Hacker
Professional
- Messages
- 1,044
- Reaction score
- 804
- Points
- 113
╦ ╦╔═╗ ╔═╗ ╦╔═
╠═╣╠═╣ ║ ╠╩╗
╩ ╩╩ ╩ ╚═╝ ╩ ╩
'╔╦╗╔═╗╔═╗╦ ╔═╗
║ ║ ║║ '║║ ╚═╗
╩ ╚═╝╚═╝╩═╝╚═╝
Anti Forensics Tools
AudioStego - Audio file steganography. Hides files or text inside audio files and retrieve them automatically
Installation :
sudo apt-get install libboost-all-dev
git clone https://github.com/danielcardeenas/AudioStego.git
cd AudioStego
mkdir build
cd build
cmake ..
make
dban - Hard Drive Eraser & Data Clearing Utility
Installation : https://sourceforge.net/projects/dban/
OpenStego - The free steganography solution
Download : https://sourceforge.net/projects/openstego/
srm - srm (secure rm) is a command-line program to delete files securely
Download : https://sourceforge.net/projects/srm/
Steghide - Steganography program that is able to hide data in various kinds of image- and audio-files
Download : steghide.sourceforge.net
Exploitation Tools
Auto-Root-Exploit - Find exploits on Linux Kernel
Installation :
git clone https://github.com/nilotpalbiswas/Auto-Root-Exploit/
cd Auto-Root-Exploit
Usage: bash auto-root.sh
AutoSploit - Automated Mass Exploiter
Installation :
git clone https://github.com/NullArray/AutoSploit
cd AutoSploit
chmod +x install.sh
./install.sh
Usage : python autosploit.py
beef - The Browser Exploitation Framework Project
Website: https://beefproject.com/
Installation:
sudo apt install beef-xss
Usage : beef
Web Panel : 127.0.0.1:3000/ui/panel
BeRoot - Find a way to escalate our privilege (linux)
Installation:
git clone https://github.com/AlessandroZ/BeRoot/
cd BeRoot/Linux
Usage : python beroot.py
CrackMapExec - A swiss army knife for pentesting networks
Installation:
apt-get install -y libssl-dev libffi-dev python-dev build-essential
git clone --recursive https://github.com/byt3bl33d3r/CrackMapExec
cd CrackMapExec
pip3 install -r requirements.txt
python3 setup.py install
Usage : crackmapexec
DccwBypassUAC - Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe"
Download : https://github.com/L3cr0f/DccwBypassUAC/blob/release/DccwBypassUAC/Release/DccwBypassUAC.exe
Usage : C:\Users\L3cr0f> DccwBypassUAC.exe
Invoke-PSImage - Embeds a PowerShell script in the pixels of a PNG file
Download :
github.com
KeeFarce - Extracts passwords from a KeePass 2.x database, directly from memory
Installation (Windows):
C:> curl -LO https://github.com/denandz/KeeFarce/blob/master/prebuilt/x64.zip
koadic - C3 COM Command & Control
Installation:
git clone https://github.com/zerosum0x0/koadic.git
cd koadic
pip3 install -r requirements.txt
./koadic
meterssh - Inject shellcode into memory and tunnel port over SSH(windows)
Installation:
git clone https://github.com/trustedsec/meterssh
cd meterssh
nano meterssh.py
Edit:
user = "sshuser"
# password for SSH
password = "sshpw"
# this is where your SSH server is running
rhost = "192.168.1.1"
# remote SSH port - this is the attackers SSH server
port = "22"
PowerShell-Suite - Collection of PowerShell utilities(windows)
Download : https://github.com/FuzzySecurity/PowerShell-Suite
UACME - Defeating Windows User Account Control 60+ Methods(windows)
Download: https://github.com/hfiref0x/UACME
Usage:
akagi32.exe 1
akagi64.exe 3
akagi32 1 c:\windows\system32\calc.exe
akagi64 3 c:\windows\system32\charmap.exe
WinPwnage - Elevate, UAC bypass, privilege escalation, dll hijack techniques
Installation:
git clone https://github.com/rootm0s/WinPwnage
cd WinPwnage
pip install -r requirements.txt
pip install pyinstaller
pyinstaller --onefile main.py
Usage: main.py --scan uac
Forensics Tools
Autopsy - Digital forensics platform
Installation: apt-get install autopsy -y
bulk_extractor - Scans a disk image, a file, or a directory of files
Installation: apt-get install bulk-extractor bulk-extractor-dbgsym -y
Scalpel - Open source data carving too
Installation: apt-get install scalpel -y
volatility - Volatile memory extraction utility framework
Installation: apt-get install volatility volatility-tools -y
binwalk - A fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images
Installation: apt-get install binwalk -y
Catfish - Versatile file searching tool
Installation: apt-get install catfish -y
dc3dd - A patched version of GNU dd with added features for computer forensics
Installation: apt-get install dc3dd -y
DumpsterDiver - Analyze big volumes of various file types in search of hardcoded secrets
Installation:
git clone https://github.com/securing/DumpsterDiver
cd DumpesterDiver
pip install -r requirements.txt
Usage: python3 DumpersterDiver.py
frida-extract - Based RunPE extraction tool
Installation:
git clone https://github.com/OALabs/frida-extract
cd frida-extract
OR
pip install frida
Usage: python FridaExtract.py bad.exe
Image-ExifTool - Read, Write and Edit Exif metadata
Installation: apt-get install libimage-exif-perl libimage-exiftool-perl -y
whatsapp-viewer - Small tool to display chats from the Android msgstore.db database(windows)
Installation:
C:> curl -LO https://github.com/andreas-mausch/whatsapp-viewer/releases/download/v1.12/WhatsApp.Viewer.zip
Unzip and run WhatsAppViewer.exe
Information Gathering
bing-ip2hosts - Enumerate hostnames from Bing
Installation:
apt-get install bing-ip2hosts
Github: https://github.com/urbanadventurer/bing-ip2hosts
Usage : bing-ip2hosts -o results.txt -u github.io
replace github.io with website.
