+-------------------------------------------------------------------------------------------------------------+ # **Official Source For** # #_________ ___. __ .__ ____ ___ _________________ _________ # #\_ ___ \ ___.__.\_ |__ ____ _______ ____ ____ _/ |_ |__|\ \/ / / _____/\_____ \ \_ ___ \ # #/ \ \/< | | | __ \ _/ __ \\_ __ \ / \ _/ __ \\ __\| | \ / \_____ \ _(__ < / \ \/ # #\ \____\___ | | \_\ \\ ___/ | | \/| | \\ ___/ | | | | / \ / \ / \\ \____# # \______ // ____| |___ / \___ >|__| |___| / \___ >|__| |__|/___/\ \ /_______ //______ / \______ /# # \/ \/ \/ \/ \/ \/ \_/ \/ \/ \/ # # **By John Poli Modica** # +-------------------------------------------------------------------------------------------------------------+
Welcome to CybernetiX S3C
My name is John Modica. I am a Certified CEO/CISSP/CISO/CTO/Pentester/Ethical Hacker and a Kali Linux Developer, who is looking to help others with simple tools and scripts for their Unix system of choice.
InfoSploit is a simple python script for Information Gathering. The properties of InfoSploit are: ● DNS Lookup ● Whois Lookup ● GeoIP Lookup ● Subnet Lookup ● Port Scanner ● Extract Links ● Zone Transfer ● HTTP Header ● Host Finder ● Robots.txt ● IP-Locator ● Traceroute ● Host DNS Finder ● Revrse IP Lookup ● Collection Email ● Subdomain Finder ● Install & Update ● About Me ● Exit Click the link below to go directly to the source or use the basic steps down in the box to download and install directly inside your terminal.
# Option 1 (Git Clone/Install) ## ★ Download: ● git clone https://github.com/CybernetiX-S3C/InfoSploit ## ★ How to use: cd InfoSploit chmod +x install ./install Run in Terminal Infosploit (To run in Android you do not install file Run direct python2 Infosploit) # Option 2 (wget/dpkg) ## Download wget https://github.com/CybernetiX-S3C/InfoSploit/blob/master/infosploit_1.0-1_amd64.deb ## Install dpkg -i infosploit_1.0-1_amd64.deb ## Option 3 (Snap) ## Install Snapd apt install snapd ## Enable && Start snapd systemctl enable snapd systemctl start snapd ## Using Snap to install Infosploit snap install infosploit --stable
2. Wifi Package
Wifi Package are simple scripts to bypass the use of airmon-ng, while being able to flip the cards (wlan0/wlan1) between Managed and Monitor mode. This package also contains some very powerful script to change the TX Power of your wireless cards. (May not work for all cards). Click the link below to go directly to the source or use the basic steps down in the box to download and run directly inside your terminal. DISCLAIMER: Changing the TX Power is infact illegal in most countries, and will cause cancer, brain damage, and severe loss of memory!
# ★ Download: ● git clone https://github.com/cybernetix-s3c/wifipackage # ★ How to use: unzip wifipackage.zip cd (Into Either Folder) bash NameOfFile.sh (To Run)
IP Locator is basically what is says. It is a script made to utilize perl in a way to find a geolocation of an IP or Domain. No need for installation. Click The link below to download the main source, or use the instructions below to download and run directly inside your terminal.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/Ip-locator # ★ How to use: unzip ip-locator.zip cd ip-locator perl iplocator.pl [host] [ip] [domain] Ex: ./Iplocation.pl www.google.com ./Iplocation.pl 188.8.131.52 Incase you get any errors reguarding some of the modules, fix is quite simple. Type in terminal: cpan WWW::Mechanize (for the WWW::Mechanize) cpan JSON (for the JSON) and follow instructions.
4. Script Kiddie WPS Cracker (SK-WC)
SCRIPT KIDDIE WPS CRACKER [SK-WC] is a small tool based on the bash script language. It can help you to extract the WPS pin of many vulnerable routers and grab the password. This SK-WPS Cracker tool uses the following tools :
“Piexiewps” “Reaver” “Bully” “Aircrack Suite” “Wash”
and some commands, in automatic way to do its job. Enjoy Click the link below to grab the source, or use the directions in the box to download the source directly in your terminal.
