Raccoon - A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Offensive Security Tool for Reconnaissance and Information Gathering.

Features

• DNS details
• DNS visual mapping using DNS dumpster
• WHOIS information
• TLS Data - supported ciphers, TLS versions, certificate details, and SANs
• Port Scan
• Services and scripts scan
• URL fuzzing and dir/file detection
• Subdomain enumeration - uses Google Dorking, DNS dumpster queries, SAN discovery, and brute-force
• Web application data retrieval:
  
  • CMS detection
  • Web server info and X-Powered-By
  • robots.txt and sitemap extraction
  • Cookie inspection
  • Extracts all fuzzable URLs
  • Discovers HTML forms
  • Retrieves all Email addresses
• Detects known WAFs
• Supports anonymous routing through Tor/Proxies
• Uses asyncio for improved performance
• Saves output to files - separates targets by folders and modules by files

Roadmap and TODOs

• Support multiple hosts (read from the file)
• Rate limit evasion
• OWASP vulnerabilities scan (RFI, RCE, XSS, SQLi etc.)
• SearchSploit lookup on results
• IP ranges support
• CIDR notation support
• More output formats

About
A raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity.
It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file.
As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.
Raccoon supports Tor/proxy for anonymous routing. It uses default wordlists (for URL fuzzing and subdomain discovery) from the amazing SecLists repository but different lists can be passed as arguments.
For more options - see "Usage".

Installation
For the latest stable version:

pip install raccoon-scanner

Or clone the GitHub repository for the latest features and changes:

git clone https://github.com/evyatarmeged/Raccoon.git
cd Raccoon
python raccoon_src/main.py

Prerequisites
Raccoon uses Nmap to scan ports as well as utilizes some other Nmap scripts and features. It is mandatory that you have it installed before running Raccoon.
OpenSSL is also used for TLS/SSL scans and should be installed as well.

Usage

Usage: raccoon [OPTIONS]

Options:
  --version                      Show the version and exit.
  -t, --target TEXT              Target to scan  [required]
  -d, --dns-records TEXT         Comma separated DNS records to query.
                                 Defaults to: A,MX,NS,CNAME,SOA,TXT
  --tor-routing                  Route HTTP traffic through Tor (uses port
                                 9050). Slows total runtime significantly
  --proxy-list TEXT              Path to proxy list file that would be used
                                 for routing HTTP traffic. A proxy from the
                                 list will be chosen at random for each
                                 request. Slows total runtime
  --proxy TEXT                   Proxy address to route HTTP traffic through.
                                 Slows total runtime
  -w, --wordlist TEXT            Path to wordlist that would be used for URL
                                 fuzzing
  -T, --threads INTEGER          Number of threads to use for URL
                                 Fuzzing/Subdomain enumeration. Default: 25
  --ignored-response-codes TEXT  Comma separated list of HTTP status code to
                                 ignore for fuzzing. Defaults to:
                                 302,400,401,402,403,404,503,504
  --subdomain-list TEXT          Path to subdomain list file that would be
                                 used for enumeration
  -S, --scripts                  Run Nmap scan with -sC flag
  -s, --services                 Run Nmap scan with -sV flag
  -f, --full-scan                Run Nmap scan with both -sV and -sC
  -p, --port TEXT                Use this port range for Nmap scan instead of
                                 the default
  --tls-port INTEGER             Use this port for TLS queries. Default: 443
  --skip-health-check            Do not test for target host availability
  -fr, --follow-redirects        Follow redirects when fuzzing. Default: True
  --no-url-fuzzing               Do not fuzz URLs
  --no-sub-enum                  Do not bruteforce subdomains
  -q, --quiet                    Do not output to stdout
  -o, --outdir TEXT              Directory destination for scan output
  --help                         Show this message and exit.