datasploit - OSINT Framework to perform various recon techniques
Installation:
pip install --upgrade --force-reinstall -r requirements.txt
git clone https://github.com/DataSploit/datasploit
cd datasploit
pip --upgrade -r requirements.txt && while read line; do pip install $line; done < requirements.txt
sed -i 's/dep_check.check_dependency()/#/g' datasploit.py
sed -i 's/import dep_check/#/g' datasploit.py
Usage: python2 datasploit.py -i target.com
dnsenum - Perl script that enumerates DNS information
Installation : apt-get install dnsenum
dnsmap - Subdomain brute-forcing
Installation : apt-get install dnsmap
dnsrecon - DNS Enumeration Script
Installation : apt-get install dnsrecon
dork-cli - Command-line Google dork tool
Installation:
git clone https://github.com/jgor/dork-cli
cd dork-cli
chmod +x dork-cli-py
Usage: ./dork-cli.py inurl:login
dorks - Google hack database automation tool
Installation :
git clone https://github.com/USSCltd/dorks
cd dorks
apt-get install phantomjs
Usage: phantomjs ghdb -q linux -o linux_dorks.txt
Usage: phantomjs google -d inurl:upload.php -t 5 -T 3
pagodo - Automate Google Hacking Database scraping
Installation:
git clone https://github.com/opsdisk/pagodo.git
cd pagodo
pip install -r requirements.txt
apt install proxychains4 -y
Usage: proxychains4 python3 pagodo.py -g ALL_dorks.txt -s -e 17.0 -l 700 -j 1.1
Usage: python3 ghdb_scraper.py -j -s
Note: edit proxychains by yourself
faraday - Collaborative Penetration Test and Vulnerability Management Platform
Installation : apt-get install faraday -y
fierce - DNS Analysis perl script
Installation : apt-get install fierce -you
hping - Network tool able to send custom TCP/IP packets
Installation : apt-get install hping3
knock - Subdomain Scan
Installation :
sudo apt-get install python-dnspython
git clone https://github.com/guelfoweb/knock.git
cd knock
nano knockpy/config.json (setup here your virustotal.com api key)
sudo python setup.py install
Usage: knockpy website.com
masscan - Fast TCP port scanner
Installation : apt-get install masscan
metagoofil - Document and metadata reconnaissance (updated version)
Installation : apt-get install metagoofil
onioff - An onion url inspector for inspecting deep web links
Installation :
git clone https://github.com/k4m4/onioff.git
cd onioff
pip3 install -r requirements.txt
Usage: python3 onioff.py http://xmh57jrzrnw6insl.onion/
Usage: python3 onioff.py -f urllist.txt -o report.txt
OSINT-SPY - Performs OSINT scan on email/domain/ip_address/organization
Installation :
git clone https://github.com/SharadKumar97/OSINT-SPY.git
cd OSINT-SPY
pip install -r requirements.txt
Setup:
API Websites:
https://account.shodan.io/register | config: shodan_api_key
https://dashboard.fullcontact.com/register | config: fullcontact_api_key
https://www.virustotal.com/gui/join-us | config: virus_total_api_key
https://hunter.io/users/sign_up | config: email_hunter_api_key
Info BTC Owner : python osint-spy.py --btc_address 1DST3gm6JthxhuoNKFqXrdpzPFfz1WgHpW --json
Info Website : python osint-spy.py --domain google.com --json
Vuln Webcam : python osint-spy.py --device webcam --json
Email Info : python osint-spy.oy --email test@viperzcrew.com --json
SimplyEmail - Email recon made fast and easy
Installation :
git clone --branch dev https://github.com/killswitch-GUI/SimplyEmail.git
cd SimplyEmail
./setup/setup.sh
cd ..
cd SimplyEmail
Usage:
./SimplyEmail.py -all -e viperzcrew.com
./SimplyEmail.py -all -v -verify -e viperzcrew.com
spiderfoot - OSINT collection and reconnaissance tool
Installation :
git clone https://github.com/smicallef/spiderfoot.git
cd spiderfoot
pip3 install -r requirements.txt
Usage: python3 sf.py
Web: python3 sf.py -l 127.0.0.1:5001
surfraw - a fast UNIX command line interface to a variety of popular WWW search engines
Installation : apt-get install surfraw -y
TekDefense-Automater - IP URL and MD5 OSINT Analysis
Installation :
git clone https://github.com/1aN0rmus/TekDefense-Automater.git
cd TekDefense-Automater
Usage:
Auto : python Automater.py <ip address>
Normal : python Automater.py -o result.txt -d 5 <ip address>
theHarvester - E-mails, subdomains and names Harvester - OSINT
Installation :
git clone https://github.com/laramies/theHarvester
cd theHarvester
apt-get install python3-dev python3-pip -y
pip3 install -r requirements/base.txt
pip3 install -r requirements/dev.txt
python3 setup.py || python3 setup.py install
If the above pip3 commands not working try this:
while read line; do pip3 install $line; done < requirements/base.txt
while read line; do pip3 install $line; done < requirements/dev.txt
Usage: python3 theHarvester.py -d viperzcrew.com -l 500 -S 0 -g --dns-server -n -c -f result.txt -b all
trape - People tracker on the Internet: OSINT analysis and research tool by Jose Pino
Installation :
git clone https://github.com/jofpin/trape.git
cd trape
pip2 install -r requirements.txt
If you have ngrok token:
python2 trape.py --ngrok <token>
python2 --port 6666 --url viperzcrew.com
WhatWeb - Web scanner
Installation : apt-get install whatweb -y
xray - A tool for recon, mapping and OSINT gathering from public networks
Installation:
git clone https://github.com/evilsocket/xray.git
cd xray
make
Usage: xray -shodan-key yourshodaniapi -domain domain
zmap - Fast single packet network scanner
Installation : apt-get install zmap -y
Usage: zmap -p 21 -o result.txt -i <interface> --vpn --ignore-invalid-hosts
--vpn if you are using vpn!
Keyloggers
BeeLogger - Generate Gmail Emailing Keyloggers to Windows
Installation :
git clone https://github.com/4w4k3/BeeLogger.git
cd BeeLogger
sudo chmod +x install.sh
./install.sh
python2 bee.py
Keylogger - A simple keylogger for Windows, Linux and Mac
Installation : pip install keylogger
Usage: keylogger
Radium-Keylogger - Python keylogger with multiple features
Installation :
git clone https://github.com/mehulj94/Radium
cd Radium
pip2 install -r requirements.txt
python2 Radiumkeylogger.
