The Script Community is for hacking enthusiasts to share their knowledge.
We do not take responsibility for any damage, or legal issues, done with these files here at AT Products, Ethical Hacking Society, CodingHome, or The Script Community.
Use a virtual machine if it's a computer virus, and never open them on your physical machine. As a pre-caution, download them on your VM.
Section by Nasus
Open source intelligence (OSINT) is the practice of collecting information from published or otherwise publicly available sources. This can be used to learn more about your targets
Reverse Image Lookup Mac Address Lookup EXIF Data Database Lookup IP Lookup Archive.orgThis is not DDoS. You have to distribute this code amongst a botnet for it to actually do damage. It only works against websites.
A denial-of-service (DoS) attack is a type of cyber attack in which a malicious actor aims to render a computer or other device unavailable to its intended users by interrupting the device's normal functioning. DoS attacks typically function by overwhelming or flooding a targeted machine with requests until normal traffic is unable to be processed, resulting in denial-of-service to addition users. A DoS attack is characterized by using a single computer to launch the attack.
A distributed denial-of-service (DDoS) attack is a type of DoS attack that comes from many distributed sources, such as a botnet DDoS attack.
A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity.
A strong password should be minimum 8 characters long and consist of lowercase, uppercase, numbers and symbols
Password Generator (Python) haveibeenpwned (Python | Request) by Nasus
Nasus hasn't made a cracker yet, so he recommends Vanhauser's, and Openwall's.
Channels, users, servers and categories have IDs also known as snowflakes. You can easily calculate when that item was created.
ID Creation Time (Python) by Nasus
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program.
Keylogger (Python | pynput) by Nasus
Advanced Key Logger (Python) Decryptor (Python) Requirements (TXT) all by CУБΞЯC.
Try these links from CУБΞЯC and Nasus
Delgan MetaChris wodxgod It's Vichy KLDiscord Monst3red Alphalius's Rage BillyTheGoat356's Riot BillyTheGoat356's Plague BillyTheGoat356's Rage NotSaksh ECriminal Verlox KanekiWebNote that an actual working key would take over a billion years to find.
Source = Wikipedia
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted.
As of 2020, phishing is by far the most common attack performed by cybercriminals
Most phishing messages are delivered by email, and are not personalized or targeted to a specific individual or company–this is termed "bulk" phishing
Spear phishing involves an attacker directly targeting a specific organization or person with tailored phishing communications. This is essentially the creation and sending of emails to a particular person to make the person think the email is legitimate. In contrast to bulk phishing, spear phishing attackers often gather and use personal information about their target to increase their probability of success.
Whaling is a highly targeted phishing attack - aimed at senior executives - masquerading as a legitimate email. Whaling is digitally enabled fraud through social engineering, designed to encourage victims to perform a secondary action, such as initiating a wire transfer of funds.
Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected.
Clone phishing is a type of phishing attack whereby a legitimate, and previously delivered email containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned email. The attachment or link within the email is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender.
SMS phishing or smishing is conceptually similar to email phishing, except attackers use cell phone text messages to deliver the "bait". Smishing attacks typically invite the user to click a link, call a phone number, or contact an email address provided by the attacker via SMS message. The victim is then invited to provide their private data; often, credentials to other websites or services.
Attackers will dial a large quantity of telephone numbers and play automated recordings - often made using text to speech synthesizers - that make false claims of fraudulent activity on the victim's bank accounts or credit cards. The calling phone number will be spoofed to show the real number of the bank or institution impersonated. The victim is then directed to call a number controlled by the attackers, which will either automatically prompt them to enter sensitive information in order to "resolve" the supposed fraud, or connect them to a live person who will attempt to use social engineering to obtain information.
Google hacking, also named Google dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT (Open Source Intelligence). This can be used to find information that was made public on accident. You can find more information about your targets this way. This can be very entertaining: finding public cameras, password lists, peoples files and passwords, gov documents, admin panels, and much more.
"search string"
- web pages that contain the exact same string
string | string
- between queries will return results for each string
site: wikipedia.org
- search for certain words on a website
-site: wikipedia.org
- do not show results for a website
inurl:"view.shtml" "Network Camera"
- find network cameras
?intitle:index.of? mp3 artist_name
- find mp3 files of songs
intitle:"index of" inurl:ftp
- find exposed FTP servers
filetype:txt inurl:"email.txt"
- email lists (Government emails can be found)
allintext:username filetype:log
- find usernames and password logfiles
intitle:"Index of..etc" passwd
- Linux machines with directory exposed
index of any-show-name
- Find shows and movies for free
ethical hacking site:drive.google.com
- Find free courses
index of software-name
- Find free software
ext:log “Software: Microsoft Internet Information Services *.*”
- Microsoft ISS server logs (online activity)
Section by Nasus
Wireshark (Learn More) is a network protocol analyzer used to capture traffic.
Putting your adapter in Monitor mode, or RFMON mode, allows a computer with a wireless network interface controller to monitor all traffic received on a wireless channel. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point
Buy a WiFi Adapter that supports Monitor Mode.
The most recommended brand is Alfa for WiFi Adapters.
Alla Network AWUS036NH & Alla Network 1000 mW AWUS036H.