Ethical Hacking/Pen Testing
Emagnet: Find leaked databases with 97.1% accuracy to grab mail + password
Emagent is a very powerful tool with the main purpose of capturing email addresses and passwords from leaked databases stored in pastebin. This tool allows the user to find email and password combinations for different websites such as Spotify, Instagram, etc. After finding the combinations, the tool will then brute force the different combinations on their respective websites to return working combinations to the user. Emagnet is the leading leaked database crawler available online.
Emagnet: Leaked Database Crawler
The user can use this tool in many different ways. For example, you can use Emagnet to send a mail list and then send emails in one go to all of the recipients on the list. It can also be run in combination with other custom tools which could be developed for specific purposes. The user can search for all well-known websites such as Facebook, Instagram and Spotify. Emagnet is capable of capturing leaked emails and their passwords. A useful feature of this tool is that it runs on all major operating systems.
Features:
- Go through leaked databases uploaded on pastebin
- Quick and easy to use with more successful attempts for attacks
- Find working email and password combinations for major websites such as Facebook, Instagram and Spotify.
- Bruteforce ssh targets, Microsoft Remote Desktop, flexible to add your own tools
- Cross-platform, runs on all major operating systems such as Linux, Windows and Mac OSX.
Supported Platforms:
- Linux
- Windows
- Mac OSX
- Android (Termux, no root required)
Requirements:
bash,wget,curl,gawk,gsed
Install
Windows
- Install Ubuntu or any other distro from Microsoft Store
- When installation has been done, hit ‘start’
- Now type
sudo -sand enter your password - Now update repo and install git, just copy and paste the below lines
$ apt update $ apt install git -y $ git clone https://github.com/wuseman/emagnet $ cd emagnet $ chmod +x ./emagnet $ ./emagnet --emagnet
Linux
Run the following code in the shell:
$ git clone https://github.com/wuseman/EMAGNET $ cd EMAGNET $ bash emagnet –emagnet
Mac OSX
Run the following code in the shell:
$ git clone https://github.com/wuseman/EMAGNET $ cd EMAGNET $ bash emagnet –emagnet
Android (Termux)
Run the following code:
$ echo -e ' $ pkg update $ pkg upgrade -y $ pkg install wget curl git -y $ git clone https://github.com/wuseman/emagnet $ cd emagnet $ bash emagnet --emagnet' > emagnet-termux.sh $ bash emagnet-termux.sh
Emagnet Usage
Use -h to list available options:
$ ./emagnet -h
_ _______ _
_dMMMb._ .adOOOOOOOOOba. _,dMMMb_
dP' ~YMMb dOOOOOOOOOOOOOOOb aMMP~ `Yb
V ~"Mb dOOOOOOOOOOOOOOOOOb dM"~ V
`Mb. dOOOOOOOOOOOOOOOOOOOb ,dM'
`YMb._ |OOOOOOOOOOOOOOOOOOOOO| _,dMP'
__ `YMMM| OP'~"YOOOOOOOOOOOP"~`YO |MMMP' __
,dMMMb. ~~' OO `YOOOOOP' OO `~~ ,dMMMb.
_,dP~ `YMba_ OOb `OOO' dOO _aMMP' ~Yb._
`YMMMM\`OOOo OOO oOOO'/MMMMP'
,aa. `~YMMb `OOOb._,dOOOb._,dOOO'dMMP~' ,aa.
,dMYYMba._ `OOOOOOOOOOOOOOOOO' _,adMYYMb.
,MP' `YMMba._ OOOOOOOOOOOOOOOOO _,adMMP' `YM.
MP' ~YMMMba._ YOOOOPVVVVVYOOOOP _,adMMMMP~ `YM
YMb ~YMMMM\`OOOOI`````IOOOOO'/MMMMP~ dMP
`Mb. `YMMMb`OOOI,,,,,IOOOO'dMMMP' ,dM'
`' `OObNNNNNdOO' `'
`~OOOOO~'
Usage: ././emagnet [--author] [--emagnet] [--option].....
-a, --author Show author information
-b, --backup Create a compressed archive
- Aavailable options: all/archive/incoming
-B, --blocked Check if your current IP has been blocked
-l, --license Show license information
-h, --help Display this very helpful text
-n, --notify Set notifications on or off
-t, --time Set refresh time in seconds
-v, --vpn Toggle VPN on or off (Linux Only)
- Available options: true/false
-V, --version Displays version information
-i, --ip Print you current WAN IPv4/IPv6
-e, --emagnet Download latest uploaded files on patebin
and store email addresses and passwords
in sorted day directories.