Screenshots

HTB challenge example scan:

Results folder tree after a scan:

Download Raccoon

Related news

• Curso De Hacking
• Como Empezar En El Hacking
• Hacking Growth
• Como Hackear
• Rfid Hacking
• Hacking Wallpaper
• Hacker Profesional

Lockdoor-Framework: A PenTesting Framework With Cyber Security Resources

About Lockdoor-Framework
    Author: SofianeHamlaoui

• Github: SofianeHamlaoui
• Twitter: S0fianeHamlaoui
• Facebook: S0fianeHamlaoui

   Tested on: Kali Linux, Ubuntu, Arch Linux, Fedora, OpenSuse and Windows (Cygwin)

   LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Lockdoor-Framework installation:
   For now, Lockdoor-Framework supports Debian-based Linux distros (Kali Linux, ParrotSec, Ubuntu...), Arch Linux based distros (Manjaro, BlackArch, ArchStrike...), Fedora, OpenSuse, Cygwin on Windows.

   Open your Terminal and enter these commands:

You can watch detail here:

Lockdoor Tools contents 🛠️:
 * Information Gathering 🔎:

• dirsearch: A Web path scanner
• brut3k1t: security-oriented bruteforce framework
• gobuster: DNS and VHost busting tool written in Go
• Enyx: an SNMP IPv6 Enumeration Tool
• Goohak: Launchs Google Hacking Queries Against A Target Domain
• Nasnum: The NAS Enumerator
• Sublist3r: Fast subdomains enumeration tool for penetration testers
• wafw00f: identify and fingerprint Web Application Firewall
• Photon: ncredibly fast crawler designed for OSINT.
• Raccoon: offensive security tool for reconnaissance and vulnerability scanning
• DnsRecon: DNS Enumeration Script
• Nmap: The famous security Scanner, Port Scanner, & Network Exploration Tool
• sherlock: Find usernames across social networks
• snmpwn: An SNMPv3 User Enumerator and Attack tool
• Striker: an offensive information and vulnerability scanner.
• theHarvester: E-mails, subdomains and names Harvester
• URLextractor: Information gathering & website reconnaissance
• denumerator.py: Enumerates list of subdomains
• other: other Information gathering,recon and Enumeration scripts I collected somewhere.
• ReconDog: Reconnaissance Swiss Army Knife
• RED_HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling
• Dracnmap: Info Gathering Framework

 * Web Hacking 🌐:

• Spaghetti: Spaghetti - Web Application Security Scanner
• CMSmap: CMS scanner
• BruteXSS: BruteXSS is a tool to find XSS vulnerabilities in web application
• J-dorker: Website List grabber from Bing
• droopescan: scanner, identify, CMSs, Drupal, Silverstripe.
• Optiva: Web Application Scanner
• V3n0M: Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
• AtScan: Advanced dork Search & Mass Exploit Scanner
• WPSeku: Wordpress Security Scanner
• WPScan: A simple Wordpress scanner written in python
• XSStrike: Most advanced XSS scanner.
• SQLMap: automatic SQL injection and database takeover tool
• WhatWeb: the Next generation web scanner
• joomscan: Joomla Vulnerability Scanner Project
• Dzjecter: Server checking Tool

 * Privilege Escalation ⚠️:

• Linux 🐧:linux_checksec.sh
     linux_enum.sh
     linux_gather_files.sh
     linux_kernel_exploiter.pl
     linux_privesc.py
     linux_privesc.sh
     linux_security_test
     Linux_exploits folder
• Windows :   windows-privesc-check.py
     windows-privesc-check.exe
• MySql:raptor_udf.c
     raptor_udf2.c

 * Reverse Engineering ⚡:

• Radare2: unix-like reverse engineering framework
• VirtusTotal: VirusTotal tools
• Miasm: Reverse engineering framework
• Mirror: reverses the bytes of a file
• DnSpy: .NET debugger and assembly
• AngrIo: A python framework for analyzing binaries (Suggested by @Hamz-a)
• DLLRunner: a smart DLL execution script for malware analysis in sandbox systems.
• Fuzzy Server: a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
• yara: a tool aimed at helping malware researchers toidentify and classify malware samples
• Spike: a protocol fuzzer creation kit + audits
• other: other scripts collected somewhere

 * Exploitation ❗:

• Findsploit: Find exploits in local and online databases instantly
• Pompem: Exploit and Vulnerability Finder
• rfix: Python tool that helps RFI exploitation.
• InUrlBr: Advanced search in search engines
• Burpsuite: Burp Suite for security testing & scanning.
• linux-exploit-suggester2: Next-Generation Linux Kernel Exploit Suggester
• other: other scripts I collected somewhere.

