Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      All Activity

      This stream auto-updates     

      1. Today
      2. dEEpEst

        DUDA CON GMAIL

        Gmail tiene distintos metodos de autetificacion, depende del metodo que este activado para la cuanta. Muestra algunas imagenes de los errores.
      3. dEEpEst

        reacciones por dia

        Si, los usuarios que no son PRIV8 pueden dar 2 reacciones cada 24 horas. Los usuarios PRIV8 no tienen ninguna limitacion.
      4. Yesterday
      5. dEEpEst

        Recox v2.0

        Recox v2.0 The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP addr for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that requires throughout a manual penetration test. Video: [Hidden Content] Download: [Hidden Content]
      6. soyunmojon

        reacciones por dia

        hola, solo di 2 likes y me salio que no puedo dar mas por hoy. ?
      7. kalakas

        DUDA CON GMAIL

        Buenas tardes estimados Alguno de ustedes sabe si hay algún método para evitar que Google detecte actividades inusuales en las cuentas? Ya que en automático las suspende o las inhabilita. Entiendo que Google revisa los accesos mediante IPs, por ejemplo la IP con la que registre o abra mi cuenta es la que queda "guardada" y posteriormente podré acceder a través de ella sin problema, pero qué pasa si no cuento con dicha información, alguna idea o metodo?
      8. itsMe

        Metasploit: 6.0.7

        Introduction The Metasploit Framework is an open source Ruby-based penetration testing and development platform, developed by the open source community and Rapid7, that provides you with access to the huge number of exploits, payloads, shellcodes, encoders, fuzzing tools, and much more. Metasploit Framework (Rapid7) Metasploit Framework: The Most Used Penetration Testing Framework Metasploit Framework can be used to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. It simply helps you to find, exploit, and validate vulnerabilities. If you are a pentester, cybersecurity researcher, tester, programmer or freestyler, the Metasploit Framework is all you need. Can be used for both legitimate and unauthorized activities, but we’re strongly suggest you to behave, and use this awesome pentesting framework to test your systems, help attack prevention and rise cybersecurity awareness. [hide][Hidden Content]]
      9. TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root. NC210 devices cannot be exploited directly via /setsysname.cgi due to proper input validation. NC210 devices are still vulnerable since swBonjourStartHTTP did not perform any validation when reading the alias name from the configuration file. The configuration file can be written, and code execution can be achieved by combining this issue with CVE-2020-12110. View the full article
      10. The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability. View the full article
      11. Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability. View the full article
      12. SpamTitan version 7.07 suffers from an authenticated remote code execution vulnerability. View the full article
      13. Pipe different tools with google dork Scanner [hide][Hidden Content]]
      14. Features Inject multiple payloads into all parameters Inject single payloads into all parameters Saves responses into output folder Displays Status Code & Response Length Can grep for patterns in the response Really fast Easy to setup [hide][Hidden Content]]
      15. itsMe

        Wordlistgen Version 1.0

        Generates target specific word lists by searching for endpoints in javascript and appends parameters for Fuzzing with other tools [hide][Hidden Content]]
      16. D-Link DGS-1210-28 suffers from a denial of service vulnerability. View the full article
      17. Last week
      18. This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds a permanent elevated backdoor. View the full article
      19. Microsoft SQL Server Reporting Services 2016 suffers from a remote code execution vulnerability. View the full article
      20. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication is required to exploit this vulnerability. Additionally, the target user must have the "Data Loss Prevention" role assigned and an active mailbox. If the user is in the "Compliance Management" or greater "Organization Management" role groups, then they have the "Data Loss Prevention" role. Since the user who installed Exchange is in the "Organization Management" role group, they transitively have the "Data Loss Prevention" role. The specific flaw exists within the processing of the New-DlpPolicy cmdlet. The issue results from the lack of proper validation of user-supplied template data when creating a DLP policy. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Tested against Exchange Server 2016 CU14 on Windows Server 2016. View the full article
      21. Malwarebytes for Windows Malwarebytes 4.0 es más inteligente, más rápido y más ligero que nunca. Vaya más allá del antivirus y deje de preocuparse por las amenazas online. [Hidden Content] [hide][Hidden Content]]
      22. itsMe