Maintaining Access
EggShell - iOS/macOS/Linux Remote Administration Tool
Installation :
git clone https://github.com/neoneggplant/eggshell
cd eggshell
Usage: python eggshell.py
EvilOSX - An evil RAT (Remote Administration Tool) for macOS / OS X
Installation :
git clone https://github.com/Marten4n6/EvilOSX
cd EvilOSX
sudo pip install -r requirements.txt
Usage: python start.py
Metasploit - The world’s most used penetration testing framework
Installation : sudo apt-get install metasploit -y
Parat - Python based Remote Administration Tool(RAT)
Installation :
git clone https://github.com/micle-fm/Parat && cd Parat
Usage: python main.py
pupy - An opensource, cross-platform, multi function RAT
Installation :
git clone --recursive https://github.com/n1nj4sec/pupy
cd pupy
sudo chmod +x *
./create-workspace.py pupyws
QuasarRAT - Remote Administration Tool for Windows
Download : https://github.com/quasar/Quasar/releases/download/v1.4.0/Quasar.v1.4.0.zip
Setup : https://github.com/quasar/Quasar/wiki
tgcd - TCP/IP Gender Changer Daemon
Download : https://sourceforge.net/projects/tgcd/
TheFatRat - An Easy tool to Generate Backdoor for bypass AV
Installation :
git clone https://github.com/Screetsec/TheFatRat.git
cd TheFatRat
chmod +x setup.sh && ./setup.sh
Veil - Tool designed to generate metasploit payloads that bypass common anti-virus solutions
Installation :
sudo apt-get -y install git
git clone https://github.com/Veil-Framework/Veil.git
cd Veil/
./config/setup.sh --force --silent
WMImplant - PowerShell based tool that is designed to act like a RAT
Download : https://github.com/FortyNorthSecurity/WMImplant
AhMyth - Android RAT
Download : https://github.com/AhMyth/AhMyth-Android-RAT/releases
Password Attacks
BEWGor - Bull's Eye Wordlist Generator
Installation :
git clone https://github.com/berzerk0/BEWGor
cd BEWGor
Usage : python BEWGor.py -input
bruteforce-wallet - Try to find the password of an encrypted Peercoin (or Bitcoin, Litecoin, etc...) wallet file
Installation :
git clone https://github.com/glv2/bruteforce-wallet
cd bruteforce-wallet
apt install libdb-dev libssl-dev -y
./autogen.sh
.configure && make; make install
Usage : bruteforce-wallet -t 6 -f dictionary.txt wallet.dat
chntpw - Utility to reset the password on Windows
Installation : apt-get install chntpw
chromepass - View passwords stored by Google Chrome Web browser
Download : https://www.nirsoft.net/utils/chromepass.html
crowbar - Brute forcing tool
Installation : sudo apt install -y crowbarnmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip -y
cupp - Common User Passwords Profiler
Installation :
git clone https://github.com/Mebus/cupp
cd cupp
python3 setup.py || python3 setup.py install
Usage: python3 cupp.py -i
hashcat - Advanced Password Recovery
Installation : apt-get install hashcat -y
John the Ripper - A fast password cracker
Installation : sudo apt-get install john -y
LaZagne - Credentials recovery project
Installation :
git clone https://github.com/AlessandroZ/LaZagne
cd LaZagne
pip install -r requirements.txt
cd Linux
Usage: python laZagne.py all
mimikatz - A little tool to play with Windows security
Download : https://github.com/gentilkiwi/mimikatz/releases
passwordfox - Extract the user names/passwords stored in Firefox
Download : https://www.nirsoft.net/utils/passwordfox.html
fcrackzip - A braindead program for cracking encrypted ZIP archives
Installation :
git clone https://github.com/hyc/fcrackzip
cd fcrackzip
./configure || configure
make; make install
Usage: fcrackzip -b -c a -p aaaaaa ./noradi.zip
SSH-Brute-Forcer - A Simple Multi-Threaded SSH Brute Forcer
git clone https://github.com/R4stl1n/SSH-Brute-Forcer
cd SSH-Brute-Forcer
pip install -r requirements.txt
cd src
Usage: python SSHBruteForce.py -i 127.0.0.1 -d True -p 2222 -U ./usernames.txt -P ./passwords.txt
WCE - Windows Credentials Editor
Download : https://github.com/returnvar/wce/releases
Reverse Engineering
IDA - Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
Download : https://ida.winsite.com/
OllyDBG - A 32-bit assembler level analysing debugger for Microsoft Windows
Download : https://sourceforge.net/projects/x64dbg/
Resource Hacker - A freeware resource compiler & decompiler for Windows applications
Download : http://angusj.com/resourcehacker/
apktool - A tool for reverse engineering Android apk files
Installation : apt-get install apktool -y
smali - smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation
Download : https://bitbucket.org/JesusFreke/smali/downloads/
Sniffing Spoofing
Ettercap - A comprehensive suite for man in the middle attacks
Installation : apt-get install ettercap
bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks
Installation : apt-get install bettercap -y
macchanger - Utility that makes the manipulation of MAC addresses of network interfaces easier
Installation : apt-get install macchanger -y
mitmproxy - Free and open source interactive HTTPS proxy
Installation : apt-get install mimtproxy -y
mkcert - Make locally trusted development certificates with any names you'd like
Installation :
git clone https://github.com/FiloSottile/mkcert
cd mkcert
apt install libnss3-tools
go build -ldflags "-X main.Version=$(git describe --tags)"
Usage: mkcert -key-file key.pem -cert-file cert.pem example.com *.example.com
sslstrip - SSL/TLS man-in-the-middle attack tool
Installation : apt-get install sslstrip -y
Wireshark - The world’s foremost and widely-used network protocol analyzer
Installation : apt-get install wireshark -y
moloch - An open source, large scale, full packet capturing, indexing, and database system.
