Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.


Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.


      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      All Activity

      This stream auto-updates     

      1. Today
      2. [Hidden Content]
      3. itsMe


        Script to add all udemy paid/free courses having coupons automatically to your udemy account Features Automatic login through browser using browser_cookie3 One click to add all courses available with coupons to your udemy account. You can add any specific course to your account from the list of courses available. Many popular sites added to grab fresh/new courses (coupons). Many more features [hide][Hidden Content]]
      4. itsMe


        Generate Free Edu Mail(s) within minutes Features One click install/setup. No programming knowledge needed (other then python3 with pip installed). Setup will install all webdrivers needed automatically based on your browsers. Many more features. [hide][Hidden Content]]
      5. Malware Hunter Hyper scan makes you enjoy a faster scanning speed. Detect and remove stubborn malware, against potential danger. Malware Hunter is an award-winning product that provides comprehensive protection against all types of threats, secures your data, protects your privacy and ensures your PC remains virus-free. Virus Scan Fast hyper scans, detect and remove stubborn malware, against potential danger. Automatic updates Automatic updates provides real-time protection so that your PC is always up to date and secure. Process Protection Aimed at the process, our protection can ensure the safe operation of your computer. [Hidden Content] [hide][Hidden Content]]
      6. [Hidden Content] [Hidden Content]
      7. Wordpress auto-poster/reposter plugin which supports Facebook, Instagram, Twitter, Pinterest, Linkedin, Google my Business, Telegram, Medium, Reddit, Tumblr, VK, OK.ru, Wordpress based blogs. [Hidden Content] [hide][Hidden Content]]
      8. WordPress Auto Spinner rewrites WordPress posts automatically converting it to fresh new content by replacing words and phrases by its synonyms on autopilot using its built-in synonyms database or optionally using one of the best spinning services APIs including:- SpinRewriter API WordAi.com API TheBestSpinner.com API SpinBot.com API ChimpRewriter API ContentProfessor.com API SpinnerChief.com API Espinner.net API [Hidden Content] [hide][Hidden Content]]
      9. Bestseller chat plugin is now smarter and faster! LC is designed for sales and support. Open source Install on unlimited domains 100 users1 can chat at one time (i.e. 10 operators and 90 visitors) Lightweight.. It works in iframe not to hurt your page performance. Your widget loads itself once your page fully loaded.. Multi-lingual support (WPML and Polylang plugins) Very clean code More than one operators can reply the same user’s question “Email notifications” when new visitor is online (optional) SSL support. All your and visitor messages will be encrypted Tested with latest WordPress GDPR compliance (see details end of the page) Tested with PHP 7.4 and WordPress 5.5 [Hidden Content] [hide][Hidden Content]]
      10. FleetCart is a complete E-Commerce system to easily start your online E-Commerce business. It has a powerful admin panel for managing products, categories, coupons, orders, pages, and much more. FleetCart is extremely optimized for giving customers the best purchasing experience. [Hidden Content] [hide][Hidden Content]]
      11. itsMe

        Multi Scanners Free

        shadowscan [Hidden Content]
      12. itsMe

        Proxy Leecher v1.1

        [hide][Hidden Content]]
      13. itsMe

        SMTP/Mail Access Cracker V3

        @samuelevincent If your account is downgraded to an inactive user, you can get the rank of active user, starting 1 post in the forums: General doubts, Presentations, Off Topic, FYI [Hidden Content]
      14. samuelevincent

