How to hack a PC via a PDF file? And then some…

The PDF format has many vulnerabilities, due to which viruses and the like can be embedded into files. This post presents an automated Insanity Framework for creating an infected PDF file that will allow remote access to machines on Windows.

Installation:
$ git clone https://github.com/4w4k3/Insanity-Framework
$ cd Insanity-Framework
$ chmod + x insanity.py
$ ./install.sh

Usage:
$ sudo python2 insanity.py

At the first launch, all necessary dependencies will be installed and the main menu will open. In it, we select the first item to create the payload. Next, select Fake Acrobat PDF. Enter the ip address and port.

# script


This tool allows you to find vulnerable pages and sensitive files on a website using 45 types of Google Dorks.
The tool can find popular admin panels, common file types and Path Traversal.

Installation:
git clone https://github.com/IvanGlinkin/Fast-Google-Dorks-Scan
CD Fast-Google-Dorks-Scan

Usage:
chmod + x FGDS.sh
./FGDS.sh (site)


Automatic scanning for SSL vulnerability

HeartBleed, CCS Injection, SSLv3 POODLE, FREAK … etc

Support vulnerability:
– CVE-2007-1858] Anonymous Cipher
– CVE-2012-4929] CRIME (SPDY)
– CVE-2014-0160] CCS Injection
– CVE-2014-0224] HeartBleed
– CVE-2014-3566] SSLv3 POODLE
– CVE-2015-0204] FREAK Attack
– CVE-2015-4000] LOGJAM Attack
– CVE-2016-0800] SSLv2 DROWN

Installation:
apt-get install openssl
git clone https://github.com/hahwul/a2sv.git
cd a2sv
pip2 install argparse
pip2 install netaddr

Usage:
python2 a2sv.py -h


Microsploit (Office exploitation tool)

This tool quickly and easily creates an office exploitation backdoor using the metasploit packet module. Like Microsoft Office on Windows or Mac, Open Office on Linux, Macro attack, Buffer overflow in Word.
Attention: you need to install metasploit before using

Installation:
git clone https://github.com/pashayogi/Microsploit
cd Microsploit

Launch:
bash Microsploit


E4GL30S1NT is a good osint for Termux

Functions:
userrecon – login-reconnaissance
facedumper – slump information about facebook
mailfinder – find email with a specific name
godorker – dorking with google search
phoneinfo – information about the phone number
dnslookup – Search in the domain name system
whoislookup – determine who is on the domain
sublookup – search in a subnet
hostfinder – find host domain
dnsfinder – Find the host’s domain name system
riplookup – reverse IP lookup
iplocation – track IP

Installation:
pkg install wget && wget https://raw.githubusercontent.com/C0MPL3XDEV/E4GL30S1NT/main/install.sh && bash install.sh

Launch:
E4GL30S1NT

Categories: