كورس CEH باللغة العربية للدخول الى عالم الاختراق والهاكر الاخلاقى
للدكتور محمد صبحي طيبة كورس الهكر الاخلاقي CEH يتضمن الكورس مجموعة من الوحدات التعليمية باللغة العربية، وهو كورس متكامل يشمل صنفين من المتعلمين وهما المبتدئين ومتوسطي الخبرة على حد السواء. وهو بالأساس موجه إلى كل مهتم بمجال أمن المعلومات عامة ولكل: من اراد الدخول الى عالم الهاكر الاخلاقى والاختراق من اراد دراستها وتعلم الحماية وذلك لأهداف شخصية وتعليمية. من اراد دراستها والتعمق فيها والحصول على شهادة CEH لتوظيفها في مساره المهني . يمتاز هذا الكورس بشرح عربي بسيط مع صور توضيحية, فحتي لو كنت مبتدا في مجال أمن المعلومات, باستطاعتك أن تبدأ في التعلم بسهولة, الكورس يحتوي على شروحات شاملة لطرق الأختراق والحماية وهي تعد كمدخل إلى عالم الهاكر, كما يحتوي على شرح اغلب الأدوات الموجودة على كالي لينكس وكيفية تحميلها واستخدامها على ماذا يحتوي كورس الهاكر الاخلاقي ؟ يحتوي كورس الهاكر الاخلاقي CEH على 15 وحدة تعليمية أو أقسام رئيسة, يقدمها الدكتور محمد صبحي طيبة جزاه الله خيرا, والغني عن التعريف في مجال أمن لمعلومات. ويشرح أهم الأدوات الموجودة على نظام الكالي لينكس, مع طريقة تحميلها واستخدامها في اختبار الاختراق. الأقسام الرئيسة المقدمة عملية الإستطلاع (Reconnaissance) عملية الفحص (Scanning) التعداد (Enumeration) اختراق النظام (System Hacking) التروجان والباب الخلفي (Trojans and Backdoors) الفيروسات والديدان (Viruses and Worms) التنصت ( Sniffing + Wireshark ) الهندسة الاجتماعية (Social Engineering) Denial of Service + Botnet Session Hijacking اختراق السيرفرات اختراق تطبيقات الويب SQL Injection اختراق شبكات اللاسلكي للتحميل الجزء الاول 62 ميجا الجزء الثاني 59 ميجا كلمة السر, لفك الضغط TITANIUM
0 Commentaires
.إسم الأداة
Cr3dOv3r إصدار الأداة : 0.2 إختصاص الأداة الحماية .شرح Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) : Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API). Now you give it this email's old or leaked password then it checks this credentials against 16 websites (ex: facebook, twitter, google...) then it tells you if login successful in any website! Imagine with me this scenario You checking a targeted email with this tool. The tool finds it in a leak so you open the leakage link. You get the leaked password after searching the leak. Now you back to the tool and enters this password to check if there's any website the user uses the same password in it. You imagine the rest Usage Python: 1 2 3 4 5 6 7usage: Cr3d0v3r.py [-h] email positional arguments: email Email/username to check optional arguments: -h, --help show this help message and exit Installing and requirements To make the tool work at its best you must have : Python 3.x. Linux or windows system. The requirements mentioned in the next few lines. Installing +For windows : (After downloading ZIP and upzip it) Python: 1 2 3cd Cr3dOv3r-master python -m pip install -r win_requirements.txt python Cr3dOv3r.py -h +For linux : Python: 1 2 3 4 5git clone https://github.com/D4Vinci/Cr3dOv3r.git chmod 777 -R Cr3dOv3r-master cd Cr3dOv3r-master pip3 install -r requirements.txt python Cr3dOv3r.py -h If you want to add a website to the tool, follow the instructions in the wiki التحميل http://www.shrink-service.it/s/CDZTYE .إسم الأداة fuxploider - File Upload Vulnerability Scanner And Exploitation Tool إصدار الأداة : 0.4.0 .إختصاص الأداة إختبار إختراق المواقع .شرح fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server. Installation Bash: 1 2 3git clone https://github.com/almandin/fuxploider.git cd fuxploider pip3 install -r requirements.txt Usage To get a list of basic options and switches use : Python: 1python fuxploider.py -h Basic example : Python: 1python fuxploider.py --url https://awesomeFileUploadService.com --not-regex "wrong file type" التحميل http://www.shrink-service.it/s/XVqcgo .إسم الأداة WhatWaf إصدار الأداة : 0.1.12 .إختصاص الأداة : إختبار إختراق المواقع 5.