Become King Of Hell

Offensive Security Tools Pack / ToolKit / Framework DDOS PROGRAMS | DARKWEB LEAK

This Prefix Contains Tools That Are Used for Offensive Security Purposes, Such as Red Teaming, Penetration Testing, or Simulating Cyber Attacks.
This Prefix Contains Packs Of Multiple Mixed Tools, Toolkits That Have MultiTools In Them And Frameworks Of Hacking

DaxtonNC

Member
Joined
Oct 14, 2023
Messages
77
Hellcoins
♆104
DDos Programs

Be aware that these are not mine and is a collection i bought from the darkweb some time ago!

Use at your own risk and scan them before!
[Hidden content]
2FAssassin is a tool that will help in exploiting certain misconfiguration or vulnerabilities on remote system to extract private keys from memory. attack scenario will start by enumerating the network for exposed vulnerabilities:
  • SSH-based Attacks to get private keys
  • HeartBleed Attacks to get private keys:
  • Ceragon FibeAir IP-10 SSH Private Key Exposure:
  • ExaGrid Known SSH Key and Default Password :
  • F5 BIG-IP SSH Private Key Exposure:
  • Loadbalancer.org Enterprise VA SSH Private Key
  • Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
  • Quantum DXi V1000 SSH Private Key Exposure
  • Check & disable Two-Factor Authentication
Once the scanner will identify the vulnerable system it will start to run exploitation and extract the exposed private keys. If you want to reduce the possible exploitation of 2FA attack it will be important to apply security update as they are released by the vendor and follow the configuration security best practices to avoid making private keys exposed


- The effectiveness of the Two-Factor-Authentication depends on how well a user protects "something only the user has".
- The tool looks out for getting the OTP(s) and private keys using various methods.
- The private keys can be extracted from client certificates and cracked to be used for authentication.
- The tool exploits the common vulnerabilities that caused private keys leakage.
- Propagates the compromise starting from a single machine to the entire networks via looted private keys.


- Install python on Kali Linux, then run:
pip install 2fassassin
cd /root/2fassassin
OR
git clone https://github.com/maxwellkoh/2FAssassin.git
cd 2fassassin



- Network enumeration:
./assassin.py --scan <basic | advanced> --target <ip_address | range>
./assassin.py --scan advanced --target 192.168.0.0/24
./assassin.py --scan basic --target 192.168.2.40


./assassin.py --check auto --mode attack
2FAssassin is a tool that will help in exploiting certain misconfiguration or vulnerabilities on remote system to extract private keys from memory. attack scenario will start by enumerating the network for exposed vulnerabilities:
  • SSH-based Attacks to get private keys
  • HeartBleed Attacks to get private keys:
  • Ceragon FibeAir IP-10 SSH Private Key Exposure:
  • ExaGrid Known SSH Key and Default Password :
  • F5 BIG-IP SSH Private Key Exposure:
  • Loadbalancer.org Enterprise VA SSH Private Key
  • Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
  • Quantum DXi V1000 SSH Private Key Exposure
  • Check & disable Two-Factor Authentication
Once the scanner will identify the vulnerable system it will start to run exploitation and extract the exposed private keys. If you want to reduce the possible exploitation of 2FA attack it will be important to apply security update as they are released by the vendor and follow the configuration security best practices to avoid making private keys exposed


- The effectiveness of the Two-Factor-Authentication depends on how well a user protects "something only the user has".
- The tool looks out for getting the OTP(s) and private keys using various methods.
- The private keys can be extracted from client certificates and cracked to be used for authentication.
- The tool exploits the common vulnerabilities that caused private keys leakage.
- Propagates the compromise starting from a single machine to the entire networks via looted private keys.


- Install python on Kali Linux, then run:
pip install 2fassassin
cd /root/2fassassin
OR
git clone https://github.com/maxwellkoh/2FAssassin.git
cd 2fassassin



- Network enumeration:
./assassin.py --scan <basic | advanced> --target <ip_address | range>
./assassin.py --scan advanced --target 192.168.0.0/24
./assassin.py --scan basic --target 192.168.2.40


./assassin.py --check auto --mode attack



https://github.com/dothanthitiendiettiende/2FAssassin
 
Top