• pCloud

    Cloud storage starting at $3.99/month or a one time payment of $175.00 for 500GB of lifetime storage. Shop now by clicking on the image above.

  • Mintmobile

    Starting at 15 dollars a month when you buy 3 months. Shop now by clicking on the image above.

  • Window Web Hosting

    Windows web hosting starting at 3.95 a month with 3GB Disk Space, 50GB Bandwidth, and 500MB SQL or MySQL. FREE migration is also included. Shop now by clicking on the image above.

  • HostGator

    Web hosting starting at only $2.75 per month. Shop now by clicking on the image above.

  • Skystream Android TV Box

    The Fastest and Most Advanced Players Ever. Shop now by clicking on the image above.

  • Plugo Trigger

    A great tool for photographers of any skill. Shop now by clicking on the image above.

  • Aweber

    AWeber helps ambitious small businesses and entrepreneurs drive real results with powerful, targeted email automation. Shop now by clicking on the image above.

  • Vietnam Landing Visa

    Apply for Vietnam Visa Online. Click the image above to learn more.

  • Tech Support

    Grand Rapids Tech Support. Click the image above to learn more.

  • 3D Printing

    We provide 3D printing service. Click the image above to learn more.

  • Worthy

    Invest into Worthy bonds and earn 5 percent interest annually. That is much more than what you can earn with a bank account. Click the image above to learn more.

  • Web Design

    We design website for personal and small business. Click image above to learn more.

  • CannaBliss Farmacy

    The world's premier organically grown, full spectrum line of CBD products. Click the image above to learn more.

  • Fundrise Real Estate Investment Trust

    A new way to invest in real estate without having to own a property. Click the image above to learn more.

Thursday, May 2, 2019

PhishX

By Nhat Nguyen at 1:05 PM    No comments
PhishX is a phishing tool that allows you to generate an HTML file that looks exactly like your chosen website but with a PHP script that allows you to capture the victim's credential once they entered it. All you have to do is generate the HTML file, copy the index.html, login.php and the creds.txt file to a web server, send a link to your victim and wait for him or her to enter the credential and everything will be captured and write to the creds.txt file.

Follow the instruction below to learn how to install and use PhishX.

 1. Turn on your Kali machine, open a terminal and type in the following command:

git clone https://github.com/WeeSec/PhishX.git

cd PhishX

chmod +x installer.sh

bash installer.sh


2. Press Enter to continue


3. This can take long so wait patiently until it is done.


4. Now type in chmod +x PhishX.py follow by the command python3 PhishX.py


5. Now your screen should look like the one I have below.


6. From here choose what kind of phishing page you would like to create and press Enter. I chose Twitter for this demonstration.

7. Now fill out the information it is asking. If you are following my example, then enter the victim's username and email, then type in y for yes and press Enter.


8. After you press Enter on step 7, wait for a bit and you will see a screen like the one I have below. This screen shows you where you can get your index.html, login.php and the creds.txt file. Once you have located the three files, just upload them to any web server that support PHP. Now you are ready to send the link to your victim and phish his/her password.



9. Once the victim logs in with his or her credential, login.php will capture the credential and write it into the creds.txt file. Now you can just open that file and you should see the username and password.

pCloud Premium

Wednesday, May 1, 2019

HiddenEye

By Nhat Nguyen at 1:40 PM    3 comments
HiddenEye is a phishing and social engineering tool that allows you to easily create a fake website that can capture user credential with a PHP script and dump the credential on to the terminal for you to see after a successful attack. HiddenEye has the ability to clone many popular web services such as Facebook, Linkedin, Yahoo, Gmail, Github, Twitter, and many more.

Follow the instruction below to learn how to install and use HiddenEye.

1. Turn on your Kali machine, open a terminal and type in the following command:

git clone https://github.com/DarkSecDevelopers/HiddenEye.git

Wait for it to finish cloning and change your directory to HiddenEye using the command cd HiddenEye


2. Inside the HiddenEye directory, type in the following command:

apt-get install python3-pip (You need Python 3 for HiddenEye to work.)


3. Now execute the command pip3 install -requirements.txt. This will install all of the requirements to run HiddenEye


4. Give HiddenEye.py execute permission by using the command chmod +x HiddenEye.py following the command python3 HiddenEye.py to run the tool


5. If your Kali does not have Ngrok installed yet, HiddenEye will automatically download and install Ngrok for you like I have below.


