Windows 10 Black Spider v2 - Windows Based Pentesting OS

Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI & Terminal apps! It comes with a tone off hacking tools.

any update for Cerberus Linux will be available from : apt update && apt upgrade

Download Link : Windows 10 Black Spider v2.zip (MEGA) (27.85 GB)

How To Install :

• After Downloading, Extract the ZIP file and you'll get an ISO file.
• Create A Bootable Drive of that ISO file using Rufus and Install. (You Need A 32 GB USB to Create A Flashdrive)
• That's it... now install this OS like a normal Windows 10 OS.

Note : You Can Also Install This OS on VMware or Virtual Box.

Video Tutorial : Soon

Source : https://www.cybeseclabs.com/

Download Link : Windows 10 Black Spider v2.zip (MEGA) (27.85 GB)

That's It... If You Like This Post Please Share It With Your Friends.. & Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Happy Hacking !!!

ANDRAX v5R NH-Killer - Penetration Testing on Android

Don't be evil but be a CRACKER!

"ATTENTION!!! : ANDRAX is a tool for ethical Hacking, we abhor any kind of cybercrime ! We are security professionals, not pirates! Do not use ANDRAX for illegal activities!"

What is ANDRAX?

ANDRAX is a Penetration Testing Platform developed for Android Smartphones and ARM boards, ANDRAX has the ability to run on Android so it behaves like a common Linux distribution, But more powerful than a common distribution!

The development of ANDRAX began on 08/09/2016 (DD/MM/YYYY) only for people in Brazil ANDRAX has been fully redefined and reloaded on 05/10/2018 (DD/MM/YYYY) open to the international public.

ANDRAX enable to all Android and ARM devices with root access and storage become a weapon for Advanced Penetration Testing and Red Team operations.

ANDRAX is developed by Weidsom Nascimento of The Cracker Technology - Advanced Pentest

Why is Android and ARM so powerful?

Simple, everyone has a smartphone and spends all the time with it! We have the possibility to camouflage easily in the middle of everyone, the processor architecture of most Android smartphones is ARM a modern and robust architecture extremely superior to the rest, With touch screens we can run the tools with great agility and take advantage of Android graphical interface, we can get in almost anywhere with our smartphones...

If you do not understand how great it is you're not a Penetration Tester!

With Android we have a lot of power in our hands, we can do everything we do with a desktop and more.

ARM is the best architecture for processor, x86 is dead, computers are redefined nowadays!

Features and Tools

Information Gathering

The best resources and tools for Information Gathering and data collection

Scanning

Hundreds of Scanners to perform the best result of all scan operations and increase the success rate

Packet Crafting

Tools for Manipulate and Craft Packets, Packet Crafting is extremely essential for bypass IDS and IPS

IPv6 Attacks

ANDRAX is completely able to perform advanced attacks against IPv6 networks

WebSite Hacking

Hundreds of tools and resources to perform: WebSite Hacking, Analysis, Exploitation...

Password Attacks

Brute force, Discover, Online Cracking and all Password based Attacks

Wireless Hacking

Fast and Easy Wireless Hacking like: WEP, WPA, WPA2, WPA3... Mixed Attacks; Brute force and Rainbow tables

Hack Windows

Advanced resources, tools and techniques to Bypass, Hack and Exploit Windows motherfucker machines

Hack OSX

OSX is the Operating System for dumbs who think they are smart, ANDRAX can easily hack them with many ways!

Hack Linux

ANDRAX is able to Hack the king of the internet too, all types of Attacks and Exploitation methods included

Hack iOS

Penetrate in the Apple's mobile Operating System with malicious apps, exploits and Over The Air

Hack Android

Embed payload in APK, Create Android APP from ANDRAX, Exploit, Inject and Bypass

Advanced Phishing

Advanced tools and resources for next level phishing campaigns

Mobile Telecom

Advanced Hacking tools for exploit 2G, 3G, 4G and 5G communications

VoIP Hacking

Dedicated resources for Hacking and Exploitation VoIP communications

ICS and SCADA

Exploit Industrial Control Systems, PLC, MODBUS and RTU Hacking

IoT and IIoT Hacking

Hack the modern world, IoT and IIoT control the world nowadays and ANDRAX control both!

