norse黑客大战
注册 | 登录
投稿
免责声明:本站提供安全工具、程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!
netool.sh为安全研究人员提供了中间人攻击(Man-In-The-Middle)测试的工具套件组合,包括内网安全扫描、嗅探及社会工程学测试,界面十分酷炫。
视频
示例
inurlbr.php -q 1,2,10 --dork 'inurl:index.php?id=' --exploit-get ?´0x27 -s report.log --comand-vul 'nmap -Pn -p 1-8080 --script http-enum --open _TARGET_'
操作系统
Linux-Ubuntu | Linux-kali | Parrot security OS | blackbox OS Linux-backtrack (un-continued) | Mac osx (un-continued).
依赖
zenity | Nmap | Ettercap | Macchanger | Metasploit | Driftnet | Apache2 | sslstrip
特性(模块介绍)
Netool:这是一个bash、python和ruby编写的模块,可以帮助你自动化的使用Nmap、Driftnet、Sslstrip、Metasploit以及Ettercap进行中间人攻击测试。通过这个工具集,可以轻松的帮助渗透测试人员完成诸如tcp/udp流量嗅探、中间人攻击、SSL嗅探、DNS劫持、DOS攻击等安全测试。
Rootsector: 这个模块可以帮助你通过metasploit, apache2 and ettercap框架完成DNS_SPOOF+中间人攻击(含钓鱼手法)测试,包括payloads、shellcode生成等都可以轻松实现。
"1-Show Local Connections"
"2-Nmap Scanner menu"
->
Ping target
Show my Ip address
See/change mac address
change my PC hostname
Scan Local network
Scan external lan for hosts
Scan a list of targets (list.txt)
Scan remote host for vulns
Execute Nmap command
Search for target geolocation
ping of dead (DoS)
Norse (cyber attacks map)
nmap Nse vuln modules
nmap Nse discovery modules
<- data-blogger-escaped--="" data-blogger-escaped-addon="" data-blogger-escaped-config="" data-blogger-escaped-etrieve="" data-blogger-escaped-firefox="" data-blogger-escaped-metadata="" data-blogger-escaped-p="" data-blogger-escaped-pen="" data-blogger-escaped-router="" data-blogger-escaped-tracer="" data-blogger-escaped-webcrawler="" data-blogger-escaped-whois="">
retrieve metadata from target website
retrieve using a fake user-agent
retrieve only certain file types
<- data-blogger-escaped--="" data-blogger-escaped-php="" data-blogger-escaped-webcrawler="">
scanner inurlbr.php -> Advanced search with multiple engines, provided
analysis enables to exploit GET/POST capturing emails/urls & internal
custom validation for each target/url found. also the ability to use
external frameworks in conjuction with the scanner like nmap,sqlmap,etc
or simple the use of external scripts.
<- data-blogger-escaped--="" data-blogger-escaped-automated="" data-blogger-escaped-engeneering="" data-blogger-escaped-exploits="" data-blogger-escaped-phishing="" data-blogger-escaped-r00tsect0r="" data-blogger-escaped-social="">
package.deb backdoor [Binary linux trojan]
Backdooring EXE Files [Backdooring EXE Files]
fakeupdate.exe [dns-spoof phishing backdoor]
meterpreter powershell invocation payload [by ReL1K]
host a file attack [dns_spoof+mitm-hosted file]
clone website [dns-spoof phishing keylooger]
Java.jar phishing [dns-spoof+java.jar+phishing]
clone website [dns-spoof + java-applet]
clone website [browser_autopwn phishing Iframe]
Block network access [dns-spoof]
Samsung TV DoS [Plasma TV DoS attack]
RDP DoS attack [Dos attack against target RDP]
website D0S flood [Dos attack using syn packets]
firefox_xpi_bootstarpped_addon automated exploit
PDF backdoor [insert a payload into a PDF file]
Winrar backdoor (file spoofing)
VBScript injection [embedded a payload into a world document]
".::[ normal payloads ]::."
windows.exe payload
mac osx payload
linux payload
java signed applet [multi-operative systems]
android-meterpreter [android smartphone payload]
webshell.php [webshell.php backdoor]
generate shellcode [C,Perl,Ruby,Python,exe,war,vbs,Dll,js]
Session hijacking [cookie hijacking]
start a lisenner [multi-handler]
<- data-blogger-escaped-a.="" data-blogger-escaped-about="" data-blogger-escaped-access="" data-blogger-escaped-attack="" data-blogger-escaped-aunch="" data-blogger-escaped-c.="" data-blogger-escaped-check="" data-blogger-escaped-code="" data-blogger-escaped-config="" data-blogger-escaped-cupp.py="" data-blogger-escaped-d.="" data-blogger-escaped-database="" data-blogger-escaped-db.="" data-blogger-escaped-delete="" data-blogger-escaped-etter.filters="" data-blogger-escaped-ettercap="" data-blogger-escaped-execute="" data-blogger-escaped-files="" data-blogger-escaped-filter="" data-blogger-escaped-folders="" data-blogger-escaped-for="" data-blogger-escaped-hare="" data-blogger-escaped-how="" data-blogger-escaped-lan="" data-blogger-escaped-local="" data-blogger-escaped-lock="" data-blogger-escaped-mitm="" data-blogger-escaped-netool="" data-blogger-escaped-niff="" data-blogger-escaped-ns-spoofing="" data-blogger-escaped-ommon="" data-blogger-escaped-ompile="" data-blogger-escaped-on="" data-blogger-escaped-onfig="" data-blogger-escaped-os="" data-blogger-escaped-password="" data-blogger-escaped-passwords="" data-blogger-escaped-pics="" data-blogger-escaped-profiler="" data-blogger-escaped-q.="" data-blogger-escaped-quit="" data-blogger-escaped-remote="" data-blogger-escaped-ssl="" data-blogger-escaped-toolkit="" data-blogger-escaped-u.="" data-blogger-escaped-updates="" data-blogger-escaped-urls="" data-blogger-escaped-user="" data-blogger-escaped-visited="">
截图
下载地址
- 上一篇:半开源Web安全测试与学习平台 – 蚁逅
- 下一篇:国产工具:渗透测试助手PKAV HTTP Fuzzer发布
关注我们 分享每日精选文章
0daybank
已有 22 条评论
沙发
先坐了
开起来好酷!!!!可惜不会用!!!!
屏幕右侧的插件是什么?
@ 邮箱 必须(保密) conky
我看到了星球大战克隆人–仅此而已
好吧 我是看到酷炫的界面来的..xxx什么的弱爆了..
这是什么桌面,
@ Chein parr http://www.parrotsec.org/
楼主咋没攻击范例阿。
mitmf 和这个哪个屌!
看起来很炫。。。。整的跟黑客帝国一样 长大了以后才知道 一般大牛 其实手里就一个黑框框就足够来去自由。。。。 根本没啥数字雨
确实好炫酷
完全被桌面背景吸引了,这是什么桌面?
亲,能告诉俺这是什么电脑桌面 主题 不?拜托啦,
应该是linux的发行版back track,桌面是GNOME定制,对于来源系统这很好办到。
这个主题是什么啊?
回复: 谢喽,回头俺也倒腾倒腾试试!
这个跟mitmf比哪个更好用???
主题不错~
卧槽,在kali下面根本不酷炫啊……根本显示不出颜色,还要手动把echo改成echo -e 还要加双引号……简直卧槽
我来看界面的
Parrot security OS用的是meta,主题Acvamarin,
把它放在kali下,一个样,工具也差不多,