Site search

Search results: «github»

Found matches: 32

  1. Blogs
  2. Tech

Notepad++ delivered malware for six months

Notepad++ delivered malware for six months. From June to December 2025, the update system was compromised. Millions of people use this software. Some of them clicked update and got spyware instead of a patch. Here is what we now know. 🧐

The attackers did not hack Notepad++ itself, they went after the hosting provider instead. On February 2, 2026, developer Don Ho published the full disclosure of what happened. The website notepad-plus-plus.org sat on a shared hosting server, which means it shared space and resources with other customers on the same machine. Once the attackers broke into that server, they...
04.02.2026 / 00:18
  1. Forum
  2. DDoS_methods

DDoS_methods

1. Find the target domain example.com
2. Try ping to see the IP: ping domain.com
3. Copy the IP address and search near iplocation.net
4. Look at the IP location that points to the correct country or not.
5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.
6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.
7. To...
17.02.2026 / 17:08
  1. Forum
  2. Bypass 403

Bypass 403

> Some websites hide their important panel in 403 error & normal visiters could not access them.
Here is a simple github tool to bypass 403-error and access hidden content.
*GitHub Link: 🖇️*
https://github.com/iamj0ker/bypass-403
16.02.2026 / 22:15
  1. Forum
  2. Kraken python based Tool for Cyber security

Kraken python based Tool for Cyber security

Kraken is a powerful, Python-based tool designed to centralize and streamline various brute-forcing tasks. Kraken provides a suite of tools for cybersecurity professionals to efficiently perform brute-force attacks across a range of protocols and services.

https://github.com/jasonxtn/Kraken

⚠️ WARNING: LEGAL DISCLAIMER

This tool is intended for educational purposes only. The author is not responsible for any illegal use of this tool. Users aresolely responsible for their actions.

#kalilinux #kalilinuxtools #informationsecurity #ethicalhacker #pentesting #Ubuntu #bugbounty #github #githubuniverse #hacking #hacking_or_secutiy #WebPentest #webpentest #decryption #ddosattak #networkattacktool #networkattack #WhatWeb #metasploit #nmap #burpsuite #bruteforce #informationgathering #hackingtools #vulnerability #sysalbania
17.02.2026 / 00:41
  1. Forum
  2. MobSF has Stored XSS via Manifest Analysis

MobSF has Stored XSS via Manifest Analysis

MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

A Stored Cross-site Scripting (XSS) vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The android:host attribute from <data android:scheme="android_secret_code"> elements is rendered in HTML reports without sanitization, enabling session hijacking and account takeover.

https://github.com/advisories/GHSA-8hf7-h89p-3pqj

⚠️ WARNING: LEGAL DISCLAIMER

This tool is intended for educational purposes only. The author is not responsible for any illegal use of this tool. Users aresolely responsible for their actions.

#kalilinux #kalilinuxtools #informationsecurity #ethicalhacker #pentesting #Ubuntu...
17.02.2026 / 00:56
  1. Forum
  2. Autonomous Multi-Agent Based Red Team Testing

Autonomous Multi-Agent Based Red Team Testing

Autonomous Multi-Agent Based Red Team Testing Service / AI hacker
Vibe Hacking is a new paradigm in Offensive Security defined by PurpleAILAB.

Unlike traditional red teaming methods that rely on manual execution, AI agents autonomously perform red teaming tasks in Vibe Hacking.

https://github.com/PurpleAILAB/Decepticon

⚠️ WARNING: LEGAL DISCLAIMER

This tool is intended for educational purposes only. The author is not responsible for any illegal use of this tool. Users aresolely responsible for their actions.

#kalilinux #kalilinuxtools #informationsecurity #ethicalhacker #pentesting #Ubuntu #bugbounty #github #githubuniverse #hacking #hacking_or_secutiy #WebPentest #webpentest #decryption #ddosattak #networkattacktool #networkattack #WhatWeb #metasploit #nmap #burpsuite #bruteforce #informationgathering #hackingtools #vulnerability #sysalbania #cybersecurity...
17.02.2026 / 01:05
  1. Forum
  2. The Big Brother V3.0

The Big Brother V3.0

The Big Brother V3.0 is a weaponized OSINT platform featuring username enumeration (473+ platforms), quad-vector visual intelligence, Sky Radar tracking, crypto wallet analysis, SSL intelligence, digital footprint reconstruction, EXIF extraction, advanced dorking, and network reconnaissance.

https://github.com/chadi0x/TheBigBrother

Legal Disclaimer
FOR EDUCATIONAL AND AUTHORIZED TESTING ONLY
This tool is designed for:
Educational purposes in controlled lab environments
Authorized penetration testing with written permission
Security research on systems you own
Unauthorized access to computer systems is ILLEGAL and may result in criminal prosecution.
By using this tool, you agree to:
Only test systems you own or have explicit written authorization to test
Comply...
17.02.2026 / 01:49
  1. Forum
  2. 𝘅𝘂𝗿𝗹𝗳𝗶𝗻𝗱𝟯𝗿

𝘅𝘂𝗿𝗹𝗳𝗶𝗻𝗱𝟯𝗿

CLI tool for passive collection of URLs from multiple OSINT sources, without directly interacting with the target.

📌 Supported sources:

- AlienVault OTX
- Bevigil (requires API)
- Common Crawl
- URLScan (requires API)
- GitHub (require token)
- Intelligence X (requires API)
- Wayback Machine
- Total Virus (requires API)
- Hudson Rock (requires API)

🔍 Extra:
In Wayback Machine also analyzes:

- URLs within historical snapshots
- Old records of robots.txt

🔗 Official restock:
https://github.com/hueristiq/xurlfind3r

⚠️ For educational purposes and authorized auditions only.

For more:
👁 https://www.patreon.com/HackUnderway

#JeyZeta #web #recon #xurlfind3r #osint #golang #docker #webpentesting #cybersecurity #ethicalhacking
17.02.2026 / 16:40
  1. Forum
  2. 𝗪𝗮𝘆𝗺𝗼𝗿𝗲

𝗪𝗮𝘆𝗺𝗼𝗿𝗲

𝗪𝗮𝘆𝗺𝗼𝗿𝗲 🕵🏽‍♂️
Herramienta OSINT que permite descubrir versiones antiguas de sitios web, endpoints ocultos y archivos históricos desde múltiples fuentes:
🌐 Wayback Machine
📦 Common Crawl
🛰 AlienVault OTX
🔍 URLScan
🛡 VirusTotal
📁 Intelligence X
Ideal para:
• Recon pasivo
• Bug Bounty
• Pentesting
• Investigación OSINT
GitHub:
https://github.com/xnl-h4ck3r/waymore
👁 Manual OSINT:
https://hackunderway.com/producto/manual-osint/
#JeyZeta #OSINT #Waymore #Pentesting #EthicalHacking #CyberSecurity #CyberDefense
17.02.2026 / 20:21
  1. Forum
  2. Apk2url - OSINT tool designed to quickly extract

Apk2url - OSINT tool designed to quickly extract

𝗮𝗽𝗸𝟮𝘂𝗿𝗹

It is an OSINT tool designed to quickly extract IP addresses and URLs from APK files through disassembly and decompilation processes. 🤖

Allows you to identify endpoints such as:

• URLs (http / https)
• IP addresses
• Dominions
• APIs
• Internal route
• Other patterns of interest

It is especially useful in:

🔎 Security analysis
🔬 Reverse engineering
🛡 Pentesting of mobile applications
🦠 Malware Analysis

Ideal for security investigators and mobile security professionals.

🔗 GitHub: https://github.com/n0mi1k/apk2url
25.02.2026 / 02:03