# ★ Download: ● git clone https://github.com/cybernetix-s3c/SK-WPS-Cracker # ★ How to use: unzip SK-WPS-Cracker.zip cd SK-WPS-Cracker ./SK-WC.sh
Check your internet speed on their OFFICIAL website. Speedtest.net
Or download and install my personal Speedtest script for your terminal. Speedtest-Cli
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/Speedtest-cli # ★ How to use: python speedtest-cli/setup.py install
This is a simple to install Node.js inside Kali Linux OS. Simply download the bash script and run the script.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/NodeJS-Kali-Linux # ★ How to install: cd NodeJS-Kali-Linux bash NodeJS-Kali-Linux.sh # ★ Check Version: npm -v
7. Multiple BruteForce
This script in designed to hack multiple accounts such as facebook, instagram, and twitter with the simple information you give it.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/Multiple-BruteForce-master # ★ How To Use: cd Multiple-BruteForce-master python MultiForce.py (Just enter the information it asks and let it rip)
(Not guaranteed to work for all accounts)
8. Password Generator
This script is a straight foward python tool used generate a password list using the fields that you enter.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/PassGen-master # ★ How To Use cd PassGen-master python passGen.py usage: [fieldname] = [value] *Do Not Use Any Symbols help display help exit to exit reset clear fields update check for update generate generate password list current version 0.1 reset [fieldname] clear field
9. Wifi Password Generator
This is a basic python script to generate a password txt using two ESSID names.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/Wifi_Passwords-Generator-master # ★ How To Use: python Generate.py (From here Just Follow the Inputs)
This tool is for scanning the net for FTP Servers using FTP and anonymous connections.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/PYAnonFTP # ★ How To Use: cd PYAnonFTP python3 PYAnonymousFTP.py **Extras: May need to install python3 using apt install python3 python3-pip **In case of missing module pip3 install ipaddr
11. WiFi Jammer
Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granularity is given in the options for more effective targeting.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/WifiJammer-master # ★ HowTo Use: cd WiFiJammer-master python wifijammer.py [-a AP MAC] [-c CHANNEL] [-d] [-i INTERFACE] [-m MAXIMUM] [-n] [-p PACKETS] [-s SKIP] [-t TIME INTERVAL]
12. ISP Protect Scan
ISP Protect Scan is a tool that scans the ISP info and checks for vulnerabilities.
# ★ Download: ● git clone https://github.com/CybernetiX-S3C/ISPpScan # ★ How To Use: cd ISPpScan ./ispp_scan.sh
13. Facial Recon
_What does this do?
In simple words you have at least one Image of the Person you are looking for and a clue about its name. You feed this program with it and it tries to find Instagram, Youtube, Facebook, Twitter Profiles of this Person.
_How does it work?
You give it a name and at least one photo. It then searches Facebook for this name and does Facial Recognition to determine the right Facebook Profile. After that it does a Google and ImageRaider Reverse Image Search to find other Social Media Profiles.
If a Instagram Profile was found it will be verified by comparing your known photo of the Person to some of the Instagram Pictures.
In the end you get a PDF Report :)
How to use it
Automated Prequisites Installation
wget https://raw.githubusercontent.com/CybernetiX-S3C/Facial-Recon-master/master/pre.sh && chmod +x pre.sh && ./pre.sh
Manual Prequisites Installation
$ sudo apt update && sudo apt upgrade -y $ sudo apt install git python3 python3-pip python3-dev $ sudo apt install libgtk-3-dev libboost-all-dev build-essential cmake libffi-dev $ git clone https://github.com/CybernetiX-S3C/Facial-Recon-master $ cd Facial-Recon-master && sudo pip3 install -r requirements.txt $ sudo pip3 install --upgrade beautifulsoup4 html5lib spry
## Installation & Usage In order to install this program, it is crucial that you are on a Linux-based distro, preferably Kali-Linux. # ★ Download ● git clone https://github.com/CybernetiX-S3C/Trity.git Change directory, and then run the installer script (Must be root or have superuser permissions): # ★ Usage cd path/to/Trity sudo python install.py The install.py script will install of the necessary dependencies for you. Other platforms will be supported in the future. Once finished, execute with: sudo trity
15. GEO Trace
This is a simple script to gathetr information such as geolocation on an IP or gather info on a domain.
