RunAs-Stealer
*
3 techniques :
*
download
*
3 techniques :
Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging*
download
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2025-24071
*
LOOOOL
Windows Explorer автоматически инициирует запрос на аутентификацию
*
POC
*
WriteUp
*
LOOOOL
Windows Explorer автоматически инициирует запрос на аутентификацию
SMB, когда файл .Librarary-MS извлекается из архива .rar, что приводит к раскрытию хэша NTLM. Пользователю не нужно открывать или выполнять файл - простого извлечение его достаточно, чтобы запустить кровавую утечку.)))*
POC
*
WriteUp
🔥2❤1
This media is not supported in your browser
VIEW IN TELEGRAM
Украсть у Бота !
Помните админы каналов всегда боялись добавлять в чЯты ботов ?
Правильно боялись (
Но ладно если просто антирекламный бот в открытом чате, а если это
или
Телега давно у черношляпников как
Так вот, перехватом ботов занимаются ВСЕ, менты ловят злых шляп, злые шляпы ловят хомяков и получают удобоваримый лог в телегу, более ленивые черные шляпы ловят в подворотне ботов первых шляп, копипастят логи и имеют свой
*
Ну так вот, тут один
*
В ролике все наглядно
*
DownLoad Thы soft (x_)
#telegram #steal #bots #logs
Помните админы каналов всегда боялись добавлять в чЯты ботов ?
Правильно боялись (
ID рано или поздно всплывет, или набрутят или etc).Но ладно если просто антирекламный бот в открытом чате, а если это
Ransom BOT или LOGS BOTили
Zabbix BOT лол да)))Телега давно у черношляпников как
C&C сервер используется.Так вот, перехватом ботов занимаются ВСЕ, менты ловят злых шляп, злые шляпы ловят хомяков и получают удобоваримый лог в телегу, более ленивые черные шляпы ловят в подворотне ботов первых шляп, копипастят логи и имеют свой
сладкий шекель.*
Ну так вот, тут один
threat hunter имел неосторожность написать софтину, которая автоматизирует большую часть процесса, ты только парсить логи успевай !*
В ролике все наглядно
*
DownLoad Thы soft (x_)
#telegram #steal #bots #logs
❤1👍1
This media is not supported in your browser
VIEW IN TELEGRAM
Любой смартфон может быть расширен с помощью прошивки Marauder для управления evil AP
USB Army Knife
USB Army Knife
👍5🔥1👏1
Evilginx Phishlet Developer Masterclass 2025 @scarlettaowner.zip
3.5 GB
😈 Evilginx Phishlet Developer Masterclass (2025) 😈
✅ Learn a systematic process of creating, debugging, and programming Evilginx phishlets from scratch. Learn to analyze authentication flows, bypass MFA protections, troubleshoot errors, and deploy advanced reverse-proxy phishing techniques in 2025.
🤑Content :
🟣Intro to Modern Phishing in 2025
🟣Evilginx Phishlets Documentation Review
🟣Basics of Programming in YAML
🟣Infrastructure & Tools Setup
🟣Application Network Traffic Analysis 101
🟣User Authentication 101 – Understanding Cookies, Auth Tokens, Session Management, Token Architecture, and Implementation Methods
🟣Web Authentication & Reverse Engineering
🟣What We've Learned So Far
🟣Building a Custom Phishlet 1 – Hands-On Tutorial for Building and Deploying a Custom Phishlet
🟣Comparing Authentication System Security
🟣Phishlet Lab 2 (Part A) – Network Traffic Interception, Session Token Extraction, and Phishlet Architecture Development
🟣Phishlet Lab 2 (Part B) – Configuring Subfilter Logic, Authentication Flow Validation, and Deployment Optimization
🟣Debugging and Troubleshoot Phishlets
🟣Going Live & Avoiding the Spam Inbox
🟣Defending Against Modern Reverse-Proxy Phishing – Mitigation Strategies for Modern Attacks
🟣Understanding Evilginx Pro – Puppeteer, EvilPuppet, Advanced Features, Access Guidelines, and Other Considerations
🟣TMUX Tutorial – What It Is, How to Install and Use It with Evilginx
🟣Anonymous Infrastructure & VPN Integration - Secure Deployment and Off-Shore Hosting
🟣Bonus Resources – Custom Phishlets, Tool Kits, Email Templates, Course Files, Materials, Streams & Webinars
🟣Conclusion & Next Steps
➕ All Quizes, Text files and Resources included.
🔥
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @messagekit147 (payer - i paid him after export)
🔗 Source : https://www.simplerhacking.com/courses/phishlet-creation-masterclass
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
✅ Learn a systematic process of creating, debugging, and programming Evilginx phishlets from scratch. Learn to analyze authentication flows, bypass MFA protections, troubleshoot errors, and deploy advanced reverse-proxy phishing techniques in 2025.