Installation:
git clone https://github.com/aol/moloch
./easybutton-build.sh --install
make config
Social Engineering
evilginx2 - Standalone man-in-the-middle attack framework
Installation :
sudo apt-get install git make
go get -u github.com/kgretzky/evilginx2
cd $GOPATH/src/github.com/kgretzky/evilginx2
make
Usage: sudo ./evilginx -d
Gophish - Open-Source Phishing Framework
Download : https://github.com/gophish/gophish/releases/
HiddenEye - Modern phishing tool with advanced functionality
Installation :
git clone https://github.com/DarkSecDevelopers/HiddenEye.git
chmod +x cd HiddenEye
sudo apt install python3-pip
sudo pip3 install -r requirements.txt
sudo pip3 install requests
sudo pip3 install pyngrok
Usage: python3 HiddenEye.py
king-phisher - Phishing Campaign Toolkit
Installation : apt-get install king-phisher -y
ReelPhish - A Real-Time Two-Factor Phishing Tool
Installation :
git clone https://github.com/fireeye/ReelPhish
cd ReelPhish
pip install -r requirements.txt
Usage: python2 ReelPhish.py --browser FF --logging debug --submit
Browser: 127.0.0.1:2135
social-engineer-toolkit - Open-source penetration testing framework designed for social engineering
Installation :
git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/
cd setoolkit
pip3 install -r requirements.txt
python setup.py
Usage: setoolkit
Vulnerability Analysis
Am-I-affected-by-Meltdown - Meltdown Exploit - Proof-of-concept
Installation :
git clone https://github.com/raphaelsc/Am-I-affected-by-Meltdown.git
cd ./Am-I-affected-by-Meltdown
make
taskset 0x1 ./meltdown-checker
CMSmap - python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs
Installation :
git clone https://github.com/Dionach/CMSmap
cd CMSmap
pip3 install .
Usage: cmsmap
linux-exploit-suggester - Linux privilege escalation auditing tool
Installation :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
Usage: ./linux-exploit-suggester.sh
Lynis - Auditing tool for Unix-based systems
Installation :
git clone https://github.com/CISOfy/lynis
cd lynis; ./lynis audit system
Nmap - The Network Mapper
Installation : apt-get install nmap -y
sqlmap - Automatic SQL injection and database takeover tool
Installation : apt-get install sqlmap -y
unix-privesc-check - Shell script to check for simple privilege escalation vectors on Unix systems
Installation : apt-get install unix-privesc-check -y
Wapiti - The web-application vulnerability scanner
Installation : apt-get install wapiti -y
wesng - Windows Exploit Suggester - Next Generation
Installation :
git clone https://github.com/bitsadmin/wesng
cd wesng
python setup.py || python setup.py install
Usage: python wes.py --update
Mobile Security Framework (MobSF) - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework
Installation :
sudo apt-get install python3.7 openjdk-8-jdk
sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf
git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF
cd Mobile-Security-Framework-MobSF
./setup.sh
Web Applications
Burp Suite - Web vulnerability scanner
Installation : apt-get install burpsuite -y
CLOUDKiLL3R - Bypasses Cloudflare protection service via TOR Browser using crimeflare !
Installation :
git clone https://github.com/inurlx/CLOUDKiLL3R
cd CLOUDKiLL3R
pip install argparse
pip install socks
pip install socket
pip install requests
pip install sys
Usage: python CK.py
Nikto - Web server scanner
Installation : apt-get install nikto -y
owtf - Offensive Web Testing Framework (OWTF)
Installation :
git clone https://github.com/owtf/owtf
cd owtf
python setup.py develop
Usage: otf
Brwoser: localhost:8080
wafw00f - Fingerprint Web Application Firewall (WAF)
Installation : apt-get install wafw00f
w3af - Web Application Attack and Audit Framework
Installation : apt-get install w3af -y
Wfuzz - Web application fuzzer
Installation : apt-get install wfuzz
WhatWaf - Detect and bypass web application firewalls and protection systems
WPscan - WordPress vulnerability scanner
Installation : apt-get install wpscan -y
Web Shells
weevely3 - Weaponized web shell
Installation :
git clone https://github.com/epinna/weevely3
cd weevely3
pip3 install -r requirements.txt
Usage: python3 weevely3
b374k - PHP Webshell with handy features
Installation :
git clone https://github.com/b374k/b374k
cd b374k
Usage: php -f index.php
Ex: php -f index.php -- -o myShell.php -p myPassword -s -b -z gzcompress -c 9
Miyachung - PHP BackConnect Shell
Download : https://packetstormsecurity.com/files/download/122612/miyabc.php.txt
(rename from php.txt to php)
wso-2.8-web-shell - Automatically exported from code.google.com/p/wso-web-shell-2-8
Download : https://github.com/rzkyh007/wso-web-shell-2-8/blob/master/WSO2.8_undetectable.php
Wireless Attacks
Aircrack-ng - A complete suite of tools to assess WiFi network security
Installation : apt-get install aircrack-ng
airgeddon - Multi-use bash script for Linux systems to audit wireless networks
Installation :
git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git
cd airgeddon
sudo bash airgeddon.sh
Bluelog - A highly configurable Linux Bluetooth scanner
Installation : apt-get install bluelog -y
fluxion - Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality
Installation :
wget https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/install/install.sh && bash install.sh
infernal-twin - This is automated wireless hacking tool
Installation :
git clone https://github.com/entropy1337/infernal-twin
cd infernal-twin
chmod +x *
./InfernalWireless.py
kismet - An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system
Installation : apt-get install kismet -y
krackattacks-scripts - WPA2 Krack Attack Scripts
Installation :
apt-get update
apt-get install libnl-3-dev libnl-genl-3-dev pkg-config libssl-dev net-tools git sysfsutils python-scapy python-pycryptodome virtualenv
git clone https://github.com/vanhoefm/krackattacks-scripts
cd krackattacks-script/hostapd
cp defconfig .config
make -j 2
cd ..; cd krackattack
pip install -r requirements.txt
Usage: ./krack-test-client.py --replay-broadcast
KRACK Detector - Detect and prevent KRACK attacks in your network
Installation :
git clone https://github.com/securingsam/krackdetector
cd krackdetector
Usage: python krack_detect.py <interface>
Usage: python krack_detect.py wlan0
Pixiewps - An offline Wi-Fi Protected Setup brute-force utility
Installation : apt-get install pixieswps -y
RouterSploit - Exploitation Framework for Embedded Devices
Installation : apt-get install routersploit -y
wifi-arsenal - Resources for WiFi Pentesting
Link : https://github.com/0x90/wifi-arsenal
Do not clone it will overfill your space xD
Wifiphisher - The Rogue Access Point Framework
Installation : apt-get install wifiphisher -y
WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
Installation :
sudo apt install libssl-dev libffi-dev build-essential
git clone https://github.com/P0cL4bs/wifipumpkin3.git
cd wifipumpkin3
sudo apt install python3-pyqt5
sudo python3 setup.py install
Usage: wifipumpkin3
???? ??? ????????? ?? ?????, ???????????? ???????? ???... !
