools:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Maltego
Google dorks
Mitaka
SpiderFoot
Spyse
BuiltWith
Intelligence X
DarkSearch.io
Grep.app
Recon-ng
theHarvester
Shodan
Metagoofil
Searchcode
SpiderFoot
Babel X

chatgpt is based on instructGPT

chatgpt interface

there are discord chats for openai and hackthebox

consider bugmenot to find openai accounts?

chatgpt sucks. it seems a tailored search engine. it might help filter out useless information. no zeroday exploits (rasp like openrasp) since it does not interact with program and hooks.

order paid openai accounts here

if you use openai to register new accounts, try to send sms successfully (may not receive sms even sent) multiple times, you will be blocked

tutorial on how to use this platform for openai registration

free sms receive platforms

7sim.org multiple phone numbers

receivesms.org i have seen soulapp usage with this damn number

not work for openai virtual phone numbers

My fruitful heist attempt with fofa

Fofa api requires membership. I don’t want to enroll.

You first test on your vulnerable machine/app, develop scanner, exploiter and listener, then mass exploit to millions.

All recorded here: hack_all_the_thing/tests/get_log4j_vuln

zoomeye search for log4j

seebug

shodan query for log4j2 (or anything)

狮子鱼团购 fofa查询漏洞

Sqlmap post data inject

To generate password dictionary without oom: itertools.product(chrs, repeat=r)

search log4j2 in browser after login

info page of my first target (login first!)

fofa usage examples

My first target login page

gov site?

Bing-upms the system used by my first target

password dictionary topic in github

some hacker forums like leakbase has rss feed

leakbase has proxy section in which you may find fresh proxy lists (may not work in mainland, but who knows?)

search with the name or link of these forums in github and you will get more info about hacking.

a bunch of hacker forums, including:

Breached

Xss

Exploit

0x00sec

lolz

Leakzone

Enclave

dublikat

Vlmi

Omrt

Nulled

Cracked

Coockie

Altenens

Bidencash

wooyun.org mirror site wooyun is dead/closed since 2016

social engineering is just a fancy name for spotting candidates, hooking up, gaining trust and doing shit.

in hacking we must be multilingual, as this shit is really hard to get right.

you would read them sometime do you? you would collect info from these sites do you? you would search for things when you need it do you?

You would like forums for dark web? Forum for hacking?

你要的是社工库 提取出来的账号密码库 用来撞库？百度谷歌 QQ 百度云盘 github 磁力种子搜索

when not reached, make sure you are in the channel!

Offensive Community

安全脉搏

网络尖刀

习科论坛

红黑联盟

黑客X档案

Alternative to ‘raid forum’: visit it in archive.org!

看雪论坛

乌云论坛（archive里面看吧）

吾爱破解

3dm

freebuf

Hack Today

GreySec Forums

世界中文黑客论坛

90Sec

T00LS

https://jaq.alibaba.com/community/index

http://bobao.360.cn/index/index

https://www.ichunqiu.com/

https://pentesterlab.com/

https://xianzhi.aliyun.com/forum/

http://lab.seclover.com/

腾讯玄武实验室

http://xlab.tencent.com/cn/

xss.is

cracked.io

Breached forum and onion

nulled

dread (forum)

leakbase forum leaked database

exploit.in in russian

hacktown hacking tutorial

hackforums site offline? another web archive shit?

evilzone

cryptbb is dead?

freehacks dead?

CrackingKing dead?

envoy dead?

helium dead?

HackADay

Exploit Database

Tinkernut

Dark Web Forum

Jean Valjean forum

Carding Team

BiTSHACK

SecList

0Day

HackerPlace

0x00sec

Hack5 Forums

BHF

Hack This Site

KickAss

Breaking Bad

Packet Storm

OpenSC

HackMac

Enigma Group

Rohitab

Ethical Hacker

Cracking Forum

Crackmes de

Binary Revolution Hacking Forums

Hack Hound

Hellbound Hackers

ftp://www.ly2008.com

用户名:ly2008

密码:ly2008

http://discovery0.blog.hexun.com/3271892_d.html

http://www.hackerxfiles.net/

http://www.nohack.cn/

http://www.hacker.com.cn/

ftp://fseandxy1@y667.com/

http://www.mmbest.com/SoftList/Catalog8/SoftList_Time_1.html

http://www.it-is.com.cn/dh/

http://www.20cn.net/cgi-bin/download/down.cgi?list=passwd

http://www.98919.com/index.html

http://www.muvip119.net/2/index.html

http://www.anqn.com/

http://www.hf110.com

http://down.juntuan.net/index.html

http://new.shockhack.net/index.asp

http://dx.hackbase.com/

http://www.chinahonker.com/index.htm

http://www.cnhacker.com/

http://77169.org/index.html

legionhiden4dqh4.onion - Let’s start with HeLL Reloaded, probably the only one that isn’t just awful. where Tor Carding Forum (TCF) members who weren’t arrested when it was seized are now dwelling! Not operated by the same people behind the original HeLL, but after the original was seized, some of the moderators and members made this site.

