"Vex" is someone who likes to think he's a leet hacker just because he can get a copy of deobfuscated Skype and run it. He co-owns truestresser.com and is a staff member for hard2hit.net, a "un-DDoSable" VPN service. The think NFO servers makes them the best VPN service and that using BlazingFast and OVH makes them un-DDoSable.
Unconfirmed image from dox, apparently got RATed and pic was taken from webcam
I honestly don't know what it is with skids thinking they're hackers for running a stresser from open source, but truestresser.com's source is Stresser.club from finding a screenshot of the default home page.
Click --> Source
Click --> Persistent XSS 1
Click --> Persistent XSS 2
Mr Beard who owns TrueStresser and Hard2Hit claimed there was no XSS there, however Vex admitted there was. Mr Beard also threatened to get their supa l22t hax0r from GSH to come after me. I've bullied the whole of Ghost Squad Hackers too before, so that would've been fun.
The best part about finding the XSS was the fact Vex spoke shit to me over it. It took him around 3 hours just to fix it, which was really just buying Sucuri. The reason this is included is the fact he said he fixed it in 5 minutes, but I think our DMs proved it was 3 hours.
They knows how to hack, they knows how to dox, they knows how to DDoS, but can't fix something like XSS. Also, they claim a "shorter the attack time, the more powerfull the attack is". Lulwat?
So using the live chat on hard2hit.net, I asked why they use Cloudflare to protect their site:
Click --> "DDoS protect Servers"
Click --> "bulletproof servers" "block out DDoS attacks"
Click --> "Cloudflare ddos protection" "So we have an always on"
When they claim their servers cannot be DDoSed, do they not understand they're calling their own service bullshit? If you're able to make your servers un-DDoSable, you'd make the server you're using to host your site able to withstand DDoS attacks too.
Anyway, they went ahead and claims they can't host their own site. I told them all they need to do is point the A record to the servers IP, assuming they're hosting their site on a dedicated server too and they claimed "it's not that simple". HOW THE FUCK IS POINTING AN A RECORD TO YOUR SERVER NOT THAT SIMPLE?
"We keep no MX (account info)"... I asked them do they not know that MX is a DNS record for Mail Exchange, and not associated with server-side logins for their site, not login information for the VPN service. To the dumbest reply they could possibly give for that question is "yes, that's no mail records so no customer data". I'm starting to think they know nothing about domains or hosting either.