RouterSploit v3.4.0 – Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.It consists of various modules that aids penetration testing operations:exploits – modules that take advantage of identified vulnerabilitiescreds – modules designed to test credentials against network servicesscanners – modules that check if a target is vulnerable to any exploitpayloads – modules that are responsible for generating payloads for various architectures and injection pointsgeneric – modules that perform generic attacksInstallationRequirementsRequired:futurerequestsparamikopysnmppycryptoOptional:bluepy – bluetooth low energyInstallation on Kali Linuxapt-get install python3-pipgit clone https://www.github.com/threat9/routersploitcd routersploitpython3 -m pip install -r requirements.txtpython3 rsf.pyBluetooth Low Energy support:apt-get install libglib2.0-devpython3 -m pip install bluepypython3 rsf.pyInstallation on Ubuntu 18.04 & 17.10sudo add-apt-repository universesudo apt-get install git python3-pipgit clone https://www.github.com/threat9/routersploitcd routersploitpython3 -m pip install -r requirements.txtpython3 rsf.pyBluetooth Low Energy support:apt-get install libglib2.0-devpython3 -m pip install bluepypython3 rsf.pyInstallation on OSXgit clone https://www.github.com/threat9/routersploitcd routersploitsudo python3 -m pip install -r requirements.txtpython3 rsf.pyRunning on Dockergit clone https://www.github.com/threat9/routersploitcd routersploitdocker build -t routersploit .docker run -it –rm routersploitUpdateUpdate RouterSploit Framework often. The project is under heavy development and new modules are shipped almost every day.cd routersploitgit pullDownload Routersploit

Link: http://www.kitploit.com/2018/10/routersploit-v340-exploitation.html

LibSSH Scanner – Script To Identify Hosts Vulnerable To CVE-2018-10933

This is a python based script to identify hosts vulnerable to CVE-2018-10933.The vulnerability is present on versions of libssh 0.6+ and was remediated by a patch present in libssh 0.7.6 and 0.8.4. For more details: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/HelpCVE-2018-10933 Scanner – Find vulnerable libssh services by Leap Security (@LeapSecurity)optional arguments: -h, –help show this help message and exit -v, –version show program’s version number and exit -t TARGET, –target TARGET An ip address or new line delimited file containing IPs to banner grab for the vulnerability. -p PORT, –port PORT Set port of SSH serviceDownload Libssh-Scanner

Link: http://feedproxy.google.com/~r/PentestTools/~3/QmL8AcFG_pI/libssh-scanner-script-to-identify-hosts.html

XenoScan – Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game’s state in memory.XenoScan is written in C++ with a Lua frontend, and I’ve been working on advanced functionality that goes beyond anything that has been in any other memory scanners I’ve seen. Notably, it has a way to enumerate and return all complex data structures (such as std::list and std::map) in the target’s memory space, and it can even scan for any class instances and group the discovered instances by their underlying types.CommunicationIf you need to get in touch with me, want a place to chat, or have a question, my Discord is the best place.Sub-projectsXenoLuaXenoLua is a wrapper around Lua that provides a ton of functionality. Most notably, it provides a LuaVariant class which wraps the functionality of converting between C/C++ and Lua types. Additionally, it has helper functions for working with Lua in the LuaPrimitive class.XenoScanEngineXenoScanEngine is the meat of the project. It contains the code for the scanning, data structure detection, and everything else.XenoScanLuaXenoScanLua ties XenoScanEngine to XenoLua to provide a Lua-scriptable frontend for the scanner. Currently, this is the only entry-point to the scanner.Additionally, this project contains some test code that ensures everything is working properly. A test is a combination of a .cpp, a .h, and a .lua file. For examples on how to use the scanner, you can check out the .lua test files.CompilingXenoScan uses CMake, and has been tested with Visual Studio 2017. In theory, you should be able to build the code with any modernish compiler, as long as you use CMake to generate the project files. Before you can compile, you will need to make sure you’ve checked out the submodules. Once that’s done, you’ll also have to build the luajit submodule so XenoScan can link against the libraries.If you’re using Visual Studio, this should be easy. Simply run buildmsvc2017.bat from a Developer Command Prompt for VS. As an example, to build a project for Visual Studio 2017, I runcd C:\path\to\XenoScanbuildmsvc2017.batWhich would make a file named XenoScan.sln appear in my build directory (e.g. C:\path\to\XenoScan\build).The main development of XenoScan is done on this version of Visual Studio.If you’re on another system or using another compiler or IDE, you’ll have to build luajit on your own and run CMake manually.PlatformThe code is designed to be platform-agnostic. Theoretically, to compile on any other platform, you would need toCreate project/make files for your target IDE/compiler.Remove the ScannerTargetWindows.cpp and ScannerTargetWindows.h files from the project.Implement the ScannerTarget interface for your platform.Add your implementation to the project.???? profitFeaturesBasic scanning functionality supports the following types:Integral types*:int8_tuint8_tint16_tuint16_tint32_tuint32_tint64_tuint64_tfloatdoubleascii stringswide stringsCustom data structures (think C++ struct)Can consist of any combination integral and decimal types* Lua frontend may choke on 64-bit integers, but the scanner library supports them.Scanning supports the following types of matching:Equal toGreater thanGreater than or equal toLess thanLess than or equal toRanges (min <= check <= max)Additionally, there is functionality to detect all instances of the following types:std::mapstd::listAny class with a virtual-function tableDownload XenoScan

