Remote hacker probe - Threat Emulation and Red Teaming Framework, The Hacking Software for normal people.

Last update: Dec 27, 2022

Overview

The Remote Hacker Probe is a Threat Emulation and Red Teaming Framework built to be easy to use.

The Remote Hacker Probe is Feature Rich! Including, Keystroke Logging, Reflective DLL Injection, Reverse Shell, Password Recovery, etc. ~~- Remote Hacker Probe Core is open source ~~and constantly improved.~~ and is no longer being updated or worked on.~~ UPDATE : 4-Sep-2021. It will be improved over time.
Fast and Lightweight, Remote Hacker Probe is coded in Java meaning it will run anywhere in a JRE and Client in C++ for Native Windows.

The Remote Hacker Probe had 2 versions, Open Source and Professional Version. That have been merged into one and the source code of the Professional Version is also now open source. For more information click here.

Please do not use the Remote Hacker Probe or any Software for Black Hat Activity. The Remote Hacker Probe is a Personal Development Project and is made for Authorized Penetration testing, Demonstrations and Reasearch. The Author is not responsible for any sort of misuse or damage caused by the program.

Installation & Usage

Download Java 11+. Most preferrably Java 15.
Download the Zip Attached in the Latest Release.
Run the file run-on-linux.desktop OR run-on-windows.bat
Getting Started with Remote Hacker Probe or see Video.

Server Features :

Visually Appealing and Theme able Graphical User Interface featuring Dark, Light, Solarized Dark and Solarized Light themes.
Built for ease and usability, Remote Hacker Probe is extremely easy to use and Set up.
The Server is coded in Java meaning it is Cross Platform! It will run anywhere in a Java Runtime Environment (JRE).
Event Logging.
High Speed File Upload / Download.

Main Features :

Probe Client :

The Probe Client is a Standalone EXE containing all malicious code. This is the file used to take remote control over a Computer.

Reflective DLL Injection (Custom + Read Output / Pass Parameters to DLL)
Download, Upload, Delete and browse the entire file System.
Reverse Shell, Full Access to the command line.
Scan Remote Network for hosts.
Port scan hosts in the Target Network.
Scan Remote Network for hosts vulerable to Eternal Blue
Get Process Information by Process name.
Geolocate Client using IP Address.
Shutdown / Restart the Remote PC.
Grab screenshot of the Remote PC.
Record Microphone input.
Add to Startup Persistence on command.
Display Message box.
Open URLS in the default browser.
USB Infection.
Active Window logging.
UAC Status shown in main table.
Client Path shown in main table.
Keylogger.
Password Recovery.
- Pidgin.
- FileZilla.
- Vault & IE.
- WinSCP.
- WiFi.
- Credential Manager.
Task Manager.

Reflective Loader Client :

The Reflective Loader Client is stripped of most features except Reflective DLL Injection. IT establishes connection and runs Payloads in memory from the server. Using the Reflective Loader Client you have the advantage of running Completely in memory.

Reflective Probe Payload (Runs the Probe Client in memory)
Message Box Payload (Displays a Message Box as the process it was injected into)
Open URL Payload (Opens a url as the process it was injected into)
Elevation Payload (Triggers UAC Prompt for the Process it was injected into as ‘WindowsDefender.exe’)
Add / View Windows Defender Exclusions.
Reverse Shell.
Task Manager.
Reflective DLL Injection (Custom + Read Output / Pass Parameters to DLL)

Tutorials and Posts

Bugs

Remote Shell Upload Vulnerability in RHP Server, Fixed. ✔️
Unauthorized File Upload to RHP Server, Fixed. ✔️
Reflective Loader fails. ✔️
JavaSE 16 GUI Bug.

Screenshots

Thanks to

Passcat Project.
Swing Authors.
@stephenfewer (https://github.com/stephenfewer/ReflectiveDLLInjection)
@bhassani (https://github.com/bhassani/EternalBlueC)

Developer

Hi my name's Fahad. You may contact me, on Discord or My Website

LICENSE

VIEW LICENSE

The Developer is not responsible for any misuse or Damage caused by the program. This is created only to innovate InfoSec and YOU. 👈