 * Shells 🐚:

• WebShells: BlackArch's Webshells Collection
• ShellSum: A defense tool - detect web shells in local directories
• Weevely: Weaponized web shell
• python-pty-shells: Python PTY backdoors

 * Password Attacks ✳️:

• crunch : a wordlist generator
• CeWL : a Custom Word List Generator
• patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

 * Encryption - Decryption 🛡️:

• Codetective: a tool to determine the crypto/encoding algorithm used
• findmyhash: Python script to crack hashes using online services

 * Social Engineering 🎭:

• scythe: an accounts enumerator

Contributing:

1. Fork Lockdoor-Framework:
   git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git
2. Create your feature branch
3. Commit your changes
4. Push to the branch
5. Create a new Pull Request

Features 📙:

• Pentesting Tools Selection 📙:

   Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
   what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali Linux, ParrotSec and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
   Easy customization: Easily add/remove tools. (Added value)
   Installation: You can install the tool automatically using the install.sh. Manually or on Docker [COMING SOON]

• Resources and cheatsheets 📙 (Added value):

   Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools! Pentesing and Security Assessment Findings Reports templates (Added value), Pentesting walkthrough examples and tempales (Added value) and more.
   Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Check the Wiki Pages to know more about the tool 📙:

• Lockdoor Wiki page Home
• Lockdoor Demos
• Lockdoor Screenshots

Lockdoor-Framework's screenshots:

First Step

Lockdoor update

ROOT Menu

Information Gathering

Web Hacking

Exploitation

Reverse Engineering

Enc/Dec

Password Attacks

Shells

PrivEsc

Social Engineering

PSAFRT

Walkthroughs

About

Support the author:

   On Paypal: Sofiane Hamlaoui

   BTC Address: 

Download Lockdoor-Framework

Continue reading

1. Hacking School
2. Growth Hacking Courses
3. Chema Alonso Libros
4. Hacking Time
5. Chema Alonso Libros

HaCode - FUD Backdoor Generator / Remote Administration Tool

Related news

• Growth Hacking Barcelona
• Significado Hacker
• Hacking Games Online
• Fake Hacking
• Curso Hacking Etico
• Hacking Virus

How To Set Up A VPN On Kodi In 2 Minutes Or Less

VPNs are useful for masking your identity when online. Without a VPN, you run the risk of having your data exposed to your Internet Service Provider (ISP). This is something that you should think about since your ISP has access to all of your data, including the streaming data from your streaming activities. In addition, depending on where you live, your ISP may even be able to sell your data to third parties for a profit. This is certainly the case in the US. In addition, VPNs can prevent hackers from hijacking your internet connection. 

VPNs can also give you access to geographically restricted content. Using a VPN with streaming services is wise since some ISPs are known to throttle streaming activities. By using a VPN, you can enjoy streaming content without intervention by your ISP. One such streaming service is Kodi which we will explore further below.

What is Kodi?

Kodi is an open-source media player which has lots of features. It lets users play audio and video from local and online sources. It can also be installed on a variety of different devices. It can be installed on Android devices, iOS devices, Mac computers, Windows computers, and even Linux computers. You can see a more complete list of devices that the software is compatible with on the official Kodi website.

If you are streaming content from Kodi, you should install a VPN. It will protect you while you stream. Luckily, setting up a VPN isn't difficult and we'll show you how to set up a VPN quickly for your Kodi usage. 

Installing a VPN on Kodi in 2 Minutes or Less

There are a few ways to install a VPN on Kodi but we'll cover 2 of the simpler options. You have the choice of running your VPN from directly within Kodi, or you can install it directly on the machine you are running Kodi on. We will cover both methods.

