Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.


Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.


      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      All Activity

      This stream auto-updates     

      1. Today
      2. This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must be available. An ExecuteProcessor processor is created then is configured with the payload and started. The processor is then stopped and deleted. View the full article
      3. Monitor websites for new content and changes. Monitor websites and RSS feeds Monitor pages for keywords Highlights all changes Many Benefits Get notified when your competitors change their website Get notified when a price is changed or lowered Get notified when a product becomes available Get notified when new posts become available on Facebook, Twitter and Instagram pages Get notified when pre-defined keywords appear in a page Get notified when your favorite websites are updated Get notified when your own homepage is modified And much more to stay up-to-date! [Hidden Content] [hide][Hidden Content]]
      4. GDBFrontend is an easy, flexible and extension able gui debugger. Changelog v0.3.3 beta Bugfixes Added PIP package. Updated jQuery. [hide][Hidden Content]]
      5. GoSpider – Fast web spider wrote in Go Features Fast web crawling Brute force and parse sitemap.xml Parse robots.txt Generate and verify link from JavaScript files Link Finder Find AWS-S3 from response source Find subdomains from response source Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault Format output easy to Grep Support Burp input Crawl multiple sites in parallel Random mobile/web User-Agent Changelog v1.1.3 c59ef01 Upgrade v1.1.3 7b01017 Merge pull request #27 from rayhan0x01/patch-1 20f8238 removing lower case conversion of paths and parameters 656e12f Fix typo in -q options 9d7a0df Update release [hide][Hidden Content]]
      6. wifipumpkin3 is a powerful framework for rogue access point attack, written in Python, that allows and offers to security researchers, red teamers, and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack.wifipumpkin3 Main Features Rogue access point attack Man-in-the-middle attack Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web traffic WiFi networks scanning DNS monitoring service Credentials harvesting Transparent Proxies LLMNR, NBT-NS, and MDNS poisoner (Responder3) and more! Changelog v1.0.8 R1 Added added inactivity poll default value to 60 min #67 added check if process hostapd is running before start threads added settings binary path of iptables editable added waitforfinish on Qprocess for add rules iptables added frist restful api implementation added DHCP command to select the dhcp server configuration added stop all modules with the command stop or exit is running added new module for performing dns spoof attack with AP enable Removed removed dependencies that be standard library #105 Fixed fixed hide error object of type QProcess on WorkProcess class #93 fixed settings dhcp for allow to change dhcp configuration fixed error when execute from github actions fixed set restport by default 1337 fixed process init hostapd duplicated fixed clean code and code format improves fixed github actions error when try to run pytests fixed dhcp command for apply configurations on same session [hide][Hidden Content]]
      7. Yesterday
      8. Heroic Knowledge Base plugin versions 3.0.1 and below suffer from persistent cross site scripting vulnerabilities. View the full article
      9. itsMe

        Medusa Combolist Editor

        A advanced multi-function combolist editor written in one python file. Medusa is a proof-of-concept multi-function advanced combolist editor which has a variety of editing features. [hide][Hidden Content]]
      10. Ruckus IoT Controller (Ruckus vRIoT) versions and below suffer from a remote code execution vulnerability. View the full article
      11. wawama25

        x10 iptv global-tv.site = mac

        [Hidden Content]
      12. Best Support System version 3.0.4 suffers from a persistent cross site scripting vulnerability. View the full article
      13. itsMe

        PVS-Studio 7.10.43654

        PVS-Studio is a tool for detecting bugs and security weaknesses in the source code of programs, written in C, C++, C# and Java. It works under 64-bit systems in Windows, Linux and macOS environments, and can analyze source code intended for 32-bit, 64-bit and embedded ARM platforms. [Hidden Content] [hide][Hidden Content]]
      14. ZTE Blade Vantage Z839 Emode.APK android.uid.system local privilege escalation exploit. View the full article
      15. WonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar. View the full article
      16. WordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability. View the full article
      17. itsMe

        Metasploit: 6.0.18

        Introduction The Metasploit Framework is an open source Ruby-based penetration testing and development platform, developed by the open source community and Rapid7, that provides you with access to the huge number of exploits, payloads, shellcodes, encoders, fuzzing tools, and much more. Metasploit Framework (Rapid7) Metasploit Framework: The Most Used Penetration Testing Framework Metasploit Framework can be used to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. It simply helps you to find, exploit, and validate vulnerabilities. If you are a pentester, cybersecurity researcher, tester, programmer or freestyler, the Metasploit Framework is all you need. Can be used for both legitimate and unauthorized activities, but we’re strongly suggest you to behave, and use this awesome pentesting framework to test your systems, help attack prevention and rise cybersecurity awareness. [hide][Hidden Content]]
      18. EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, the focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate how fast this tool is, here’s an example of how to set up and execute a credential-stealing evil twin attack against a WPA2-TTLS network in just two commands: Features Steal RADIUS credentials from WPA-EAP and WPA2-EAP networks. Perform hostile portal attacks to steal AD creds and perform indirect wireless pivots Perform captive portal attacks Built-in Responder integration Support for Open networks and WPA-EAP/WPA2-EAP No manual configuration is necessary for most attacks. No manual configuration necessary for the installation and setup process Leverages the latest version of hostapd (2.8) Support for evil twin and karma attacks Generate timed Powershell payloads for indirect wireless pivots Integrated HTTP server for Hostile Portal attacks Support for SSID cloaking Fast and automated PMKID attacks against PSK networks using hcxtools Password spraying across multiple usernames against a single ESSID EAPHammer now supports attacks against 802.11a and 802.11n networks. This includes the ability to create access points that support the following features: Both 2.4 GHz and 5 GHz channel support Full MIMO support (multiple inputs, multiple output) Frame aggregation Support for 40 MHz channel widths using channel bonding High Throughput Mode Short Guard Interval (Short GI) Modulation & coding scheme (MCS) RIFS HT power management Changelog v1.13.5 Fixed gevent / Python 3.9 related issues. [hide][Hidden Content]]
      19. [hide][Hidden Content]]
      20. WordPress Wibar theme version 1.1.8 suffers from a persistent cross site scripting vulnerability. View the full article
      21. WordPress Age Gate plugin versions 2.13.4 and below suffer fro an open redirection vulnerability. View the full article
      22. Moodle version 3.8 suffers from an arbitrary file upload vulnerability. View the full article
      23. Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability. View the full article
      24. SAP Lumira version 1.31 suffers from a persistent cross site scripting vulnerability. View the full article
      25. This tool is designed to find the admin panel of any website by using a custom wordlist or default wordlist easily. [hide][Hidden Content]]
      26. itsMe


        A simple HTTP GET request flooder with both GUI and Command Line interface and SSL enable option(This tool can attack on HTTPS not just HTTP) with low system resource consuming. * This tool can take down most small webistes and webapps in seconds or minutes! And slow down some websites and webapps * [hide][Hidden Content]]
      1. Load more activity