🤑Content :
🟣Intro to Modern Phishing in 2025
🟣Evilginx Phishlets Documentation Review
🟣Basics of Programming in YAML
🟣Infrastructure & Tools Setup
🟣Application Network Traffic Analysis 101
🟣User Authentication 101 – Understanding Cookies, Auth Tokens, Session Management, Token Architecture, and Implementation Methods
🟣Web Authentication & Reverse Engineering
🟣What We've Learned So Far
🟣Building a Custom Phishlet 1 – Hands-On Tutorial for Building and Deploying a Custom Phishlet
🟣Comparing Authentication System Security
🟣Phishlet Lab 2 (Part A) – Network Traffic Interception, Session Token Extraction, and Phishlet Architecture Development
🟣Phishlet Lab 2 (Part B) – Configuring Subfilter Logic, Authentication Flow Validation, and Deployment Optimization
🟣Debugging and Troubleshoot Phishlets
🟣Going Live & Avoiding the Spam Inbox
🟣Defending Against Modern Reverse-Proxy Phishing – Mitigation Strategies for Modern Attacks
🟣Understanding Evilginx Pro – Puppeteer, EvilPuppet, Advanced Features, Access Guidelines, and Other Considerations
🟣TMUX Tutorial – What It Is, How to Install and Use It with Evilginx
🟣Anonymous Infrastructure & VPN Integration - Secure Deployment and Off-Shore Hosting
🟣Bonus Resources – Custom Phishlets, Tool Kits, Email Templates, Course Files, Materials, Streams & Webinars
🟣Conclusion & Next Steps
➕ All Quizes, Text files and Resources included.
🔥
Never doubt the quality of a service, before you haven't seen it.
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @messagekit147 (payer - i paid him after export)
🔗 Source : https://www.simplerhacking.com/courses/phishlet-creation-masterclass
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
❤2👍2
❗️Red Teaming Course ❗️
🎩Active Directory Pentesting With Kali Linux🎩
📧 Denoscription:
Active Directory Pretesting is designed to provide security professionals to understand, analyse and practice threats and attacks in a modern Active Directory environment. The course is beginner-friendly and comes with a walkthrough videos course and all documents with all the commands executed in the videos.
🍀 What you'll learn:
🔵How to Use Metasploit
🔵How to Use Empire
🔵How to Use Evil-WinRM
🔵How to Use CrackMapExec
🔵How to Exploit Active Directory
🔵How to Do Active Directory Enumeration
🔵How to do Lateral Movement
🔵Active Directory Post Exploitation
🔵Active Directory Domain Privilege Escalation
🔵Active Directory Persistence Attacks
🔵How to use Kali Linux to hack Active Directory
🔵How to use Nmap to Enumerate Servers
🔵How to exploit EternalBlue
🌎 Size: 7.15GB
📁 FileType: 7z
🔗 Link: https://mega.nz/folder/9E4zDSAK#qpO_t84aBYReOLaWhSPGww
🎩Active Directory Pentesting With Kali Linux🎩
📧 Denoscription:
Active Directory Pretesting is designed to provide security professionals to understand, analyse and practice threats and attacks in a modern Active Directory environment. The course is beginner-friendly and comes with a walkthrough videos course and all documents with all the commands executed in the videos.
🍀 What you'll learn:
🔵How to Use Metasploit
🔵How to Use Empire
🔵How to Use Evil-WinRM
🔵How to Use CrackMapExec
🔵How to Exploit Active Directory
🔵How to Do Active Directory Enumeration
🔵How to do Lateral Movement
🔵Active Directory Post Exploitation
🔵Active Directory Domain Privilege Escalation
🔵Active Directory Persistence Attacks
🔵How to use Kali Linux to hack Active Directory
🔵How to use Nmap to Enumerate Servers
🔵How to exploit EternalBlue
🌎 Size: 7.15GB
📁 FileType: 7z
🔗 Link: https://mega.nz/folder/9E4zDSAK#qpO_t84aBYReOLaWhSPGww
mega.nz
File folder on MEGA
C.I.T. Security
❗️Red Teaming Course ❗️ 🎩Active Directory Pentesting With Kali Linux🎩 📧 Denoscription: Active Directory Pretesting is designed to provide security professionals to understand, analyse and practice threats and attacks in a modern Active Directory environment.…
ActiveDirectoryPentestingWithKaliLinux-RedTeam 1.zip
3.8 GB
🎩Active Directory Pentesting With Kali Linux Part 1🎩'
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
👍2
ActiveDirectoryPentestingWithKaliLinux-RedTeam 2.zip
3.7 GB
🎩Active Directory Pentesting With Kali Linux Part 2🎩'
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
👍3
EvilGoPhish Mastery (2025).zip
1.4 GB
😈 EvilGoPhish Mastery (2025) 😈
✅ This is an extensive course for advanced hackers, red teams, and penetration testers looking to master advanced phishing & smishing techniques with EvilGoPhish, one of the most powerful reverse-proxy phishing tools that combines both Evilginx3 & GoPhish.