Link: http://feedproxy.google.com/~r/PentestTools/~3/pUE-sfnz92k/xenoscan-open-source-memory-scanner.html

BYOB – Build Your Own Botnet

BYOB (Build Your Own Botnet)Disclaimer: This project should be used for authorized testing or educational purposes only.BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability to develop counter-measures against these threats.It is designed to allow developers to easily implement their own code and add cool new features without having to write a RAT (Remote Administration Tool) or a C2 (Command & Control server) from scratch.The RAT’s key feature is that arbitrary code/files can be remotely loaded into memory from the C2 and executed on the target machine without writing anything to the disk.Serverusage: server.py [-h] [-v] [–host HOST] [–port PORT] [–database DATABASE]Command & control server with persistent database and console Console-Based User-Interface: streamlined console interface for controlling client host machines remotely via reverse TCP shells which provide direct terminal access to the client host machines Persistent SQLite Database: lightweight database that stores identifying information about client host machines, allowing reverse TCP shell sessions to persist through disconnections of arbitrary duration and enabling long-term reconnaissance Client-Server Architecture: all python packages/modules installed locally are automatically made available for clients to remotely import without writing them to the disk of the target machines, allowing clients to use modules which require packages not installed on the target machines Clientusage: client.py [-h] [-v] [–name NAME] [–icon ICON] [–pastebin API] [–encrypt] [–obfuscate] [–compress] [–compile] host port [module [module …]]Generate fully-undetectable clients with staged payloads, remote imports, and unlimited modules Remote Imports: remotely import third-party packages from the server without writing them to the disk or downloading/installing them Nothing Written To The Disk: clients never write anything to the disk – not even temporary files (zero IO system calls are made) because remote imports allow arbitrary code to be dynamically loaded into memory and directly imported into the currently running process Zero Dependencies (Not Even Python Itself): client runs with just the python standard library, remotely imports any non-standard packages/modules from the server, and can be compiled with a standalone python interpreter into a portable binary executable formatted for any platform/architecture, allowing it to run on anything, even when Python itself is missing on the target host Add New Features With Just 1 Click: any python script, module, or package you to copy to the ./byob/modules/ directory automatically becomes remotely importable & directly usable by every client while your command & control server is running Write Your Own Modules: a basic module template is provided in ./byob/modules/ directory to make writing your own modules a straight-forward, hassle-free process Run Unlimited Modules Without Bloating File Size: use remote imports to add unlimited features without adding a single byte to the client’s file size Fully Updatable: each client will periodically check the server for new content available for remote import, and will dynamically update its in-memory resources if anything has been added/removed Platform Independent: everything is written in Python (a platform-agnostic language) and the clients generated can optionally be compiled into portable executable (Windows) or bundled into an standalone application (macOS) Bypass Firewalls: clients connect to the command & control server via reverse TCP connections, which will bypass most firewalls because the default filter configurations primarily block incoming connections Counter-Measure Against Antivirus: avoids being analyzed by antivirus by blocking processes with names of known antivirus products from spawning Encrypt Payloads To Prevent Analysis: the main client payload is encrypted with a random 256-bit key which exists solely in the payload stager which is generated along with it Prevent Reverse-Engineering: by default, clients will abort execution if a virtual machine or sandbox is detected ModulesPost-exploitation modules that are remotely importable by clientsKeylogger (byob.modules.keylogger): logs the user’s keystrokes & the window name enteredScreenshot (byob.modules.screenshot): take a screenshot of current user’s desktopWebcam (byob.modules.webcam): view a live stream or capture image/video from the webcamRansom (byob.modules.ransom): encrypt files & generate random BTC wallet for ransom paymentOutlook (byob.modules.outlook): read/search/upload emails from the local Outlook clientPacket Sniffer (byob.modules.packetsniffer): run a packet sniffer on the host network & upload .pcap filePersistence (byob.modules.persistence): establish persistence on the host machine using 5 different methodsPhone (byob.modules.phone): read/search/upload text messages from the client smartphoneEscalate Privileges (byob.modules.escalate): attempt UAC bypass to gain unauthorized administrator privilegesPort Scanner (byob.modules.portscanner): scan the local network for other online devices & open portsProcess Control (byob.modules.process): list/search/kill/monitor currently running processes on the hostCoreCore framework modules used by the generator and the serverUtilities (byob.core.util): miscellaneous utility functions that are used by many modulesSecurity (byob.core.security): Diffie-Hellman IKE & 3 encryption modes (AES-256-OCB, AES-256-CBC, XOR-128)Loaders (byob.core.loaders): remotely import any package/module/scripts from the serverPayloads (byob.core.payloads): reverse TCP shell designed to remotely import dependencies, packages & modulesStagers (byob.core.stagers): generate unique payload stagers to prevent analysis & detectionGenerators (byob.core.generators): functions which all dynamically generate code for the client generatorDatabase (byob.core.database): handles interaction between command & control server and the SQLite database ContactWebsite: https://malwared.comEmail: security@malwared.comTwitter: https://twitter.com/malwaredllcDownload BYOB

