Venom - Metasploit Shellcode Generator / Compiler / Listenner
The script will use msfvenom (metasploit) to generate shellcode in
diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects
the shellcode generated into one funtion (example: python) "the python
funtion will execute the shellcode in ram" and uses compilers like: gcc
(gnu cross compiler) or mingw32 or pyinstaller to build the executable
file, also starts a multi-handler to recibe the remote connection
(reverse shell or meterpreter session).
Phpsploit - Stealth Post-Exploitation Framework
PhpSploit is a remote control framework, aiming to provide a stealth
interactive shell-like connection over HTTP between client and web server.
It is a post-exploitation tool capable to maintain access to a
compromised web server for privilege escalation purposes.
The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor:
<? @eval($_SERVER['HTTP_PHPSPL01T']) ?>
Overview
The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor:
<? @eval($_SERVER['HTTP_PHPSPL01T']) ?>
SQLMap - Automatic SQL Injection And Database Hacking Tool
sqlmap is an open source penetration testing tool that automates the
process of detecting and exploiting SQL injection flaws and taking over
of database servers. It comes with a powerful detection engine, many
niche features for the ultimate penetration tester and a broad range of
switches lasting from database fingerprinting, over data fetching from
the database, to accessing the underlying file system and executing
commands on the operating system via out-of-band connections.
ATSCAN v6.2 - Search / Site / Server Scanner
- SEARCH engine
- XSS scanner.
- Sqlmap.
- LFI scanner.
- Filter wordpress and Joomla sites in the server.
- Find Admin page.
Subscribe to:
Posts (Atom)