CHAOS allow generate payloads and control remote Windows systems. Features Reverse Shell Download File Upload File Screenshot ? Keylogger ? Persistence Open URL Remotely Get Operating System Name Run Fork Bomb Tested On Kali Linux – ROLLING EDITION How To Use # Install dependencies (You need Golang and UPX package installed) $ apt install […]
The Trojanizer tool uses WinRAR (SFX) to compress the two files input by user, and transforms it into an SFX executable(.exe) archive. The sfx archive when executed it will run both files (our payload and the legit app at the same time) To make the archive less suspicious to target at execution time, trojanizer will […]
Invoke-MacroCreator is a powershell Cmdlet that allows for the creation of an MS-Word document embedding a VBA macro with various payload delivery and execution capabilities. Description Basically the script supports three types of payload that you MUST specify using the -t argument: shellcode: any raw shellcode (for instance created with msfvenom). The shellcode is loaded into memory then […]
A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming “gadget chains” discovered in common .NET libraries that can, under the right conditions, exploit .NET applications performing unsafe deserialization of objects. The main driver program takes a user-specified command and wraps it in […]
Excalibur is an Eternalblue exploit based “Powershell” for the Bashbunny project. It’s purpose is to reflect on how a “simple” USB drive can execute the 7 cyber kill chain. Excalibur may be used only for demostrations purposes only, and the developers are not responsible to any misuse or illeagal usage. What does it do? When […]
Excalibur is an Eternalblue exploit based “Powershell” for the Bashbunny project. It’s purpose is to reflect on how a “simple” USB drive can execute the 7 cyber kill chain. When Excalibur gets connected to the machine, it will run the following: Trys to bypass UAC, or just get administrative rights Gets interface info (IP addresses) […]
Enigma is a Multiplatform payload dropper. Run git clone https://github.com/UndeadSec/Enigma.git cd Enigma python enigma.py or python3 enigma3.py Prerequisites python 2.7 for enigma.py python 3.x for enigma.py metasploit Tested on Kali Linux – ROLLING EDITION Download Enigma Download WordPress Themes Premium WordPress Themes Download Download WordPress Themes Download Premium WordPress Themes Free online free course download huawei […]
Evil-Droid is a framework to create, generate & embed apk payloads on Android platforms. Screenshot: Dependencies : 1 – metasploit-framework 2 – xterm 3 – Zenity 4 – Aapt 5 – Apktool 6 – Zipalign Download/Config/Usage: 1 – Download the tool from github git clone https://github.com/M4sc3r4n0/Evil-Droid.git 2 – Set script execution permission cd Evil-Droid chmod […]
Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platforms. Screenshot: Dependencies : 1 – metasploit-framework 2 – xterm 3 – Zenity 4 – Aapt 5 – Apktool 6 – Zipalign Download/Config/Usage: 1 – Download the tool from github git clone https://github.com/M4sc3r4n0/Evil-Droid.git 2 – Set script execution permission cd […]
payloads Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Credits: foospidy Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb – https://github.com/fuzzdb-project/fuzzdb SecLists – https://github.com/danielmiessler/SecLists xsuperbug – https://github.com/xsuperbug/payloads NickSanzotta – https://github.com/NickSanzotta/BurpIntruder 7ioSecurity – https://github.com/7ioSecurity/XSS-Payloads shadsidd – https://github.com/shadsidd shikari1337 – https://www.shikari1337.com/list-of-xss-payloads-for-cross-site-scripting/ […]
PowerStager: This script creates an executable stager that downloads a selected powershell payload. Contact Author: z0noxz Source: https://github.com/z0noxz/powerstager Email: z0noxz@mail.com Description This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and […]
MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload. Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MSFPC itself). The rest is to make the […]
MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload. Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MSFPC itself). The rest is to make the […]
HERCULES is a customizable payload generator that can bypass anti-virus software. HackingVision installation tips: HERCULES is programmed in Go if your using Go for the first time you will need to set a GOPATH you can do this by using the following commands. export GOPATH=$HOME/go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin You can add default GOPATH to ~/.bashrc to […]
Attackers using the SambaCry vulnerability to target older versions of Samba(3.5.0) to upload and execute the malicious payload. SambaCry Vulnerability(CVE-2017-7494) have the similarities of SMB vulnerability exploited by WannaCry. Security experts from TrendMicro detected a Malware ELF_SHELLBIND.A which is similar to the functionality of SambaCry and this is the first payload with SambaCry that doesn’t […]
WhatsPwn 2.0 – Linux Tool to extract sensitive data and inject payloads into any Android devices. Credits: José Luis Rodríguez Fragoso (jlrodriguezf) here is a new version of the linux tool WhatsPwn which features new payload options like meterpreter injection or the ability to create hidden or visible payloads and inject them into any android […]
Play Music HTML5 Audio XSS Payload Script below allows you to share your favorite mp3 through your targets browser. Lets assume the XSS payload was injected in to a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page. if(document.getElementById(‘xss_audio’) == null ) { […]
Chaos framework is an easy to use hacking tool to simply generate payloads and exploit remote machines. DISCLAIMER The use of the CHAOS Framework is COMPLETE RESPONSIBILITY of the END-USER. Developer assume NO liability and are NOT responsible for any misuse or damage caused by this program. FEATURES Windows Remote Control Download File Upload File […]
Kwetza is a tool that allows you to infect an existing Android application with a Meterpreter payload. What does it do? Kwetza infects an existing Android application with either custom or default payload templates to avoid detection by antivirus. Kwetza allows you to infect Android applications using the target application’s default permissions or inject additional […]
There is a way to inject malicious content into email servers running email encryption appliances, a technique that allows attackers to go around email security products. Email encryption appliances (EEAs) are hardware or virtualized devices that work together with email servers to encrypt and decrypt messages. EEAs are usually found in enterprise networks and are […]
A Malware called Hworm Performing multiple Attacks including steal passwords from Firefox, Opera, and Chrome browsers, ability to log keystrokes, kill running process, capture a Screen by making use of the backdoor. This Malware initially identified June 2016 and keep observed by researchers and finally find it as it Emerged day by day. According to […]