Skip to the content.

Who we are and what we do

We are a group of international hackers.

We do IT security work. We are not for hire. All of our work is for the public.

We research and publish tools and academic papers to expose fishy IT security that just isn’t secure. We also develop and publish tools to help the IT Security movement.

Active Projects (2022)


Our Greatest Hit’s:

2022 - SSH-IT
2021 - Global Socket
2020 - THC's Cheat Sheet
2019 - Security advise for non-hackers and rebellions of the world
2015 - AFLplusplus, a free and fast software fuzzer
2011 - SSL-DoS, a resource exhaustion attack to take down HTTPS servers
2008 - Tools to copy and forge an ePassport (RFID passport)
2007 - Tools to receive GSM signals and to break and decode A5/1 encryption
2005 - IPv6 attack tools 
2004 - Various Microsoft ISS remote exploits
2003 - Amap, world’s first application protocol scanner
2002 - Linux Kernel-level key logger
2000 - Hydra, world’s first parallelised network logon cracker
1999 - First Solaris Kernel Module Root Kit
1998 - Reverse WWW shell as seen on Mr. Robot/TV
1995 - Various phreaking tools and a credit card generator for DOS and Win95
1994 - <redacted>

Beside our public work we engage with some leading IT Security companies to push security into the right and meaningful direction. We have been editor in chief of the phrack magazine and occasionally speakers at conferences. We have contributed to various Internet Standards through our engagement with the Internet Engineering Task Force and other organisations.

The best way to meet us is at one of the IETF meetings or a hacker convention such as HITB or the CCC Congress.

Since 1995 we have had 3 of our members arrested (0 convicted), we have had visits by the BKA (Germany’s FBI) and BND (Germany’s NSA), we were blackmailed by the British GCHQ and harassed and intimidated by many others. We do not see ourselves as criminals. We believe that those who write unsecure software that put citizens at risk should be held liable.