Donate

Help me with my future projects. Thank you. Donate with Crypto

Comments

client won't reconnect after server restart

When i stop the server and run it again (i'm talking about stop/killing the application and run it again. Not rebooting the machine). Clients won't connect back to the server unless i execute the evil file once more. Is this a bug or a feature :sweat_smile:

opened by nobeltnium 14

Connection Reset - why :(

i am getting this error when a client connects

[INFO] New connection from : /REDACTED:65366
java.net.SocketException: Connection reset
        at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:323)
        at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
        at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
        at java.base/java.net.Socket$SocketInputStream.read(Socket.java:976)
        at java.base/java.io.InputStream.read(InputStream.java:218)
        at rhp.Server.getInformation(Server.java:158)
        at rhp.Server$1.run(Server.java:267)
        at java.base/java.lang.Thread.run(Thread.java:831)

this is the settings i use

Annotation 2021-11-23 214611

java --version
java 16.0.2 2021-07-20
Java(TM) SE Runtime Environment (build 16.0.2+7-67)
Java HotSpot(TM) 64-Bit Server VM (build 16.0.2+7-67, mixed mode, sharing)

opened by kgnfth 12

Suggestion

Hi I know you might be busy This is just a suggestion can you add support for IRC,HTTP so it doesn't just rely on port forwading Like Saefko Attack systems where I live port forwading is pain in the ass expecting a reply Thanks.

opened by Dex0xm 5
It doesn't like Java SE 16 very much?
when i run the run-on-linux.desktop, it won't do anything. So i ran java -jar RHP.jar in the terminal, it gives me error:

Error: LinkageError occurred while loading main class rhp.MainWindow java.lang.UnsupportedClassVersionError: rhp/MainWindow has been compiled by a more recent version of the Java Runtime (class file version 60.0), this version of the Java Runtime only recognizes class file versions up to 55.0

I installed the latest version of Java SE 16, i know the reccommendation is Java 15 but downloading it require register and that's a hassle
opened by nobeltnium 4
Doesn't seem to open

Hey, I've stuck this on a fresh virtual machine. I downloaded and installed Java and the RHP icon has changed to the java logo as expected, but when I either open the "run on Windows" bat file, or directly open the RHP file in Java, nothing happens.

Well, to be more specific, run on windows bat brings up cmd for a fraction of a second and the nothing, and RHP shows a loading icon on the mouse, also for a fraction of a second, but that's it. I've tried twice, with seperate virtual machines, with antivirus off on both my host machine and the guest machine (downloaded to host and moved to guest).

Am I being stupid here?

Thanks

opened by ghost 4
UI problem

After starting RHP.jar (java -jar RHP.jar) on both Windows 10 and Fedora 34, all I get is window without any elements. Latest Java 16 JDK is installed on both OSes. I know that this project is not updated, but it would be nice to have a fix...

opened by Pernat1y 3
Some questions.

Hello, I’m Alpha. I’m new to pen testing, and came across this repo. I have a question, what do you use to configure the client? Do I use my public or private IP address? What port do I put it as? Also, does the client only work on computers connected to the same network as I? Please give a step-by-step explanation as I am very new to pen testing and don’t know much.Thank you!

opened by Alpha-0101 1
Windows version has no upgrade, build or settings buttons

I downloaded the app on java se 17 and everything works fine, the app opens perfectly, but there are not buttons along the top to use the tool. pls help

opened by NobleBoss 1
Ngrok and local

Thank you for your work! Great project ! I have a question sir. When connecting ngrok form build , what to do with the local network settings ? I can't connect ngrok as well as locally. Thank you.

opened by nikolay06 1
Developement Updates

Dear Sir, There is no doubt that this project is a great worship, but i am wondering if you have a plan to encrypt the communication channel. As is seen form the source code, it is using plain socket now and can not evade from AVs. Faithfully.

opened by fadinglr 4

Releases(V.2.3)

V.2.3(Mar 30, 2022)
Remote Hacker Probe V.2.3

Fixed Host - Port reading bug in DLL Loader Client.

Source code(tar.gz)
Source code(zip)
rhp_v2.3.zip(39.20 MB)
V.2.2(Jan 7, 2022)
Fixed https://github.com/quantumcore/remote_hacker_probe/issues/14.

Fixed Password recovery errors.

Fixed Reflective Probe errors.

Source code(tar.gz)
Source code(zip)
rhp_v2.2.zip(39.65 MB)
V.2.1(Sep 4, 2021)
Changelogs

Fixed https://github.com/quantumcore/remote_hacker_probe/issues/8

Source code(tar.gz)
Source code(zip)
rhpPro_v2.1.rar(33.35 MB)
V.2(Apr 14, 2021)
This is the final release of Remote Hacker Probe. I am no longer going to update this. The professional (paid) version is now open source and is merged into this repository.

