Professor
Professional
- Messages
- 758
- Reaction score
- 830
- Points
- 93
MangoKeyword [3.4.1]
Mango Keywords is a handy keyword search tool that includes validation tools, parsers, utilities, and keyword generators.Peculiarities:
- Parser. Allows you to analyze pages from Google, Bing, Ask, Yandex, Start Page, Yahoo, Yahoo Japan, AOL, Naver, Baidu, Excite, Ecosia, and DuckDuckGo. Configurable filtering options and support for HTTP/S and SOCKS5 proxies.
- Keyword generator. The program features Keyword Diareah, a fast scraper for search predictions, as well as random word, synonym, and adjective generators.
- Utilities. These include a parameter extractor, keyword extractor, AIO extractor, parameter cleaner, keyword cleaner, URL filter, and Unicode remover.
- URL Privacy Checker. Allows you to check whether URLs are public.
- Automation configuration. For example, you can configure the VPN server to change every 5 minutes.
- Binary files for Linux and Windows.
- User-friendly text and graphical interface
https://github.com/mrshenmochi/-Mango-Keyword-
Trixter
Trixter is a very simple yet powerful phishing tool. It has a limited number of phishing variants, but they are quite optimal and suitable for all situations.Trixter has three phishing options: camera image capture, GPS data acquisition, and data such as login, password, and code from SMS or email. All data is sent to a Telegram bot, which is configured during installation.
Options:
- Email. The email option allows you to create a simple registration page where you enter your email address, create a password, and then re-enter it. However, there are some requirements. The email address must comply with the email format requirements. The same applies to password strings. Passwords shouldn't be simple, such as 12345678, qwerty, and so on, and they have a length limit (minimum 8 characters). These requirements may seem difficult for phishing, but this only works in the phishing author's favor.
- Phone. It's exactly the same with a phone. Considering that phone numbers are more often used for authorization on more serious platforms (e.g., Telegram, VK, etc.), and are simple and familiar to everyone, this option may well improve your chances. After the first registration step, the user waits for a code via SMS.
- People Nearby [Telegram]. Telegram has disabled this feature, but it's good for us. This option allows you to create a page that offers to find users in a specified location or by username. When a search is attempted, the page sends the user's exact coordinates to the attacker via a Telegram bot.
- Hacking WiFi. There's no harm in dreaming, even though it's possible. However, the average person isn't averse to hogging their neighbor's free internet, especially when their gigabytes are running low or they just want to check something interesting.
- Hack the intercom. The author kept silent about this part.
- Captcha. A light captcha where you have to confirm you're not a robot. But with a twist. Upon confirming you're not a robot, the attacker receives coordinates.
- Mining. The world has come up with all sorts of ways to get us to mine using someone else's product. Like, for example, a hamster slipper. But this is a bit different. When a user starts mining non-existent coins, the attacker will obtain their coordinates.
- Captcha. Type camera. This variant is identical to the previous captcha variant. However, instead of coordinates, the attacker receives a photo from the user's webcam.
- Mama's X3000 security scanner. Searching by biometrics? Interesting. You point the camera and hit "search." The system offers searches not only across social networks but also across various systems, like the Ministry of Internal Affairs or some US Secret Service. Just imagine: someone carefully points the camera at an object, hits "search," expecting the search to begin based on the target's biometrics. And then the webcam turns on and takes a photo of their frowning, carefully concealed face. Naturally, the attacker posts this photo to Telegram.
Installation:
Code:
pkg update
pkg upgrade
pkg install nodejs git
git clone https://github.com/termuxtreem/trixter
cd trixter
node index.jshttps://github.com/termuxtreem/trixter
Play Protect
A utility with a wide range of settings for signing .apk applications and bypassing Google Play security.Peculiarities:
- Sign .APK
- Convert more options
- Changing memory file
- Extract apk tool
https://github.com/Cyber-Root0/BypassPlayProtect
BUT IN MY OPINION IT'S MORE CONVENIENT TO DO IT THROUGH A BOT
DETAILS HERE https://github.com/Bypass-Google-Play-Protect/Bypass-Google-Play-Protect?tab=readme-ov-file
TGConverter
The software is a simple Telegram account converter.
Peculiarities:
- tdata to .session
- .session to tdata
- [mass] tdata to .session
DOWNLOAD
https://wdfiles.ru/O8j8
PASSWORD
https://t.me/+XJPVxxlZSYAyYmRi
KnightLNK builder [+Source]
This is a simple tool written in C# for creating files that reference remote files, then installing and running them silently.
