Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.


Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.


      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      All Activity

      This stream auto-updates     

      1. Past hour
      2. Today
      3. ChangeLog Added Sandboxie now applies by default "Close...=!,..." directives to non-excluded images if they are located in a sandbox -- added 'AlwaysCloseForBoxed=n' to disable this behaviour as it may not be always desired, and it doesn't provide extra security added process image information to Sandman UI localized template categories in the Plus UI added "DisableResourceMonitor=y" to disable resource access monitor for selected boxes added option to show trace entries only for the selected sandbox added "UseVolumeSerialNumbers=y" that allows drive letters to be suffixed with the volume SN in the \drive\ sandbox location -- it helps to avoid files mixed together on multiple pendrives using the same letter -- note: this option is not compatible with the recovery function of the Classic UI, only SandMan UI is fully compatible Changed portable cleanup message now has y/n/c options consolidated Proc_CreateProcessInternalW and Proc_CreateProcessInternalW_RS5 to remove duplicate code the ElevateCreateProcess fix, as sometimes applied by the Program Compatibility Assistant, will no longer be emulated by default -- use 'ApplyElevateCreateProcessFix=y' or 'ApplyElevateCreateProcessFix=program.exe,y' to enable it trace log gets disabled only when it has no entries and the logging is stopped Fixed fixed APC issue with the new global hook emulation mechanism and WoW64 processes fixed IPv6 issues with BlockPort options fixed an issue with CheatEngine when "OpenWinClass=*" was specified fixed memory corruption in SbieDrv fixed crash issue with process elevation on CreateProcess calls fixed process elevation when running in the built-in administrator account fixed template preview resetting unsaved entries in box options window [hide][Hidden Content]]
      4. hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Features World’s fastest password cracker World’s first and only in-kernel rule engine Free Open-Source (MIT License) Multi-OS (Linux, Windows and macOS) Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) Multi-Hash (Cracking multiple hashes at the same time) Multi-Devices (Utilizing multiple devices in same system) Multi-Device-Types (Utilizing mixed device types in same system) Supports password candidate brain functionality Supports distributed cracking networks (using overlay) Supports interactive pause / resume Supports sessions Supports restore Supports reading password candidates from file and stdin Supports hex-salt and hex-charset Supports automatic performance tuning Supports automatic keyspace ordering markov-chains Built-in benchmarking system Integrated thermal watchdog 200+ Hash-types implemented with performance in mind … and much more Changelog v6.2.2 ## Algorithms ## – Added hash-mode: bcrypt(md5($pass)) / bcryptmd5 – Added hash-mode: bcrypt(sha1($pass)) / bcryptsha1 – Added hash-mode: FortiGate256 (FortiOS256) – Added hash-mode: Linux Kernel Crypto API (2.4) – Added hash-mode: MurmurHash – Added hash-mode: OpenEdge Progress Encode – Added hash-mode: md5(utf16le($pass)) – Added hash-mode: sha1(utf16le($pass)) – Added hash-mode: sha256(utf16le($pass)) – Added hash-mode: sha384(utf16le($pass)) – Added hash-mode: sha512(utf16le($pass)) – Added hash-mode: md5(md5(md5($pass))) – Added hash-mode: sha1(sha1($salt.$pass.$salt)) – Added hash-mode: sha256($salt.sha256($pass)) – Added hash-mode: sha384($pass.$salt) – Added hash-mode: sha384($salt.$pass) – Added hash-mode: sha384($salt.utf16le($pass)) – Added hash-mode: sha384(utf16le($pass).$salt) [hide][Hidden Content]]
      5. Yesterday
      6. Live Practicals to become an expert in Bug Bounty Web Application Penetration Testing, Cryptography and Kali Linux! What you'll learn The only course that will teach you how to start from ZERO and become a professional Ethical Hacker + NEW CONTENT every month will be added Learn how to use Kali Linux for Ethical Hacking and set up your own Penetration Testing Lab with DVWA, OWASP Broken Web Application and the Metasploitable Machine Learn different attacks like SQL Injection, XSS Scripts, CSRF, File Upload Vulnerability, Command Execution and much more! Become an expert in Cyber security and clear your Security Analyst Interviews! Learn to find vulnerabilities in a website and its exploitation. Learn how to write a Report after discovering bugs Gain full control over target server using Authentication Bypass Attacks Bypass Authentication Mechanisms and get access over credentials Hunt Basic XSS Vulnerabilities on Live Environments including Metasploitable and OWASP BWAPP Perform Complete Account Takeover using CSRF on Lab + Hunt Advance CSRF Vulnerabilities Learn how to start the BUG BOUNTY Journey Requirements No need for any pre-requisite of Cybersecurity Be able to understand English No Linux or programming or hacking knowledge required Description Bug bounty hunting is the recently arising and moving job in network safety that permits freehand security experts to evaluate the application and stage security of an association in vision to distinguish bugs or weaknesses. With a free hand to morally hack and pen testing applications created by the in-house labor force of the associations, bug bounty trackers are for the most part generously compensated to find and report security bugs