Cooolis-ms – A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: connect to Cooolis-Server Cooolis-Server connects to Metasploit RPC server retrieveRead More

LOLBITS v2.0.0 – C2 Framework That Uses Background Intelligent Transfer Service (BITS) As Communication Protocol And Direct Syscalls + Dinvoke For EDR User-Mode Hooking Evasion

LOLBITS is a C2 framework that uses Microsoft’s Background Intelligent Transfer Service (BITS) to establish the communication channel between the compromised host and the backend. The C2 backend is hidden behind an apparently harmless flask web application and it’s only accesible when the HTTP requests received by the app contain a valid authentication header. SinceRead More

ReconSpider – Most Advanced Open Source Intelligence (OSINT) Framework For Scanning IP Address, Emails, Websites, Organizations

ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources.ReconSpider can be used by Infosec Researchers, Penetration Testers, Bug Hunters and Cyber Crime Investigators to find deep information about their target.ReconSpider aggregate all the raw data, visualize it on a dashboard andRead More

DeimosC2 – A Golang Command And Control Framework For Post-Exploitation

DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front end written in Vue.js.Listener Features Each listener hasRead More

reNgine – An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in one place. It has a pipeline of reconnaissance, which can be customized.reNgineRead More

DroneSploit – Drone Pentesting Framework Console

This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit.Black Hat Europe Arsenal 2019 presentationAlso see articles: Black Hat Europe: New tool offers Metasploit-like framework for hacking into drones,Read More

BSF – Botnet Simulation Framework

BSF provides a discrete simulation environment to implement and extend peer-to-peer botnets, tweak their settings and allow defenders to evaluate monitoring and countermeasures.SynopsisIn the arms race between botmasters and defenders, the botmasters have the upper hand, as defenders have to react to actions and novel threats introduced by botmasters. The Botnet Simulation Framework (BSF) addressesRead More

Fsociety – A Modular Penetration Testing Framework

Install pip install fsociety Update pip install –upgrade fsociety Usage usage: fsociety [-h] [-i] [-s]A Penetration Testing Frameworkoptional arguments: -h, –help show this help message and exit -i, –info gets fsociety info -s, –suggest suggest a tool Develop git clone install -e “.[dev]” Docker docker pull fsocietyteam/fsocietydocker run -it fsocietyteam/fsociety fsociety Download Fsociety

AutoRDPwn v5.1 – The Shadow Attack Framework

AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (listed as a feature by Microsoft) allows a remote attacker to view his victim’s desktop without his consent, and even control it on demand, using tools native to the operating system itself.Thanks to theRead More

Wifipumpkin3 – Powerful Framework For Rogue Access Point Attack

wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack.Main Features Rogue access point attack Man-in-the-middle attack Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web trafficRead More