Search the Community

Italian luxury automaker Ferrari has been hacked by an unknown threat actor who has demanded a ransom in exchange for certain client contact details. Ferrari made the announcement of the “cyber incident” on its website recently, stating that its wholly-owned Italian subsidiary was contacted by a threat actor with a ransom demand related to certain client contact details. While Ferrari has refused to pay the ransom as a policy, it has informed its clients of the potential data exposure and the nature of the incident. The company takes the confidentiality of clients seriously and understands the significance of the incident, as its clients most likely represent some of the world's wealthiest individuals given the typical cost of a Ferrari. The attack has highlighted the fact that ransomware is not just a problem, but a major data loss issue as well, as sensitive data, including client names, addresses, email addresses, and telephone numbers, has been exposed. Cybersecurity firm Halcyon's CEO and Co-founder, Jon Miller, has emphasized that the focus for ransomware operators is to cause as much pain as possible to victim organizations in order to extract the highest payment possible. This means that even if the victim organization pays the ransom, the attackers still have the data and can sell or expose it, or come back to the victim organization and ask for even more money. Ferrari has immediately started an investigation in collaboration with a leading global third-party cybersecurity firm, once they became aware of the hacker's demands. The automaker has assured its clients that the breach has had no impact on its operations. Even though Ferrari did everything right regarding securing the data and incident response measures, ransomware gangs are intent on stealing data to force victims into paying the ransom demand, causing collateral damage to entities whose sensitive data is exposed. Miller has urged organizations to defeat the attack before hackers can exfiltrate data and disrupt operations to make these attacks unprofitable. In October, Ferrari was hit by a ransomware attack, losing 7GB of data to threat actors.

Software for Adversary Simulations and Red Team Operations Why Cobalt Strike? Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer’s network. Malleable C2 lets you change your network indicators to look like different malware each time. These tools complement Cobalt Strike’s solid social engineering process, its robust collaboration capability, and unique reports designed to aid blue team training. Cobalt Strike - Version with client and ts In order to start team-server, give seven permissions to these files chmod 777 source-common.sh chmod 777 teamserver chmod 777 TeamServerImage Next, in Client, we give the rights to such files as chmod 777 cobaltstrike chmod 777 cobaltstrike.cmd To start team server: ./teamserver ip password To start the client ./cobaltstrike [Hidden Content] [hide][Hidden Content]]

A simple FOFA client written in JavaFX Features Support tabs Feature-rich Context Menu on items Export query result into Excel spreadsheet Manually set max query count pre-query for non-premium users (Change the value of maxSize in config.properties) Fill hex certificate signature into the homepage’s toolbox to convert it to FOFA’s decimal format. Use cert=”converted_value” to match a certain SSL certificate. Input autocompletion Support FOFA’s exclude fraud/honeypot feature (Only for FoFa senior user, will mark a (*) in tab when active) Support Fid query (Only for FoFa senior user, need to check the box) FOFA grammar cheatsheet [hide][Hidden Content]]

Boost your email Skyrocket your productivity Get the best email client for Windows and macOS, for professionals and home users alike. Break out of your email routine eM Client enhances your email communication and makes you more productive. See how, in 90 seconds. [Hidden Content] [hide][Hidden Content]]

Gets you where you want to go... Censored by your country, corporation, or campus? After dealing with repressive regimes around the world, we are uniquely suited to help you get to the content you want, whenever and wherever you want it. ...and gets you there safely. Want to surf securely when using public WiFi? Free internet is nice, but stolen cookies and accounts are not. Psiphon gives you a safe path to the Internet, no matter what network you're using to connect. Trust, Speed, Simplicity: pick three Since 2008, Psiphon has helped millions of people in freedom-restricted countries around the world safely access censored knowledge and ideas. Now Psiphon can do the same for you. What is Psiphon? Psiphon is a circumvention tool from Psiphon Inc. that utilizes VPN, SSH and HTTP Proxy technology to provide you with uncensored access to Internet content. Your Psiphon client will automatically learn about new access points to maximize your chances of bypassing censorship. [hide][Hidden Content]]

Altus Desktop client for WhatsApp with themes and multiple account support Altus is an Electron-based WhatsApp client with themes and multiple account support, available for Windows, Mac and Linux! Features Altus uses the GitHub-produced Electron framework to wrap around WhatsApp Web and add extra features to it. Multiple Account Support: As of v2.0, you can use multiple WhatsApp accounts simultaneously! Native notification support for all of the platforms. Clicking the notification opens that specific chat! Online Indicator: Shows an indicator at the bottom-left corner of the chats that are online! Dark mode for when you need to chill out your eyes in the night (or even in the day) Custom Theme Support: Write your own CSS theme for WhatsApp or use the in-built Theme Customizer to create a new one just by picking colors! Available for most desktop platforms including Windows (7 or above), Linux and MacOS. Tray icon so you can minimize the app completely and still receive notifications. [hide][Hidden Content]]