🤑Content :
🟣Extra Resources: EvilGoPhish HTML Email Templates
🟣Course Introduction & Legal Guidelines
🟣Domain Filtering, Selection and Research
🟣Reverse-Proxy Phishing Fundamentals, Course Objectives and Contextual Overview
🟣Technical Overview of Advanced MiTM Phishing Attacks and Red Teaming
🟣Importance of Domain Validation: A Detailed Guide to SPF, DKIM, DMARC with Namecheap DNS Demonstration
🟣Understanding Modern Phishing Toolkits (Evilginx2, Evilginx3, GoPhish, EvilProxy, etc.)
🟣Infrastructure Setup and Environment Configuration
🟣OSINT Techniques and Pre-Campaign Preparation
🟣Configuring Evilginx with Cloudflare Turnstile for Advanced Bot Protection
🟣Advanced Phishing Configuration, Troubleshooting, and TMUX Utilization
🟣GoPhish Email Template Creation and Anti-Spam Techniques
🟣Campaign Execution: Configuring Evilginx3, Credential Harvesting & MFA Bypass with EvilGoPhish's Custom Phishlet
🟣Campaign Reporting and Post Engagement: Exporting, Reviewing, and Understanding Results
🟣SMS Phishing (Smishing) with EvilGoPhish
🟣SMS Phishing/Smishing Configuration with EvilGoPhish
🟣Artificial Intelligence, LLMs and Generative AI for Advanced EvilGoPhish 3.0 Attacks & Defense
🟣Analyzing Data with EvilGoPhish
🟣Course Conclusion, Future Considerations, & Thank You
🟣Extra Resources: Templates, Resources, Comprehensive Toolkits, Email Scripts, Course Materials, and Replay Sessions
🔥
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @@Hack_The_W0rld (payer)
🔗 Source : https://www.simplerhacking.com/courses/evilgophish-masterclass-course (179$)
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
✅ This is an extensive course for advanced hackers, red teams, and penetration testers looking to master advanced phishing & smishing techniques with EvilGoPhish, one of the most powerful reverse-proxy phishing tools that combines both Evilginx3 & GoPhish.
🤑Content :
🟣Extra Resources: EvilGoPhish HTML Email Templates
🟣Course Introduction & Legal Guidelines
🟣Domain Filtering, Selection and Research
🟣Reverse-Proxy Phishing Fundamentals, Course Objectives and Contextual Overview
🟣Technical Overview of Advanced MiTM Phishing Attacks and Red Teaming
🟣Importance of Domain Validation: A Detailed Guide to SPF, DKIM, DMARC with Namecheap DNS Demonstration
🟣Understanding Modern Phishing Toolkits (Evilginx2, Evilginx3, GoPhish, EvilProxy, etc.)
🟣Infrastructure Setup and Environment Configuration
🟣OSINT Techniques and Pre-Campaign Preparation
🟣Configuring Evilginx with Cloudflare Turnstile for Advanced Bot Protection
🟣Advanced Phishing Configuration, Troubleshooting, and TMUX Utilization
🟣GoPhish Email Template Creation and Anti-Spam Techniques
🟣Campaign Execution: Configuring Evilginx3, Credential Harvesting & MFA Bypass with EvilGoPhish's Custom Phishlet
🟣Campaign Reporting and Post Engagement: Exporting, Reviewing, and Understanding Results
🟣SMS Phishing (Smishing) with EvilGoPhish
🟣SMS Phishing/Smishing Configuration with EvilGoPhish
🟣Artificial Intelligence, LLMs and Generative AI for Advanced EvilGoPhish 3.0 Attacks & Defense
🟣Analyzing Data with EvilGoPhish
🟣Course Conclusion, Future Considerations, & Thank You
🟣Extra Resources: Templates, Resources, Comprehensive Toolkits, Email Scripts, Course Materials, and Replay Sessions
🔥
Never doubt the quality of a service, before you haven't seen it.
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @@Hack_The_W0rld (payer)
🔗 Source : https://www.simplerhacking.com/courses/evilgophish-masterclass-course (179$)
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
❤2👍1
Evilginx Professional Masterclass (2025).zip
691.1 MB
😈 Evilginx Professional Masterclass (2025) 😈
✅ Designed for both beginners & advanced users, our course will teach you everything you need to master Evilginx reverse-proxy phishing, bypassing MFA, setting up your server for engagements, sending emails for campaigns, delivering lures to priority inbox, as well as post-engagement best practices & bonus tools + resources.