Advanced Terminal

ANDRAX has the most Advanced Terminal for Ethical Hacking, Cracking and Penetration Testing

Exploit BGP

Hack the internet by your Border Gateway Protocol, ANDRAX can poison and inject routes on BGP

Advanced C2

Advanced tools for Command and Control, bypass Red Team bitches, gain side access in any network

QRCode Hacking

Exploit and Hijack users, applications... with malicious QR Codes

Printers Hacking

ANDRAX has the ability to Hack and penetrate in networks using printers, physical damages available too

DNS Rebinding

Penetrate in IDS/IPS and Firewall protected networks and remotely run user side exploitation, bypass DNS over TLS

Hardware Exploitation

Hack devices in hardware level, bypass any security restriction control the device by your physical layer

Camera and Webcam Hacking

Get in Security cameras and users webcams, run code in these devices to hijack the network

Bluetooth Hacking

ANDRAX can setup the BlueZ Stack on any smartphone or ARM board for Advanced Bluetooth Hacking

CloudFlare Rapist

Bypass, exploit and take down CloudFlare "secured" systems

and more...

How to Install? :

Normal Installation :

ANDRAX Installation is so easy, every dumb like you can install it too!

⚠️ Root and space required : You need a rooted device and around 15gb of free space, i recommend you to use Magisk as your root manager!

● Download and Install ANDRAX

● Open ANDRAX interface

● Allow root access

● Give ANDRAX storage permission (to save files and manage downloads)

● Press "OK" on ANDRAX install dialog

⚠️ Never exit from installation screen : You must stay on the installation screen to prevent Android from closing ANDRAX.

The installation process can take more than 1 hour, its depends of your internet speed and your device IO speed!

Now your ANDRAX installation will be done if everything is ok!

⚠️ Root access notification (toast) : ANDRAX ask for root commands many times so a lot of toasts can appear on your screen, you can disable it on magisk config for ANDRAX.

Manual Installation :

If the automatic installation process fails for some reason you can manually install the core.

Just select "Manual Install" in the top menu and a window of your browser will open and begin downloading the package .tar.xz

The command to unpack the core is : 

busybox tar -xvJf andrax.r1.tar.xz -C /data/data/com.thecrackertechnology.andrax/ANDRAX/

Then open the ANDRAX interface (close and open again if it was already open).

ANDRAX must now be installed and configured, you just have to take advantage of it..

For More Information, Visit Official Site. 

Download : ANDRAX.apk

Video Tutorial : Soon

That's It... If You Like This Post Please Share It With Your Friends.. & Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Happy Hacking !!!

PWN PHONE - DREAM DEVICE FOR HACKERS

The Pwn Phone is a real-life product made by a Boston-based startup called Pwnie Express. The "dream device for hackers" allows users to check if there are any vulnerabilities in wired, wireless, or Bluetooth networks, and it looks like a regular cell phone. If you have a spare $1,095 sitting around, you can buy one here.

Pwn Phone 2014 Demo : YouTube

but if you have few things then you can also build your own Pwn Phone.

Things You Need :

● Nexus 5 : Search Online
● A Linux-based system (i'm using Kali Linux)
● Pwn Phone's Rom : Nexus 5
● WiFi and Bluetooth Adaptor that support packet injection (for wireless pentesting)
● OTG Cable

How To Flash Rom :

Note : this process will erase your all data from your phone so create backup before flashing the rom.

● Here I'm using Linux system, so open your terminal as root user
● Update : apt-get update



● Install ADB & Fastboot : apt-get install android-tools-adb android-tools-fastboot



● Unzip the Pwn Phone's Rom
● make flash.sh file executable : chmod +x flash.sh



● Turn off your Nexus 5 and reboot it into fastboot mode Holding Power + Vol. Down Key and Connect it with you PC using USB cable
● then Unlock Bootloader of Your Nexus 5 : fastboot oem unlock
● Open Terminal and flash rom : ./flash.sh



● Choose your device and the installation process will begin.

● Once the installation process completed your device will automatically rebooted and ready to use.

My Opinion :

I know because of Mr.Robot's popularity many people would like to try it.. but currently i think the developers of Pwn Phone stopped working on this project because there is no update or latest version available of the previous pwn phone rom, even the old rom is now not available in their official website.. In past few months many people requested me to upload the pwn phone's rom that's why i'm updating this repository now..

i recommend you guys to try Kali Nethunter. it is also free and much better than pwn phone and most important thing, you will receive the regular updates..

Watch This : https://www.youtube.com/watch?v=7QKqHWosCsU

Download Links :

Download Pwn Phone ROM for Nexus 5 : Google Drive

Video

YouTube : How to turn your phone into a "Pwn Phone" (Language : Hindi)

Repository : 

https://github.com/thehackingsage/pwnphone

That's It... If You Like This Post Please Share This With Your Friends..

& Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Happy Hacking!!!

HACKTRONIAN v2.0 - A COLLECTION OF HACKING TOOL FOR LINUX

A Collection of Information Gathering, Phishing, Sniffing, Spoofing, Wireless Testing, Password Attacks, Web Hacking, Exploitation and Post Exploitation Tool for Linux & Android.

Anonymity :

Anonsurf, Anonym8, Nipe, Nipye

Information Gathering :

Nmap, Setoolkit, Port Scanning, Host To IP, wordpress user, CMS scanner, XSStrike, Dork - Google Dorks Passive Vulnerability Auditor, Scan A server's Users, Crips.

Phishing :

SocialFish, SocialPhish, BlackEye, King Phisher, Specter

Sniffing & Spoofing :

Setoolkit, SSLtrip, pyPISHER, SMTP Mailer

Wireless Hacking :

Fluxion, Reaver, Pixiewps

Password Attack :

Cupp, Ncrack

Web Hacking :

Drupal Hacking, Inurlbr, Wordpress & Joomla Scanner, Gravity Form Scanner, File Upload Checker, Wordpress Exploit Scanner, Wordpress Plugins Scanner, Shell and Directory Finder, Joomla! 1.5 - 3.4.5 remote code execution, Vbulletin 5.X remote code execution, BruteX - Automatically brute force all services running on a target, Arachni - Web Application Security Scanner Framework

Exploitation :

ATSCAN, sqlmap, Shellnoob, commix, FTP Auto Bypass, jboss-autopwn

Post Exploitation :

Nmap, Setoolkit, Port Scanning, Host To IP, wordpress user, CMS scanner, XSStrike, Dork - Google Dorks Passive Vulnerability Auditor, Scan A server's Users, Crips.

DoS & DDoS :

LOIC, HOIC, SlowLoris, DDOSIM, HULK, R-U-Dead-Yet, Tor’s Hammer, GoldenEye

Android :

APKtool, Brute Force Android Passcode, Hackdroid, Kali Nethunter, Pwn Phone, Termux

Installation in Linux :

● git clone https://github.com/thehackingsage/hacktronian.git

● cd hacktronian

● chmod +x install.sh

● ./install.sh

Video :

YouTube : All In One Hacking Tools for Linux (Language : Hindi)

Repository :

https://github.com/thehackingsage/hacktronian

That's It... If You Like This Post Please Share This With Your Friends..

& Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Happy Hacking!!!

KALI LINUX - WINDOWS SUBSYSTEM FOR LINUX

The Windows Subsystem for Linux (WSL) is a new Windows 10 feature that enables you to run native Linux command-line tools directly on Windows.

To enable the Windows Subsystem for Linux, open the Control Panel, click Programs and Features, and click Turn Windows Features On or Off in left side bar under Programs and Features. Enable the Windows Subsystem for Linux option in the list here and click OK.

Kali Linux Windows App :

Download Kali Linux from Windows App Store : Click Here

Setup Kali-WSL :

● Open kali linux app and setup your hostname and password then run

● sudo apt-get update

● sudo apt-get install git

● git clone https://github.com/thehackingsage/kali-wsl.git

● cd kali-wsl

● chmod +x install.sh

● ./install-Kali-WSL

This Installation Process Will Take Some Time.

Download and install VcXsrv X Server on Windows : vcxsrv v1.19.6.0.exe

After That, Start VcXsrv, Accept Change in Firewall Rules Then Exit VcXsrv..

How To Start GUI Mode?

● as normal user : ~/startx

● as root : sudo /root/startx

● or you can also start GUI Mode by typing : startx

● you can also Run Kali Desktop in a RDP Session

● in Kali WSL, type : sudo /etc/init.d/xrdp start

● then open run (Win Key + R), type mstsc.exe and hit enter !

● connect to 127.0.0.1:3390

Video :

YouTube : How To Install Kali-WSL & Things to do after Installation (Language : Hindi)

Repository :

https://github.com/thehackingsage/Kali-WSL

That's It... If You Like This Post Please Share This With Your Friends..

& Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

BUG HUNTER - A COLLECTION OF BUG HUNTING TOOLS

A Collection of Information Gathering, Mapping, Discovery and Exploitation Tools for Bug Hunting.