## Download: ● git clone https://github.com/CybernetiX-S3C/Geo_Trace # How to use: cd GEO_Trace chmod +x geo_trace.py usage: geo-trace.py [-h] [--url URL] [-t IP] [--dat DATFILE] Geo-IP Location Tool optional arguments: -h, --help show this help message and exit --url URL Locate an IP via URL -t IP, --target IP Locate the specified IP --dat DATFILE Custom database filepath
16. Target IP
This Script Is Able To Get Reverse DNS, GeoIP, NMAP, Traceroute, While Pulling HTTP Headers For Any IP address.
## ★ Download: ● git clone https://github.com/CybernetiX-S3C/Target_IP # ★ How to use: cd Target_IP chmod +x Target_IP.py ./Target_IP.py
Predator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Predator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors.
Currently it supports the following modules:
* ftp_login : Brute-force FTP * ssh_login : Brute-force SSH * telnet_login : Brute-force Telnet * smtp_login : Brute-force SMTP * smtp_vrfy : Enumerate valid users using the SMTP VRFY command * smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command * finger_lookup : Enumerate valid users using Finger * http_fuzz : Brute-force HTTP/HTTPS * pop_login : Brute-force POP * pop_passd : Brute-force poppassd (not POP3) * imap_login : Brute-force IMAP * ldap_login : Brute-force LDAP * smb_login : Brute-force SMB * smb_lookupsid : Brute-force SMB SID-lookup * rlogin_login : Brute-force rlogin * vmauthd_login : Brute-force VMware Authentication Daemon * mssql_login : Brute-force MSSQL * oracle_login : Brute-force Oracle * mysql_login : Brute-force MySQL * mysql_query : Brute-force MySQL queries * rdp_login : Brute-force RDP (NLA) * pgsql_login : Brute-force PostgreSQL * vnc_login : Brute-force VNC * dns_forward : Brute-force DNS * dns_reverse : Brute-force DNS (reverse lookup subnets) * ike_enum : Enumerate IKE transforms * snmp_login : Brute-force SNMPv1/2 and SNMPv3 * unzip_pass : Brute-force the password of encrypted ZIP files * keystore_pass : Brute-force the password of Java keystore files * umbraco_crack : Crack Umbraco HMAC-SHA1 password hashes
Predator is NOT script-kiddie friendly, please read the README inside predator.py before reporting.
## ★ Download: ● git clone https://github.com/CybernetiX-S3C/Predator # ★ How to use: cd Predator chmod +x Predator.py ./Predator.py -h
Squirt is an offensive information and vulnerability scanner.
Just supply a domain name to Squirt and it will automatically do the following for you:
- Check and Bypass Cloudflare
- Retrieve Server and Powered by Headers
- Fingerprint the operating system of Web Server
- Detect CMS (197+ CMSs are supported)
- Launch WPScan if target is using Wordpress
- Retrieve robots.txt
- Whois lookup
- Check if the target is a honeypot
- Port Scan with banner grabbing
- Dumps all kind of DNS records
- Generate a map for visualizing the attack surface
- Gather Emails related to the target
- Find websites hosted on the same web server
- Find hosts using google
- Crawl the website for URLs having parameters
- SQLi scan using online implemention of SQLMap (takes < 3 min.)
- Basic XSS scanning Squirt
## ★ Download: ● git clone https://github.com/CybernetiX-S3C/Squirt # ★ How to use: cd Squirt pip install -r requirements.txt python Squirt.py
Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. ID-OSINT utilizes some basic python webscraping (BeautifulSoup) of PII paywall sites to compile passive information on a target on a ramen noodle budget.
## ★ Download: ● git clone https://gitlab.com/CybernetiX-S3C/ID-OSINT.git ID-OSINT # ★ How to use: cd ID-OSINT pip install -r requirements.txt python ID-OSINT.py -l (phone|email|sn|name|plate)
E-ntel is a tool gathering email accounts informations (ip,hostname,country,…) from different public source (search engines, pgp key servers and shodan) and check if emails was leaked using hacked-emails API. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.
