Welcome to The Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to
existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile
and so much more. This message will be removed once you have signed in.
Hacker from all countries join this community to share their knowledge and their hacking tools
You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.
Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.
office exploit "Dream Formula" Second Generation | The First Office 0day Vulnerability (CVE-2018-0802) Analysis Revoked by Microsoft in (data Exploit 2018-01-10)
Give reaction to this post to see the hidden content. Features:
- HTTPS, SOCKS4, SOCKS5 Proxies supported (does not support auth proxy)
- Detailed Capture (Level,Rank,VP,RP,Skins)
- Auto Remove Dupes in Wordlist
Give reaction to this post to see the hidden content.
Hello guys, I have a question. e.g
I have a rat and I created a payload then binded it with pdf file with the help of silent exploit but it is not fud. How can I obsfucate the binded virus? Is it possible or not?
Give reaction to this post to see the hidden content. The tool generates a wordlist based on a set of words entered by the user.
For example, during penetration testing, you need to gain access to some service, device, account, or Wi-Fi network that is password protected. For example, let it be the Wi-Fi network of EvilCorp. Sometimes, a password is a combination of device/network/organization name with some date, special character, etc. Therefore, it is simpler and easier to test some combinations before launching more complex and time-consuming checks. For example, cracking a Wi-Fi password with a wordlist can take several hours and can fail, even if you choose a great wordlist because there was no such password in it like Evilcorp2019.
Therefore, using the generated wordlist, it is possible to organize a targeted and effective online password check.
The hashcat rule syntax is used to generate the wordlist. By default, the generator uses a set of rules "online.rule", which performs the following mutations:
Adding special characters and popular endings to the end of the word - !,[email protected], [email protected]#, 123! etc. evilcorp!, evilcorp!123
Adding digits from 1 to 31, from 01 to 12 - evilcorp01, evilcorp12.
Adding the date 2018-2023 - evilcorp2018, evilcorp2019
Various combinations of 1-3 - evilcorp2018!
Capitalize the first letter and lower the rest, apply 1-4. Evilcorp!2021
As a result, for the word evilcorp, the following passwords will be generated (216 in total):
You can use your own hashcat rules, just click "Show rules" and put in the "Rules" textarea them with the list of rules you like best. Rules that are supported (source https://hashcat.net/wiki/doku.php?id=rule_based_attack):
Give reaction to this post to see the hidden content.
HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ).HexorBase allows packet routing through proxies or even metasploit pivoting antics to communicate with remotely inaccessible servers which are hidden within local subnets.
It works on Linux and Windows running the following:
###Downloads to download the latest version
Give reaction to this post to see the hidden content. To install simply run the following command in terminal after changing directory to the path were the downloaded package is:
[email protected]:~# dpkg -i hexorbase_1.0_all.deb
###Icons and Running the application:
Software Icon can be found at the application Menu of the GNOME desktop interfaces
Icon can also be found at /usr/share/applications for KDE and also GNOME:
There you find "HexorBase.desktop"
###To get the source code for this project from SVN, here's the checkout link:
[email protected]:~# svn
What are the most well-known cyber attacks ?
The massive so-called SolarWinds attack, detected in December 2020, breached U.S. federal agencies, infrastructure and private corporations in what is believed to be among the worst cyberespionage attacks inflicted on the U.S. On Dec. 13, 2020, it was revealed that Austin-based IT management software company SolarWinds was hit by a supply chain attack that compromised updates for its Orion software platform. As part of this attack, threat actors inserted their own malware, now known as Sunburst or Solorigate, into the updates, which were distributed to many SolarWinds customers. The first confirmed victim of this backdoor was cybersecurity firm FireEye, which had disclosed on Dec. 8 that it had been breached by suspected nation-state hackers. It was soon revealed that SolarWinds attacks affected other organizations, including tech giants Micrososft and VMware and many U.S. government agencies. Investigations showed that the hackers -- believed to be sponsored by the Russian government -- had been infiltrating targeted systems undetected since March 2020. As of January 2021, investigators were still trying to determine the scope of the attack.
• Here is a rundown of some of the most notorious breaches, dating back to 2009:
- a July 2020 attack on Twitter, in which hackers were able to access the Twitter accounts of high-profile users.
- another 2016 attack, this time at FriendFinder, which said more than 20 years' worth of data belonging to 412 million users was compromised.
- a data breach at Yahoo in 2016 that exposed personal information contained within 500 million user accounts, which was then followed by news of another attack that compromised 1 billion user accounts.
- a 2014 attack against entertainment company Sony, which compromised both personal data and corporate intellectual property (IP), including yet-to-be-released films, with U.S. officials blaming North Korea for the hack;
- eBay's May 2014 announcement that hackers used employee credentials to collect personal information on its 145 million users.