شرح WhatWaf? WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target. محتوى مخفي: بقية الشرح Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL's with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the terminal, or use the default payloads Default payloads that are guaranteed to produce at least one WAF triggering Ability to bypass firewalls using both SQLi techniques and cross site scripting techniques Ability to run behind multiple proxy types (socks4, socks5, http, https and Tor) Ability to use a random user agent, personal user agent, or custom default user agent Auto assign protocol to HTTP or ability to force protocol to HTTPS A built in encoder so you can encode your payloads into the discovered bypasses More to come... Installation Installing whatwaf is super easy, all you have to do is the following: Have Python 2.7, Python 3.x compatibility is being implemented soon: Bash: 1 2 3 4 5 6sudo -s << EOF git clone https://github.com/ekultek/whatwaf.git cd whatwaf chmod +x whatwaf.py pip2 install -r requirements.txt ./whatwaf.py --help Proof of concept First we'll run the website through WhatWaf and figure out which firewall protects it (if any): Next we'll go to that website and see what the page looks like: Hmm.. that doesn't really look like Cloudflare does it? Lets see what the headers say: And finally, lets try one of the bypasses that it tells us to try: .التحميل http://www.shrink-service.it/s/oBObHV إسم الأداة GhostInTheNet .إختصاص الأداة : إختبار إختراق الشبكات شرح Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan Properties: Network Invisibility Network Anonymity Protects from MITM/DOS Transparent Cross-platform Minimalistic Dependencies: Linux 2.4.26+ - will work on any Linux-based OS, including Whonix and RaspberryPI BASH - the whole script root privileges - for kernel controlling Limitations: You can still be found with VLAN logs if using ethernet or by triangulation/broadcast if using WiFi MAC spoofing won't work if appropriate mitigations has been taken, like DAI or sticky MAC Might be buggy with some CISCO switches Not suitable for production servers How it works The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN. Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality. Patching of such a widely used standard is a practically impossible task. A very simple, but at the same time effective solution is to disable ARP and NDP responses on an interface and be very cautious with broadcasting. Considering the varieties of implementations, this means that anyone in the network wouldn't be able to communication with such host, only if the host is willing it-self. The ARP/NDP cache will be erased quickly afterwards. Here is an example schema: Bash: 1 2 3 4 5 6 7A >>> I need MAC address of B >>> B A <<< Here it is <<< B A <<< I need MAC address of A <<< B A >>> I'm not giving it >>> B To increase privacy, it's advised to spoof the MAC address, which will provide a better concealment. All this is possible using simple commands in Linux kernel and a script that automates it all. Analysis No ARP/NDP means no connectivity, so an absolute stealth and obscurity on the network/link layer. This protects from all possible DOSes and MITMs (ARP, DNS, DHCP, ICMP, Port Stealing) and far less resource consuming like ArpON. Such mitigation implies impossibility of being scanned (nmap, arping). Besides, it doesn't impact a normal internet or LAN connection on the host perspective. If you're connecting to a host, it will be authorised to do so, but shortly after stopping the communication, the host will forget about you because, ARP/NDP tables won't stay long without a fresh request. Regarding the large compatibility and cross-platforming, it's very useful for offsec/pentest/redteaming as well. You see everyone, but nobody sees