**Due to python’s latest version being 3.8, it will only run on 3.6 and 3.7. If you have versons 3.6, 3.7, or 3.8 make sure to specify during the usage as follows: **
## ★ Download: ● git clone https://github.com/CybernetiX-S3C/E-ntel.git cd E-ntel # ★ How to use: # Linux pip3.6 install -r requirements.txt python3.6 E-ntel.py or pip3.7 install -r requirements.txt python3.7 E-ntel.py # Windows python3.6 -m pip install requests python3.6 E-ntel.py or python3.7 -m pip install requests python3.7 E-ntel.py ### Usage python3.6 E-ntel.py --domain cia.gov --source google --verbose 3 or python3.7 E-ntel.py --domain cia.gov --source google --verbose 3
Information Gathering tool for a Website or IP address. I have used pieces from my Infosploit and my latest E-ntel. Truth can work in any operating system if they have and support Python 2, Python 3, and Ruby.
- DNS Lookup
- Whois Lookup
- GeoIP Lookup
- Subnet Lookup
- Port Scanner
- Page Links
- Zone Transfer
- HTTP Header
- Host Finder
- Find Shared DNS Servers
- Get Robots.txt
- Host DNS Finder
- Reserve IP Lookup
- Email Gathering (use E-ntel) New!
- Subdomain listing (use Sublist3r)
- Find Admin login site (use Breacher)
- Check and Bypass CloudFlare (use HatCloud)
- Website Copier (use httrack) NEW!
- Host Info Scanner (use WhatWeb) NEW!
Install and Run in Linux
sudo apt update && sudo apt install ruby python python-pip python3 python3-pip sudo apt install httrack whatweb git clone https://github.com/CybernetiX-S3C/Truth cd Truth pip install -r requirements.txt pip3 install -r requirements.txt python3 truth.py
Install and Run in Windows
Download and run Git setup file from Git-scm.com, choose Use Git from Windows Command Propmt.
Afther that, Run Command Propmt and enter this commands:
git clone https://github.com/CybernetiX-S3C/Truth cd Truth pip install -r requirements.txt pip3 install -r requirements.txt python3 truth.py
Captain-Brute is a collection of several hacker tools from @CybernetiX S3C. Captain-Brute
## ★ Download: ● git clone https://github.com/cybernetix-s3c/Captain-Brute # ★ How to use: cd Captain-Brute bash captain-brute or ./captain-brute
23. The Ultimate Forensics Framework
This tool will make your basic pentesting/recon tasks like Information Gathering, Auditing, And Reporting easier. It is fully automated. It is dedicated to use on Kali Linux for the simple fact the tools used are already installed.
## ★ Download: ● git clone https://github.com/CybernetiX-S3C/T.U.F.F. # ★ How to use: cd T.U.F.F chmod 777 TUFF.sh ./TUFF.sh
Malvigen is a Malware/Virus framework designed to download files to send to victims on different Operating Systems.
$apt-get install git $apt-get install python2 ruby $gem install lolcat $git clone https://github.com/CybernetiX-S3C/Malvigen $cd Malvigen $pip2 install -r requirements.txt $python2 malvigen.py
25. Kali DB
Kali DB is a tool written in basic bash dialog. This tool was created to minimize and utilized a users interaction with their linux based OS. It is made to be downloaded and used to build Kali Linux in any device with any OS. Features include, an Keysign option, Update/Upgrade menu, a basic apt repair kit, metapackage install, and a menu to build either a full version of Kali or Kali Linux Eveything. I only reinvented the wheel. Most of the intergrated menu options came directly from the Kali Linux official tools subdirectory. Tools.Kali.org
git clone https://github.com/CybernetiX-S3C/Kali-DB cd Kali-DB dpkg -i kali*.deb
I have a personal collection of info listed below on Artificial Intelligence. Info includes books, lectures, movies, papers, and much more. I WILL be adding much more on the topic. So stay tuned.
This is a great collection of a collection I found on github. It consists of all kinds of info, videos, courses and websites on things like vehicle security, malware analysis, infosec, honeypots, and many more.
Live Cyber Attack Maps
I have taken the liberty in adding some live cyber attack maps for you, the end user. These maps do show all (most) attacks true origin, including from ALL of those who are using TOR, who believe they are hiding behind VPNS and such. Anonyminity has never existed. Here is my list of the best Live Cyber Attack Maps in real-time.
- Digital Attack Map
- CheckPoint’s Live Cyber Attack Map
- FireEye’s Cyber Attack Map
- Kaspersky Live Threat Map
Not For The Untrained EYE!!