Link: http://feedproxy.google.com/~r/PentestTools/~3/8QSu_u2pj0Y/byob-build-your-own-botnet.html

JoomScan 0.0.7 – OWASP Joomla Vulnerability Scanner Project

OWASP Joomla! Vulnerability Scanner (JoomScan) is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations, while leaving a minimal footprint with its lightweight and modular architecture. It not only detects known offensive vulnerabilities, but also is able to detect many misconfigurations and admin-level shortcomings that can be exploited by adversaries to compromise the system. Furthermore, OWASP JoomScan provides a user-friendly interface and compiles the final reports in both text and HTML formats for ease of use and minimization of reporting overheads.OWASP JoomScan is included in Kali Linux distributions.WHY OWASP JOOMSCAN?Automated …Version enumeratorVulnerability enumerator (based on version)Components enumerator (1209 most popular by default)Components vulnerability enumerator (based on version)(+1030 exploit)Firewall detectorReporting to Text & HTML outputFinding common log filesFinding common backup filesINSTALLgit clone https://github.com/rezasp/joomscan.gitcd joomscanperl joomscan.plJOOMSCAN ARGUMENTSUsage: joomscan.pl [options]–url | -u | The Joomla URL/domain to scan.–enumerate-components | -ec | Try to enumerate components.–cookie <String> | Set cookie.–user-agent | -a <user-agent> | Use the specified User-Agent.–random-agent | -r | Use a random User-Agent.–timeout <time-out> | set timeout.–about | About Author–update | Update to the latest version.–help | -h | This help screen.–version | Output the current version and exit.OWASP JOOMSCAN USAGE EXAMPLESDo default checks…perl joomscan.pl –url www.example.comorperl joomscan.pl -u www.example.comEnumerate installed components…perl joomscan.pl –url www.example.com –enumerate-componentsorperl joomscan.pl -u www.example.com –ecSet cookieperl joomscan.pl –url www.example.com –cookie “test=demo;"Set user-agentperl joomscan.pl –url www.example.com –user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"orperl joomscan.pl -u www.example.com -a "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"Set random user-agentperl joomscan.pl -u www.example.com –random-agentorperl joomscan.pl –url www.example.com -rUpdate Joomscan…perl joomscan.pl –updatePROJECT LEADERSMohammad Reza Espargham [ reza[dot]espargham[at]owasp[dot]org ]Ali Razmjoo [ ali[dot]razmjoo[at]owasp[dot]org ]OWASP JoomScan introduction (Youtube)OWASP JoomScan 0.0.7Download Joomscan

