CSWSH:-- A #command-line tool for Cross-Site #WebSocket #Hijacking.
A command-line tool designed to test and connect to a WebSocket which are #vulnerable to Cross-Site WebSocket Hijacking vulnerability.
#CSWSH tool can connect to both standard and socket.io based WebSockets.
1. A standard WebSocket will have the functionality of sending messages to the server and receiving messages from the server.
2. A socket.io based WebSocket will have only the ping functionality to check if the connection is successful or not.
#Download #Link:-
https://github.com/DeepakPawar95/cswsh
CSWSH:-- A #command-line tool for Cross-Site #WebSocket #Hijacking.
A command-line tool designed to test and connect to a WebSocket which are #vulnerable to Cross-Site WebSocket Hijacking vulnerability.
#CSWSH tool can connect to both standard and socket.io based WebSockets.
1. A standard WebSocket will have the functionality of sending messages to the server and receiving messages from the server.
2. A socket.io based WebSocket will have only the ping functionality to check if the connection is successful or not.
#Download #Link:-
https://github.com/DeepakPawar95/cswsh
A command-line tool designed to test and connect to a WebSocket which are #vulnerable to Cross-Site WebSocket Hijacking vulnerability.
#CSWSH tool can connect to both standard and socket.io based WebSockets.
1. A standard WebSocket will have the functionality of sending messages to the server and receiving messages from the server.
2. A socket.io based WebSocket will have only the ping functionality to check if the connection is successful or not.
#Download #Link:-
https://github.com/DeepakPawar95/cswsh
CSWSH:-- A #command-line tool for Cross-Site #WebSocket #Hijacking.
A command-line tool designed to test and connect to a WebSocket which are #vulnerable to Cross-Site WebSocket Hijacking vulnerability.
#CSWSH tool can connect to both standard and socket.io based WebSockets.
1. A standard WebSocket will have the functionality of sending messages to the server and receiving messages from the server.
2. A socket.io based WebSocket will have only the ping functionality to check if the connection is successful or not.
#Download #Link:-
https://github.com/DeepakPawar95/cswsh
Photos from National Cyber Security Services's post
Bettercap:-- The #Swiss #Army #knife for 802.11, BLE and Ethernet network #reconnaissance and #MITM attacks.
#Bettercap is a #powerful, easily extensible and portable #framework written in #Go which aims to offer to #security #researchers, #redteamers and #reverse #engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking #WiFi networks, #Bluetooth Low Energy devices, #wireless #HID devices, and Ethernet networks.
Main Features:-
1. WiFi networks scanning, de-authentication attack, clientless #PMKID association attack, and automatic #WPA/ #WPA2 client handshakes capture.
2. Bluetooth Low Energy devices scanning, characteristics enumeration, reading, and writing.
3. 2.4Ghz wireless devices scanning and #MouseJacking attacks with over-the-air HID frames injection (with #DuckyScript support).
4. Passive and active IP network hosts probing and recon.
5. #ARP, #DNS and #DHCPv6 spoofers for MITM attacks on IP based networks.
6. Proxies at the packet level, #TCP level and #HTTP/ #HTTPS application-level fully scriptable with easy to implement javascript plugins.
7. A powerful network sniffer for credentials harvesting which can also be used as a network #protocol #fuzzer.
8. A very fast port scanner.
9. A powerful #REST #API with support for asynchronous events notification on #WebSocket to orchestrate your attacks easily.
10. A very convenient #web UI.
More!
#Download #Link:-
https://github.com/bettercap/bettercap
Bettercap:-- The #Swiss #Army #knife for 802.11, BLE and Ethernet network #reconnaissance and #MITM attacks.
#Bettercap is a #powerful, easily extensible and portable #framework written in #Go which aims to offer to #security #researchers, #redteamers and #reverse #engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking #WiFi networks, #Bluetooth Low Energy devices, #wireless #HID devices, and Ethernet networks.
Main Features:-
1. WiFi networks scanning, de-authentication attack, clientless #PMKID association attack, and automatic #WPA/ #WPA2 client handshakes capture.
2. Bluetooth Low Energy devices scanning, characteristics enumeration, reading, and writing.
3. 2.4Ghz wireless devices scanning and #MouseJacking attacks with over-the-air HID frames injection (with #DuckyScript support).
4. Passive and active IP network hosts probing and recon.
5. #ARP, #DNS and #DHCPv6 spoofers for MITM attacks on IP based networks.
6. Proxies at the packet level, #TCP level and #HTTP/ #HTTPS application-level fully scriptable with easy to implement javascript plugins.
7. A powerful network sniffer for credentials harvesting which can also be used as a network #protocol #fuzzer.
8. A very fast port scanner.
9. A powerful #REST #API with support for asynchronous events notification on #WebSocket to orchestrate your attacks easily.
10. A very convenient #web UI.
More!
#Download #Link:-
https://github.com/bettercap/bettercap