Psiphon is a great tool to ensure your anonymity on the Internet and to solve the problem of access (from a secure tunnel) to any blocked sites. The utility uses VPN, SSH and HTTP proxy technologies. Features Gets you where you want to go... After dealing with repressive regimes around the world, we are uniquely suited to help you get to the content you want, whenever and wherever you want it. ...and gets you there safely. Free internet is nice, but stolen cookies and accounts are not. Psiphon gives you a safe path to the Internet, no matter what network you're using to connect. Trust, Speed, Simplicity: pick three Since 2008, Psiphon has helped millions of people in freedom-restricted countries around the world safely access censored knowledge and ideas. Now Psiphon can do the same for you. What is Psiphon? Psiphon is a circumvention tool from Psiphon Inc. that utilizes VPN, SSH and HTTP Proxy technology to provide you with uncensored access to Internet content. Your Psiphon client will automatically learn about new access points to maximize your chances of bypassing censorship. Psiphon is designed to provide you with open access to online content. Psiphon does not increase your online privacy, and should not be considered or used as an online security tool. RePack by elchupacabra Combined installation of the program in one distribution kit or unpacking the portable version (portable app format) The ability to install the original or modified * (no ads) version Multilingual interface (including Russian) Picks up the external settings file. reg (if located next to the installer) * In the modified version, the opening of the advertising page on connection is disabled and PsiCash is removed from the interface [hide][Hidden Content]]

Best Support System is a self-hosted support ticket application.It handle support ticket, manage email ticket, collect any payment by paypal. It has easy installer so you don’t need any programming skill. We will keep update reqularly and it has auto update feature. [Hidden Content] [hide][Hidden Content]]

BlackMamba BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi-Client – Supports multiple client connections at the same time. Real-Time Communication Updates – Real-time communication and updates between the client and server. Encrypted Communication – Almost all communications are encrypted, with exception of screen video streaming. Screenshot Gathering – Get a real-time screenshot from the client. Video Streaming – Watch in real-time the client screen. Client Lock – Lock and unlock the machine of the client. Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client. Keylogger – Register all the keys pressed by the client. Web Downloader – Download files from URLs or content by RAW pages. Changelog v1.0.41 New feature: Enumeration of open ports. [hide][Hidden Content]]

BlackMamba BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi-Client – Supports multiple client connections at the same time. Real-Time Communication Updates – Real-time communication and updates between the client and server. Encrypted Communication – Almost all communications are encrypted, with exception of screen video streaming. Screenshot Gathering – Get a real-time screenshot from the client. Video Streaming – Watch in real-time the client screen. Client Lock – Lock and unlock the machine of the client. Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client. Keylogger – Register all the keys pressed by the client. Web Downloader – Download files from URLs or content by RAW pages. Changelog v1.0.24 New feature: Enumeration of antiviruses of the client host [hide][Hidden Content]]

BlackMamba BlackMamba is a multi-client C2/post exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi-Client – Supports multiple client connections at the same time. Real-Time Communication Updates – Real-time communication and updates between the client and server. Encrypted Communication – Almost all communications are encrypted, with exception of screen video streaming. Screenshot Gathering – Get a real-time screenshot from the client. Video Streaming – Watch in real-time the client screen. Client Lock – Lock and unlock the machine of the client. Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client. Keylogger – Register all the keys pressed by the client. Web Downloader – Download files from URLs or content by RAW pages. [hide][Hidden Content]]

eM Client Pro – is an email client designed for Windows. The tool comes with other interesting features as well, such as calendars, contacts and tasks. It can be easily handled by users of any level of experience. The interface of the app is clean and intuitive; you can set up a new account by inputting account, calendar and contact credentials, IMAP and SMTP details and chat settings. Plus, eM Client can diagnose problems which may occur with these options. Information regarding the email accounts and content is divided into three separate panels, in order to provide you easy access. From the right side of the screen you can display the sidebar to view contact details and an agenda, as well as chat with friends (e.g. via the Facebook account associated with your email). In addition, you can backup and restore data, import information from other apps (e.g. Microsoft Outlook, Mozilla Thunderbird, Windows Mail) or export it, as well as move items in other folders and use undo, redo and search functions. Other features of eM Client allows you to categorize items by color, enable follow-up, create meetings or tasks from messages, as well as add contacts to your instant messaging services. But you can also send and receive files, manage a privacy list and add rules (e.g. move spam messages to the ‘Spam’ folder). From the ‘Settings’ section you can customize eM Client’s appearance, add new widgets, send or clear logs, enable to synchronize items at a specific time interval and make eM Client your default mail handler. Features • Customizable widgets • RSS widget • Spell checking • Recurring tasks and events • Tasks interface • Calendar synchronization with Merak Mail Server • Contacts synchronization with Merak Mail Server • Spam folder synchronization • Quarantine synchronization and reports with Merak Mail Server • U3 Flash USB disk support • Multiple calendars with color settings • Mail import from .EML (Thunderbird, Tha Bat!, Eudora) • Fast Indexed search through e-mail, calendars and contacts • SMTP/POP3 • IMAP4 support both on-line and off-line • SSL support for all protocols • Content control allows you to apply rules to trap spam and unwanted mail • Complete Contacts/Address book interface • HTML/plain text mail format • E-mail rules and filters • Drag and drop attachments • E-mail signatures for each account • Requesting read receipt • Calendar interface (Day view, Week view, Month view, List view) • GroupDAV support • Variable layout and adjustable interface • Import from MS Outlook and Outlook Express (e-mail and contacts) • Drag&drop attachments • Automatic on-line update system • E-mail sorting (Date, Header, Subject, Label) [Hidden Content] [hide][Hidden Content]]

