Photos from National Cyber Security Services's post
UFONet - #Denial of #Service Toolkit.
#UFONet is a #toolkit designed to launch #DDoS and #DoS #attacks.it runs on many platforms. It requires #Python (>=3) and requires :-#whois,#pycurl,#geoip,#crypto,#scanpy,#requests.
#Download #Link:-
https://github.com/epsylon/ufonet
UFONet - #Denial of #Service Toolkit.
#UFONet is a #toolkit designed to launch #DDoS and #DoS #attacks.it runs on many platforms. It requires #Python (>=3) and requires :-#whois,#pycurl,#geoip,#crypto,#scanpy,#requests.
#Download #Link:-
https://github.com/epsylon/ufonet
Photos from National Cyber Security Services's post
hidden-tear- #ransomware #open-#sources
It's a ransomware-like file #crypter sample which can be modified for specific purposes.
Features:-
-Uses #AES #algorithm to #encrypt files.
-Sends encryption key to a #server.
-Encrypted files can be #decrypt in #decrypter program with encryption key.
-Creates a text file in Desktop with given message.
-Small file size (12 KB)
-Doesn't detected to #antivirus programs
#Download #Link:-
https://github.com/goliate/hidden-tear
hidden-tear- #ransomware #open-#sources
It's a ransomware-like file #crypter sample which can be modified for specific purposes.
Features:-
-Uses #AES #algorithm to #encrypt files.
-Sends encryption key to a #server.
-Encrypted files can be #decrypt in #decrypter program with encryption key.
-Creates a text file in Desktop with given message.
-Small file size (12 KB)
-Doesn't detected to #antivirus programs
#Download #Link:-
https://github.com/goliate/hidden-tear
Photos from National Cyber Security Services's post
WordPress-PT:-- #Exploiting #Wordpress #vulnerabilities discovered via #WPScan.
Objective: Find, #analyze, recreate, and #document five vulnerabilities affecting an old version of WordPress.
Setup:-
1. #VirtualBox - #Virtual #machine #manager.
2. #Kali #Linux - #Attack #OS of choice.
3. #WPDistillery - Creating a locally hosted Wordpress #site.
4. #WPScan - #Vulnerability #scanner.
1. CVE-2018-6390 - Denial Of Service Overflow (#DOS)
2. CVE-2015-5622 - Cross-Site Scripting (#XSS)
3. CVE-2017-9061 - Error in Upload when the file's too large
4. CVE 2015-5714 - Shortcode Tags
5. CVE 2017-6817 - Authenticated XSS in #Youtube #URL Embeds
#Download #Link:-
https://github.com/bryanvnguyen/WordPress-PT
WordPress-PT:-- #Exploiting #Wordpress #vulnerabilities discovered via #WPScan.
Objective: Find, #analyze, recreate, and #document five vulnerabilities affecting an old version of WordPress.
Setup:-
1. #VirtualBox - #Virtual #machine #manager.
2. #Kali #Linux - #Attack #OS of choice.
3. #WPDistillery - Creating a locally hosted Wordpress #site.
4. #WPScan - #Vulnerability #scanner.
1. CVE-2018-6390 - Denial Of Service Overflow (#DOS)
2. CVE-2015-5622 - Cross-Site Scripting (#XSS)
3. CVE-2017-9061 - Error in Upload when the file's too large
4. CVE 2015-5714 - Shortcode Tags
5. CVE 2017-6817 - Authenticated XSS in #Youtube #URL Embeds
#Download #Link:-
https://github.com/bryanvnguyen/WordPress-PT
Photos from National Cyber Security Services's post
XSRFProbe:-- The Prime Cross-Site Request Forgery (#CSRF) #Audit and #Exploitation #Toolkit.
#XSRFProbe is an #advanced Cross-Site Request Forgery (CSRF/ #XSRF) Audit and Exploitation Toolkit. Equipped with a #powerful crawling engine and numerous systematic checks, it is able to detect most cases of CSRF #vulnerabilities, their related #bypasses and further generate (#maliciously) exploitable proof of concepts with each found vulnerability.
Features:-
1. Performs several types of checks before declaring an endpoint as #vulnerable.
2. Can detect several types of Anti-CSRF tokens in POST requests.
3. Works with a powerful crawler that features continuous crawling and scanning.
4. Out of the box support for custom #cookie values and generic headers.
5. Accurate Token-Strength Detection and Analysis using various #algorithms.
6. It can generate both normal as well as maliciously exploitable CSRF proof of concepts.
7. Well documented code and highly generalized #automated workflow.
8. The user is in control of everything whatever the scanner does.
9. Has a user-friendly interaction #environment with full verbose support.
10. Detailed logging system of errors, vulnerabilities, tokens, and other stuff.
#Download #Link:-
https://github.com/0xInfection/XSRFProbe
XSRFProbe:-- The Prime Cross-Site Request Forgery (#CSRF) #Audit and #Exploitation #Toolkit.
