Jump to content

Welcome to LeVeL23HackTools

Welcome to LeVeL23HackTools, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of LeVeL23HackTools by signing in or creating an account.

  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.

  • Announcements

    • dEEpEst

      RESTRICTIONS ON DOWNLOADS   10/17/2018

      You can download 5 files a day, if you want to make unlimited downloads you must buy PRIV8, you will have access to all the parts of the forum and you will be able to download unlimitedly without restrictions for a lifetime.

All Activity

This stream auto-updates     

  1. Yesterday
  2. The Hacker Machine 2 is a search engines for hackers and crackers to search for software, references or common hacker/cracker questions. Download [Hidden Content]_(Updated_20-01-2019).zip Virus Scan [Hidden Content]
  3. 222k Mix Combolist [HIDE][Hidden Content]]
  4. [Hidden Content]
  5. Remot3d - An Simple Exploit for PHP Language It's easy to create a backdoor in an instant, the backdoor can be used in a remote process via a Linux terminal on the server that runs the PHP Language program. Made to bypass the system that is disabled on the server, especially for reading sensitive files that are /etc/passwd Donate If this project very help you to penetration testing and u want support me , you can give me a cup of coffee :) List of Remot3d Functions Create backdoor for windows or linux servers (can run php file) Bypass disable function's with imap_open vulnerability Bypass read file /etc/passwd with cURL or Unique Logic Script's Generating Backdoor and can be remoted on Tools Some other fun stuff :) [HIDE][Hidden Content]]
  6. [Hidden Content]
  7. Fortnite_Keker

    [HIDE][Hidden Content]]
  8. email:pass proxy: yes [Hidden Content]
  9. ConfuserEx-Unpacker-2

    ConfuserEx Unpacker 2 STILL UNDER BETA A new and updated version of my last unpacker for confuserex which people actually seem to use so i thought i would update it and actually make it better as that version is very poor this is currently in beta and in its first version will only support confuserex with no modifications or additional options from confuserex itself. this will change as i add more features this will heavily be based off my instruction emulator which makes it much more reliable as long as theres no hidden surprises from modified confuserex i have not used sub modules due to making changes within de4dot.blocks in Int32/64Value i have modified the Shr_Un methods and such to fix a bug (well not really a bug but it prevents some operations from giving correct result) if you have an issue with this unpacker please make an issue report but if you simply go 'does not work on this file please fix' i simply will just close your issue please make a detailed report and explain where it crashes Credits TheProxy for his Reference Proxy Remover Shadow Anti Tamper remover 0xd4d dnlib/de4dot Source: [HIDE][Hidden Content]] Bin .exe compiled: [HIDE][Hidden Content]] Pass: level23hacktools.com
  10. [HIDE][Hidden Content]] Pass: level23hacktools.com Scan
  11. TOR for Browser is a html page that asks for a website and automaticaly using a simple math anonymize the connection by proxy. It connections possibilities is limited in this release to 9 diferent ip combinations in a chain limited to 3. The Priv version which costs €97.99 EUR includes 5000 ips with a chain almost unlimited. Download (Preview Version) [Hidden Content] Virus Scan [Hidden Content]
  12. Logo xD

    Demo:
  13. Skywave Linux

    Skywave Linux 3.1.1 Released Skywave Linux is an operating system using bleeding-edge technology to robustly access broadcast, utility, military, and amateur radio signals from almost anywhere in the world, including countries with restrictive internet environments. Skywave Linux connects to a large and growing network of state-of-the art software defined radio (SDR) servers, making it possible to experience high performance SDR operation without your own large antennas or on-site radio hardware. All you need to do is boot the system on a computer with internet connectivity. Skywave Linux can also operate numerous types of SDR hardware, plugged in or on the local network. Downloading, installing and configuring SDR software can be difficult for many computer users; Skywave Linux eliminates the hassle by including several applications installed, configured, and ready to run. Video: SDR software is configured for popular devices, such as the RTL-SDR dongles, Softrocks, Hermes, and other radios. Skywave Linux is a 64 bit system built over Ubuntu Linux, and may be installed on a bootable USB stick, SD card, DVD, or hard drive. Features WebSDR, OpenWebRX radio servers accessible via internet browser. HPSDR servers accessible via QtRadio HPSDR hardware also via cudaSDR RTL-SDR plug-and-play functionality via CubicSDR, Gqrx, and QtRadio RTL-SDR ADS-B tracking and mapping via Dump1090 RTL-SDR RDS decoding via Gqrx and Redsea SDRPlay, Airspy radio hardware is supported. LADSPA audio plugins for EQ/Compression/Limiting WSJT -X / WSPR-X weak signal digimode software Weather Satellite Decoding via WXtoImg Satellite tracking with Gpredict Trunked Radio System Reception with SDRTrunk Radio firmware & data management with CHIRP Kodi Media Center for conventional internet streaming Skywave Linux Web Site : [hide][Hidden Content]] Download : [hide][Hidden Content]]
  14. CAINE 10.0