VPN Gate Client Plug-in – relies on SoftEther VPN client in order to conceal your IP address while you’re browsing online, thus facilitating access to services that are otherwise restricted in your area. SoftEther VPN is a package that allows you to create a custom VPN topology, being constituted of a client-server technology. VPN Gate Client Plug-in is an add-in for the client side of SoftEther VPN that ensures online anonymity. The plug-in comes wrapped up inside a package that also includes the SoftEther client, therefore you won’t be required to download it separately. Installation ends in a jiffy, allowing you to get acquainted with the program immediately. The plug-in appears as a VPN connection inside the main window of SoftEther VPN; double-clicking it will open a new window where a list of VPN relay servers is displayed, allowing you to select the one you wish to connect to. The list contains a variety of servers that are presented alongside IP address, region, uptime, line speed and so on. As a side note, it is recommended that you choose a VNP server closer to your region so that you don’t experience server downtimes. Once you’ve chosen one and connected to it successfully, you will be able to enjoy a wide array of benefits, including the removal of area restrictions for services such as YouTube, Hulu, Netflix, etc. You will get a state of invisibility, we might add, which means you can explore the web without being tracked and spied on. However, most of the servers that VPN Gate Client Plug-in relies on are located in Korea and Japan and very few throughout the US and Europe, which restricts its audience significantly. [hide][Hidden Content]]

VPN Gate Academic Experiment Project is an online service as an academic research at Graduate School of University of Tsukuba, Japan. The purpose of this research is to expand the knowledge of "Global Distributed Public VPN Relay Servers" . [hide][Hidden Content]]

CheckPoint Endpoint Security VPN versions E80.87 Build 986009514 and below and ZoneAlarm versions 15.4.062.17802 and below suffer from a privilege escalation vulnerability. View the full article

FTPShell Client version 6.74 suffers from a local buffer overflow denial of service vulnerability. View the full article

Steam Windows client local privilege escalation exploit. View the full article

Simply install VPN Gate Client Plugin to SoftEther VPN Client. It will enable you to connect to any of our Public VPN Relay Servers of VPN Gate in a snap. It has a better throughput than L2TP, OpenVPN or SSTP. This program files are digitally signed by a certificate issued by GlobalSign. The binary file has a countersignature issued by Symantec. [HIDE][Hidden Content]]

Simply install VPN Gate Client Plugin to SoftEther VPN Client. It will enable you to connect to any of our Public VPN Relay Servers of VPN Gate in a snap. It has a better throughput than L2TP, OpenVPN or SSTP. This program files are digitally signed by a certificate issued by GlobalSign. The binary file has a countersignature issued by Symantec. [HIDE][Hidden Content]]

Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits. View the full article

Cyberoam General Authentication Client version 2.1.2.7 denial of service proof of concept exploit. View the full article

LabF nfsAxe version 3.7 ping client buffer overflow exploit. View the full article

Download: [HIDE][Hidden Content]] Password: level23hacktools.com

Open source network observation, positioning, and display client from the world's largest queryable database of wireless networks. Can be used for site-survey, security analysis, and competition with your friends. Collect networks for personal research or upload to [Hidden Content]. WiGLE has been collecting and mapping network data since 2001, and currently has over 350m networks. WiGLE is *not* a list of networks you can use. Uses GPS to estimate locations of observed networks. Observations logged to local database to track your networks found. Upload and compete on the global WiGLE.net leaderboard. Real-time map of networks found, with overlays from entire WiGLE dataset. Free, open source, no ads (pull requestes welcome at [Hidden Content] ). Export to CSV files on SD card (comma separated values). Export to KML files on SD card (to import into Google Maps/Earth). Bluetooth GPS support through mock locations. Audio and Text-to-Speech alerting and "Mute" option to shut off all sound/speech. [HIDE][Hidden Content]]

SCP clients have an issue where additional files can be copied over without your knowledge. View the full article