Installing a VPN Directly On Kodi 

To install a VPN directly on Kodi, you will need to install the Zomboided VPN Manager plugin. For this addon to work, you will need to be subscribed to a VPN service. There are several VPN services out there so find the best one for you and subscribe based on your preferences if you haven't already.

To get set up with the VPN Manager, you will first need to head to the Zomboided Repo page to download the latest version of the Zomboided repository. From there, you need to download the latest version of the repository. It will be named repository.zomboided.plugins-X.X.X.zip.

You can then install this zip file in Kodi. Open Kodi, head to the Add-ons menu, and click on the icon that looks like an open box. Then select Install from zip file. From there, you can navigate to the zip file you downloaded. Select it and install it. Now, head back to the main menu that you are directed to after clicking on the open box icon. 

From there, choose Install from the repository. Select Zomboided Add-on Repository. Select Services and then you will see VPN Manager for Open VPN at the top of the list. Select it and install it. After installation, open the addon. You can then enter the relevant details for your VPN provider. Make sure you run through all of the configuration options in the addon. This will vary depending on your VPN provider. After configuring the plugin, you will be protected by your VPN while using Kodi.

Installing Kodi Using a VPN App

VPN providers usually provide apps for a wide range of platforms. You can also protect yourself with a VPN while using Kodi by using the app that corresponds to the operating system of the machine you're running Kodi on. 

Final Thoughts

You need to protect yourself while streaming online with Kodi. You can do this by either using a plugin from directly within Kodi, or you can use an app that runs on the machine you have Kodi installed on. Pick the option that suits you best and stream safely with Kodi. 

via KitPloit

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related news

• Growth Hacking Que Es
• Hacking Traduccion
• Informatico Hacker
• Curso De Hacker Gratis Desde Cero
• Brain Hacking
• Hacking Gif
• Herramientas Hacking Etico
• House Hacking

ShodanEye: Collect Infomation About All Devices Connected To The Internet With Shodan

About ShodanEye
   This tool collects all information about all devices that are directly connected to the internet with the specified keywords that you enter. This way you get a complete overview.

   Here you can read the latest article about Shodan Eye: Shodan Eye Ethical Hacking Tool Release

   The types of devices that are indexed can vary enormously: from small desktops, refrigerators to nuclear power plants and everything in between. You can find everything using "your own" specified keywords. Examples can be found in a file that is attached:

   The information obtained with this tool can be applied in many areas, a small example:

• Network security, keep an eye on all devices in your company or at home that are confronted with internet.
• Vulnerabilities. And so much more.

   For additional data gathering, you can enter a Shodan API key when prompted. A Shodan API key can be found here. 

Shodan Eye Ethical Hacking Tool Release
   Before we start the year 2020, today there is a new big release ..! Please note, if you have already installed Shodan Eye on your computer, then it is worthwhile to read it carefully. Of course, even if you don't know this Shodan tool yet:

• Shodan Eye goes from Python 2 to Python 3
• Save the output of the Shodan Eye results
• The entry of the Shodan password is no longer visible.

About Shodan Search Engine
   Shoan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.

   What is the difference between Google or another search engine: The most fundamental difference is that Shodan Eye crawls on the internet, Google on the World Wide Web. However, the devices that support the World Wide Web are only a small part of what is actually connected to the Internet.

Before use this tool, you should note that:

• This was written for educational purpose and pentest only.
• The author will not be responsible for any damage ..!
• The author of this tool is not responsible for any misuse of the information.
• You will not misuse the information to gain unauthorized access.
• This information shall only be used to expand knowledge and not for causing malicious or damaging attacks.
• Performing any hacks without written permission is illegal..!