Link: http://feedproxy.google.com/~r/PentestTools/~3/rbhkhn10GkU/joomscan-007-owasp-joomla-vulnerability.html

SVScanner – Scanner Vulnerability And Massive Exploit

Is a tool for scanning and massive exploits. Our tools target several open source cms.Getting Started with Linuxgit clone https://github.com/radenvodka/SVScanner.gitcd SVScannerphp svscanner.phpGetting Started with WindowsDownload Xampp (PHP7)Download SVScanner : https://github.com/radenvodka/SVScanner/releasesand open with cmd php svscanner.phpSystems we recommend :PHP 7 (version and up)Install Modules PHP : php-cli & php-curl for linuxCreditsEdo Maland (Powerstager) https://github.com/ScreetsecJack Wilder admin in http://www.linuxsec.orgWant to contributeSend the target live and what exploits are used. then send to maunikah1337@gmail.comDownload SVScanner

Link: http://feedproxy.google.com/~r/PentestTools/~3/Yisgfs6nPoA/svscanner-scanner-vulnerability-and.html

VBScan 0.1.8 – Black Box vBulletin Vulnerability Scanner

OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them . Why OWASP VBScan ? If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.Project Leader : Mohammad Reza Espargham Github : https://github.com/rezasp/vbscan/ SourceForge : https://sourceforge.net/projects/vbscan/ OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project usage : ./vbscan.pl ./vbscan.pl http://target.com/vbulletinOWASP VBScan 0.1.7 introduction What’s New in Version 0.1.8 [Self Challenge]Updated vulnerabilities database “Email Before Registration Plugin" SQL exploit added"Tapatalk vbulletin plugin" exploit added "Routestring RCE" exploit added Vbulletin possible password logger detector addedAllow start from any pathOpenRedirection founder module addedVbulletin version comparing module addedA few enhancements Download VBScan

Link: http://feedproxy.google.com/~r/PentestTools/~3/6Oz8dDXNjHM/vbscan-018-black-box-vbulletin.html

Vulners Scanner – Vulnerability Scanner Based On Vulners.Com Audit API

PoC of a host-based vulnerability scanner, which uses vulners.com API. Detects operating system, collects installed packages and checks vulnerabilities in it.Supported OSCurrently support collecting packages for these operating systems:Debian-based (debian, kali, ubuntu)Rhel-based (redhat, centos, fedora)Python versionLazy and Advanced versions were tested on a python2.6, python2.7, python3.5. If you found any bugs, don’t hesitate to open issueDocker supportExperimental support of detecting vulnerabilities in running docker containers (only advanced script). Need to activate it changing checkDocker=False to checkDocker=True in linuxScanner.pyHow to useLazy scanner The simplest script to show vulners.com API capabilities. Just run script and it will return all found vulnerabilities:# git clone https://github.com/videns/vulners-scanner# cd vulners-scanner# ./lazyScanner.pyOS Name – debian, OS Version – 8Total provided packages: 315{ “data": { "vulnerabilities": [ "DSA-3644", "DSA-3626" ], "packages": { "openssh-client 1:6.7p1-5+deb8u2 amd64": { "DSA-3626": [ { "bulletinVersion": "1:6.7p1-5+deb8u3", "providedVersion": "1:6.7p1-5+deb8u2", "bulletinPackage": "openssh-client_1:6.7p1-5+deb8u3_all.deb", "result": true, "operator": "lt", "OSVersion": "8", "providedPackage": "openssh-client 1:6.7p1-5+deb8u2 amd64" } ] } "fontconfig-config 2.11.0-6.3 all": { "DSA-3644": [ { "bulletinVersion": "2.11.0-6.3+deb8u1", "providedVersion": "2.11.0-6.3", "bulletinPackage": "fontconfig-config_2.11.0-6.3+deb8u1_all.deb", "result": true, "operator": "lt", "OSVersion": "8", "providedPackage": "fontconfig-config 2.11.0-6.3 all" } ] }, "libfontconfig1 2.11.0-6.3 amd64": { "DSA-3644": [ { "bulletinVersion": "2.11.0-6.3+deb8u1", "providedVersion": "2.11.0-6.3", "bulletinPackage": "libfontconfig1_2.11.0-6.3+deb8u1_all.deb", "result": true, "operator": "lt", "OSVersion": "8", "providedPackage": "libfontconfig1 2.11.0-6.3 amd64" } ] } } }, "result": "OK"}Vulnerabilities:DSA-3644DSA-3626Advanced scanner. Detect OS in a several ways. Supports running docker containers scan (need to activate manually in a file)# git clone https://github.com/videns/vulners-scanner# cd vulners-scanner# ./linuxScanner.py ___ ___ _| |_ __ ___ _ __ ___\ \ / / | | | | ‘_ \ / _ \ ‘__/ __| \ V /| |_| | | | | | __/ | \__ \ \_/ \__,_|_|_| |_|\___|_| |___/==========================================Host info – Host machineOS Name – Darwin, OS Version – 15.6.0Total found packages: 0==========================================Host info – docker container "java:8-jre"OS Name – debian, OS Version – 8Total found packages: 166Vulnerable packages: libgcrypt20 1.6.3-2+deb8u1 amd64 DSA-3650 – ‘libgcrypt20 — security update’, cvss.score – 0.0 libexpat1 2.1.0-6+deb8u2 amd64 DSA-3597 – ‘expat — security update’, cvss.score – 7.8 perl-base 5.20.2-3+deb8u4 amd64 DSA-3628 – ‘perl — security update’, cvss.score – 0.0 gnupg 1.4.18-7+deb8u1 amd64 DSA-3649 – ‘gnupg — security update’, cvss.score – 0.0 gpgv 1.4.18-7+deb8u1 amd64 DSA-3649 – ‘gnupg — security update’, cvss.score – 0.0Download Vulners Scanner

Link: http://feedproxy.google.com/~r/PentestTools/~3/DZ5DGY0AIrc/vulners-scanner-vulnerability-scanner.html

Getsploit v0.2.2 – Command Line Utility For Searching And Downloading Exploits

Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.Python versionUtility was tested on a python2.6, python2.7, python3.6 with SQLite FTS4 support. If you have found any bugs, don’t hesitate to open issueHow to useInstall: pip install getsploit Search# git clone https://github.com/vulnersCom/getsploit# cd getsploit# ./getsploit.py wordpress 4.7.0Total found exploits: 8Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0+———————-+——————————–+—————————————————-+| ID | Exploit Title | URL |+======================+================================+====================================================+| PACKETSTORM:141039 | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 || | PHP Code Injection | |+———————-+——————————–+—————————————————-+| EDB-ID:41308 | WordPress 4.7.0/4.7.1 Plugin | https://vulners.com/exploitdb/EDB-ID:41308 || | Insert PHP – PHP Code | || | Injection | |+———————-+——————————–+—————————————————-+| EDB-ID:41223 | WordPress 4.7.0/4.7.1 – | https://vulners.com/exploitdb/EDB-ID:41223 || | Unauthenticated Content | || | Injection (PoC) | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140893 | WordPress 4.7.0 / 4.7.1 REST | https://vulners.com/packetstorm/PACKETSTORM:140893 || | API Privilege Escalation | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140902 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140902 || | Content Injection / Code | || | Execution | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140901 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140901 || | Content Injection Proof Of | || | Concept | |+———————-+——————————–+—————————————————-+| EDB-ID:41224 | WordPress 4.7.0/4.7.1 – | https://vulners.com/exploitdb/EDB-ID:41224 || | Unauthenticated Content | || | Injection Arbitrary Code | || | Execution | |+———————-+——————————–+—————————————————-+| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 || | injection | |+———————-+——————————–+—————————————————-+Save exploit files# ./getsploit.py -m wordpress 4.7.0Total found exploits: 8Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0+———————-+——————————–+—————————————————-+| ID | Exploit Title | URL |+======================+================================+====================================================+| PACKETSTORM:141039 | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 || | PHP Code Injection | |+———————-+——————————–+—————————————————-+| EDB-ID:41308 | WordPress 4.7.0/4.7.1 Plugin | https://vulners.com/exploitdb/EDB-ID:41308 || | Insert PHP – PHP Code | || | Injection | |+———————-+——————————–+—————————————————-+| EDB-ID:41223 | WordPress 4.7.0/4.7.1 – | https://vulners.com/exploitdb/EDB-ID:41223 || | Unauthenticated Content | || | Injection (PoC) | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140893 | WordPress 4.7.0 / 4.7.1 REST | https://vulners.com/packetstorm/PACKETSTORM:140893 || | API Privilege Escalation | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140902 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140902 || | Content Injection / Code | || | Execution | |+———————-+——————————–+—————————————————-+| PACKETSTORM:140901 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140901 || | Content Injection Proof Of | || | Concept | |+———————-+——————————–+—————————————————-+| EDB-ID:41224 | WordPress 4.7.0/4.7.1 – | https://vulners.com/exploitdb/EDB-ID:41224 || | Unauthenticated Content | || | Injection Arbitrary Code | || | Execution | |+———————-+——————————–+—————————————————-+| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 || | injection | |+———————-+——————————–+—————————————————-+# lsLICENSE README.md getsploit.py wordpress-470# cd wordpress-470# lsedb-id41223.txt edb-id41224.txt edb-id41308.txt packetstorm140893.txt packetstorm140901.txt packetstorm140902.txt packetstorm141039.txt ssv-92637.txtLocal databaseIf your Python supports sqlite3 lib(builtin) you can use –update and –local commands to download whole exploit database to your PC. After update you can perform local offline searches.# ./getsploit.py –updateDownloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.219642496/219642496 [100.00%]Unpacking database.Database download complete. Now you may search exploits using –local key ‘./getsploit.py -l wordpress 4.7’Download Getsploit