you, you're a ghost. Mitigation and having real supervision on the network will require deep reconfiguration of OSes, IDPSes and all other equipement, so hardly feasible. HowTo You can execute the script after the connection to the network or just before: Bash: 1sudo GhostInTheNet.sh on eth0 This will activate the solution until reboot. If you want to stop it: Bash: 1sudo GhostInTheNet.sh off eth0 Of course, you will have to make the script executable in the first place: Bash: 1chmod u+x GhostInTheNet.sh Notes ARP/NDP protocol can be exploited for defensive purpose. Now your Poisontap is literally undetectable and your Tails is even more anonymous. You should learn some stuff about IPv6. التحميل http://www.shrink-service.it/s/74clMN إسم الأداة PiKarma - Detects Wireless Network Attacks إختصاص الأداة : إختبار إختراق الشبكات .شرح Detects wireless network attacks performed by KARMA module (fake AP). Starts deauthentication attack (for fake access points) Working Principle for PiKarma Collects all the packets from Wireless Network. (Probe Response) Analyses all the packets in real time. If PiKarma finds more than one SSID info from unique mac address in Probe Response; Logs the activity with some extra information within defined template and sends deauthentication packets How works KARMA Attack? Sends Probe Response for all Probe Requests Example: Softwares and hardwares that uses KARMA module FruityWifi WiFi Pineapple Mana (improvements to KARMA attacks) .. Soon to be added features New techniques for KARMA and MANA attacks DEMO WiPi Hunter - YouTube .التحميل http://www.shrink-service.it/s/RBoXVo إسم الأداة Breacher .إختصاص الأداة : إختبار إختراق المواقع 5.شرح # Breacher A script to find admin login pages and EAR vulnerabilites. #### Features - [x] Multi-threading on demand - [x] Big path list (482 paths) - [x] Supports php, asp and html extensions - [x] Checks for potential EAR vulnerabilites - [x] Checks for robots.txt - [x] Support for custom patns ### Usages - Check all paths with php extension ``` python breacher -u example.com --type php ``` - Check all paths with php extension with threads ``` python breacher -u example.com --type php --fast ``` - Check all paths without threads ``` python breacher -u example.com ``` - Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this: ``` python breacher -u example.com --path /data ``` <b>Note: </b> When you specify an extension using <b>--type</b> option, Breacher includes paths of that extension as well as paths with no extensions like <b>/admin/login</b> التحميل http://www.shrink-service.it/s/TLBuWN إسم الأداة Instagram-Py Simple Instagram Brute Force Script 2.إصدار الأداة : 0.0.1 إختصاص الأداة إختبار إختراق الحسابات شرح Instagram-Py is a simple python script to perform basic brute force attack against Instagram , this script can bypass login limiting on wrong passwords , so basically it can test infinite number of passwords. Instagram-Py is proved and can test over 6M passwords on a single instagram account with less resource as possible This script mimics the activities of the official instagram android app and sends request over tor so you are secure, but if your torinstallation is misconfigured then the blame is on you. Depends on: python3 , tor , requests , requests[socks] , stem Installation using pip to get Instagram-py Make sure you have got the latest version of pip(>= 9.0 and python(>= 3.6) Bash: 1 2 3 4 5 6 7 8$ sudo easy_install3 -U pip # you have to install python3-setuptools , update pip $ sudo pip3 install requests --upgrade $ sudo pip3 install requests[socks] $ sudo pip3 install stem $ sudo pip3 install instagram-py $ instagram-py # installed successfully $ # Now lets copy the config file to your hard drive! $ wget -O ~/instapy-config.json "https://git.io/v5DGy" Configuring