Lazy Hacker

Hello Everyone,  Finally, after one week of work, I learned many new things in Jython as well as in Java. When you will see the functionality of this Burp extension, it looks like it needs only one day of development, but for me, it took 1 week because I had zero knowledge of it but yes I know a little bit of Python. But now after one week of time, I can make this type of Burp extender that automates the process and make our life easy. What are the problems I faced while developing it, don't judge me, some are dumb questions to myself: How to create a Burp extension in Jython? What is JPanel and how to use it? How to run Tor proxy in Windows? How to run Tor Proxy in the background? How to kill the process in Windows? How to create a button in Jython? How to change color? etc....etc.....etc...... Download:   https://github.com/crazywifi/TOR_Proxy_Burp_Extension

What is serialization? Serialization is the process of converting the state of an object into byte streams to save into the file. Why do we need Serialization? Let's take an example of a computer game, when we start the game we get the option to resume it. Now think about, how it's possible that the game starts from where we last left. When we play the game we see the graphics only, but in the computer memory, it's a code running (x-axis 200, y-axis 300). When we stop the game, all the required data from the memory convert into byte streams and save that byte-stream into a file that's called Serialization. When we re-start the game, the byte-stream file is again read by the application, and all the data deserialize again and load all serialized data back into the memory. That's the reason the game resumed from the last we stop. This is one use case of sterilization and like that there are lots of test cases depending on the application like it can be used for commun

Software Link: https://h10145.www1.hpe.com/Downloads/DownloadSoftware.aspx?SoftwareReleaseUId=16759&ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535&SaidNumber= Tested on Version: iMC_PLAT_7.1_E0302_Standard_Windows and iMC_PLAT_7.2_E0403_Std_Win Tested on: Windows 7 CVE: CVE-2019-5392 Conversion of Nessus Plugin to Python Exploit Nessus Plugin Name: hp_imc_dbman_cmd_10001_info_disclosure.nasl Description: This vulnerability allows a remote attacker to view the contents of arbitrary directories under the security context of the SYSTEM or root user. See Also: https://www.tenable.com/plugins/nessus/118038 Exploit-DB: https://www.exploit-db.com/exploits/47408 In this exploit, I converted the Nessus Plugin to Python by using Exploit https://www.exploit-db.com/exploits/43198 POC of iMC_PLAT_7.1_E0302_Standard_Windows POC of iMC_PLAT_7.2_E0403_Std_Win

I always wondered how hackers know  what ports open on a system?  or  How they get what services running on a system?  without asking the admin. Then after some Google search, I found one samurai tool called  NMAP . What is NMAP? NMAP-Net work mappe r as the word suggests is a tool used to scan networks for open, closed, filtered ports, services running on a system, OS detection, or guessing!, finding some vulnerabilities. It is written by  Gordon Lyon . As per my experience, it is the best handy tool, and easy to use for network scanning. In this tutorial, I’ll cover some of the  Kung-Fu  basics of  NMAP  with examples. One of the most interesting facts is that  NMAP  scan  TypeOptionTarget . Let’s say you want to scan a host to see what the version of services running. To do this, run the following command: nmap -sV target Here  TypeOptionTarget  meaning is  -sV  which  stands for  scanning  and  V  stands for  version .   How NMAP works as a default: When you run default command (&q