-g, --bruteforce Same as above '-e' with brute-force mode on
- Available options: gmail/ssh/spotify/instagram/rdp
Example (Brute Force Spotify Accounts on Ubuntu)
Run the following commands:
$ wget -q -O - https://apt.mopidy.com/mopidy.gpg | sudo apt-key add - $ wget -q -O /etc/apt/sources.list.d/mopidy.list https://apt.mopidy.com/stretch.list $ sudo apt-get update $ sudo apt-get install libspotify12 libspotify-dev libportaudio
Now you are ready to brute force spotify accounts:
$ bash emagnet --bruteforce spotify
Ethical Hacking/Pen Testing
Lazy Script ( A perfect Automated All in 1 script for all Newbies ) for Ethical Hacking
A video Hackersploit made : https://www.youtube.com/watch?v=oBpo5sElrMY
A video sstec made: https://www.youtube.com/watch?v=gSO7c2MN7TY
For feature-recommendation , add it on the “Issues” tab. NOW!
I AM NOT RESPONSIBLE HOW YOU USE THIS TOOL.BE LEGAL AND NOT STUPID.
This script will make your life easier, and of course faster.
Its not only for noobs.Its for whoever wants to type less and do actually more.
This is a script for Kali Linux that automates many procedures about wifi penetration and hacking. I actually made it for fun for me just to save some time, but i don’t mind publicing it.
NEW FEATURE: Custom keyboard shortcuts!! Launch any tool within lscript , with your own shortcuts!!! (type ks to set your shortcuts)
Enabling-Disabling interfaces faster Changing Mac faster Anonymizing yourself faster View your public IP faster View your MAC faster
TOOLS
You can install whichever tool(s) you want from within lscript!
Fluxion by Deltaxflux
WifiTe by derv82
Wifiphisher by George Chatzisofroniou
Zatacker by LawrenceThePentester
Morpheus by Pedro ubuntu [ r00t-3xp10it ]
Osrframework by i3visio
Hakku by 4shadoww
Trity by Toxic-ig
Cupp by Muris Kurgas
Dracnmap by Edo -maland-
Fern Wifi Cracker by Savio-code
Kichthemout by Nikolaos Kamarinakis & David Schütz
BeeLogger by Alisson Moretto - 4w4k3
Ghost-Phisher by Savio-code
Mdk3-master by Musket Developer
Anonsurf by Und3rf10w
The Eye by EgeBalci
Airgeddon by v1s1t0r1sh3r3
Xerxes by zanyarjamal
Ezsploit by rand0m1ze
Katana framework by PowerScript
4nonimizer by Hackplayers
Sslstrip2 by LeonardoNve
Dns2proxy by LeonardoNve
Pupy by n1nj4sec
Zirikatu by pasahitz
TheFatRat by Sceetsec
Angry IP Scanner by Anton Keks
Sniper by 1N3
ReconDog by UltimateHackers
RED HAWK by Tuhinshubhra
Routersploit by Reverse shell
CHAOS by Tiagorlampert
Winpayloads by Ncc group
Infoga by m4ll0k
nWatch by Suraj
Eternal scanner by Peterpt
Eaphammer by S0lst1c3
Dagon by Ekultek
LALIN by Screetsec
Ngrok by inconshreveable + more
Kwetza by Chris Le Roy
Bleachbit by Andrew Ziem
Operative framework by Tristan Granier
Netattack2 by Christian Klein
Findsploit by 1N3
Howdoi by Benjamin Gleitzman
Dr0p1t-Framework by Karim Shoair
FakeImageExploiter by r00t-3xp10it
Leviathan by Utku Sen, Ozge Barbaros
WiFi-Pumpkin by P0cL4bs
Avet by govolution
Meterpreter_Paranoid_Mode-SSL by r00t-3xp10it
Koadic by zerosum0x0
Empire by Will Schroeder,
Justin Warner,
Matt Nelson,
Steve Borosh,
Alex Rymdeko-harvey,
Chris Ross
Veil by ChrisTruncer
SecHub by JoshDelta
DKMC by Mr.Un1k0d3r RingZer0 Team
Demiguise by Richard Warren
UniByAv by Mr.Un1k0d3r RingZer0 Team
LFISuite by D35m0nd142
Faraday by Infobyte
MSFPC by g0tmi1k
NoSQLMap by codingo, tcsstool
Evil-Droid by Mascerano Bachir
Iftop by Paul Warren, Chris Lightfoot
MORE ARE BEING ADDED ON EVERY UPDATE
Wifi password scripts
Handshake (WPA-WPA2)
Find WPS pin (WPA-WPA2)
WEP hacking (WEP)
Others
Email spoofing
Metasploit automation (create payloads,listeners,save listeners for later etc...)