Link: http://feedproxy.google.com/~r/PentestTools/~3/ik5Cki-nwIQ/getsploit-v022-command-line-utility-for.html

BillCipher – Information Gathering Tool For A Website Or IP Address

Information Gathering tool for a Website or IP address, use some ideas from Devploit. BillCipher can work in any operating system if they have and support Python 2, Python 3, and Ruby.FeaturesDNS LookupWhois LookupGeoIP LookupSubnet LookupPort ScannerPage LinksZone TransferHTTP HeaderHost FinderIP-LocatorFind Shared DNS ServersGet Robots.txtHost DNS FinderReserve IP LookupEmail Gathering (use Infoga)Subdomain listing (use Sublist3r)Find Admin login site (use Breacher)Check and Bypass CloudFlare (use HatCloud)Website Copier (use httrack) NEW!Host Info Scanner (use WhatWeb) NEW!Install and Run in Linuxsudo apt update && sudo apt install ruby python python-pip python3 python3-pipsudo apt install httrack whatwebgit clone https://github.com/GitHackTools/BillCiphercd BillCipherpip install -r requirements.txtpip3 install -r requirements.txtpython3 billcipher.pyInstall and Run in WindowsDownload and run Python 2.7.x and Python 3.7 setup file from Python.org:In Customize Python 2.7.x, find Add python.exe to Path and select Will be installed on local hard drive.In Install Python 3.7, enable Add Python 3.6 to PATHDownload and run Ruby-lang setup file from RubyInstaller.org, choose Add Ruby executables to your PATH and Use UTF-8 as default external encoding.Download and run Git setup file from Git-scm.com, choose Use Git from Windows Command Prompt.After that, Run Command Propmt and enter this commands:git clone https://github.com/GitHackTools/BillCiphercd BillCipherpip install -r requirements.txtpip3 install -r requirements.txtpython3 billcipher.pyNotesBillCipher uses some ideas from Devploit and that is use HackerTarget API.All the tools: Breacher, Infoga, HatCloud and Sublist3r are tools from other developers, not programmed by GitHackTools.ScreenshotsContact to AuthorWebsite: GitHackTools.blogspot.comTwitter: @SecureGFFacebook: @GitHackToolsGoogle Plus: +TVT618Download BillCipher

Link: http://feedproxy.google.com/~r/PentestTools/~3/2Bb03henkHo/billcipher-information-gathering-tool.html