exoduockgfq3ikf7.onion Ex0du$, Pretty mediocre forum, lots of shitty banking botnets being sold. Also ransomeware is the big thing recently, so of course that’s being sold. The code is HILARIOUS. RansomWare coded in visual basic, Java, C# and AutoIT v3! Great.

damagelabraahzcu.onion - DamageLabs primarily russian forum, looks like there’s not much interesting going on here either. They have a good collection of pirated programming books.

darkod3eeziu3w5p.onion - looks like a really dead forum.

dublik2uqiorycsj.onion - dublik russian forum

forohpysho2t5mjs.onion - another random forum

1、独自等待：https://www.waitalone.cn/

2、中国红客联盟：https://www.ihonker.org/forum.php

3、安全沙漏：https://www.secsilo.com/about

4、易安在线：https://www.e365.info/

5、铁匠运维网：http://www.tiejiang.org/

6、吾爱漏洞：http://www.52bug.cn/

7、破晓团队：http://www.secbug.org/

8、黑白网：http://www.heibai.org/178.html

9、安全客：https://www.anquanke.com/

10、E安全：https://www.easyaq.com/

11、漏洞时代：http://0day5.com/

12、猫头鹰：http://www.mottoin.com/

13、华域联盟论坛：https://www.cnhackhy.com/forum.php

14、逆向未来：https://www.pd521.com/

15、邪恶八进制：https://forum.eviloctal.com/

16、飘云阁：https://www.chinapyg.com/

17、红黑联盟：http://bbs.2cto.com/

18、技术宅的世界：https://www.0xaa55.com/

19、安全牛：https://www.aqniu.com/

20、兄弟论坛：http://hackxd.com/

21、零日安全：https://www.jmpoep.com/

22、南域剑盟：http://www.98exe.net/

23、黑基论坛：http://www.safebase.cn/

24、网络攻防小组（WLGF）：http://www.nsoad.com/

25、黑吧安全网：http://www.myhack58.com/

26、幽灵学院：http://www.41443.com/

纵观黑客发展史，大可分为三代：

第一代：专门从事计算机、网络，其代表组织为“绿色兵团”（1996年—1998年）

第二代：网络爱好者和在校学生.其代表组织为“中国黑客联盟”（1998年—2000年）

第三代：在校学生，其代表组织为“红客联盟”，“中国鹰派”（2000年—今）

以下为几个典型的黑客组织：

●安全焦点（代表人：冰河）网址：www.xfocus.net

●绿色兵团（已解散）（代表人：龚蔚）

●中国鹰派联盟（代表人：老鹰）网址：www.chinaeagle.org 博客：blog.sina.com.cn/u/1262168602

●小榕工作室（代表人：小榕）网址：www.netxeyes.com

●第八军团（代表人：陈三公子）网址：www.sec520.com

●邪恶八进制（代表人：冰血封情）网址：forum.eviloctal.com

●黑客基地（代表人：孤独剑客）网址：www.hackbase.com

●华夏黑客同盟（代表人:怪狗）网址：www.77169.com

●牧民网安（代表人：牧民战天）网址：www.hack006.com

●黑客防线 网址：www.hacker.com.cn

国外黑客组织站点及介绍黑客知识的网站：

●http://www.security.nnov.ru/，俄罗斯的一个安全站点

●http://chess.eecs.berkeley.edu/trust/加州大学伯克利分校“普安全技术研究小组”网站

●http://www.io.com/.vkp的个人主页，linux安全方面的专业人员(程序员).

●http://linsec.ca/加拿大一个主要收集linux安全相关的文档资料的站点, 也包括其它类Unix系统如OpenBSD, Mac OS X等.

