Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      All Activity

      This stream auto-updates     

      1. Yesterday
      2. Description We will be looking at the OWASP Top 10 web attacks 2017. Students are going to understand each attack by practicing them on their own with the help of this course. We will use Mutillidae 2 Vulnerable Web Application for all attack practice. We will start from setting up the lab to exploiting each vulnerability. This course not just focuses on attacks but also helps understanding the mitigations for each vulnerability. Students will understand the mitigations through Secure Source Codes and Best Practices provided in this course that should be followed by the developers to protect their web application from these vulnerabilities. What you’ll learn Web Application Pentesting Completing 20 exercise of Mutillidae Vulnerable Web Application OWASP top 10 2017 Mitigations for each vulnerability Secure code for mitigation Are there any course requirements or prerequisites? This course is for beginners Basic knowledge of OWASP top 10 Basics of using Burp Suite and Proxy Burpsuite and Browser Setup Who this course is for: Beginner ethical hacking students Students who want to learn Web Application Pentesting Students who want to perform exercises on Mutillidae Vulnerable Application Students who want to learn about the Mitigations of each vulnerability in OWASP top 10 2017 [Hidden Content]
      3. Unlimited data on unlimited devices Ultra-secure: Top, bank-grade encryption Unlimited data: Ideal for streaming content Ultimate privacy: Conceal activities, even on P2P networks [Hidden Content] [hide][Hidden Content]]
      4. Last week
      5. 1337day-Exploits

        ExploitsmacOS Gatekeeper Check Bypass

        This Metasploit module serves an OSX app (as a zip) that contains no Info.plist, which bypasses gatekeeper in macOS versions prior to 11.3. If the user visits the site on Safari, the zip file is automatically extracted, and clicking on the downloaded file will automatically launch the payload. If the user visits the site in another browser, the user must click once to unzip the app, and click again in order to execute the payload. View the full article
      6. Epic Games Easy Anti-Cheat version 4.0 suffers from a local privilege escalation vulnerability. View the full article
      7. WifiHotSpot version 1.0.0.0 suffers from an unquoted service path vulnerability. View the full article
      8. Android suffers from memory disclosure, out-of-bounds write, and double-free vulnerabilities in NFC's Felica tag handling. View the full article
      9. 1337day-Exploits

        ExploitsVoting System 1.0 Shell Upload

        Voting System version 1.0 suffers from a remote shell upload vulnerability. View the full article
      10. Human Resource Information System version 0.1 suffers from a remote code execution vulnerability. View the full article
      11. Voting System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Syed Sheeraz Ali in May of 2021. View the full article
      12. Sandboxie Plus version 0.7.4 suffers from an unquoted service path vulnerability. View the full article
      13. Sandboxie version 5.49.7 suffers from a denial of service vulnerability. View the full article
      14. james bond

        x100 185.165... premium iptv

        [Hidden Content]
      15. b2evolution version 7-2-2 suffers from a remote SQL injection vulnerability. View the full article
      16. WordPress WP Super Edit plugin version 2.5.4 suffers from an arbitrary file upload vulnerability. View the full article
      17. Schlix CMS version 2.2.6-6 suffers from a remote code execution vulnerability. View the full article
      18. Schlix CMS version 2.2.6-6 suffers from a persistent cross site scripting vulnerability. View the full article
      19. jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open-source, and cross-platform (Windows, Linux, Mac OS X). It is also part of the official penetration testing distribution Kali Linux and is included in other distributions like Pentest Box, Parrot Security OS, ArchStrike, or BlackArch Linux. This software is developed using great open-source libraries like Spring, Spock, and Hibernate, and it uses the platform Travis CI for continuous integration. Each program update is tested with Java version 8 through 13 in the cloud, against various MySQL, PostgreSQL, and H2 databases. Source code is open to pull requests and to any contribution on multi-threading, devops, unit and integration tests, and optimization. Features Automatic injection of 23 kinds of databases: Access, CockroachDB, CUBRID, DB2, Derby, Firebird, H2, Hana, HSQLDB, Informix, Ingres, MaxDB, Mckoi, MySQL{MariaDb}, Neo4j, NuoDB, Oracle, PostgreSQL, SQLite, SQL Server, Sybase, Teradata and Vertica Multiple injection strategies: Normal, Error, Blind and Time SQL Engine to study and optimize SQL expressions Injection of multiple targets Search for administration pages Creation and visualization of Web shell and SQL shell Read and write files on the host using injection Bruteforce of password’s hash Code and decode a string Changelog jSQL Injection v0.85 Compliance to Java 17 Switch to native HttpClient [hide][Hidden Content]]
      20. itsMe

        Learning C#

        Description The C# language got its start on Windows, but today you can find it almost everywhere. Whether it’s running on the cloud, to desktops with MacOS and Linux, to mobile operating systems like Android and iOS, C# has grown into a mature, powerful language for almost any programming purpose. In this course, Joe Marini dives into the fundamentals of C#, starting with a basic overview of language constructs like program flow and data types. He then gets into more advance topics such as functions, object-oriented programming techniques, and string processing. After this course, you’ll have a better understanding of C#, and how its combination of power, simplicity, and expressiveness make it an extremely versatile programming language that can be used for almost any scenario. [Hidden Content] [hide][Hidden Content]]
      21. Xmind version 2020 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      22. Tagstoo version 2.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      23. Marky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      24. StudyMD version 0.3.2 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      25. SnipCommand version 0.1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      26. Moeditor version 0.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      27. Markdownify version 1.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution. View the full article
      1. Load more activity