🤑Content :
🟣Bonus Materials - Custom Phishlets, Tool Kits, Email Templates, Course Files, Resources, Q&A & Webinars
🟣Course Introduction
🟣Basics of Phishing and Multi-Factor Authentication
🟣Introduction to Evilginx3
🟣Evilginx 3.0 Step by Step Environment Setup
🟣Installing & Running Evilginx3
🟣Introduction to Phishlets
🟣Session Cookies, Authentication Tokens, Cookie Management Explained
🟣Live Evilginx3 Attack: Conducting a Phishing Simulation on Microsoft 365 2FA
🟣Advanced Evilginx Commands and Customization
🟣Setting up GoPhish, Email Service Provider & Sending our Lures via Email
🟣Advanced GoPhish Tactics & Tools
🟣Post Engagement Best Practices
🟣Defensive Strategies Against MITM Attacks and Evilginx
🟣Advanced Defensive Strategies Against MITM Attacks and Evilginx
🟣Course Conclusion & Next Steps
🟣Evilginx Phishlet Development Course Access
🔥
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @@Hack_The_W0rld (payer)
🔗 Source : https://www.simplerhacking.com/courses/evilginx-course ($69.99)
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
✅ Designed for both beginners & advanced users, our course will teach you everything you need to master Evilginx reverse-proxy phishing, bypassing MFA, setting up your server for engagements, sending emails for campaigns, delivering lures to priority inbox, as well as post-engagement best practices & bonus tools + resources.
🤑Content :
🟣Bonus Materials - Custom Phishlets, Tool Kits, Email Templates, Course Files, Resources, Q&A & Webinars
🟣Course Introduction
🟣Basics of Phishing and Multi-Factor Authentication
🟣Introduction to Evilginx3
🟣Evilginx 3.0 Step by Step Environment Setup
🟣Installing & Running Evilginx3
🟣Introduction to Phishlets
🟣Session Cookies, Authentication Tokens, Cookie Management Explained
🟣Live Evilginx3 Attack: Conducting a Phishing Simulation on Microsoft 365 2FA
🟣Advanced Evilginx Commands and Customization
🟣Setting up GoPhish, Email Service Provider & Sending our Lures via Email
🟣Advanced GoPhish Tactics & Tools
🟣Post Engagement Best Practices
🟣Defensive Strategies Against MITM Attacks and Evilginx
🟣Advanced Defensive Strategies Against MITM Attacks and Evilginx
🟣Course Conclusion & Next Steps
🟣Evilginx Phishlet Development Course Access
🔥
Never doubt the quality of a service, before you haven't seen it.
⚜️ Have courses to dump ? Feel free to contact @scarlettaowner.
👤⚡️ Credits: @scarlettaowner (dumper), @@Hack_The_W0rld (payer)
🔗 Source : https://www.simplerhacking.com/courses/evilginx-course ($69.99)
🔻 Share And Support Channel🔻
https://news.1rj.ru/str/+ZFUM798YLi5mODUy
🚨 Selling will lead to a ban from this channel, this is a free leak for the community.
❤2
Forwarded from Caster
Релиз моего нового инструмента: Nihilist
Это инструмент аудита безопасности Cisco IOS, который позволяет оценить защищенность маршрутизаторов и коммутаторов Cisco. Nihilist работает путем подключения по SSH и анализа конфигурации с использованием регулярных выражений. Он проводит оценку защищенности IOS, канального и сетевого уровня инфраструктуры.
В отличие от известного CCAT, Nihilist проводит более глубокий аудит конфигурации Cisco, анализируя не только факт включения механизмов защиты, но и их корректность и соответствие сетевой среде.
При создании этого инструмента меня вдохновили экранизация 1958 года "Отцы и Дети" И. Тургенева и книга Ф. Ницше "По ту сторону добра и зла"
Cover Man: Magama Bazarov (Sony ILCE-7M3, f/2.8, ISO 16000, 1/50s, 35mm)
Link: https://github.com/casterbyte/Nihilist
Это инструмент аудита безопасности Cisco IOS, который позволяет оценить защищенность маршрутизаторов и коммутаторов Cisco. Nihilist работает путем подключения по SSH и анализа конфигурации с использованием регулярных выражений. Он проводит оценку защищенности IOS, канального и сетевого уровня инфраструктуры.
В отличие от известного CCAT, Nihilist проводит более глубокий аудит конфигурации Cisco, анализируя не только факт включения механизмов защиты, но и их корректность и соответствие сетевой среде.
При создании этого инструмента меня вдохновили экранизация 1958 года "Отцы и Дети" И. Тургенева и книга Ф. Ницше "По ту сторону добра и зла"
Cover Man: Magama Bazarov (Sony ILCE-7M3, f/2.8, ISO 16000, 1/50s, 35mm)
Link: https://github.com/casterbyte/Nihilist
❤1