●http://www.rootsecure.net/一个专门为系统管理员和黑客提供安全新闻的网站，成立于2002年9月8日

●http://astalavista.box.sk.著名的软件破解网站

●auscert.org.au.一个很棒的黑客工具和入侵攻击的搜索网站

●http://www.elitehackers.info/.为博学的黑客提供的信息公告牌，是上了等级的黑客去的地方。可找到最新的入侵攻击及对解决办法

●ftp://ftp.nec.com/.在/pub/securit目录下面包含一个巨大的工具库

●ftp.win.tue.nl.在/pub/securit目录下包含巨大的安全工具库

国外安全 http://www.neohapsis.com/ 内容极为丰富

国外安全 http://www.deadly.org/ 大量关于OpenBSD的资料文档教程

国外安全 http://www.guninski.com/ 安全专家Guninski的主页，有大量由系统漏洞

国外安全 http://www.sysinternals.com 有很好的windows下的工具及源代码

国外安全 http://www.securityflaw.com/bible/ 入侵检测等文档整理较好的站点

国外安全 http://www.secinf.net/ 网络安全方面的大量文档

国外安全 http://www.incident-response.org 入侵反应，数据恢复工具等

国外安全 http://www.securityfocus.com/ 安全资料整合最好的站

国外安全 http://www.project.honeynet.org/ 由安全界一帮牛人组织的一个project

国外安全 http://www.packetstormsecurity.com 资料全面的安全站

国外安全 http://www.securityportal.com/ 还可以看看的安全站

国外安全 http://www.ussrback.com/ 比较活跃的安全站

国外安全 http://www.attrition.org/ 内容全面的安全站

国外安全 http://www.wiretrip.net/rfp/2/index.asp rfp的安全主页，提供权威的安全信息

国外安全 http://www.antionline.com/ 有些特色栏目的安全站

国外安全 http://www.eeye.com/ eeye公司的主页，提供权威性的安全建议和工具

国外安全 http://www.insecure.org/ Fyodor的主页，nmap的老家，还有exploit

国外安全 http://www.atstake.com/ @stack公司的主页，提供权威的安全建议

国外安全 http://www.bugnet.com/ 提供漏洞修补

国外黑客 http://lsd-pl.net/ LsD的站,最新最有效的exploit

国外黑客 http://www.s0ftpj.org 提供一些水平很高的小工具

国外黑客 http://phrack.org/ Phrack的主页，经典的黑客技术电子杂志

国外黑客 http://www.w00w00.org/ w00w00组织的主页

国外黑客 http://mixter.void.ru/ Mixter的个人主页，不少有用的工具

国外黑客 http://www.thehackerschoice.com/ THC黑客组织的页面，很好的安全文档和工具

国外黑客 www.win2000mag.net Windows & .NET Magazine Network 绝对专业的站点，文章都是一流的

国外黑客 http://www.2600.com/ 2600 Magazine

国外黑客 www.experts-exchange.com 全球有名的社区

国外黑客 www.is-it-true.org 类似于FAQ的站点，资源丰富

国外黑客 www.mixter.warrior2k.com mixter security

国外黑客 www.liun.hektik.org Long Island our Underground Networks

国外黑客 www.ussrback.com ussr is back

国外黑客 www.securiteam.com 非常好的安全文章漏洞利用工具下载站点

国外黑客 www.lsd-pl.net The Last Stage of Delirium Research Group

国外黑客 www. neworder.box.sk Box Network team

国外黑客 www.sysinternals.com sysinternals

国外黑客 www.webattack.com WebAttack Inc

国外黑客 www.blackhat.com Black Hat, Inc

国外黑客 http://p.ulh.as pulhas

http://www.hack.co.za (国外著名黑客站点，较全的Exploit库)

http://www.phrack.org (经典的黑客技术电子杂志)

http://www.antionline.com (国外经典黑客站点)

http://whitehats.com (白帽子网站，有最新的规则库下载，关于Snort等)

http://lsd-pl.net (发布最新的Exploit程序)

http://www.nhs8.com/ 神刀网

http://packetstormsecurity.com (国外著名漏洞库，有大量exploit程序)

http://oliver.efri.hr/~crv/security/bugs/list.html (有整理好的最新漏洞库供下载)

http://astalavista.box.sk (著名的软件破解网站)

http://www.thehackerschoice.com (THC黑客组织的站点，有很多资料和工具)

http://www.insecure.org (Fyoderr的个人站点,即Nmap的老家)

http://www.securityfocus.com/

http://www.milw0rm.com/

http://www.metasploit.com/

Sora is the new SOTA video generation model from OpenAI.

Following up projects:

• Open-Sora

• SoraReview

• opensora

• Open-Sora-Plan

达摩院放出了文本生成视频模型，支持英文输入

huggingface space

model weights:

can also use from modelscope:

1
2
3
4

from modelscope.pipelines import pipeline
from modelscope.utils.constant import Tasks
p = pipeline('text-to-video-synthesis', 'damo/text-to-video-synthesis')

PAIR now releases Text2Video-Zero which leverages existing stable diffusion models to generate video. also released a bunch of controlnet dreambooth weights.

lucidrains is a workaholic on transformer implementations. we should scrape all the repos and index them. there are faster language models to train.

Phenaki Video, which uses Mask GIT to produce text guided videos of up to 2 minutes in length, in Pytorch

dreamix (not open-source)

instruct-pix2pix requires 16GB+ VRAM

text2live modify video by text prompt (such as add fire in mouth)

recurrent-interface-network-pytorch using diffusion to generate images and video

high quality! imagegen-video code with demo and paper

抄视频 视频的时间要讲究 看看是抄一年前的好还是抄刚刚发布的好

在发布的一个视频当中 最多抄某个作者的两三个符合要求的片段

use editly smooth/slick transitions and subtitles to beat the copy-detection algorithm, also consider color change in ffmpeg

动态 专栏也可以抄

make-a-video

谷歌AI歌手震撼来袭！AudioLM简单听几秒，便能谱曲写歌 https://www.kuxai.com/article/398

现在看来b站应该是有专人在负责讲解同一套课程了 我现在还在收到b站的培训通知短信

应该把相关的链接 信息收集在这里