Hexxeh's Blog - Home of…um, well, Hexxeh… The War On Cyber CyberTerrorists - The War On Cyber: CyberTerrorists - The War On Cyber Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. Subscribe to topics and forums to get automatic updates Welcome to CyberTerrorists - The War On Cyber, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information. Looking for Developers !! Autodesk Revit Structure 2012 Build 2315 + Portable by Today, 05:46 AM Application Pack for iPad and iPhone by Today, 05:16 AM p777 God z da Shortest distance from Zero to INFiNiTY.........!!! locon i want access to TRACK2.NAME ONLINE DUMP SHOP Toggle this category ..:: CT Global Rules, Announcements, News & Feedback ::.. Forum Rules & Announcement, Read RULES before Posting any kind of thing here.
XSS (Cross Site Scripting) Cheat Sheet Last revision (mm/dd/yy): 07/4/2018 This cheat sheet lists a series of XSS attacks that can be used to bypass certain XSS defensive filters. Please note that input filtering is an incomplete defense for XSS which these tests can be used to illustrate. Basic XSS Test Without Filter Evasion This is a normal XSS JavaScript injection, and most likely to get caught but I suggest trying it first (the quotes are not required in any modern browser so they are omitted here): XSS Locator (Polygot) The following is a "polygot test XSS payload." javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'> Image XSS using the JavaScript directive Image XSS using the JavaScript directive (IE7.0 doesn't support the JavaScript directive in context of an image, but it does in other contexts, but the following show the principles that would work in other tags as well: No quotes and no semicolon Case insensitive XSS attack vector HTML entities Malformed A tags <! <!
KaKaRoTo's Blog 2600: The Hacker Quarterly hackhaven Zone-H.org - Unrestricted information Digital Security Research Group Patator – Le logiciel de bruteforce universel Patator – Le logiciel de bruteforce universel Si vous souhaitez tester la force de vos mots de passe afin de déterminer si un hacker chinois peut peut en venir à bout avec un simple bruteforce, il vous faut : Des dictionnairesPythonEt un patator ! Ou plutôt Patator, un script python mis au point par Sébastien Macke, capable de bruteforcer un peu tout et n'importe quoi, que ce soit SSH, SMTP, MySQL, VNC et même les fichiers zip et les DNS (c'est à dire pour débusquer certains sous-domaines inconnus). Le script est téléchargeable ici. Pour les dictionnaires, je vous recommande d'en récupérer ici, mais sinon, y'en a plein sur le net (et des outils pour les générer aussi). Faites-en bon usage. Photo et source Vous avez aimé cet article ?
Malicious Linux Commands - From (This article was originally published in Ubuntu Forums but was removed there. Ubuntuguide feels that knowledge about these risks is more important than any misguided attempts to "protect the public" by hiding their potential dangers or protect the (K)Ubuntu/Linux image. ATTENTION: It is worthwhile to have some basic awareness about malicious commands in Linux. It is also worthwhile to always enable a Kubuntu screensaver or Ubuntu screensaver with a password so that a casual passerby is not able to maliciously execute one of these commands from your keyboard while you are away from your computer. When in doubt as to the safety of a recommended procedure or command, it is best to verify the command's function from several sources, such as from readily available documentation on Linux commands (e.g. manpages). Here are some common examples of dangerous commands that should raise a red flag. Delete all files, delete current directory, or delete visible files in current directory rm -r or
iSecur1ty - مجتمع للهاكر الأخلاقي وخبراء الحماية Google Dorks cache: If you include other words in the query, Google will highlight those words within the cached document. For instance, [cache:www.google.com web] will show the cached content with the word “web” highlighted. This functionality is also accessible by clicking on the “Cached” link on Google’s main results page. The query [cache:] will show the version of the web page that Google has in its cache. For instance, [cache:www.google.com] will show Google’s cache of the Google homepage. link: The query [link:] will list webpages that have links to the specified webpage. related: The query [related:] will list web pages that are “similar” to a specified web page. info: The query [info:] will present some information that Google has about that web page. define: The query [define:] will provide a definition of the words you enter after it, gathered from various online sources. stocks: site: If you include [site:] in your query, Google will restrict the results to those websites in the given domain.