Website



Visit our website :- www.techtrick.in

Sunday, April 21, 2019

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Dos attack

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. There are many open source tools available online for this attack like Ettercap , MITMF , Xerosploit, e.t.c
Xerosploit is default installed in Kali Linux 2017.2 or 2017.3 ,if not installed you can installed from github.
This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets , steal password e.t.c

Dependencies :-

  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables

Features :-


Step 1 : Open Terminal and Type xerosploit

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 2 : There are various modules are available which you can see by just typing again "help"command.
  • pscan – Port Scanner
  • dos – Dos Attack
  • ping – Ping Request
  • injecthtml – Inject HTML code
  • injectjs – Inject Javascript code
  • rdownload – Replace files being downloaded
  • sniff – Capturing information inside network packets
  • dspoof – Redirect all the http traffic to the specified one IP
  • yplay – Play background sound in target browser
  • replace – Replace all web pages images with your own one
  • driftnet – View all images requested by your targets
  • move – Shaking Web Browser Content
  • deface – Overwrite all web pages with your HTML code

These are the available attacks you can perform.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 3 : And then type scan and press enter so that you can see all the IP addresses in your network.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 4 : Choose you target and type its IP, so that now it has been targeted.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 5 : Then again type help to see all the command your can now use.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack



Automated Penetration Testing and Auditing Tool - Yuki Chan

Yuki Chan is an Automated Penetration Testing tool that will be information gathering and check standard security of website or webservers.It is one of the Best Penetration testing Tool which provides many Integrated Security Tools and Performing Many Penetration testing Operation into Target Network.
The tool can automatise a number of penetration testing tasks like information gatheringregarding the target web application, open source intelligence, and vulnerabilities assessment,CMS info, and system enumeration ssl security auditing, and fuzzing. yuki chan tool is loaded with a large number of modules as well as metagoofil , joomscan , wafninja , spaghetti , wpseku , wpscannera2sv , dirsearch, whatweb , xss scanner , Whois , dnsrecon, TheHarvesterand sublist3r. every module runs automatically one when another to scan the target applications.
There are more than 15 Modules has been Integrated with Yuki chan and it is very useful and very easy hacking tools. we can say that this is a Best hacking tools for penetration testing and ethical hacking.

How to Install :-

Before to start the installation of Yuki Chan, make sure that your Kali Linux machine must have these tools installed

Required Tools :-


Feature of Yuki Chan :-

  • Fully Automated Tool
  • Intel-Gathering with smart search
  • Complete Vulnerability Analysis
  • Full Security Auditing
  • Integration with OSINT Framework
  • Tracking & System Enumeration Support
  • Fuzzing Module
  • Also supports CMS Auditing (like WPSCAN, JOOMSCAN etc)
  • It also offers SSL Security Auditing
  • And Off Course This Tool Designed For Targeted Pentesting Tool

Installation of Yuki Chan in Kali Linux :-

Step 1 :- After the complete installation of above tools, you can proceed with the installation of Yuki Chan and for installation of Yuki-Chan, we will use Git Clone method:.
cd Desktop
git clone https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest

Automated Penetration Testing and Auditing Tool - Yuki Chan

Step 2 :- Now move inside the yuki chan directory:
ls
cd Yuki-Chan-The-Auto-Pentest
ls

Automated Penetration Testing and Auditing Tool - Yuki Chan

Step 3 :- In next step, we need to give 777 permission to below files and directories:
chmod 777 joomscan wafninja install-perl-module.sh yuki.sh

Automated Penetration Testing and Auditing Tool - Yuki Chan

Step 4 :- Now move inside the yuki chan directory:
ls

Automated Penetration Testing and Auditing Tool - Yuki Chan

Step 5 :- Give permissions to Requirements.txt file
chmod 777 requirements.txt

Automated Penetration Testing and Auditing Tool - Yuki Chan



Best Way To Archive Outlook And Gmail Emails

Gmail And Outlook is one of  the most important tools in their daily lives. The problem is that most get so many emails that it is hard to...