Many major organizations use bug bounties as a part of their security program, including AOL, Android, Apple, Digital Ocean, and Goldman Sachs. You can view a list of all the programs offered by major bug bounty providers, Bugcrowd and HackerOne, at these links Why do companies use bug bounty programs? Bug bounty programs enable organizations to bridle a huge gathering of programmers to discover bugs in their code. This gives them admittance to a bigger number of programmers or analyzers than they would have the option to access on a one-on-one premise. It can likewise build the odds that bugs are found and answered to them before pernicious programmers can abuse them. It can likewise be a decent advertising decision for a firm. As bug bounties have gotten more normal, having a bug abundance program can move toward the general population and even controllers that an association has a full-grown security program. What will you learn in this course? Fundamentals of Cybersecurity Overview of Ethical Hacking Terminologies What is Kali Linux and why do we use it? Setting up your own Penetration Testing Labs Understanding of OWASP Broken Web Application and MetaSploitable Phases of Penetration Testing Information Gathering Scanning Target Network for Valuable Information Vulnerability Assessment Exploiting SQL Injection Vulnerabilities Different ways to perform CSRF attacks and bypass CSRF protection Types of an Authentication bypass Different ways to perform XSS Exploitation using multiple types of payloads Since the convolution of safety dangers has duplicated, the necessity for bug bounty trackers and their importance across the world is quickly increasing. Receiving a determined methodology and viewpoint towards security can help associations safeguard their standing viably. All things considered, Take a crack at this course and begin adapting now! With this course, you get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you as soon as possible. Disclaimer: This course is created for educational purposes only. We believe that ethical hacking, information security, and cybersecurity should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. Hacking tutorials are against the misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. All tutorials and videos have been made using our own routers, servers, websites, and other resources, they do not contain any illegal activity. We do not promote, encourage, support, or excite any illegal activity. The misuse of the information in this course can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law. We believe only in White Hat Hacking. On the other hand, we condemn Black Hat Hacking Who this course is for: Students who want to learn Cyber security Students interested in Ethical Hacking Pursue certifications like CEH, ECSA, OSCP, CCNA and other security certifications Those who want to become a SECURITY EXPERT Those who want to start a career in Bug Bounty Hunting [Hidden Content] [hide][Hidden Content]]
      7. HighWayPro is the ultimate URL shortener & link cloaker for WordPress. Innovative user interface, powerful targeting options, automated link insertion, advanced analytics & more! [Hidden Content] [hide][Hidden Content]]
      8. Chatvia Laravel is built with Bootstrap 4.5.0, Laravel 8.*, PUSHER with responsive with all devices and supported with Dark, Light modes. You can change mode very quickly by doing a couple of changes. We have used pusher for the live chat application. It has many features like one-to-one chat, contacts, send files, online users, Read and Unread new messages from users, authentication pages and many more. [Hidden Content] [hide][Hidden Content]]
      9. VFM is a simple and flexible plug-and-play file manager, easy to use and plenty of options. Send files to your customers, create new users with dedicated folders, or simply use it as your personal file cloud. Access from any device, manage users and general settings from an intuitive administration panel, customize it to your brand. [Hidden Content] [hide][Hidden Content]]
      10. Protect your online content from being copied. Just install a small plugin on your website and Content Protector for WordPress defend web content from being plagiarized. [Hidden Content] [hide][Hidden Content]]
      11. WhizzChat is a universal WordPress Chat Plugin that can allow your users to chat with each other on your website or can with the Admin. The whizzChat plugin can work with any theme from ThemeForest. It can work with any custom post type. WhizzChat is a WordPress plugin that helps you to communicate with your customers’ via the chat system. Save time and use the software you already know and love. Communicate with your customers directly. [Hidden Content] [hide][Hidden Content]]
      12. You care about what you build. Protect your websites with the best security available. Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive security option available. [Hidden Content] [hide][Hidden Content]]
      13. Facebook Chat by Elfsight is the fastest way for your clients to reach you and get their questions answered. Stay available live for users in their favourite messenger 24/7. Integrate Facebook Chat on your website and set it to appear on specific pages or for a certain groups of visitors, choose start-chat triggers, create your own welcome message, choose icons and more. With the help of Facebook chat on your site, you will stay connected anytime and from anywhere. [Hidden Content] [hide][Hidden Content]]
      14. itsMe