6. Wait for it to finish downloading and installing Ngrok and you should see a screen like below. Just type in y and press Enter


7. If everything goes well, you will see a screen like I have below.


 8. From here it is very straight forward, all you have to do is choose a service you would like HiddenEye to clone and it will do it for you. I choose Facebook as an example to show you how easy it is to create a fake Facebook page with this tool and send it to your victim.




On this screen, you can redirect the victim to any website, I choose to redirect them to a legit Facebook page just so it doesn't triggered an suspicion. After all hacking is also about making it looks as real as possible.




These two URLs are the one you can send to your victim. Any of them is fine, but you can use the one with https to make it look more convincing.


After the victim logs in you will see a screen like the one above.


The link is not facebook.com but the page looks exactly like Facebook.


After the victim logs in you can check your terminal to see the credential. Just scroll up a little bit until you see the words CREDENTIALS FOUND in green and that should be the victim's login information.


hair magic. re-grow your hair

Tuesday, April 30, 2019

Find SQL Injection Vulnerability with ScanQLi

By Nhat Nguyen at 4:37 PM    No comments
ScanQLi is a SQL Injection vulnerability scan that can help you find SQL Injection vulnerability on certain websites. This is just a scanning tool and cannot be use to perform SQL Injection. I recommend using SQLmap if you want to perform the SQL Injection attack.

Follow the instruction below to learn how to install and use ScanQLi

1. git clone https://github.com/bambish/ScanQLi


2. cd ScanQLi

 3. ./scanqli.py -u http://website.com -o output.log


4. Below is an example of the result that is produced by ScanQLi.

BotKntD

By Nhat Nguyen at 1:18 PM    26 comments
BotKntD is a tool kit that allows you to hack Facebook, Gmail, and Yahoo email. See instruction below to learn how to install BotKntD.

Note that I am showing you how to install this in Termux, but it will work with Kali as well.

1. Open Termux and type in the following command:

pkg install python2

2. pkg install git

3. pkg update

4. pkg upgrade

5. Once you got everything above installed, you can download the tool using the following command: git clone https://github.com/Al2VyN/BotKntD.git


6. Now change your current directory to BotKntD using the command cd BotKntD following the command pip2 install --upgrade pip. See Screenshot below


7. Now type in pip2 install -r kntd.txt to install all of the requirements.


8. Type in python2 BotKntD.py and press Enter to run the tool


9. If everything goes well, you will see a screen like below. Just log into your Facebook account to get started. Also if you have two-factors authentication turned on, you will need to disable it to proceed.


10. For this step, just type in the password botkntd and press Enter to proceed.


11. You are pretty much done at this point. From here you can just pick what type of attack you want and go from there. See below for sample of attacks.




starting at 3.95 a month

Monday, April 29, 2019

Open Source Information Facebook (OSIF) for Termux

By Nhat Nguyen at 4:04 PM    45 comments
OSIF is an information gathering tool that allows you to gather information about people on Facebook. This tool has the ability to fetch even private information on a Facebook profile. For example, if the owner of a Facebook profile went into the setting and set email or phone number to be viewed only by him or her, this tool can still fetch that information.

Follow the instruction below to learn how to install this on Termux.

1. Open Termux App and type in pkg update upgrade

2. Type in y and press Enter 


3. Now type in pkg install git python2. Remember this tool only works under Python 2 not 3.


4. Now type in git clone https://github.com/ciku370/OSIF


5. Wait for it to finish installing


6. Now change the directory to OSIF by using the command cd OSIF


7. Now use the pip2 install -r requirements.txt to install all requirements.


8. Now type in python2 osif.py to run OSIF


9. type in help to enter the help menu and learn how to use OSIF


10. To start using OSIF you need to type in token and enter your Facebook login like I have below. Make sure 2-Factors Authentication on your Facebook account is disabled for it to work.


11. Once the access token for your Facebook account has been created, you will have to re-run the OSIF again using the command python2 osif.py


12. Now you can do things like dump_mail to fetch all of the emails from everyone on your friend list.


13. See an example of dump_mail below.


14. Or you can go back into the help menu to find other commands. See below.


worthy bond an easy and safe way to invest