╠═╣╠═╣ ║ ╠╩╗
╩ ╩╩ ╩ ╚═╝ ╩ ╩
'╔╦╗╔═╗╔═╗╦ ╔═╗
║ ║ ║║ '║║ ╚═╗
╩ ╚═╝╚═╝╩═╝╚═╝
Anti Forensics Tools
AudioStego - Audio file steganography. Hides files or text inside audio files and retrieve them automatically
Installation :
sudo apt-get install libboost-all-dev
git clone https://github.com/danielcardeenas/AudioStego.git
cd AudioStego
mkdir build
cd build
cmake ..
make
dban - Hard Drive Eraser & Data Clearing Utility
Installation : https://sourceforge.net/projects/dban/
OpenStego - The free steganography solution
Download : https://sourceforge.net/projects/openstego/
srm - srm (secure rm) is a command-line program to delete files securely
Download : https://sourceforge.net/projects/srm/
Steghide - Steganography program that is able to hide data in various kinds of image- and audio-files
Download : steghide.sourceforge.net
Exploitation Tools
Auto-Root-Exploit - Find exploits on Linux Kernel
Installation :
git clone https://github.com/nilotpalbiswas/Auto-Root-Exploit/
cd Auto-Root-Exploit
Usage: bash auto-root.sh
AutoSploit - Automated Mass Exploiter
Installation :
git clone https://github.com/NullArray/AutoSploit
cd AutoSploit
chmod +x install.sh
./install.sh
Usage : python autosploit.py
beef - The Browser Exploitation Framework Project
Website: https://beefproject.com/
Installation:
sudo apt install beef-xss
Usage : beef
Web Panel : 127.0.0.1:3000/ui/panel
BeRoot - Find a way to escalate our privilege (linux)
Installation:
git clone https://github.com/AlessandroZ/BeRoot/
cd BeRoot/Linux
Usage : python beroot.py
CrackMapExec - A swiss army knife for pentesting networks
Installation:
apt-get install -y libssl-dev libffi-dev python-dev build-essential
git clone --recursive https://github.com/byt3bl33d3r/CrackMapExec
cd CrackMapExec
pip3 install -r requirements.txt
python3 setup.py install
Usage : crackmapexec
DccwBypassUAC - Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe"
Download : https://github.com/L3cr0f/DccwBypassUAC/blob/release/DccwBypassUAC/Release/DccwBypassUAC.exe
Usage : C:\Users\L3cr0f> DccwBypassUAC.exe
Invoke-PSImage - Embeds a PowerShell script in the pixels of a PNG file
Download :
Invoke-PSImage/Invoke-PSImage.ps1 at master · peewpw/Invoke-PSImage
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute - peewpw/Invoke-PSImage
github.com
KeeFarce - Extracts passwords from a KeePass 2.x database, directly from memory
Installation (Windows):
C:> curl -LO https://github.com/denandz/KeeFarce/blob/master/prebuilt/x64.zip
koadic - C3 COM Command & Control
Installation:
git clone https://github.com/zerosum0x0/koadic.git
cd koadic
pip3 install -r requirements.txt
./koadic
meterssh - Inject shellcode into memory and tunnel port over SSH(windows)
Installation:
git clone https://github.com/trustedsec/meterssh
cd meterssh
nano meterssh.py
Edit:
user = "sshuser"
# password for SSH
password = "sshpw"
# this is where your SSH server is running
rhost = "192.168.1.1"
# remote SSH port - this is the attackers SSH server
port = "22"
PowerShell-Suite - Collection of PowerShell utilities(windows)
Download : https://github.com/FuzzySecurity/PowerShell-Suite
UACME - Defeating Windows User Account Control 60+ Methods(windows)
Download: https://github.com/hfiref0x/UACME
Usage:
akagi32.exe 1
akagi64.exe 3
akagi32 1 c:\windows\system32\calc.exe
akagi64 3 c:\windows\system32\charmap.exe
WinPwnage - Elevate, UAC bypass, privilege escalation, dll hijack techniques
Installation:
git clone https://github.com/rootm0s/WinPwnage
cd WinPwnage
pip install -r requirements.txt
pip install pyinstaller
pyinstaller --onefile main.py
Usage: main.py --scan uac
Forensics Tools
Autopsy - Digital forensics platform
Installation: apt-get install autopsy -y
bulk_extractor - Scans a disk image, a file, or a directory of files
Installation: apt-get install bulk-extractor bulk-extractor-dbgsym -y
Scalpel - Open source data carving too
Installation: apt-get install scalpel -y
volatility - Volatile memory extraction utility framework
Installation: apt-get install volatility volatility-tools -y
binwalk - A fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images
Installation: apt-get install binwalk -y
Catfish - Versatile file searching tool
Installation: apt-get install catfish -y
dc3dd - A patched version of GNU dd with added features for computer forensics
Installation: apt-get install dc3dd -y
DumpsterDiver - Analyze big volumes of various file types in search of hardcoded secrets
Installation:
git clone https://github.com/securing/DumpsterDiver
cd DumpesterDiver
pip install -r requirements.txt
Usage: python3 DumpersterDiver.py
frida-extract - Based RunPE extraction tool
Installation:
git clone https://github.com/OALabs/frida-extract
cd frida-extract
OR
pip install frida
Usage: python FridaExtract.py bad.exe
Image-ExifTool - Read, Write and Edit Exif metadata
Installation: apt-get install libimage-exif-perl libimage-exiftool-perl -y
whatsapp-viewer - Small tool to display chats from the Android msgstore.db database(windows)
Installation:
C:> curl -LO https://github.com/andreas-mausch/whatsapp-viewer/releases/download/v1.12/WhatsApp.Viewer.zip
Unzip and run WhatsAppViewer.exe
Information Gathering
bing-ip2hosts - Enumerate hostnames from Bing
Installation:
apt-get install bing-ip2hosts
Github: https://github.com/urbanadventurer/bing-ip2hosts
Usage : bing-ip2hosts -o results.txt -u github.io
replace github.io with website.
