Website Cyberarsenal - Visit site

Our goal here is to build and maintain a community resource for the cyber security scene. We focus on information and software releases, and hope to be as neutral and professional as possible. There are sometimes not clear boundaries in the security scene so you often have professionals and hackers sharing resources and interests. We have decided to draw a clear line that we will not support illegal information here - so no database leaks, no credit card data, no logins and passwords to people's accounts or to servers. Those are specifics - those are the sort of things you can find elsewhere. We instead focus on the infrastructure, tools and techniques of security work (whether for a professional or for the curious hobbyist). How you use the tools is not our business, though we can all learn from each other, so please feel free to share your knowledge and experiences.

What we intend to focus on:

  • Security software/tools releases - our own cracks as well as those of others (mostly members and official scene)
    • reverse engineering, file analysis
    • web security auditing
    • network security auditing
    • exploitation/protocol fuzzing/analysis
    • source code auditing or analysis
    • malware (professional-level use. examples are CobaltStrike or Sliver)
    • utilities related to empowering a security professional/reverser
    • corporate compliance, network management, auditing
    • vpn, proxy, and tunneling solutions
    • forensics and malware analyst work
    • network sniffing and analysis
    • wifi
  • Discussions and tutorials related to:
    • professional security auditing work
    • freedomfighting/pentest and operational security (hacking)
    • reverse engineering (cracking)
We're not big on rules. Here are some common sense things spelled out though:

  • database leaks
  • credit card information or other PII including email lists
  • logins+passwords
  • illegal sales like drugs/weapons/fraud
  • porn unless in the spirit of rainforestpuppy
  • religious holywar or political crap
  • promotion of competitors or scams like zerodaylabSCAMMERS
  • things unrelated to our mission/focus especially where they draw needless heat

NOTE: Just to be clear, many forums prohibit hacking related stuff - well we are security professionals and malware analysts who need to analyze such tools for our education and our work, and these things are explicity allow and are OK: hacking, recon, exploitation, phishing, authentication brute force, ddos, trojans, malware techniques, antivirus evasion, viruses, rats, botnets, firewall evasions, scanners, OSI, etc. Knowledge of a thing is not the thing. Posting the code to something that has multiple uses is not the same as actually using the code. Posting a ddos script is not equal to doing a ddos attack. Posting a ransomware script is not the same as deploying it. It is important to have these hacking and malware resources for purpose of analysis in prevention, or other uses, and the ignorance of the masses won't be enough for us to block such content.

Unfortunately this freedom doesn't extend to actual "loot" such as databases, credit card numbers, logins, or similar leaked data - we don't want that here - there are plenty of places for that and it's not what we are about. Our focus is on the knowledge base and the software. These tools can be used for legitimate security work... If you have other interests that's fine but just don't share the details here. (and why would you?? can you keep a secret? try it! :)
Add missing informations