Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets are hooked once they load Javascript code. Hook code can be placed in an HTML page and share it with a target. Or host page online and send URL to tar…

Basic BeEF commands: Login the BeEF Control Panel, and go to Commands page. Create Alert Dialog: Run Raw JavaScript Spyder Eye Redirect Browser Delivering Malware using BeEF Execute the commands and you can find the notification on the target server.…

EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook targets. Inject Beef hook in vulnerable pages. Execute code from beef. BeEF is short for The Browser Exploitation Framework. It is a penetration testi…

Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specific resources. Result: They work on any OS with a python interpreter. If packaged, they will work on any OS if even if python is NOT installed.…

Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they did not send a request. 2. Clients trust response without any form of verification. 1. Run the following command on the victim - Windows 10 Machine. a…

DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all can be stored in one variable. Improving the Program Using a List of Dictionaries: #!/usr/bin/env python import scapy.all as scapy def scan(ip): arp_req…

NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC address. Write the Python code using the scapy.all module. Refer to: https://scapy.readthedocs.io/en/latest/installation.html #!/usr/bin/env python impor…

SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. 2. Read the mac address from the output. 3. Check if MAC in ifconfig is what the user requested. 4. Print appropriate message. To find the MAC address, w…

FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the code clearer, reusable, and more abstract. input() function prompts the user to enter the value. Rewrite the Python script using the function style. #!/u…

MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE MAC ADDRESS 1.Increase anonymity 2.Impersonate other devices 3.Bypass filters Change the MAC Address manually. ifconfig ifconfig eth0 down ifconfig eth…