datasploit - OSINT Framework to perform various recon techniques
Installation:
pip install --upgrade --force-reinstall -r requirements.txt
git clone https://github.com/DataSploit/datasploit
cd datasploit
pip --upgrade -r requirements.txt && while read line; do pip install $line; done < requirements.txt
sed -i 's/dep_check.check_dependency()/#/g' datasploit.py
sed -i 's/import dep_check/#/g' datasploit.py
Usage: python2 datasploit.py -i target.com
dnsenum - Perl script that enumerates DNS information
Installation : apt-get install dnsenum
dnsmap - Subdomain brute-forcing
Installation : apt-get install dnsmap
dnsrecon - DNS Enumeration Script
Installation : apt-get install dnsrecon
dork-cli - Command-line Google dork tool
Installation:
git clone https://github.com/jgor/dork-cli
cd dork-cli
chmod +x dork-cli-py
Usage: ./dork-cli.py inurl:login
dorks - Google hack database automation tool
Installation :
git clone https://github.com/USSCltd/dorks
cd dorks
apt-get install phantomjs
Usage: phantomjs ghdb -q linux -o linux_dorks.txt
Usage: phantomjs google -d inurl:upload.php -t 5 -T 3
pagodo - Automate Google Hacking Database scraping
Installation:
git clone https://github.com/opsdisk/pagodo.git
cd pagodo
pip install -r requirements.txt
apt install proxychains4 -y
Usage: proxychains4 python3 pagodo.py -g ALL_dorks.txt -s -e 17.0 -l 700 -j 1.1
Usage: python3 ghdb_scraper.py -j -s
Note: edit proxychains by yourself
faraday - Collaborative Penetration Test and Vulnerability Management Platform
Installation : apt-get install faraday -y
fierce - DNS Analysis perl script
Installation : apt-get install fierce -you
hping - Network tool able to send custom TCP/IP packets
Installation : apt-get install hping3
knock - Subdomain Scan
Installation :
sudo apt-get install python-dnspython
git clone https://github.com/guelfoweb/knock.git
cd knock
nano knockpy/config.json (setup here your virustotal.com api key)
sudo python setup.py install
Usage: knockpy website.com
masscan - Fast TCP port scanner
Installation : apt-get install masscan
metagoofil - Document and metadata reconnaissance (updated version)
Installation : apt-get install metagoofil
onioff - An onion url inspector for inspecting deep web links
Installation :
git clone https://github.com/k4m4/onioff.git
cd onioff
pip3 install -r requirements.txt
Usage: python3 onioff.py http://xmh57jrzrnw6insl.onion/
Usage: python3 onioff.py -f urllist.txt -o report.txt
OSINT-SPY - Performs OSINT scan on email/domain/ip_address/organization
Installation :
git clone https://github.com/SharadKumar97/OSINT-SPY.git
cd OSINT-SPY
pip install -r requirements.txt
Setup:
API Websites:
https://account.shodan.io/register | config: shodan_api_key
https://dashboard.fullcontact.com/register | config: fullcontact_api_key
https://www.virustotal.com/gui/join-us | config: virus_total_api_key
https://hunter.io/users/sign_up | config: email_hunter_api_key
Info BTC Owner : python osint-spy.py --btc_address 1DST3gm6JthxhuoNKFqXrdpzPFfz1WgHpW --json
Info Website : python osint-spy.py --domain google.com --json
Vuln Webcam : python osint-spy.py --device webcam --json
Email Info : python osint-spy.oy --email test@viperzcrew.com --json
SimplyEmail - Email recon made fast and easy
Installation :
git clone --branch dev https://github.com/killswitch-GUI/SimplyEmail.git
cd SimplyEmail
./setup/setup.sh
cd ..
cd SimplyEmail
Usage:
./SimplyEmail.py -all -e viperzcrew.com
./SimplyEmail.py -all -v -verify -e viperzcrew.com
spiderfoot - OSINT collection and reconnaissance tool
Installation :
git clone https://github.com/smicallef/spiderfoot.git
cd spiderfoot
pip3 install -r requirements.txt
Usage: python3 sf.py
Web: python3 sf.py -l 127.0.0.1:5001
surfraw - a fast UNIX command line interface to a variety of popular WWW search engines
Installation : apt-get install surfraw -y
TekDefense-Automater - IP URL and MD5 OSINT Analysis
Installation :
git clone https://github.com/1aN0rmus/TekDefense-Automater.git
cd TekDefense-Automater
Usage:
Auto : python Automater.py <ip address>
Normal : python Automater.py -o result.txt -d 5 <ip address>
theHarvester - E-mails, subdomains and names Harvester - OSINT
Installation :
git clone https://github.com/laramies/theHarvester
cd theHarvester
apt-get install python3-dev python3-pip -y
pip3 install -r requirements/base.txt
pip3 install -r requirements/dev.txt
python3 setup.py || python3 setup.py install
If the above pip3 commands not working try this:
while read line; do pip3 install $line; done < requirements/base.txt
while read line; do pip3 install $line; done < requirements/dev.txt
Usage: python3 theHarvester.py -d viperzcrew.com -l 500 -S 0 -g --dns-server -n -c -f result.txt -b all
trape - People tracker on the Internet: OSINT analysis and research tool by Jose Pino
Installation :
git clone https://github.com/jofpin/trape.git
cd trape
pip2 install -r requirements.txt
If you have ngrok token:
python2 trape.py --ngrok <token>
python2 --port 6666 --url viperzcrew.com
WhatWeb - Web scanner
Installation : apt-get install whatweb -y
xray - A tool for recon, mapping and OSINT gathering from public networks
Installation:
git clone https://github.com/evilsocket/xray.git
cd xray
make
Usage: xray -shodan-key yourshodaniapi -domain domain
zmap - Fast single packet network scanner
Installation : apt-get install zmap -y
Usage: zmap -p 21 -o result.txt -i <interface> --vpn --ignore-invalid-hosts
--vpn if you are using vpn!
Keyloggers
BeeLogger - Generate Gmail Emailing Keyloggers to Windows
Installation :
git clone https://github.com/4w4k3/BeeLogger.git
cd BeeLogger
sudo chmod +x install.sh
./install.sh
python2 bee.py
Keylogger - A simple keylogger for Windows, Linux and Mac
Installation : pip install keylogger
Usage: keylogger
Radium-Keylogger - Python keylogger with multiple features
Installation :
git clone https://github.com/mehulj94/Radium
cd Radium
pip2 install -r requirements.txt
python2 Radiumkeylogger.
