OffSec Blog

SECURITY EDUCATION, PRIVACY GUIDANCE, THREAT AWARENESS, OPEN SOURCE TOOLS, RESEARCH NOTES, AND RESPONSIBLE TECHNOLOGY CONTENT

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...

  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...

  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...

  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...

  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...

  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...

Sunday, August 7, 2016

Vulnerability Scanner - HellRaiser

      , , , , , , ,       No comments    



Install
Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04
Install redis-server and nmap. 
sudo apt-get update
sudo apt-get install redis-server nmap
Clone HellRaiser repository, change to hellraiser web app directory and run bundle install. 
git clone https://github.com/m0nad/HellRaiser/
cd HellRaiser/hellraiser/
bundle install

 Start
Start redis server. 
redis-server
Go to the hellraiser web app directory and start sidekiq. 
bundle exec sidekiq
Go to the hellraiser web app directory and start rails server. 
rails s

 Usage
Access http://127.0.0.1:3000

How it works?
HellRaiser scan with nmap then correlates cpe's found with cve-search to enumerate vulnerabilities.


Share:

Efficient And Advanced Man In The Middle Framework - Xerosploit

      , , , , ,       No comments    


Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap .

Dependencies
  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables

Instalation
Dependencies will be automatically installed. 
git clone https://github.com/LionSec/xerosploit
cd xerosploit && sudo python install.py
sudo xerosploit

 Tested on
Operative system Version
Ubuntu 16.10 / 15.10
Kali linux Rolling / Sana
Parrot OS 3.1

Features
  • Port scanning
  • Network mapping
  • Dos attack
  • Html code injection
  • Javascript code injection
  • Download intercaption and replacement
  • Sniffing
  • Dns spoofing
  • Background audio reproduction
  • Images replacement
  • Drifnet
  • Webpage defacement and more ...

Contact


Share:
Established in 2015. Offensive Sec Blog has been sharing security research, hacking tools, threat intelligence, and offensive security content since 2015.
Copyright © OffSec Blog | Powered by OffensiveSec
Design by OffSec | Built for the security community