skip to main |
skip to sidebar
| Name |
Author |
Perms |
Com |
Modified |
Label |
| Filename |
NSEE - Merges and displays data from different network pentesting tools |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/10/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
NSEE ( Network Target Profiling ) - Merges and displays data from different network pentesting tools
This network pentesting tool merges and displays the data gathered from standard network tools like, tcpdump, traceroute, nmap, etc
An automated python script runs all these tools sequentially and processes their output to a json file. A lightweight html page renders the json file and allows to display, sort and filter its content.
Installation:
Download files
Run python script as sudo. Without sudo half of the pentesting tools won't work properly
Open the index.html in any web browser
Repeat at will
DOWNLOAD
| Filename |
TheFatRat - Massive Exploiting Tool |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/10/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
TheFatRat is an easy tool to generate backdoor and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be executed on Windows, Android, Mac. The malware that created with this tool also have an ability to bypass most AV software protection.
Automating metasploit functions:
- Create backdoor for Windows, Linux, Mac and android
- bypass antivirus backdoor
- Checks for metasploit service and starts if not present
- Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
- Start multiple meterpreter reverse_tcp listeners
- Fast Search in searchsploit
- Bypass AV
- File Pumper
- Create backdoor with another technique
- Autorunscript for listeners ( easy to use )
- Drop into Msfconsole
Some other fun stuff :)
Autorun Backdoor
Autorun work if the victim disabled uac ( user acces control ) or low uac ( WINDOWS )
I have also created 3 AutoRun files
Simply copy these files to a CD or USB
You can change the icon autorun file or exe in folder icon ( replace your another ico and replace name with autorun.ico )
HOW CHANGE THE ICONS ?
Copy your icon picture to folder /TheFatrat/icons
Change the name into autorun.ico
And Replace
Done
📜 Changelog
Be sure to check out the [Changelog] and Read CHANGELOG.md
Getting Started
git clone https://github.com/Screetsec/TheFatRat.git
cd TheFatRat
chmod +x setup.sh && ./setup.sh
📖 How it works
Extract The lalin-master to your home or another folder
chmod +x fatrat
chmod +x powerfull.sh
And run the tools ( ./fatrat )
Easy to Use just input your number
A linux operating system. We recommend :
Kali Linux 2 or Kali 2016.1 rolling
Cyborg
Parrot
BackTrack
Backbox
❗️ READ
if prog.c file to large when create backdoor with powerfull.sh , you can use prog.c.backup and create another backup when you running option 2
Update Fatrat
To update fatrat go to your TheFatRat folder and execute : git pull && chmod +x setup.sh && ./setup.sh
To Update from 1.9.3 Version and up , execute on your fatrat folder : ./update && chmod +x setup.sh && ./setup.sh
| Filename |
Hacking with use of BeeLogger |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/10/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
KEYLOGGER TOOL DESIGNED FOR GOOD PURPOSES, PENTESTS, DON'T BE A CRIMINAL !
Only download it here, do not trust in other places.
NOTE: BeeLogger just have official support for latin languages in this moment.
HOW TO INSTALL:
Cloning:
git clone https://github.com/4w4k3/BeeLogger.git
Running:
cd BeeLogger
sudo su
chmod +x install.sh
./install.sh
python bee.py
If you have another version of Python:
python2.7 bee.py
DISCLAIMER:
"DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." Taken from LICENSE.
TO KNOW
To disable bee just run UnInfectMe.bat on target.
Features:
Send logs each 120 seconds.
Send logs when chars > 50.
Send logs with GMAIL.
Some Phishing methods are included.
Multiple Session disabled.
Auto Persistence.
Prerequisites:
apt
wine
wget
Linux
sudo
python2.7
python 2.7 on Wine Machine
pywin32 on Wine Machine
pythoncom on Wine Machine
Tested on:
Kali Linux - SANA
Kali Linux - ROLLING
Ubuntu 14.04-16.04 LTS
Debian 8.5
Linux Mint 18.1
| Filename |
HERCULES - A special payload generator that can bypass antivirus softwares |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/06/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
HERCULES is a customizable payload generator that can bypass antivirus software.
#INSTALLATION
SUPPORTED PLATFORMS:
Ubuntu - 16.04 / 15.10
Kali linux - Rolling / Sana
Manjaro
Arch Linux
Black Arch
Parrot OS
go get github.com/fatih/color
go run Setup.go
WARNING: Don't change the location of the HERCULES folder.
#USAGE
#SPECIAL FUNCTIONS
Persistence: Persistence function adds the running binary to Windows start-up registry (CurrentVersion/Run) for continuous access.
Migration: This function triggers a loop that tries to migrate to a remote process until it is successfully migrated.
#WHAT IS UPX ?
UPX (Ultimate Packer for Executables) is a free and open source executable packer supporting a number of file formats from different operating systems. UPX simply takes the binary file and compresses it, packed binary unpack(decompress) itself at runtime to memory.