Maintaining Access
EggShell - iOS/macOS/Linux Remote Administration Tool
Installation :
git clone https://github.com/neoneggplant/eggshell
cd eggshell
Usage: python eggshell.py
EvilOSX - An evil RAT (Remote Administration Tool) for macOS / OS X
Installation :
git clone https://github.com/Marten4n6/EvilOSX
cd EvilOSX
sudo pip install -r requirements.txt
Usage: python start.py
Metasploit - The world’s most used penetration testing framework
Installation : sudo apt-get install metasploit -y
Parat - Python based Remote Administration Tool(RAT)
Installation :
git clone https://github.com/micle-fm/Parat && cd Parat
Usage: python main.py
pupy - An opensource, cross-platform, multi function RAT
Installation :
git clone --recursive https://github.com/n1nj4sec/pupy
cd pupy
sudo chmod +x *
./create-workspace.py pupyws
QuasarRAT - Remote Administration Tool for Windows
Download : https://github.com/quasar/Quasar/releases/download/v1.4.0/Quasar.v1.4.0.zip
Setup : https://github.com/quasar/Quasar/wiki
tgcd - TCP/IP Gender Changer Daemon
Download : https://sourceforge.net/projects/tgcd/
TheFatRat - An Easy tool to Generate Backdoor for bypass AV
Installation :
git clone https://github.com/Screetsec/TheFatRat.git
cd TheFatRat
chmod +x setup.sh && ./setup.sh
Veil - Tool designed to generate metasploit payloads that bypass common anti-virus solutions
Installation :
sudo apt-get -y install git
git clone https://github.com/Veil-Framework/Veil.git
cd Veil/
./config/setup.sh --force --silent
WMImplant - PowerShell based tool that is designed to act like a RAT
Download : https://github.com/FortyNorthSecurity/WMImplant
AhMyth - Android RAT
Download : https://github.com/AhMyth/AhMyth-Android-RAT/releases
Password Attacks
BEWGor - Bull's Eye Wordlist Generator
Installation :
git clone https://github.com/berzerk0/BEWGor
cd BEWGor
Usage : python BEWGor.py -input
bruteforce-wallet - Try to find the password of an encrypted Peercoin (or Bitcoin, Litecoin, etc...) wallet file
Installation :
git clone https://github.com/glv2/bruteforce-wallet
cd bruteforce-wallet
apt install libdb-dev libssl-dev -y
./autogen.sh
.configure && make; make install
Usage : bruteforce-wallet -t 6 -f dictionary.txt wallet.dat
chntpw - Utility to reset the password on Windows
Installation : apt-get install chntpw
chromepass - View passwords stored by Google Chrome Web browser
Download : https://www.nirsoft.net/utils/chromepass.html
crowbar - Brute forcing tool
Installation : sudo apt install -y crowbarnmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip -y
cupp - Common User Passwords Profiler
Installation :
git clone https://github.com/Mebus/cupp
cd cupp
python3 setup.py || python3 setup.py install
Usage: python3 cupp.py -i
hashcat - Advanced Password Recovery
Installation : apt-get install hashcat -y
John the Ripper - A fast password cracker
Installation : sudo apt-get install john -y
LaZagne - Credentials recovery project
Installation :
git clone https://github.com/AlessandroZ/LaZagne
cd LaZagne
pip install -r requirements.txt
cd Linux
Usage: python laZagne.py all
mimikatz - A little tool to play with Windows security
Download : https://github.com/gentilkiwi/mimikatz/releases
passwordfox - Extract the user names/passwords stored in Firefox
Download : https://www.nirsoft.net/utils/passwordfox.html
fcrackzip - A braindead program for cracking encrypted ZIP archives
Installation :
git clone https://github.com/hyc/fcrackzip
cd fcrackzip
./configure || configure
make; make install
Usage: fcrackzip -b -c a -p aaaaaa ./noradi.zip
SSH-Brute-Forcer - A Simple Multi-Threaded SSH Brute Forcer
git clone https://github.com/R4stl1n/SSH-Brute-Forcer
cd SSH-Brute-Forcer
pip install -r requirements.txt
cd src
Usage: python SSHBruteForce.py -i 127.0.0.1 -d True -p 2222 -U ./usernames.txt -P ./passwords.txt
WCE - Windows Credentials Editor
Download : https://github.com/returnvar/wce/releases
Reverse Engineering
IDA - Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
Download : https://ida.winsite.com/
OllyDBG - A 32-bit assembler level analysing debugger for Microsoft Windows
Download : https://sourceforge.net/projects/x64dbg/
Resource Hacker - A freeware resource compiler & decompiler for Windows applications
Download : http://angusj.com/resourcehacker/
apktool - A tool for reverse engineering Android apk files
Installation : apt-get install apktool -y
smali - smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation
Download : https://bitbucket.org/JesusFreke/smali/downloads/
Sniffing Spoofing
Ettercap - A comprehensive suite for man in the middle attacks
Installation : apt-get install ettercap
bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks
Installation : apt-get install bettercap -y
macchanger - Utility that makes the manipulation of MAC addresses of network interfaces easier
Installation : apt-get install macchanger -y
mitmproxy - Free and open source interactive HTTPS proxy
Installation : apt-get install mimtproxy -y
mkcert - Make locally trusted development certificates with any names you'd like
Installation :
git clone https://github.com/FiloSottile/mkcert
cd mkcert
apt install libnss3-tools
go build -ldflags "-X main.Version=$(git describe --tags)"
Usage: mkcert -key-file key.pem -cert-file cert.pem example.com *.example.com
sslstrip - SSL/TLS man-in-the-middle attack tool
Installation : apt-get install sslstrip -y
Wireshark - The world’s foremost and widely-used network protocol analyzer
Installation : apt-get install wireshark -y
moloch - An open source, large scale, full packet capturing, indexing, and database system.