        SMTP/Mail Access Cracker V3

        Please can i see the post? Thanks in advance
      15. Yesterday
      16. This Metasploit module exploits an authenticated command injection vulnerability in Artica Proxy, combined with an authentication bypass discovered on the same version, it is possible to trigger the vulnerability without knowing the credentials. The application runs in a virtual appliance and successful exploitation of this vulnerability yields remote code execution as root on the remote system. View the full article
      17. An unauthenticated Java object deserialization vulnerability exists in the CLI component for Jenkins versions 2.56 and below. The readFrom method within the Command class in the Jenkins CLI remoting component deserializes objects received from clients without first checking / sanitizing the data. Because of this, a malicious serialized object contained within a serialized SignedObject can be sent to the Jenkins endpoint to achieve code execution on the target. View the full article
      18. Visitor Management System in PHP version 1.0 suffers from an unauthenticated persistent cross site scripting vulnerability. View the full article
      19. Visitor Management System in PHP version 1.0 suffers from a remote SQL injection vulnerability. View the full article
      20. Seat Reservation System version 1.0 suffers from an unauthenticated remote SQL injection vulnerability. View the full article
      21. Google's osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win a race condition and take over the files managed by the high privileged agent process and thus execute arbitrary commands as the root user (full capabilities). Exploitation was possible only during an osconfig recipe being deployed. View the full article
      22. This project is a simple collection of various shellcode injection techniques, aiming to streamline the process of endpoint detection evaluation, besides challenging myself to get into the Golang world. [hide][Hidden Content]]
      23. SHAD0W is a modular C2 framework designed to successfully operate in mature environments. It will use a range of methods to evade EDR and AV while allowing the operator to continue using tooling tradecraft they are familiar with. It’s powered by Python 3.8 and C, using Donut for payload generation. By using Donut alongside the process injection capabilities of SHAD0W it gives the operator the ability to execute .NET assemblies, EXEs, DLLs, VBS, JS, or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. The main features of the SHAD0W C2 are: Built For Docker – It runs fully inside docker allowing cross-platform usage Live Proxy & Mirror – The C2 server is able to mirror any website in real-time, relaying all non C2 traffic to that site making it look less subject when viewed in a web browser HTTPS C2 Communication – All traffic between beacons and the C2 will be encrypted and transmitted over HTTPS Modern CLI – The CLI is built on prompt-toolkit JSON Based Protocol – Custom beacons are able to built and used easily with an easy to implement the protocol Extremely Modular – Easy to create new modules to interact and task beacons The main features of SHAD0W beacons are: Shellcode, EXE, Powershell & More – Beacons can be generated and used in many different formats Process Injection – Allowing you to migrate, shinject, dllinject and more Bypass AV – Payloads are frequently updated to evade common Anti-Virus products Highly configurable – Custom jitters, user agents and more Proxy Aware – All callbacks will use the current system proxy HTTPS C2 Communication – Traffic to and from the C2 is encrypted via HTTPS Current Modules: GhostPack – With the binary compiled nightly via an Azure pipeline. Thanks to @Flangvik Unmanaged Powershell – With built-in AMSI bypass Ghost In The Logs – Disable ETW & Sysmon, more info can be found here Elevate – Built-in PrivEsc exploits SharpSocks – Reverse socks proxy over HTTPS SharpCollection – A ton of .NET offensive tools, more info can be found here Mimikatz – For all your credential theft needs Upload & Download – Easy data exfiltration StdAPI – Common commands to interact with the file system [hide][Hidden Content]]
      24. Flatpress Add Blog version 1.0.3 suffers from a persistent cross site scripting vulnerability. View the full article
      25. Comodo Unified Threat Management Web Console version 2.7.0 suffers from a remote code execution vulnerability. View the full article
      26. Web-scraping tools generally use macros or configuration methods, and follow a sequential list of commands. The macro approach is more user friendly and automatically records the actions of a user in a browser. However, there are typically restrictions on accessing the code behind the agent. The configuration approach allows the user to directly configure each part of the agent. They can introduce more code structure, controls, data refinements, or add their own naming conventions. Content Grabber gives you the option to either follow the simple macro automation methods, or to take direct control over the treatment of each element and command within your agent. Content Grabber Agent Development With Content Grabber, you can visually browse the website and click on the data elements in the order that you want to collect them. Based on the content elements selected, Content Grabber will automatically determine the corresponding action type and provide default names for each command as it builds the agent for you. [Hidden Content] [Hidden Content]
      27. itsMe


        Remote access Trojan, spies and obtains information from the infected pc, controlled by telegram commands. Please! use it only for educational and professional purposes... Information Developed by: SebastianEPH Product name: RAT Telegram Spy Bot Type software: Remote Administration Tool File version: 1.0 Architecture: x86 bits || x64 bits State: No verificado [Posible Fallos] Size: 400KB aprox Undetectable: Not Tester << No Verificado Plataform: Windows 7, 8.1, 10 Programming language: C#.net Framework - Console Licence: MIT IDE or text editor: Visual Studio Comunity 2019 Documentation date: 20/05/2020 Description: Remote access Trojan, spies and obtains information from the infected pc, controlled by telegram commands. [hide][Hidden Content]]
      1. Load more activity