#XSRFProbe is an #advanced Cross-Site Request Forgery (CSRF/ #XSRF) Audit and Exploitation Toolkit. Equipped with a #powerful crawling engine and numerous systematic checks, it is able to detect most cases of CSRF #vulnerabilities, their related #bypasses and further generate (#maliciously) exploitable proof of concepts with each found vulnerability.
Features:-
1. Performs several types of checks before declaring an endpoint as #vulnerable.
2. Can detect several types of Anti-CSRF tokens in POST requests.
3. Works with a powerful crawler that features continuous crawling and scanning.
4. Out of the box support for custom #cookie values and generic headers.
5. Accurate Token-Strength Detection and Analysis using various #algorithms.
6. It can generate both normal as well as maliciously exploitable CSRF proof of concepts.
7. Well documented code and highly generalized #automated workflow.
8. The user is in control of everything whatever the scanner does.
9. Has a user-friendly interaction #environment with full verbose support.
10. Detailed logging system of errors, vulnerabilities, tokens, and other stuff.
#Download #Link:-
https://github.com/0xInfection/XSRFProbe
Rucky:-- A simple to use #USB #HID #Rubber #Ducky LaunchPad for #Android.
A USB HID Rubber Ducky Script All-In-One tool.
#Download #Link:-
https://github.com/mayankmetha/Rucky
Rucky:-- A simple to use #USB #HID #Rubber #Ducky LaunchPad for #Android.
A USB HID Rubber Ducky Script All-In-One tool.
#Download #Link:-
https://github.com/mayankmetha/Rucky
A USB HID Rubber Ducky Script All-In-One tool.
#Download #Link:-
https://github.com/mayankmetha/Rucky
Rucky:-- A simple to use #USB #HID #Rubber #Ducky LaunchPad for #Android.
A USB HID Rubber Ducky Script All-In-One tool.
#Download #Link:-
https://github.com/mayankmetha/Rucky
Photos from National Cyber Security Services's post
TheFatRat:-- Updated new version
#TheFatrat a massive #exploiting tool!
Easy tool to generate #backdoor and easy tool to post-exploitation attacks like #browser attack and etc. This tool compiles a #malware with popular #payload and then the compiled malware can be executed on #windows, #android, #mac. The malware that created with this tool also has an ability to #bypass most #AV #software.
Features:-
1. Fully Automating #MSFvenom & #Metasploit.
2. Local or remote listener Generation.
3. Easily Make Backdoor by category Operating System.
4. Generate #payloads in Various formats.
5. Bypass anti-virus backdoors.
6. File pumper that you can use for increasing the size of your files.
7. The ability to detect external #IP & Interface address.
8. Automatically creates AutoRun files for #USB / CDROM exploitation.
#Download #Link:-
https://github.com/Screetsec/TheFatRat
TheFatRat:-- Updated new version
#TheFatrat a massive #exploiting tool!
Easy tool to generate #backdoor and easy tool to post-exploitation attacks like #browser attack and etc. This tool compiles a #malware with popular #payload and then the compiled malware can be executed on #windows, #android, #mac. The malware that created with this tool also has an ability to #bypass most #AV #software.
Features:-
1. Fully Automating #MSFvenom & #Metasploit.
2. Local or remote listener Generation.
3. Easily Make Backdoor by category Operating System.
4. Generate #payloads in Various formats.
5. Bypass anti-virus backdoors.
6. File pumper that you can use for increasing the size of your files.
7. The ability to detect external #IP & Interface address.
8. Automatically creates AutoRun files for #USB / CDROM exploitation.
#Download #Link:-
https://github.com/Screetsec/TheFatRat
Photos from National Cyber Security Services's post
Onex v0.1:-- Onex is a #hacking #tool installer and package manager for #hackers. Onex is a library of all hacking tools for Termux and other #Linux distributions. onex can install any third-party tool or any hacking tool for you.
"onex a hacking tools library." Onex is a #kali Linux hacking tools installer for #termux and other Linux distribution. It's a package manager for hackers. onex manages large numbers of hacking tools that can be installed on a single click. Using onex, you can install all hacking tools in Termux and other Linux based distributions. onex can install more than 370+ kali Linux hacking tools. use onex install [tool_name] command to install any hacking tool.
onex works on any of the following operating systems:-
1. #Android (Using the Termux App)
2. Linux (Linux Based Systems)
#Download #Link:-
https://github.com/rajkumardusad/onex
Onex v0.1:-- Onex is a #hacking #tool installer and package manager for #hackers. Onex is a library of all hacking tools for Termux and other #Linux distributions. onex can install any third-party tool or any hacking tool for you.
"onex a hacking tools library." Onex is a #kali Linux hacking tools installer for #termux and other Linux distribution. It's a package manager for hackers. onex manages large numbers of hacking tools that can be installed on a single click. Using onex, you can install all hacking tools in Termux and other Linux based distributions. onex can install more than 370+ kali Linux hacking tools. use onex install [tool_name] command to install any hacking tool.
onex works on any of the following operating systems:-
1. #Android (Using the Termux App)
2. Linux (Linux Based Systems)
#Download #Link:-
https://github.com/rajkumardusad/onex