        Discord.JS Bot base

        The base I use to make Discord Bots. This is kind of a "framework" I made to develop my bots. It provides advanced command handler and module system. The main feature is the fact that everything can be added/modified/removed, such as command files or modules, without stopping the process, with only a reload command. Make sure to read this whole ReadMe ! Features Extremely modulable: Create commands and modules in separate files easily. Dynamic refresh: Reload the commands and modules via the reload command (Wich is by default in commands). If any error occurs you will be told so and refresh will be canceled in order not to break the other commands. This way your bot doesn't need to stop its processes if you want to add features ! Crash Proof: Everything is made to limit unhandled error and crashes. The reload fails ? No crash. A command or module fails ? no crash ! Easy to use, user friendly and powerful command handler: Delay functionnality, prevent peoples from spamming commands ! Member permissions handler: Want to create a command only usable by member having the KICK_MEMBER permission ? Just precise it in the command file ! A member will be told he is missing such permissions if so. Same for the bot: your command require the bot do have any permissions ? Then precise it ! Oh, maybe would you like to make commands only usable by yourself ? It's easy as changing a boolean ! Powerful argument handler: Want to add some arguments to your command ? You can easily add it in one line ! A command argument is composed of a Name (Something explicit enough for the user to understand what he is supposed to enter), a type (What kind of desired value you want to be retrieved, for exemple a number, a guild member or an url) and a boolean wether the argument is optionnal or not ! And much more [hide][Hidden Content]]
      15. Rome WebShell A powerful and delightful PHP WebShell This is a lightweight PHP webshell, using only vanilla JavaScript and CSS, no jQuery/Bootstrap bloat. Features Fully interactive file explorer, browser directories, and download files instantly Upload files directly from the browser Execute commands without having to ‘URL encode’ your payloads MD5 Password protection, handy to restrain access during a King of The Hill for exemple Fully CSS animated, responsive, and delightful FlatUI interface Easily customizable, usage of CSS variables makes it easy to use your favorite colors Obfuscated, this repository includes an already obfuscated version [hide][Hidden Content]]
      16. itsMe

        Text Editor Pro 16.0.0

        Powerful text editing tool with syntax highlighting support for programming languages and scripts, multi-caret and synchronized editing, code/text folding, over 300 options for customizing, over 100 ready made skins, character map, numerical unit convert tool, text compare, JSON/SQL/XML formatter, and support for multiple directories (also SFTP) and search results. [hide][Hidden Content]]
      17. itsMe


        AvaddonDecryptor This is an open-sourced tool to decrypt systems infected with Avaddon ransomware. In order to do so, the computer should not have been powered off after the infection. [hide][Hidden Content]]
      18. Name-That-Hash What is this? Have you ever come across a hash such as 5f4dcc3b5aa765d61d8327deb882cf99 and wondered what type of hash that is? Name-that-hash will name that hash type! Features Popularity Ratings – Name that hash will show you the most popular hashes first. In older systems, it would prioritise Skype Hash the same as Active Directory’s NTLM! Which makes as much sense as saying that my GitHub is as popular as VSCode ✍ Hash Summaries – no more wondering whether it’s MD5 or NTLM. It will summarise the main usage of each hash, allowing you to make an informed & decisive choice Colour Output – Don’t worry, the colours were hand-selected with a designer to be 100% accessible and gnarly JSON output && API – Want to use it in your project? We are API first, CLI second. Use JSON output or import us as a Python module! Updated! – HashID was last updated in 2015. Hash-Identifier in 2011! It is a 2021 project Accessible – We are 100% committed to making this an accessible hacking tool Extensible – Add new hashes as quickly as you can edit this README. No, seriously — it’s that easy! Changelog v1.10 This test matrix goes through all of our hash database and: Updates the Hashcat mode Updates the John mode (if it can find it, not all of John the Ripper modes are easy to find) Checks the regex against that hash, ensuring all regex are correct [hide][Hidden Content]]
      19. Scanning APK file for URIs, endpoints & secrets. Changelog v2.5 Added patterns: Facebook Secret Key Facebook ClientID Twitter ClientID Twitter Secret Key Artifactory API Token Artifactory Password Authorization Basic Authorization Bearer Basic Auth Credentials Cloudinary Basic Auth Mailto Vault Token [hide][Hidden Content]]
      20. Last week
      21. itsMe


        About A script that automates creating discord accounts. It shows how accounts can be created automatically without the user typing unless there is a captcha (h-Captcha just needs to be clicked) . It automatically verifies your Discord account via email for you and automatically saves login info in login.txt in email:password:token format. This is used for educational purposes only. Features Auto scrape email Random username from list Random password Random date Auto-email-verify Automatically get Discord token and other login info Proxy support Multi-threading [hide][Hidden Content]]
      22. NetSetManPro version 4.7.2 suffers from a privilege escalation vulnerability. View the full article
      23. Accela Civic Platform version 21.1 suffers from a cross site scripting vulnerability. View the full article
      24. Backdoor.Win32.Zombam.gen malware suffers from a buffer overflow vulnerability. View the full article
      25. WordPress Database Backups plugin version suffers from a cross site request forgery vulnerability in the databased backup download functionality. View the full article
      26. Grocery Crud version 1.6.4 suffers from a remote SQL injection vulnerability. View the full article
      27. OpenEMR version 5.0.0 authenticated remote shell upload exploit. View the full article
      1. Load more activity