All Projects → capture0x → Xshock

capture0x / Xshock

XSHOCK Shellshock Exploit

Programming Languages

python
94365 projects - #7 most used programming language

Projects that are alternatives of or similar to Xshock

Sippts
Set of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (+78.46%)
Mutual labels:  hacking, hacking-tool, pentest-tool
One Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+1836.92%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1092.31%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+941.54%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+629.23%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+3456.92%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+1075.38%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+5116.92%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+11047.69%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1647.69%)
Mutual labels:  hacking, hacking-tool, pentest-tool
Trape
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: ✭ 6,753 (+10289.23%)
Mutual labels:  hacking, hacking-tool
Hacker Roadmap
📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+11826.15%)
Mutual labels:  hacking, hacking-tool
Shuffle
WebShell Backdoor Framework
Stars: ✭ 11 (-83.08%)
Mutual labels:  hacking, hacking-tool
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+1280%)
Mutual labels:  hacking, hacking-tool
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+1080%)
Mutual labels:  hacking, hacking-tool
Powerladon
Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-40%)
Mutual labels:  hacking, pentest-tool
Swift Keylogger
Keylogger for mac written in Swift using HID
Stars: ✭ 995 (+1430.77%)
Mutual labels:  hacking, hacking-tool
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+1069.23%)
Mutual labels:  hacking, hacking-tool
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+1238.46%)
Mutual labels:  hacking, hacking-tool
Dr0p1t Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+1641.54%)
Mutual labels:  hacking, hacking-tool

⚡   xShock ShellShock   ⚡

Written by TMRSWRR

Version 1.0.0

xShock ShellShock (CVE-2014-6271)

This tool exploits shellshock.

Instagram: TMRSWRR

🖼️ Screenshots 🖼️

📹 How to use 📹

How to use xShock

Click on the image...

📒 Read Me 📒

All founded directories will be saved in vulnurl.txt file. The results of the executed commands are saved in response.txt.

🧰 Features 🧰

This tool include:

  • CGI VULNERABILITY
  • DIRECTORY SCAN
  • RUN COMMAND WITH FOUNDED CGI
  • SHOW VULNERABLE URLS
  • UPDATE PROXY

📀 Installation 📀

Installation with requirements.txt

git clone https://github.com/capture0x/xShock/
cd xShock
pip3 install -r requirements.txt

Usage

python3 main.py

CGI VULNERABILITY

Checks cgi-bin directory on the target site

e.g:

http://targetsite.com

DIRECTORY SCAN

This works with wordlists. Scans url on the target site. Important notice: Please enter full path of wordlist after the url.(Not file. It should be directory)

e.g: http:// targetsite.com/cgi-bin/selectedworlist

e.g:

http://targetsite.com/cgi-bin
/usr/share/wordlists/dirb  --> This is directory of wordlist. Not file!

RUN COMMAND WITH FOUNDED CGI

By entering the url in the vuln.txt file, you can try running commands in the found urls.

http://targetsite.com/cgi-bin/status

SHOW VULNERABLE URLS

Shows founded urls in vuln.txt file.

UPDATE PROXY

You can update proxies from web manually.

Known Issues

--

Bugs and enhancements

For bug reports or enhancements, please open an issue here.

Copyright 2020

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected]