Search the Community

Offence RAT v2.5 PREVIEW DOWNLOAD upload.ee: [hide][Hidden Content]] kosred: sadly theres no more kosred.com such an wonderful file hosting, R.I.P :(

An All-In-One hacking tool is written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete Automation to get a meterpreter session in One Click This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android Device in one click. The goal of this project is to make penetration testing on Android devices easy. Now you don’t have to learn commands and arguments, PhoneSploit Pro does it for you. Using this tool, you can test the security of your Android devices easily. Features Connect device using ADB remotely. List connected devices. Disconnect all devices. Access the connected device shell. Stop ADB Server. Take a screenshot and pull it to the computer automatically. Screen Record target device screen for a specified time and automatically pull it to the computer. Download the file/folder from the target device. Send file/folder from computer to target device. Run an app. Install an APK file from the computer to the target device. Uninstall an app. List all installed apps in the target device. Restart/Reboot the target device to System, Recovery, Bootloader, and Fastboot. Hack Device Completely : Automatically fetch IP Address to create payload. Automatically create a payload using msfvenom, install it, and run it on the target device. Then automatically launch and set up Metasploit-Framework to get a meterpreter session. Getting an meterpreter session means the device is completely hacked using Metasploit-Framework, and you can do anything with it. List all files and folders of the target devices. Copy all WhatsApp Data to the computer. Copy all Screenshots to the computer. Copy all Camera Photos to the computer. Take screenshots and screen-record anonymously (Automatically delete the file from the target device). Open a link on the target device. Display an image/photo on the target device. Play audio on the target device. Play a video on the target device. Get device information. Get battery information. Use Keycodes to control the device remotely. Send SMS through target device. Unlock device (Automatic screen on, swipe up and password input). Lock device. Dump all SMS from device to computer. Dump all Contacts from device to computer. Dump all Call Logs from device to computer. Extract APK from an installed app. Mirror and Control the target device. Power off the target device. Changelog v1.43 Improvements Fixed: Do you want to open this file? for macOS Now you can directly view downloaded media like screenshots, screen-recording videos, etc. on macOS as well. [hide][Hidden Content]]

Masky is a python library providing an alternative way to remotely dump domain users’ credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes, and TGT on a larger scope. This tool does not exploit any new vulnerability and does not work by dumping the LSASS process memory. Indeed, it only takes advantage of legitimate Windows and Active Directory features (token impersonation, certificate authentication via Kerberos & NT hashes retrieval via PKINIT). A blog post was published to detail the implemented technics and how Masky works. [hide][Hidden Content]]

JSshell – a JavaScript reverse shell. This using to exploit XSS remotely, help to find blind XSS, … This tool works for both Unix and Windows operating system and it can be running with both Python 2 and Python 3. This is a big update of JShell – a tool to get a JavaScript shell with XSS by s0med3v. JSshell also doesn’t require Netcat (different from other javascript shells). New in JSshell version 2.9 Updated in the new version of JShell 2.9: New JSshell command: cookie -> allows to view the cookies of the current user who established the shell Support javascript function: Fixed some bugs [hide][Hidden Content]]

[Hidden Content]

Stealth Screenshot Saver + Uploader is a combination of windows utilities to create a malicious program without requiring any heavy coding. The executable file contain: file.bat - Batch file contains the screenshot batch line + ftp credentials main.exe - Execute the hidden file.bat README.txt - dummy file with credits svchost.exe - Command line utility to take screenshots How to use? Open file.bat with notepad and change line 2, 4, 5, 6. In line 2, change between loop and savescreenshot. The first value is by default 60 (60 screenshots before upload) Also in the same line by default is 10000 (Wait 10 seconds between screenshots) In line 4 is the ftp server (Default is ftp.uploaded.net) In line 5 is the ftp username In line 6 is the ftp password Why Uploaded.net Uploaded.net is a public free file hosting service with ftp enabled by default. The advantage of Uploaded.net is that you can share the username and password in plain text and if anyone grab it and try to access the files it won't be possible to modify or delete without confirming by email. Developed using the following Technologies WinRAR, Q Compiler, UPX, Simple Batch Example Download: [Hidden Content] Virustotal: [Hidden Content]