CATSploit CATSploit is an automated penetration testing tool using the Cyber Attack Techniques Scoring (CATS) method that can be used without a pentester. Currently, pentesters implicitly make the selection of suitable attack techniques for...
Exploitivator This script uses two config files(exploitivator_scan.cfg and exploitivator.cfg). One to specify Nmap scans and parameters(exploitivator_scan.cfg), and one to specify Metasploit payloads and parameters(exploitivator.cfg). These use ‘##’ as a separator and have the following...
Kage Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. For now, it only supports windows/meterpreter & android/meterpreter. Install Requirement Metasploit-framework must be installed and in...
The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is a penetration testing platform that enables you to find,...
Exploitation / Post Exploitation
by do son · Published December 3, 2018 · Last modified June 3, 2020
NetRipper – this is a fairly recent tool that is positioned for the post-operating system based on Windows and uses a number of non-standard approaches to extract sensitive data. It uses API hooking in...
IoT / Machine Learning / Network PenTest
by do son · Published April 7, 2018 · Last modified May 9, 2020
Deep Exploit Fully automatic penetration test tool using Machine Learning. Deep Exploit is fully automated penetration tool linked with Metasploit. Deep Exploit has two exploitation modes. Intelligence mode Deep Exploit identifies the status of all opened...
This change includes a few changes needed to get a working iOS meterpreter stageless payload. Currently, you’ll need to run it on a jailbroken arm64 iPhone (e.g 5S+). Unless I’ve done something stupid locally...
On this post, I want to introduce a small tip when you create an android payload with Metasploit. How to autohide Android payload icon after running Update Metasploit to latest version apt-get update apt-get...
Exploitation / Metasploit / Network PenTest
by do son · Published October 25, 2017 · Last modified October 25, 2022
dde_delivery This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. Currently have not figured out how to...
Network PenTest / Post Exploitation
by do son · Published October 4, 2017 · Last modified November 4, 2017
On this post, I’m going to guide you how to get VNS session using Metasploit. Virtual Network Computing In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely...
Stækka Metasploit – Extending Metasploit This MSF plugin extends Metasploit for some missing features and modules allowing interaction with other/custom exploits/ways of getting shell access. The current focus here is Linux/Unix support. Core features...
Network PenTest / Post Exploitation
by do son · Published August 19, 2017 · Last modified February 15, 2018
Command
How to install Metasploit-Framework on Ubuntu/Linux Mint Install postgresql Install metasploit + Method 1: + Method 2: Run Metasploit
Exploitation / Information Gathering / Network PenTest / Vulnerability Analysis
by do son · Published August 3, 2017 · Last modified February 20, 2018
Penetration Testing SQL server SQL Server is a relational database management system from Microsoft, which is used as a central location to save and obtain data needed for applications. It uses Structured Query Language...
Load mimikataz on meterpreter to dump clear text password. Token Stealing In metasploit framework there is an extension which is called incognito which allows us to perform activities such as token stealing and manipulation.These kind of...
Secure Your Connection
