Search Results for "script attack"

mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of...

Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript.

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard...

Automating macchanger tasks for my friend 'crypt0_buf' sutch as: change mac address, set TX-Power, code region settings, signal strength, set network-manager cloned mac address, Build/delete cryptostart init.d startup entry, use arpon software to prevent arp poison attacks (MitM)... WARNING: this script needs the 'startup.txt' file to build cryptostart init.d startup entry (script auto-start)

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...

This project is designed to run on Embedded ARM platforms (specifically v6 and RaspberryPi but I'm working on more). It provides users with automated wireless attack tools that air paired with man-in-the-middle tools to effectively and silently attack wireless clients. Some of the tools included in the kit are: Custom regex-based DNS Server DHCP Aircrack-ng suite Browser Exploitation Framework (Preconfigured for metasploit) Metasploit Python-based Transparent Injection Proxy Pushbutton configuration "Limpet Mine" mode for attacking existing networks You basically answer three questions in the start script, wait a bit, then log into the BEEF console to start attacking clients

easy-creds is a bash script that leverages ettercap and other tools to obtain credentials. It allows you to easily attack with basic arp poison, oneway arp poison and DHCP spoofing or a Fake AP. Includes sslstrip log file parser

Wave is a PHP micro-framework that is built loosely following model-view-control architecture and factory method design pattern. It is made for web services, websites and info-systems and is built to support a native API architecture, caching, user control and smart resource management. Wave is a compact framework that does not include bloated libraries and features and is developed keeping lightweight speed and optimizations in mind. While not necessary for using Wave Framework, it comes by...

A Bash script aimed at making the Wireless Hacking process a lot easier.