#WHAT IS "AV EVASION SCORE" ?
AV Evasion Score is a scale(1/10) for determining the effectiveness of the payloads anti virus bypassing capabilities, 1 represents low possibility to pass AV softwares.
Using special functions and packing the payloads with upx decreases the AV Evasion Score.
| Filename |
Pybelt - An Hackers Tool Belt |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/06/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
Pybelt is an open source hackers tool belt complete with:
- A port scanner
- SQL injection scanner
- Dork checker
- Hash cracker
- Hash type verification tool
- Proxy finding tool
- XSS scanner
It is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on a given host, searching for SQLi vulnerabilities in a given URL, verifying that your Google dorks work like they should, verifying the algorithm of a given hash, scanning a URL for XSS vulnerability, and finding usable HTTP proxies.
Usage
Installation
You can either clone the repository git clone https://github.com/ekultek/pybelt.git or download the latest release as a zip/tar ball here
Once you have the program installed cd into the directory and run the following command: pip install -r requirements.txt This will install all of the programs needed libraries and should be able to be run from there.
###Functionality python pybelt.py -p 127.0.0.1 Will run a port scan on your local host
python pybelt.py -s http://example.com/php?id=2 Will run a SQLi scan on the given URL
python pybelt.py -d idea?id=55 Will run a Dork check on the given Google Dork
python pybelt.py -c 9a8b1b7eee229046fc2701b228fc2aff:all Will attempt to crack the hash using all algorithms available on the computer
python pybelt.py -v 098f6bcd4621d373cade4e832627b4f6 Will try to verify the hash type
python pybelt.py -f Will find usable proxies
python pybelt.py -x http://127.0.0.1/php?id=1 Will search the URL for XSS vulnerability
| Filename |
Trity an advanced pentesting framework |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
7/06/2017 |
| Label |
Basic Tutorials
|
| Action |
|
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune - India
Sadik Shaikh | Extreme Hacking | Cyber Suraksha Abhiyan | Hackers Charity
_____ _ _ _ _ _
| ____|_ _| |_ _ __ ___ _ __ ___ ___ | | | | __ _ ___| | _(_)_ __ __ _
| _| \ \/ / __| '__/ _ \ '_ ` _ \ / _ \ | |_| |/ _` |/ __| |/ / | '_ \ / _` |
| |___ > <| |_| | | __/ | | | | | __/ | _ | (_| | (__| <| | | | | (_| |
|_____/_/\_\\__|_| \___|_| |_| |_|\___| |_| |_|\__,_|\___|_|\_\_|_| |_|\__, |
|___/
Feartures in Trity : Ip traceing,Ip address finder,email spoofing,mac address spoofing,website cloning,clickjacking,email bombing,bruteforce attack and many more easy hacking tools.
Trity is an advanced pentesting framework dedicated to everything from cryptography to spoofing.
Download : https://github.com/toxic-ig/Trity
Trity Tools :
---------------------------------------------------
website - enter a website and get its ip
clone - clone a websites source
whois - whois a website
web - extract info from a website
siteexists - check if a site exists
google - find google results for a query
clickjacking - test websites for clickjacking vulnerability
+----------------------------+
ip - geolocate an ip
+----------------------------+
spoof mac - spoof mac address
+----------------------------+
email - bomb an email address
spoof email - spoof an email address
sms - spam text messages
crack - bruteforce an email
anonymous - send an anonymous email
facebook - bruteforce a facebook account
twitter - check the details of a twitter account
+----------------------------+
craft - generate useful scripts
qr - generate a qr code
zip - crack a password-protected zip file
+----------------------------+
encode base64 - text to base64
decode base64 - base64 to text
encode hex - text to hex
decode hex - hex to text
+----------------------------+
www.extremehacking.org
CEHv9 CHFI ECSAv9 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, Center For Advanced Security Training in India, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune
| Filename |
TinfoLeak – Full Information About A Twitter User Activity |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
1/18/2017 |
| Label |
Basic Tutorials
|
| Action |
|
| Filename |
TCHead – A Tool to Crack TrueCrypt Passwords |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
1/15/2017 |
| Label |
Basic Tutorials
|
| Action |
|
| Filename |
Morpheus – Automated Ettercap TCP/IP Hijacking Tool |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
1/13/2017 |
| Label |
Basic Tutorials
|
| Action |
|
| Filename |
Cain and Abel – An amazing Tool for Hackers |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
1/13/2017 |
| Label |
Basic Tutorials
|
| Action |
|
| Filename |
MSF-Remote-Console – Tool To Connect To The Msfrcpd Server Of Metasploit |
| Permission |
rw-r--r-- |
| Author |
Unknown |
| Date and Time |
1/13/2017 |
| Label |
Basic Tutorials
|
| Action |
|