    Tools and packages included in CAINE Live DVD ADDED/CHANGED: CHANGELOG CAINE 10.0 "INFINITY" New tools, new OSINT, Autopsy 4.9.1 onboard, APFS ready,BTRFS foresic tool, NVME SSD drivers ready! SSH server disabled by default (see Manual page for enabling it). OSINT: Carbon14, OsintSpy added. Mobile: gMTP and ADB added. Added: Recoll, Afro, Stegosuite,etc. etc. many others fixing and software updating. CAINE has got a Windows IR/Live forensics tools. If you need it you can use the IR/Live forensics framework you prefer, changing the tools in your pendrive. Tools: Nirsoft suite + launcher, WinAudit, MWSnap, Arsenal Image Mounter, FTK Imager, Hex Editor, JpegView, Network tools, NTFS Journal viewer, Photorec & TestDisk, QuickHash, NBTempoW, USB Write Protector, VLC, Windows File Analyzer. HibernationRecon by Arsenal Recon CAINE 10.0 has been updated 18/Dec/2018 (Autopsy 4.9.1 updated) [Hidden Content]
  15. [HIDE][Hidden Content]] Pass: level23hacktools.com
  16. Fornite - Cracker/Checker

    [HIDE][Hidden Content]] Scan
  17. 119k_FR Combolist [HIDE][Hidden Content]]
  18. 64k_Yahoo Combolist [HIDE][Hidden Content]]
  19. Last week
  20. 400k MIX Combolist [Hidden Content]
  21. [HIDE][Hidden Content]] w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process. this is a list of available scanners: automatically detects target authentication type. admin page scanner. SQL injection scanner vulnerability. Attack Method: w3brute can attack using various methods of attack. this is a list of available attack methods: SQL injection bypass authentication mixed credentials (username + SQL injection queries) Support: multiple target google dorking a list of supported web interface types to attack: web shell HTTP 401 UNAUTHORIZED (Basic and Digest) create file results brute force attack. supported file format type: CSV (default) HTML SQLITE3 custom credentials (username, password, domain) (supported zip file) custom HTTP requests (User-Agent, timeout, etc) and much more...
  22. 10k Fortnite Dorks

    10k Fortnite Dorks [HIDE][Hidden Content]]
  23. Arkei 9.1.2 Stealer & Loader

    Pass level23hacktools Download [Hidden Content]
  24. crypter Beefosft Crypter C# FUD