Peculiarities:
- Link Dropper
- HTA-Dropper
- CMD-Dropper
- BAT-Dropper
- VBS-Dropper
https://github.com/offsoc/KnightLNK_builder/blob/main/screen1.png
DorkBuster
A dork generation app with a beautiful visual interface and support for Google and Github..net is required for this to work .
Peculiarities:
- Clean GUI/Easy Navigation
- Built-In Error Logging
- Blazing Fast
- Targeted Dork Generation
https://github.com/kap0nedotexe/DorkBuster
XWallet
Private crypto wallet software, which retailed for $500 and offers impressive functionality for managing crypto wallets.Peculiarities:
Opening hours:
- Log mode - in this mode, the software extracts wallets and passwords from the log. Both a single log and a folder with multiple logs are supported.
- Brute force mode - selective password selection for one wallet.
- Browser database dump mode. This dump allows you to quickly detect wallets that use hardware wallets and retrieve addresses and other wallet information.
Functional:
- Support for more than 50 wallets.
- The software even works with the latest version of OKX, which is tied to the user's hardware.
- Works with Chromium, Firefox, Safari browsers - a complete set.
- Maximum speed thanks to native code.
- Full integration with Hashcat.
- You can also use Hashcat Rules to generate new passwords based on passwords found in the log, which will significantly increase the chance of successfully guessing a password.
- Collection of seed phrases from files, including image search using a trained OCR model.
- Support for a large number of languages.
СКАЧАТЬ
https://wdfiles.ru/O79d
PASSWORD
https://t.me/+XJPVxxlZSYAyYmRi
NoMoreCookies
Browser Protector is a security tool against various types of theft, written in C# and C/C++. It works by intercepting NtCreateFile and NtOpenFile, preventing access to browser files, and also preventing certain types of connections. Compatible with various games and software.
Tested on the following Stealers/RATs:
- AsyncRAT
- Quasar RAT
- StormKitty
- HackBrowserData
- FireFox-Thief
- DCRat
- Umbral Stealer
- Blank Grabber
- Venom RAT
- XWorm RAT
- Raccoon Stealer
- EdgeGuard
- Vidar
- RedLine
The software should work against other popular stealers. Please note that this protection works not only against the malware listed above, but also against future stealers. This protection method is universal.
Supported browsers:
- Firefox
- Brave
- Chrome
- Microsoft Edge
- Yandex
- Opera
- Waterfox
- Vivaldi
https://github.com/AdvDebug/NoMoreCookies?tab=readme-ov-file
Discord Captcha Fishing
Automation of fake captcha via Discord authorization. The script is written in JavaScript.https://github.com/45hr/Discord-Captcha-Fishing
Last Level Security
The tool is designed for encrypting data (folders/files). The developer was inspired by the work of VeraCrypt.Encryption algorithms:
- Block cipher
- Initialization vector (IV)
- Block addition: The first block of data is concatenated with the initialization vector before encryption, and each subsequent block of data is concatenated with the previously encrypted block, meaning that changing any block of data will affect all subsequent encrypted blocks.
- Using entropy to generate a key makes it less predictable
- Every time you encrypt data, creating a new initialization vector using random data helps avoid brute-force attacks.
- CBC mode provides an additional level of security by adding randomness to the encryption process.
- Hash-based Message Authentication Code (HMAC) – allows you to verify whether data has been altered or corrupted during transmission. Only the owner of this key can generate a valid HMAC value. This ensures that the data actually originates from the expected source. If it doesn't match during verification, it means the data has been compromised. If an attacker doesn't know the secret key, they can't generate a correct HMAC for a modified message (as in man-in-the-middle attacks and replay attacks). Using a strong hash function provides an additional level of security.
https://github.com/reyzovw/LastLevelSecurity
PDF Auto Downloader
This program creates a PDF document with your download link. Once the user opens the PDF document, the file will download automatically, without any additional clicks.Peculiarities:
- Ability to embed any image
- Ease of use
- Support for links of any type
Hermetic PDF Exploit
A fairly simple piece of software that allows you to inject your own Trojan code. As the name suggests, it all comes in .PDF format.
Peculiarities:
- Ease of use
- Display any custom image on a PDF page
- Combination with any type of link
File-PDF2EXE
A Python script that embeds an executable file into a PDF file using JavaScript. The script uses the PyPDF2 and Pillow libraries to manipulate PDF files and images, and command-line arguments are handled using the argparse library.Installing components:
Code:
pip install python-docx
pip install Pillow
pip install PyPDF2Usage:
Code:
python file.py /home/Desktop/malware.exe /home/Desktop/README.pdf -o /home/Desktop/MALICIOUSFILE.pdf
assword and email