Information Gathering :

Basic Commands for Information Gathering, Masscan, DNS Recon, Sublist3r, Alt-DNS, Amass, Subfinder, Enumall, Aquatone, Cloudflare_Enum, InfoG, The Harvester, Recon-NG, SetoolKit, WhatWeb, Maltego

Mapping :

Nmap, Firefox Browser, Firefox Browser Extensions, Burp Suite Pro, Burp Suite Extensions, Intruder Payloads for Burp Suite, Payloads All The Thing

Discovery :

Acunetix-WVS, Arachni, Burp Suite, Nexpose, Nikto, Vega, Wapiti, Web Security Scanner, Websecurify Suite, Joomscan, w3af, Zed Attack Proxy, WP-Scan, FuzzDB, CeWL

Exploitation :

XSS : XSS Radar, XSSHunter, xssHunter Client, DOMxssScanner, XSSer, BruteXSS, XSStrike, XSS'OR
SQLi : SQLmap
XXE : OXML-xxe, XXEinjextor
SSTI : Tplmap
SSRF : SSRF-Detector, Ground Control
LFI : LFISuit
Mobile : MobSF, GenyMotion, Apktool, dex2jar, jd-gui, idb
Other : Gen-xbin-Avi, GitTools, DVCS Ripper, TKO Subs, SubBruteforcer, Second-Order, Race The Web, CORStest, RCE Struts-pwn, ysoSerial, PHPGGC, Retire-js, Getsploit, Findsploit, BFAC, WP-Scan, CMSmap, Joomscan, JSON W T T, Wfuzz, Patator, Netcat, ChangeMe, wappalyzer, builtwith, wafw00f, assetnote, jsbeautifier, LinkFinder

PoCs & Reporting :

Bug Bounty Platforms, POCs (Proof of Concepts), CheatSheet, EyeWitness, HttpScreenshot, BugBountyTemplates, Template Generator

Installation in Linux :

Open Terminal and Type :

● git clone https://github.com/thehackingsage/bughunter.git
● cd bughunter
● chmod +x bughunter.py
● sudo cp bughunter.py /usr/bin/bughunter

That's it.. type bughunter in terminal to execute the tool.

Video :

YouTube : Bug Hunter : A Collection of Tools for Bug Hunting

Repository :  

https://github.com/thehackingsage/bughunter


That's It... If You Like This Post Please Share This With Your Friends..

& Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Happy Hacking!!!

MalDuino - HID Attack Tool

MalDuino is an arduino-powered USB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing commands at superhuman speeds. What's the point? You could gain a reverse shell, change the desktop wallpaper, anything is possible. For penetration testers, hobbyists and pranksters, MalDuino will serve you well!

MalDuino aims to offer the best BadUSB experience. In terms of software, MalDuino is programmed via the arduino IDE using open source libraries. Scripts written in DuckyScript can easily be converted into code the MalDuino can understand. Not only does this make it newb friendly, but also makes it possible for experienced arduino tinkerers to program it just like they would an Arduino. MalDuino comes in two flavours, Elite and Lite.

Lite :

The Lite stores a script on it's 32KB of onboard memory (more than enough space for most scripts). You can write scripts using a text editor and convert them to malduino-friendly code using our script converter. Then you can upload a script using the Arduino IDE, for more in depth instructions see our guide. Then simply unplug the MalDuino Lite, toggle it into ready mode using the switch on the back and you're good to go!

Elite :

The Elite is the more fully-featured device. Instead of storing scripts on it's onboard memory, scripts are stored on a microsd card, so instead of reprogramming the device for each new script, you can simply drop your scripts on a microsd card and you're set. Then a set of dip switches can be used to select between 16 different scripts stored on the microsd card.

But what is the potential?

Well, see this list of example scripts. There's the potential to initiate a reverse shell, download and execute a file, gain a backdoor, change someone's desktop wallpaper, the list really goes on and on. If there's some script you've got an idea for, it's really easy to implement, see below.

How can I write such scripts?

Scripts are easily written, the syntax is loosely based on ducky script.

Setup Guides : https://malduino.com/wiki/doku.php?id=setup:elite

Script Converter : https://malduino.com/converter/

Buy Now : MalDuino Lite (₹1,219 INR) |  MalDuino Elite (₹2,251 INR)

Official Website : https://malduino.com/

That's It !!!

and if you like this post please like & share with your friends..

Download H4CK3R The Book (An Ethical Hacking ebook For Beginners) : 

https://www.h4ck3rthebook.blogspot.com

Twitter : https://www.twitter.com/thehackingsage

Instagram : https://www.instagram.com/thehackingsage

Github : https://www.github.com/thehackingsage

& DON'T FORGET TO SUBSCRIBE..!!!