ShodanEye's screenshots:

ShodanEye Installation
   If you're using GNU/Linux, open your terminal and enter these commands:

   If you're a Windows user, follow these steps to install ShodanEye:

• Download and run Python 3.7.x setup file from Python.org. On Install Python 3.7, enable Add Python 3.7 to PATH.
• Download shodan-eye-master.zip file.>
• Then unzip it.
• Open CMD or PowerShell window at the Osueta folder you have just unzipped and enter these commands:
  pip install shodan
python shodan-eye.py

Video Shodan Eye on YouTube:

Contact to the author:

• Website: HackingPassion.com
• Facebook Personal: jolandadekoff
• Facebook Page: Ethical Hacking
• Facebook Group: Hacking Passion
• Linkedin: jolandadekoff
• Youtube channel: HackingPassion Jolanda de Koff Bulls Eye

Download ShodanEye

Read more

• Capture The Flag Hacking
• Wargames Hacking
• El Mejor Hacker Del Mundo
• Machine Learning Hacking
• Curso De Ciberseguridad Y Hacking Ético
• Hacking Udemy
• Hacking Etico Certificacion
• Etica Definicion
• Aprender Seguridad Informatica
• Hacking Tools
• Que Hay Que Estudiar Para Ser Hacker
• Hacking Movies
• Hacking Con Buscadores
• Hacking Wifi Windows
• Geekprank Hacking

Learning Web Pentesting With DVWA Part 6: File Inclusion

In this article we are going to go through File Inclusion Vulnerability. Wikipedia defines File Inclusion Vulnerability as: "A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. A file include vulnerability is distinct from a generic directory traversal attack, in that directory traversal is a way of gaining unauthorized file system access, and a file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application."
There are two types of File Inclusion Vulnerabilities, LFI (Local File Inclusion) and RFI (Remote File Inclusion). Offensive Security's Metasploit Unleashed guide describes LFI and RFI as:
"LFI vulnerabilities allow an attacker to read (and sometimes execute) files on the victim machine. This can be very dangerous because if the web server is misconfigured and running with high privileges, the attacker may gain access to sensitive information. If the attacker is able to place code on the web server through other means, then they may be able to execute arbitrary commands.
RFI vulnerabilities are easier to exploit but less common. Instead of accessing a file on the local machine, the attacker is able to execute code hosted on their own machine."
In simpler terms LFI allows us to use the web application's execution engine (say php) to execute local files on the web server and RFI allows us to execute remote files, within the context of the target web server, which can be hosted anywhere remotely (given they can be accessed from the network on which web server is running).
To follow along, click on the File Inclusion navigation link of DVWA, you should see a page like this:

Lets start by doing an LFI attack on the web application.
Looking at the URL of the web application we can see a parameter named page which is used to load different php pages on the website.

http://localhost:9000/vulnerabilities/fi/?page=include.php

Since it is loading different pages we can guess that it is loading local pages from the server and executing them. Lets try to get the famous /etc/passwd file found on every linux, to do that we have to find a way to access it via our LFI. We will start with this:

../etc/passwd

entering the above payload in the page parameter of the URL:

http://localhost:9000/vulnerabilities/fi/?page=../etc/passwd

we get nothing back which means the page does not exist. Lets try to understand what we are trying to accomplish. We are asking for a file named passwd in a directory named etc which is one directory up from our current working directory. The etc directory lies at the root (/) of a linux file system. We tried to guess that we are in a directory (say www) which also lies at the root of the file system, that's why we tried to go up by one directory and then move to the etc directory which contains the passwd file. Our next guess will be that maybe we are two directories deeper, so we modify our payload to be like this:

../../etc/passwd

we get nothing back. We continue to modify our payload thinking we are one more directory deeper.