        RedGate .NET Reflector 10.2.6

        Find and fix bugs fast Decompile, understand, and fix any .NET code, even if you don't have the source Look inside any .NET code Debug your application Follow bugs through your application to see where the problem is – your own code, third-party libraries, or components used by your application. Understand how applications work Inherited an application with no documentation and no comments? Use .NET Reflector to understand how the code runs and avoid bugs. Look inside APIs, SharePoint, and other third-party platforms Third-party platforms aren't always well-documented. Use .NET Reflector to look inside their assemblies, and see how they work and which APIs you can call. Try it now, choose your version later. [Hidden Content] [hide][Hidden Content]]
      23. jackdaw Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other a how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking project by storing/looking up/reporting hashes/passwords/users. Features Data acquisition via LDAP LDAP enumeration phase acquires data on AD info, User, Machine, OU, Group objects which will be represented as a node in the graph, and as a separate table in the DB. Additionally, all aforementioned objects’ Security Description will be parsed and the ACLs for the DACL added to the DB. This, together with the membership information will be represented as edges in the graph. Additionally, custom SQL queries can be performed on any of the aforementioned data types when needed. via SMB SMB enumeration phase acquires data on shares, localgroups, sessions, NTLM data via connecting to each machine in the domain (which is acquired via LDAP) via LSASS dumps (optional) The framework allows users to upload LSASS memory dumps to store credentials and extend the session information table. Both will be used as additional edges in the graph (shared password and session respectively). The framework also uses this information to create a password report on weak/shared/cracked credentials. via DCSYNC results (optional) The framework allows users to upload impacket’s DCSYNC files to store credentials. This is used as additional edges in the graph (shared password). The framework also uses this information to create a password report on weak/shared/cracked credentials. via manual upload (optional) The framework allows manually extending the available DB in every aspect. Example: when user-session information on a given computer is discovered (outside of the automatic enumeration) there is a possibility to manually upload these sessions, which will populate the DB and also the resulting graph Graph The framework can generate a graph using the available information in the database and plot it via the web UI (nest). Furthermore, the graph generation and path calculations can be invoked programmatically, either by using the web API (/ui endpoint) or the graph object’s functions. Anomalies detection The framework can identify common AD misconfigurations without graph generation. Currently only via the web API. User User anomalies detection involves the detection of insecure UAC permissions and extensive user description values. This feature set is expected to grow in the future as new features will be implemented. Machine Machine anomalies detection involves detection of insecure UAC permissions, non-mandatory SMB singing, outdated OS version, out-of-domain machines. This feature set is expected to grow in the future as new features will be implemented. Password cracking The framework is not performing any cracking, only organizing the hashes and the cracking results currently main focus is on impacket and aiosmb’s dcsync results !NT and LM hashes only! Sample process is the following: Harvesting credentials as a text file via impacket/aiosmb or as memory dumps of the LSASS process via whatever tool you see fit. Upload the harvested credentials via the API Poll uncracked hashes via the API Crack them (hashcat?) Upload the results to the framework via the API Generate a report on the cracked/uncracked users and password strength and password sharing note from the author: This feature was implemented for both attackers and defenders. Personally I don’t see much-added value on either side since at the point one obtained the NT hash of a user it’s just as good as the password… Nonetheless, more and more companies are performing password strength exercises, and this feature would help them. As for attackers: it is just showing off at this point, but be my guest. Maybe scare management for extra points. Changelog v0.2.24 new release, lot of fixes, even more features [hide][Hidden Content]]
      24. itsMe

        Azorult

        @Richard Wilder Yes you dont know it, but you share it!!!!! READ THE RULES! File infected/backdoored = account banned!
      25. Richard Wilder

        Azorult

        I do not know about Binder Binders are usually contaminated
      26. itsMe

        Azorult

        file binded & backdoored un-binded file Original name Gempov.exe - un-binded Gjfapv.exe ( Bitcoin Stealer )
      27. Richard Wilder

        Azorult

        Hello Available Azorult new and fixed bug for password encryption chrome and best work for stealer password Steals computer data, such as installed programs, machine globally unique identifier (GUID), system architecture, system language, user name, computer name, and operating system (OS) version Steals stored account information used in different installed File Transfer Protocol (FTP) clients or file manager software Steals stored email credentials of different mail clients Steals user names, passwords, and hostnames from different browsers Steals bitcoin wallets - Monero and uCoin Steals Steam and telegram credentials Steals Skype chat history and messages Executes backdoor commands from a remote malicious user to collect host Internet protocol (IP) information, download/execute/delete file and .... [Hidden Content]
      28. [Hidden Content] [hide][Hidden Content]]
      1. Load more activity