    Scan Update: [Hidden Content]
  25. Terms & Definitions Runpe Runpe is the part of the code that injects the functional part of the virus into the memory of the selected process. Injection The process for placing PayLoad in the memory of the selected process is called Injection ie Injection The most commonly injected processes are: svchost.exe Regasm.exe explorer.exe Default browser (chrome.exe, opera.exe, firefox.exe, iexplorer.exe) itselt - i.e. itself (meaning PayLoad is injected into a running process) vbc.exe cvtres.exe Payload explaining to beginners this means the file you chose to encrypt (i.e. a virus) Ecryption The algorithm that "Protects" converts the bytes of the selected file, making them unrecognizable and completely distinguishable from the original bytes of the file. Stub The program is created in order to store the encrypted file (encrypted file) and inject it into memory at startup. Where is it Private stub Same as above except you must be the only person using this Stub. The code is basically very different from the "Public Stubs" which makes it harder to detect when scanning Further adheres to "FUD" - Fully undetectet How does all this work? Figure 1.1 demonstrates what a crypter does with your server. Figure 1.1: ScanTime vs RunTime? Scantime Definition When a file is detected, the scan means: If before it is launched, Anti-Virus detects it or when a scan is running, the file was detected and marked as Threat Scantime Detect detections are caused by visible file instructions or "PE info" - such as build / icon, Cloned certificate, type of resources and file size. Basically, this means that the RAT / Server that you encrypt is practically no different because the file was encrypted, Bad, bad, or for Antivirus in a recognizable way. The safe place where you can scan Stub for ScanTime Detection is: MajyxScanner Scan4You AvDetect Rantaim Definition A detectable file at start-up means: If the file was launched and your Anti-Virus detected it and marked it as a threat and Blocked, Stopped, Deleted it. Runtime Detection is caused due to behavior. Basically how your file acts and runs can and cause detection at startup. Rat / Server that you have encrypted affect detection at startup If you want to avoid run-time detection (Runtime Detect) you must refrain from overloading the settings. RootKit (rootkit) is likely to be outcrop. It is best to use as few settings / functions as possible when creating your server and more from the cryptor. Why? Yes, because it is easy to detect the behavior of the well-known RAT, when it was never updated and changed. Crypters are updated and modified so it’s more reliable to use their settings to avoid Runtime Detect. The way to prevent some Runtime Detect is Anti Memory Scan. Which will basically deny access to the memory space where your server will work. Safe place to scan for Runtime Detection was Refud.Me but they shut it down! Scantime detection User Invoked: Basic / common detection is a common cause: Size, Icon and file information selected by the user. Example of common detection: Kazy (this may be the fault of "coders" in some cases) Bary Zusy Gen: * - this detector can be easily removed: By changing the icons - (low resolution / size icon) By changing the file information - (find the info of the trusted programs ) Add a bit of size - Pump File If all this does not work - Try to delete the file information (Using ResHacker) Caused by kripter / programmer (coder) : Heuristic Detections and Some General Detections PE Structure Detection Examples: Injector. * ( I.e. NOD32 Detection General Detection) Heur. * MSIL. * Runtime As called by: Selecting all possible settings in the RAT. Selection of common processes for inject Here are some instructions on how to fix all this: Avoid injecting processes like svchost.exe. Add a Delay (30 sec this can bypass the Rantaim of some Antivirus Add good info and icon Caused by Kripter / programmer (coder): Excessive use of Runpe without modification Copy & Paste code For a long time did not check Runtime Detection How not to corrupt your Server? What to Avoid: Double crypting - What article are you doing this from ??? Clicking on each individual function in the RAT and Crypter also Important Things to keep in mind: is your file native or .NET / managed? Native RATS are programmed without dependencies (i.e. C, C ++, VB6, Delphi) DarkComet Cybergate Prototype Netwire Babylon NanoCore LuminosityLink Immenent Monitor 3 njRAT PiRat Quesar rat Is your .NET file? It is recommended to use for the infection "itself". Using other settings can spoil your file. Is your file native? It is recommended not to use for the infection itself. Choose something else. Why is My File no longer FUD? Very important factors in how quickly it is detected: Virus spread Where the file was uploaded How big and popular and how many clients in your Cryptoservice What malware was encrypted Antiviruses are updated at least once a day! This is the work of the cryptor, they can become detectable. But Refud to clean it is possible, it is done in less than an hour! How not to spoil your cryptor FUD Time? What to avoid: Scanning to sites: which merge your files to antivirus companies Prohibited sites to scan (not all here): VirusTotal Anubis Jotti Upload your files to Uploading Host Files sites Prohibited sites for downloading your files (not all here): DropBox MediaFire GoogleDrive Do not send your files via Skype! (Picture 1.2) Picture 1.2: Things to do: Each antivirus will share samples from your PCs make sure that you disable any such service on your AVs. How not to annoy the owner of a krypter? What to avoid: Spamming Post the results of the detection on of.sayte in the comments ESPECIALLY then when these are your fault. Things that need to be done: If you send a support message to the support that your file does not work, specify all the settings that you used. be patient Follow the rules Don't be an idiot Read all instructions / video tutorials for setting up a crypter and then communicate with the support to solve your problems. Crypter Specifications and Description: Startup installation: The stub module that adds your encryption file to the list of Windows startup programs (startup / msconfig) Many different types: Use of a register (regedit), Tasks, Copying a file to Startup folder, other ... Startup Persistence: A module that checks if your file is removed from the Startup list. Anti Memory Scan: A module that prohibits access to everything that the injected payload will try to read (injecting a download virus into a process) Extremely useful for bypassing RunTime Detect Elevate Process / Privileges: Attempts to get admin rights for your file. Critical Process: Changes some attributes of the operation of your file, which will cause BSOD (Blue Screen of Death). Mutex: A very useful feature to make sure that your file does not work more than once at the same time. Melt file: Deletes / Deletes a file after it has been successfully launched. File Pumper: Adds a certain number of bytes (with a value of 0) at the end of the file, increasing its size, but does not violate any procedures at run time. Compress: Reduces the output size. Icon or Assembly Cloner: Copy the assembly data or icon of the selected file. (to get around some common detections) Encryption Algorithm: The function is used to convert RAT / Server bytes to something completely different. Delay Execution: Used for "Stop" - pause your file during operation. Over a period of time. Adding 30+ seconds will in some cases bypass RunTime Detection, believe it or not, it's up to you !. Binder: To add another file to the stub, after the stub starts, your RAT / Server will start but with this and the file you forgot. Downloader: Well, it obviously loads and runs the file from the given URL. USG - Unique Stub Generator: Be sure that when checking this function you use different stubs and they will be different from the previous crypt. In real life, this function simply changes the names of variables and some methods. Fake Message Box: Fake message at startup Hide File: the file will be Hidden so the victim cannot see the virus in the folder. Antis: Stop your file from running if some programs are running in the background: Popular Anti: Anti Virtual Machine (VMWare, VirtualBox and VirtualPC) Anti Sandbox Anti Wire Machine Anti Fiddler Anti Debugger Anti Anid Botkill: Searches for any existing files or processes that may be malware and kills / deletes them from the system. Spreaders: Copies the file in those places where it can infect other users. Spreaders do not work so do not fuck your brains Common spreaders: USB Rar / zip Chat / IM (Skype, Facebook, Omegle, Twitter) -Spamming Junk Code: Adds trackless trash code for Baipass Scantime Detection Remove Version Info: Removes file info Require Admin: Queries the UAC window asking to run the file as Admin. Certifcate Clone / Forger: Adds certificate to file
  26. Recaf v1.9.0

    An easy to use modern Java bytecode editor based on Objectweb's ASM. No more hassling with the constant pool or stack-frames required. src [Hidden Content]
  1. Load more activity
×

Important Information

Terms of Service