../../../etc/passwd

no luck again, lets try one more:

../../../../etc/passwd

nop nothing, we keep on going one directory deeper until we get seven directories deep and our payload becomes:

../../../../../../../etc/passwd

which returns the contents of passwd file as seen below:

This just means that we are currently working in a directory which is seven levels deep inside the root (/) directory. It also proves that our LFI is a success. We can also use php filters to get more and more information from the server. For example if we want to get the source code of the web server we can use php wrapper filter for that like this:

php://filter/convert.base64-encode/resource=index.php

We will get a base64 encoded string. Lets copy that base64 encoded string in a file and save it as index.php.b64 (name can be anything) and then decode it like this:

cat index.php.b64 | base64 -d > index.php

We will now be able to read the web application's source code. But you maybe thinking why didn't we simply try to get index.php file without using php filter. The reason is because if we try to get a php file with LFI, the php file will be executed by the php interpreter rather than displayed as a text file. As a workaround we first encode it as base64 which the interpreter won't interpret since it is not php and thus will display the text. Next we will try to get a shell. Before php version 5.2, allow_url_include setting was enabled by default however after version 5.2 it was disabled by default. Since the version of php on which our dvwa app is running on is 5.2+ we cannot use the older methods like input wrapper or RFI to get shell on dvwa unless we change the default settings (which I won't). We will use the file upload functionality to get shell. We will upload a reverse shell using the file upload functionality and then access that uploaded reverse shell via LFI.
Lets upload our reverse shell via File Upload functionality and then set up our netcat listener to listen for a connection coming from the server.

nc -lvnp 9999

Then using our LFI we will execute the uploaded reverse shell by accessing it using this url:

http://localhost:9000/vulnerabilities/fi/?page=../../hackable/uploads/revshell.php

Voila! We have a shell.

To learn more about File Upload Vulnerability and the reverse shell we have used here read Learning Web Pentesting With DVWA Part 5: Using File Upload to Get Shell. Attackers usually chain multiple vulnerabilities to get as much access as they can. This is a simple example of how multiple vulnerabilities (Unrestricted File Upload + LFI) can be used to scale up attacks. If you are interested in learning more about php wrappers then LFI CheetSheet is a good read and if you want to perform these attacks on the dvwa, then you'll have to enable allow_url_include setting by logging in to the dvwa server. That's it for today have fun.
Leave your questions and queries in the comments below.

References:

1. FILE INCLUSION VULNERABILITIES: https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/
2. php://: https://www.php.net/manual/en/wrappers.php.php
3. LFI Cheat Sheet: https://highon.coffee/blog/lfi-cheat-sheet/
4. File inclusion vulnerability: https://en.wikipedia.org/wiki/File_inclusion_vulnerability
5. PHP 5.2.0 Release Announcement: https://www.php.net/releases/5_2_0.php

Related links

• Hacking Etico
• Hacking Course
• Wargames Hacking
• Definicion De Hacker
• Clases De Hacker

Ask And You Shall Receive

I get emails from readers asking for specific malware samples and thought I would make a mini post about it.

Yes, I often obtain samples from various sources for my own research.

 I am sometimes too lazy/busy to post them but don't mind sharing.
If you are looking for a particular sample, feel free to ask. I might have it.

Send MD5 (several or few samples). I cannot provide hundreds/thousands of samples or any kind of feeds. If you ask for a particular family, I might be able to help if I already have it.

Unfortunately, I do not have time to do homework for students and provide very specific sets for malware with specific features as well as guarantee the C2s are still active.  Send your MD5(s) or at least malware family and I check if I have it :) If i have it, I will either send you or will post on the blog where you can download.

If you emailed me in the past and never got an answer, please remind me. Sometimes emails are long with many questions and I flag them to reply to later, when I have time and they get buried or I forget. It does not happen very often but accept my apologies if it happened to you.

Before you ask, check if it is already available via Contagio or Contagio Mobile.
1. Search the blog using the search box on the right side
2. Search here https://www.mediafire.com/folder/b8xxm22zrrqm4/BADINFECT
3. Search here https://www.mediafire.com/folder/c2az029ch6cke/TRAFFIC_PATTERNS_COLLECTION
4. Search here https://www.mediafire.com/folder/78npy8h7h0g9y/MOBILEMALWARE

Cheers,  Mila

Related posts

• Certificacion Hacking Etico
• Etica Hacker
• Rom Hacking
• Como Aprender A Hackear Desde Cero
• Hacking Definition
• Car Hacking
• El Libro Del Hacker
• Hacking Net
• Que Es Growth Hacking
• Growth Hacking Cursos