Instagram-Py Open your configuration file found in your home directory , this file is very important located at ~/instapy-config.json , do not change anything except tor configuration Bash: 1$ vim ~/instapy-config.json # open it with your favorite text editior! The configuration file looks like this Bash: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16{ "api-url" : "https://i.instagram.com/api/v1/", "user-agent" : "Instagram 10.26.0 Android (18/4.3; 320dp..... ", "ig-sig-key" : "4f8732eb9ba7d1c8e8897a75d6474d4eb3f5279137431b2aafb71fafe2abe178", "ig-sig-version" : "4", "tor" : { "server" : "127.0.0.1", "port" : "9050", "protocol" : "socks5", "control" : { "password" : "", "port" : "9051" } } } api-url : do not change this unless you know what you are doing user-agent : do not change this unless you know your stuff ig-sig_key : never change this unless new release, this is extracted from the instagram apk file tor : change everything according to your tor server configuration , do not mess up! Configuring Tor server to open control port open your tor configuration file usually located at /etc/tor/torrc Bash: 1$ sudo vim /etc/tor/torrc # open it with your text editor search for the file for this specific section Bash: 1 2 3## The port on which Tor will listen for local connections from Tor ## controller applications, as documented in control-spec.txt. #ControlPort 9051 uncomment 'ControlPort' by deleting the # before 'ControlPort' , now save the file and restart your tor server now you are ready to crack any instagram account , make sure your tor configuration matched ~/instapy-config.json Usage Finally , now you can use instagram-py! Bash: 1$ instagram-py your_account_username path_to_password_list التحميل http://www.shrink-service.it/s/z97D0A الموضوع خاص للأخوة الزوار
الموضوع سيشمل فقط جميع الأدوات لإختبار الإختراق في جميع المجالات أدوات و أحدث الثغرات إختبار إختراق الأجهزة الحاسوب + الهواتف الذكية أدوات و أحدث الثغرات إختبار إختراق الحسابات أدوات و أحدث الثغرات إختبار إختراق المواقع أدوات و أحدث الثغرات إختبار إختراق الشبكات أدوات و أحدث الطرق لتشفير الإتصال و الحماية أدوات و ثغرات دون صنف لدينا الموقع github بمثابة كنز للحصول على الأدوات الحديثة و الغير مطروحة مسبقا في القسم و طرحها من جديد" "المطلوب من الجميع مشاركة الأدوات بنفس التنسيق و الشرح في نصيب لكل مجتهد بالطرح و إثبات نشاطه داخل الموضوع" الرد سيكون على هذا المنوال السلام عليكم رحمة الله وبركاته إسم الأداة : INSTAGRAM BRUTE FORCE إصدار الأداة 1.4 .إختصاص الأداة إختبار إختراق الحسابات رابط التحميل http://www.shrink-service.it/s/fFtxMt الحمد لله و الصلاة و السلام عليك يا رسول الله.. اتمنى ان يكون الجميع بصحة و عافية... الكثير من الوافدين الجدد لعالم الاختراق المتقدم يريدون الاختراق عبر الاي بي, فيلجؤون لاستعمال ثغرات موجودة بمشروع الميتاسبلويت أو يقومون بتحميل ثغرات موجودة على مواقع مثل Exploit DB لكن سرعان ما يتفاجؤون بأن هذه الثغرات مرقعة.. لأن الأنظمة الأن تتحدث باستمرار وكذلك البرامج ..والكثير يصاب بالاحباط وربما يتركون هذا المجال الرائع ويرجعون للاختراق بواسطة برامج الرات وغيرها من الطرق التقليدية. أحببت مشاركتكم مجموعة من الدروس الهامة جدا لقسم اختبار الاختراق وهي اساسيات مهمة لثغرات الفيض Buffer Overflow هذه الثغرات لا يكاد يخلوا منها برنامج , على قدر ما هي صعبة في الاكتشاف والاستغلال على قدر خطورتها ان أتقنتها يمكنك اكتشاف الثغرات على أي جهاز أو سيرفر و اختراقه بواسطة الاي بي فقط. قبل وضع رابط تحميل الدورة أحب أن أوضح أن هذه الدروس ليست من تقديمي , كانت لدي على جهازي فأحببت رفعها ومشاركتها معكم وأترككم الآن مع فهرس الدورة How Computer Works Quick look into Immunity Debugger Stack Layout | How functions work Fuzzing | Triggering buffer overflow condition Overwriting EIP & hijacking execution flow Shellcode generation & taking control of vulnerable system ::: ( رابط التحميل ) ::: تحياتي لكم ..أخوكم في الله سعيد
الموضوع منقول للافادة |