roxysploit - Penetration Testing Suite - KitPloit - PenTest Tools for your Security Arsenal ☣
2018-02-13 20:23:48 Author: www.kitploit.com(查看原文) 阅读量:121 收藏

roxysploit is a community-supported, open-source and penetration testing suite that supports attacks for numerous scenarios. conducting attacks in the field.

Some containing Plugins in roxysploit

Scan is a automated Information gathering plugin it gives the user the ability to have a rest while the best Information gathering plugin can be executed.

Jailpwn is a useful plugin for any iphone device that has been jailbroken it will attempt to login to the ssh using its default password giving you a full shell.

Eternalblue is a recent plugin we added it Exploits a vulnerability on SMBv1/SMBv2 protocols these were collected from the nsa cyberweapons.

Internalroute Exploits multiple vulnerabilities in routers this can become very useful such as hotel wifi's.

Aurora this is a old plugin that can become very useful for pen-testers it exploits Internet Explorer 6 URL vulnerability.

Doublepulsar is giving you the ability to Remotely inject a malicious dll backdoor into a windows computer.

Kodi is a fantastic movie streaming platform but however it runs on linux we have Created a malicious addon(backdoor) via kodi.tv

Tresspass is a way of managing your php backdoor and gaining shell or even doing single commands it requires password authentication stopping any lurker.

Handler is commonly used to create a listener on a port.

Poppy is a mitm plugin allowing you to Arp spoof and sniff unencrypted passwords on all protocals such as ftp and http.

Redcarpet is a nice plugin keeping you safe from malicious hackers this will Encrypt a user directory. 

Picklock is a local bruteforce plugin that you can Picklock/bruteforce Mulitple devices Pincodes such as android usb debugging.

Passby can load a usb to steal all credentials from a windows computer in seconds.

Dnsspoof is common for man in the middle attacks, it can redirect any http requests to your dns.

Smartremote this is more of a funny remote exploit you can Take over a smart tv's remote control without authentication.

Blueborne is a recent Bluetooth memory leak all devices even cars.

Credswipe you have to have a card reader to clone them.

Rfpwn suitable device to bruteforce a special AM OOK or raw binary signal.

Ftpbrute Brute-force attack an ftp(file transfer protocol) server Wifijammer you can Deauth wifi networks around your area, meaning disconnecting all users connected to the network.


It is frequently updated

Tested on .
Arch Linux Working
Kali Linux Working
Ubuntu Working
Debian Working
Centos Not Tested
MacOSX Needs porting
Windows Ha no.

How to install

$ git clone https://github.com/Eitenne/roxysploit.git; cd roxysploit; sudo /bin/bash install

Executing plugins examples

rsf > use Picklock
rsf (plugins/picklock) > help


Core Commands
=============

  Command         Description
  -------         -----------
  help            show help menu
  execute         run the plugin
  exit            exit the current plugin

rsf (plugins/picklock) > execute
[?] OS :: Select the devices os

*0) Android :: Bruteforce 4digit pincode usb debugging
 1) Linux   :: Bruteforce Encrypted partions

[+] device: [0]:
rsf > use Poppy
rsf (plugins/poppy) > execute
[?] Interface :: Your interface
[+] interface: [wlan0]: wlp6s0
[?] Target :: Enter the targets ip
[+] target: [192.326.1.25]: 192.168.1.2
[?] Gateway :: Enter the gateway/router ip
[+] router: [192.168.1.1]:
[?] Function :: Would you like to setup dns spoofing?

*0) no :: Disable dns spoofing
 1) yes :: Enable dns spoofing

[+] function: [0]:
[?] Configuring Plugin

Name             Set Value
----             ----------
Interface        wlp6s0
Target           192.168.1.2
Router           192.168.1.1
Plugin           plugins/poppy


[?] Execute Plugins? [yes]:  
[*] Enabling IP Forwarding...
[*] Poisoning Targets...

What operating systems support roxysploit?
All Linux distros are currently supported, it is recomended for a prebuilt pentesting os like kali linux although.

Credits
0x5a Aaronius Witt TDHU Team(InsaneLand) @2017

roxysploit - Penetration Testing Suite roxysploit - Penetration Testing Suite Reviewed by Lydecker Black on 5:23 PM Rating: 5


文章来源: https://www.kitploit.com/2018/02/roxysploit-penetration-testing-suite.html?utm_source=feedburner
如有侵权请联系:admin#unsafe.sh