YouTube : https://www.youtube.com/hacktronian

Keep Visiting... Enjoy !!! :)

ANDRAX - The First And Unique Penetration Testing Platform For Android Smartphones

Don't be evil but be a CRACKER!

What is ANDRAX ?

ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution!

Why is Android so Powerful ?

Simple, everyone has a smartphone and spends all the time with it! We have the possibility to camouflage easily in the middle of everyone, the processor architecture of most Android smartphones is ARM a modern and robust architecture extremely superior to the rest, With touch screens we can run the tools with great agility and take advantage of the graphical interface of Android, we can get in almost anywhere with our smartphones...

Tools List : 

Information Gathering : Whois, Bind DNS tools, Dnsrecon, Raccoon, DNS-Cracker, Firewalk. 

Scanning : Nmap - Network Mapper, Masscan, SSLScan, Amap. 

Packet Crafting : Hping3, Nping, Scapy, Hexinject, Ncat, Socat. 

Network Hacking : ARPSpoof, Bettercap, MITMProxy, EvilGINX2. 

WebSite Hacking : 0d1n, Wapiti3, Recon-NG, PHPSploit, Photon, XSSer, Commix, SQLMap, Payloadmask, AbernathY-XSS. 

Password Hacking : Hydra, Ncrack, John The Ripper, CRUNCH. 

Wireless Hacking : VMP Evil AP, Aircrack-NG Tools, Cowpatty, MDK3, Reaver. 

Exploitation : MetaSploit Framework, RouterSploit Framework, Getsploit, OWASP ZSC, Rop-TOOL.

Features :

Advanced Terminal : Advanced and Professional terminal emulator for Hacking!

Dynamic Categories Overlay (DCO) : Beautiful tools category system 

Advanced IDE : Complete support for many programming languages

Information Gathering : Tools for initial informations about the target

Scanning : Tools for second stage: Scanning

Packet Crafting : Tools to craft network packets

Network Hacking : Tools for network hacking

WebSite Hacking : Tools for WebSite and WebApps Hacking

Password Hacking : Tools to break passwords

Wireless Hacking : Tools for Wireless Hacking

Exploitation : Tools for Dev and launch exploits

How to Install ? :

ANDRAX installation is very simple but you need some special features on your device..

ROOT with SuperSU : If your root manager is not the supersu errors can occur.

4.0GB of free memory : This is the amount of comfortable memory to make good use of ANDRAX

Unlocked Kernel : If you have a SAMSUNG device it probably has limitations in the Kernel which can prevent ANDRAX from working normally. If this is your case you need to recompile the Kernel or use a rom like LineageOS.

Android 5.0 or higher : ANDRAX is portable to almost all Android devices using Android 5.0 or higher.

ANDRAX has an automatic installer that downloads and configures the entire environment, Download interface on the downloads page, Install the interface.

The first thing that should appear when opening ANDRAX is the root access request, You need to grant permissions! Then one of the 2 screens below should be displayed.

If you do not have a busybox installed ANDRAX will install the official busybox for you.

If you already have a busybox installed ANDRAX will install the official

After the busybox is installed and configured the message below will appear.

Clicking "OK" ANDRAX will begin to download the core, when the download is finished ANDRAX will automatically install the entire core

This process may take a few minutes! wait ANDRAX reboot and everything will be set up..

ANDRAX use many SU commands, it can create many supersu alerts, you may want disable supersu alerts to get better experience with ANDRAX

Manual Installation :

If the automatic installation process fails for some reason you can manually install the core.

Just select "Manual Install" in the top menu and a window of your browser will open and begin downloading the package .tar.xz

The command to unpack the core is : busybox tar -xvJf andrax.r1.tar.xz -C /data/data/com.thecrackertechnology.andrax/ANDRAX/

Then open the ANDRAX interface (close and open again if it was already open).

ANDRAX must now be installed and configured, you just have to take advantage of it..

For More Information Visit Official Site.

To get a complete support join ANDRAX Forum : http://forum.andrax-pentest.org

Download : ANDRAX.apk 

Video Tutorial : Soon

That's It !!!

if you like this post please like & share with your friends..

Download H4CK3R The Book (An Ethical Hacking ebook For Beginners) : 

https://www.h4ck3rthebook.blogspot.com

Twitter : https://www.twitter.com/thehackingsage

Instagram : https://www.instagram.com/thehackingsage

Github : https://www.github.com/thehackingsage

& DON'T FORGET TO SUBSCRIBE..!!!

YouTube : https://www.youtube.com/channel/UCYK1n9A4TUq1CvGc6F3DzoA

Happy Hacking !!!