Changelogs

https://quantumcored.com/index.php/2021/04/14/end-of-the-remote-hacker-probe/
Source code(tar.gz)
Source code(zip)
rhpPro_v2.zip(41.18 MB)
V.1.1(Mar 7, 2021)
What's changed

RCE Vulnerability fixed.

File Manager bugs improved.

Unauthorized File Upload / Download fixed. It is checked if you triggered the file download or not.

Source code(tar.gz)
Source code(zip)
rhp_open_source_v.1.1.zip(39.22 MB)
V.1(Feb 20, 2021)

Release V.1 stable
Source code(tar.gz)
Source code(zip)
rhp_open_source_v1.zip(39.20 MB)

Owner

Fahad

Evening the Odds.

GitHub https://quantumcored.com/index.php/the-remote-hacker-probe/

Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors".

COBALT STRIKE 4.4 Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to exe

104 Aug 21, 2022

Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

Azure Outlook C2 Azure Outlook Command & Control that uses Microsoft Graph API for C2 communications & data exfiltration. Remotely Control a compromis

328 Dec 25, 2022

This repo contains example software for the Kernelcon 2021 Hack Live! badge - the Hacker HotKey.

Hacker HotKey This repo contains example software for the Kernelcon 2021 Hack Live! badge - the Hacker HotKey. Default Hotkey Mapping Hacker Hotkey is

14 Jan 24, 2022

This is new projec based in apps to chat or messages people to people

Stranger This is new projec based in apps to chat or messages people to people Esta aplicacion tendra las siguientes caracteristicas: 1* Es 100% segur

3 Nov 3, 2021

JeVois-Pro People Counter : Implement people counter on JeVois-Pro Deep Learning Smart Camera

JeVois-Pro People Counter Refer to the OpenCV People Counter article to implement a people counter on the JeVois-Pro Deep Learning Smart Camera. First

1 Nov 10, 2021

Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas.

Off The Grid (OTG) Messenger is an easy way for people to communicate through text messages when in remote areas. With a theoretical transmission range of 10 miles (16kms), OTG messenger can be used by groups of people to stay connected when they are in areas not serviced by mobile connectivity.

493 Dec 10, 2022

The purpose of these streams is to be educational and entertaining for viewers to learn about systems architecture, reverse engineering, software security, etc., and NOT to encourage nor endorse malicious game hacking.

Memestream This repository holds the code that I develop during my live game "modding" ?? sessions. When I stream, I like to speedrun making a success

28 Jul 6, 2022

Violent Fungus is a command and control (C2) software suite, providing red teams post-exploitation persistence and other juicy stuff.

34 Sep 7, 2022

AI Powered Hacking Environment, A Software For Hackers, Social Engineers, Penetration Testers.

Digital Eagle (Digle) (Note: This Project isn't Finished Yet, it's Under Development, Some Tools will not work) Hell0 W0rld This Project Focus Firstly

4 Oct 22, 2022

Light probe generation and BRDF authoring for physically based shading.

660 Dec 28, 2022

General purpose power controller, capable of driving soldering irons using different voltages and probe types.

All-purpose Power Micro Controller This general purpose power micro controller features: Wheatstone Bridge front-end New Texas Instruments INA823 inst

30 Dec 3, 2022

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

offensiveph OffensivePH is a post-exploitation tool that utilizes an old Process Hacker driver to bypass several user-mode access controls. Usage Comp

291 Dec 29, 2022

OSA a is minisatellite/ space probe the size of a can designed to participate in the ESA CanSat 2021 competition 🛰️ 📡 .

Project OSA OSA a is minisatellite/ space probe the size of a can designed to participate in the ESA CanSat 2021 competition ??️ ?? . Our project is c

11 Sep 30, 2022

Tools of The Trade, from Hacker News.

Hacker News Tools of the Trade Tools of The Trade, from Hacker News. Background In 2010, Joshua Schachter, the founder of Delicious, posted the follow

15.8k Jan 7, 2023

Gauss Stylization - Interactive tool for normal driven stylization

Interactive tool for normal driven stylization. A set of preferred normals can be chosen arbitrarily from the Gauss sphere, including semi-discrete sets to model preference for cylinder- or cone-like shapes.

16 Dec 6, 2022

Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation

Sloth ?? Sloth is a fuzzing setup that makes use of libFuzzer and QEMU’s user-mode emulation (qemu/linux-user) on x86_64/aarch64 host to emulate aarch

82 Nov 29, 2022