Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. There are many open source tools available online for this attack like Ettercap , MITMF , Xerosploit, e.t.c
Xerosploit is default installed in Kali Linux 2017.2 or 2017.3 ,if not installed you can installed from github.
This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets , steal password e.t.c
Dependencies :-
- nmap
- hping3
- build-essential
- ruby-dev
- libpcap-dev
- libgmp3-dev
- tabulate
- terminaltables
Features :-
- Dos attack
- Html code injection
- Javascript code injection
- Download intercaption and replacement
- Sniffing
- Dns spoofing
- Background audio reproduction
- Images replacement
- Drifnet
- Webpage defacement and more.
Step 1 : Open Terminal and Type xerosploit
Step 2 : There are various modules are available which you can see by just typing again "help"command.
- pscan – Port Scanner
- dos – Dos Attack
- ping – Ping Request
- injecthtml – Inject HTML code
- injectjs – Inject Javascript code
- rdownload – Replace files being downloaded
- sniff – Capturing information inside network packets
- dspoof – Redirect all the http traffic to the specified one IP
- yplay – Play background sound in target browser
- replace – Replace all web pages images with your own one
- driftnet – View all images requested by your targets
- move – Shaking Web Browser Content
- deface – Overwrite all web pages with your HTML code
These are the available attacks you can perform.
Step 3 : And then type scan and press enter so that you can see all the IP addresses in your network.
Step 4 : Choose you target and type its IP, so that now it has been targeted.
You may also like :-
Step 5 : Then again type help to see all the command your can now use.