Auto eternalblue exploiting (check on ks) -> hidden shortcuts
Browser auto-expoiting with BeEF and MITMf
SQLmap automated
+more
(make sure you are a root user)
Official Installation Tutorial on Kali Linux 2020.5: https://youtu.be/xcb5uwP5nSU
Be carefull.If you download it as a .zip file, it will not run.Make sure to follow these simple instructions.
MADE FOR KALI LINUX
cd
apt-get update
git clone https://github.com/arismelachroinos/lscript.git
cd lscript
chmod +x install.sh
./install.sh
(make sure you are a root user)
open terminal
type "l"
press enter
(Not even “lazy”!! Just “l”! The less you type , the better!)
cd /root/lscript
./uninstall.sh
rmdir -r /root/lscript
Run the script
Type "update"
Ethical Hacking/Pen Testing
Wifi Hacking with Fluxion (Need 2 Wifi Adapters with Monitor mode active)
Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It’s compatible with the latest release of Kali (rolling). Fluxion’s attacks’ setup is mostly manual, but experimental auto-mode handles some of the attacks’ setup parameters. Read the FAQ before requesting issues.
If you need quick help, fluxion is also available on gitter. You can talk with us on Gitter or on Discord.
Read here before you do the following steps.
Download the latest revision
git clone git@github.com:FluxionNetwork/fluxion.git
# Or if you prefer https
git clone https://www.github.com/FluxionNetwork/fluxion.git
Switch to tool’s directory
cd fluxion
Run fluxion (missing dependencies will be auto-installed)
./fluxion.sh
Fluxion is also available in arch
cd bin/arch
makepkg
or using the blackarch repo
pacman -S fluxion
Fluxion gets weekly updates with new features, improvements, and bugfixes. Be sure to check out the changelog here.
How to contributeAll contributions are welcome! Code, documentation, graphics, or even design suggestions are welcome; use GitHub to its fullest. Submit pull requests, contribute tutorials or other wiki content — whatever you have to offer, it’ll be appreciated but please follow the style guide.
-
Scan for a target wireless network.
-
Launch the
Handshake Snooperattack. -
Capture a handshake (necessary for password verification).
-
Launch
Captive Portalattack. -
Spawns a rogue (fake) AP, imitating the original access point.
-
Spawns a DNS server, redirecting all requests to the attacker’s host running the captive portal.
-
Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.
-
Spawns a jammer, deauthenticating all clients from original AP and luring them to the rogue AP.
-
All authentication attempts at the captive portal are checked against the handshake file captured earlier.
-
The attack will automatically terminate once a correct key has been submitted.
-
The key will be logged and clients will be allowed to reconnect to the target access point.
-
For a guide to the
Captive Portalattack, read the Captive Portal attack guide
Disclaimer
Neither the project nor its developer promote any kind of illegal activity and are not responsible for any misuse or damage caused by this project.
This project is for educational purpose only.
Please do not use this tool on other people’s devices without their permission.
Do not use this tool to harm others.
Use this project responsibly on your own devices only.
It is the end user’s responsibility to obey all applicable local, state, federal, and international laws.
Lazy Script ( A perfect Automated All in 1 script for all Newbies ) for Ethical Hacking
Accessing data from the Devices connected to Same Wifi Network using ARP Poisoning
Wifi Hacking with Fluxion (Need 2 Wifi Adapters with Monitor mode active)
SquarePhish: QR Code and Auth Device Code authentication Phishing tool
Hyundai and Kia patch a bug that allowed USB cable car thefts.
HackBrowserData: Decrypt passwords/cookies/history/bookmarks from the browser
-
Ethical Hacking/Pen Testing2 years agoSquarePhish: QR Code and Auth Device Code authentication Phishing tool
-
Vulnerabilities/Malwares2 years agoHyundai and Kia patch a bug that allowed USB cable car thefts.
-
Ethical Hacking/Pen Testing2 years agoHackBrowserData: Decrypt passwords/cookies/history/bookmarks from the browser
-
Windows/Mac/Linux2 years agoGoogle caught North Korean Hackers Using Chrome Browser Exploit on Americans
-
Mobile Hacking2 years agoWhatsApp now supports proxy servers to bypass government restrictions.
-
Cyber Attacks/Data Breaches2 years agoHackers from the Russian Federation have continued to launch attacks on Ukrainian organisations with info-stealer malware.
-
Ethical Hacking/Pen Testing2 years agoShennina: AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets proceeds with the post-exploitation phase.
-
Windows/Mac/Linux2 years agoMicrosoft disclosed a recent Gatekeeper Bypass vulnerability in macOS.