SECURITY EDUCATION, PRIVACY GUIDANCE, THREAT AWARENESS, OPEN SOURCE TOOLS, RESEARCH NOTES, AND RESPONSIBLE TECHNOLOGY CONTENT

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label WordPress. Show all posts
Showing posts with label WordPress. Show all posts

Sunday, August 26, 2018

wpCrack - Wordpress Hash Cracker


Wordpress Hash Cracker.

Installation
git clone https://github.com/MrSqar-Ye/wpCrack.git


Video


Share:

Wednesday, July 4, 2018

WPSeku v0.4 - Wordpress Security Scanner

This summary is not available. Please click here to view the post.
Share:

Friday, June 22, 2018

XBruteForcer - CMS Brute Force Tool (WP, Joomla, DruPal, OpenCart, Magento)


Brute Force Tool: WP , Joomla , DruPal , OpenCart , Magento

Simple brute force script
[1] WordPress (Auto Detect Username)
[2] Joomla
[3] DruPal
[4] OpenCart
[5] Magento
[6] All (Auto Detect CMS)

Usage
Short Form Long Form Description
-l --list websites list
-p --passwords Passwords list

Example
perl XBruteForcer.pl -l list.txt -p passwords.txt

for coloring in windows Add This Line
use Win32::Console::ANSI;


BUG ?

Installation Linux
git clone https://github.com/Moham3dRiahi/XBruteForcer.git
cd XBruteForcer
perl XBruteForcer.pl -l list.txt -p passwords.txt 

Installation Android
Download Termux
cpan install LWP::UserAgent
cpan install HTTP::Request
git clone https://github.com/Moham3dRiahi/XBruteForcer.git
cd XBruteForcer
perl XBruteForcer.pl -l list.txt -p passwords.txt 

Installation Windows
Download Perl
Download XBruteForcer
Extract XBruteForcer into Desktop
Open CMD and type the following commands:
cd Desktop/XBruteForcer-master/
perl XBruteForcer.pl -l list.txt -p passwords.txt 

Version
Current version is 1.2 What's New
• speed up
• Bug fixes
version 1.1
• Bug fixes


Share:

Saturday, February 3, 2018

Website Vulnerability Scanner & Auto Exploiter - XAttacker




XAttacker is a Website Vulnerability Scanner & Auto Exploiter developed by Mohamed Riahi

Installation
git clone https://github.com/Moham3dRiahi/XAttacker.git

Auto Cms Detect
  • [1] WordPress :
    • [+] Adblock Blocker
    • [+] WP All Import
    • [+] Blaze
    • [+] Catpro
    • [+] Cherry Plugin
    • [+] Download Manager
    • [+] Formcraft
    • [+] levoslideshow
    • [+] Power Zoomer
    • [+] Gravity Forms
    • [+] Revslider Upload Shell
    • [+] Revslider Dafece Ajax
    • [+] Revslider Get Config
    • [+] Showbiz
    • [+] Simple Ads Manager
    • [+] Slide Show Pro
    • [+] WP Mobile Detector
    • [+] Wysija
    • [+] InBoundio Marketing
    • [+] dzs-zoomsounds
    • [+] Reflex Gallery
    • [+] Creative Contact Form
    • [+] Work The Flow File Upload
    • [+] WP Job Manger
    • [+] PHP Event Calendar
    • [+] Synoptic
    • [+] Wp Shop
    • [+] Content Injection
  • [2] Joomla
    • [+] Com Jce
    • [+] Com Media
    • [+] Com Jdownloads
    • [+] Com Fabrik
    • [+] Com Jdownloads Index
    • [+] Com Foxcontact
    • [+] Com Ads Manager
    • [+] Com Blog
    • [+] Com Users
    • [+] Com Weblinks
    • [+] mod_simplefileupload
  • [3] DruPal
    • [+] Add Admin
  • [4] PrestaShop
    • [+] columnadverts
    • [+] soopamobile
    • [+] soopabanners
    • [+] Vtermslideshow
    • [+] simpleslideshow
    • [+] productpageadverts
    • [+] homepageadvertise
    • [+] homepageadvertise2
    • [+] jro_homepageadvertise
    • [+] attributewizardpro
    • [+] 1attributewizardpro
    • [+] AttributewizardproOLD
    • [+] attributewizardpro_x
    • [+] advancedslider
    • [+] cartabandonmentpro
    • [+] cartabandonmentproOld
    • [+] videostab
    • [+] wg24themeadministration
    • [+] fieldvmegamenu
    • [+] wdoptionpanel
    • [+] pk_flexmenu
    • [+] pk_vertflexmenu
    • [+] nvn_export_orders
    • [+] megamenu
    • [+] tdpsthemeoptionpanel
    • [+] psmodthemeoptionpanel
    • [+] masseditproduct
  • [5] Lokomedia
    • SQL injection

Video

Usage

Short FormLong FormDescription
-l --list websites list

Example
if you have list websites run tool with this command line
perl XAttacker.pl -l list.txt
if you don't have list websites run the tool with this command
perl XAttacker.pl

For coloring in windows Add This Line
use Win32::Console::ANSI;



Version
Current version is 2.1 What's New
• Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload
• GS-Dorker
• speed up
• Bug fixes
version 2.0
• speed up
• Bug fixes
version 1.9
• Bug fixes




Share:
Established in 2015. Offensive Sec Blog has been sharing security research, hacking tools, threat intelligence, and offensive security content since 2015.
Copyright © OffSec Blog | Powered by OffensiveSec
Design by OffSec | Built for the security community