Installation:
git clone https://github.com/aol/moloch
./easybutton-build.sh --install
make config
Social Engineering
evilginx2 - Standalone man-in-the-middle attack framework
Installation :
sudo apt-get install git make
go get -u github.com/kgretzky/evilginx2
cd $GOPATH/src/github.com/kgretzky/evilginx2
make
Usage: sudo ./evilginx -d
Gophish - Open-Source Phishing Framework
Download : https://github.com/gophish/gophish/releases/
HiddenEye - Modern phishing tool with advanced functionality
Installation :
git clone https://github.com/DarkSecDevelopers/HiddenEye.git
chmod +x cd HiddenEye
sudo apt install python3-pip
sudo pip3 install -r requirements.txt
sudo pip3 install requests
sudo pip3 install pyngrok
Usage: python3 HiddenEye.py
king-phisher - Phishing Campaign Toolkit
Installation : apt-get install king-phisher -y
ReelPhish - A Real-Time Two-Factor Phishing Tool
Installation :
git clone https://github.com/fireeye/ReelPhish
cd ReelPhish
pip install -r requirements.txt
Usage: python2 ReelPhish.py --browser FF --logging debug --submit
Browser: 127.0.0.1:2135
social-engineer-toolkit - Open-source penetration testing framework designed for social engineering
Installation :
git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/
cd setoolkit
pip3 install -r requirements.txt
python setup.py
Usage: setoolkit
Vulnerability Analysis
Am-I-affected-by-Meltdown - Meltdown Exploit - Proof-of-concept
Installation :
git clone https://github.com/raphaelsc/Am-I-affected-by-Meltdown.git
cd ./Am-I-affected-by-Meltdown
make
taskset 0x1 ./meltdown-checker
CMSmap - python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs
Installation :
git clone https://github.com/Dionach/CMSmap
cd CMSmap
pip3 install .
Usage: cmsmap
linux-exploit-suggester - Linux privilege escalation auditing tool
Installation :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
Usage: ./linux-exploit-suggester.sh
Lynis - Auditing tool for Unix-based systems
Installation :
git clone https://github.com/CISOfy/lynis
cd lynis; ./lynis audit system
Nmap - The Network Mapper
Installation : apt-get install nmap -y
sqlmap - Automatic SQL injection and database takeover tool
Installation : apt-get install sqlmap -y
unix-privesc-check - Shell script to check for simple privilege escalation vectors on Unix systems
Installation : apt-get install unix-privesc-check -y
Wapiti - The web-application vulnerability scanner
Installation : apt-get install wapiti -y
wesng - Windows Exploit Suggester - Next Generation
Installation :
git clone https://github.com/bitsadmin/wesng
cd wesng
python setup.py || python setup.py install
Usage: python wes.py --update
Mobile Security Framework (MobSF) - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework
Installation :
sudo apt-get install python3.7 openjdk-8-jdk
sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf
git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF
cd Mobile-Security-Framework-MobSF
./setup.sh
Web Applications
Burp Suite - Web vulnerability scanner
Installation : apt-get install burpsuite -y
CLOUDKiLL3R - Bypasses Cloudflare protection service via TOR Browser using crimeflare !
Installation :
git clone https://github.com/inurlx/CLOUDKiLL3R
cd CLOUDKiLL3R
pip install argparse
pip install socks
pip install socket
pip install requests
pip install sys
Usage: python CK.py
Nikto - Web server scanner
Installation : apt-get install nikto -y
owtf - Offensive Web Testing Framework (OWTF)
Installation :
git clone https://github.com/owtf/owtf
cd owtf
python setup.py develop
Usage: otf
Brwoser: localhost:8080
wafw00f - Fingerprint Web Application Firewall (WAF)
Installation : apt-get install wafw00f
w3af - Web Application Attack and Audit Framework
Installation : apt-get install w3af -y
Wfuzz - Web application fuzzer
Installation : apt-get install wfuzz
WhatWaf - Detect and bypass web application firewalls and protection systems
WPscan - WordPress vulnerability scanner
Installation : apt-get install wpscan -y
Web Shells
weevely3 - Weaponized web shell
Installation :
git clone https://github.com/epinna/weevely3
cd weevely3
pip3 install -r requirements.txt
Usage: python3 weevely3
b374k - PHP Webshell with handy features
Installation :
git clone https://github.com/b374k/b374k
cd b374k
Usage: php -f index.php
Ex: php -f index.php -- -o myShell.php -p myPassword -s -b -z gzcompress -c 9
Miyachung - PHP BackConnect Shell
Download : https://packetstormsecurity.com/files/download/122612/miyabc.php.txt
(rename from php.txt to php)
wso-2.8-web-shell - Automatically exported from code.google.com/p/wso-web-shell-2-8
Download : https://github.com/rzkyh007/wso-web-shell-2-8/blob/master/WSO2.8_undetectable.php
Wireless Attacks
Aircrack-ng - A complete suite of tools to assess WiFi network security
Installation : apt-get install aircrack-ng
airgeddon - Multi-use bash script for Linux systems to audit wireless networks
Installation :
git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git
cd airgeddon
sudo bash airgeddon.sh
Bluelog - A highly configurable Linux Bluetooth scanner
Installation : apt-get install bluelog -y
fluxion - Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality
Installation :
wget https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/install/install.sh && bash install.sh
infernal-twin - This is automated wireless hacking tool
Installation :
git clone https://github.com/entropy1337/infernal-twin
cd infernal-twin
chmod +x *
./InfernalWireless.py
kismet - An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system
Installation : apt-get install kismet -y
krackattacks-scripts - WPA2 Krack Attack Scripts
Installation :
apt-get update
apt-get install libnl-3-dev libnl-genl-3-dev pkg-config libssl-dev net-tools git sysfsutils python-scapy python-pycryptodome virtualenv
git clone https://github.com/vanhoefm/krackattacks-scripts
cd krackattacks-script/hostapd
cp defconfig .config
make -j 2
cd ..; cd krackattack
pip install -r requirements.txt
Usage: ./krack-test-client.py --replay-broadcast
KRACK Detector - Detect and prevent KRACK attacks in your network
Installation :
git clone https://github.com/securingsam/krackdetector
cd krackdetector
Usage: python krack_detect.py <interface>
Usage: python krack_detect.py wlan0
Pixiewps - An offline Wi-Fi Protected Setup brute-force utility
Installation : apt-get install pixieswps -y
RouterSploit - Exploitation Framework for Embedded Devices
Installation : apt-get install routersploit -y
wifi-arsenal - Resources for WiFi Pentesting
Link : https://github.com/0x90/wifi-arsenal
Do not clone it will overfill your space xD
Wifiphisher - The Rogue Access Point Framework
Installation : apt-get install wifiphisher -y
WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
Installation :
sudo apt install libssl-dev libffi-dev build-essential
git clone https://github.com/P0cL4bs/wifipumpkin3.git
cd wifipumpkin3
sudo apt install python3-pyqt5
sudo python3 setup.py install
Usage: wifipumpkin3
???? ??? ????????? ?? ?????, ???????????? ???????? ???... !
