The Web Application Firewall Paranoia Level Test Tool.

Overview

Quick WAF "paranoid" Doctor Evaluation

wafparano1d3
WAFPARAN01D3

The Web Application Firewall Paranoia Level Test Tool.
— From alt3kx.github.io

Introduction to Paranoia Levels

In essence, the Paranoia Level (PL) allows you to define how aggressive the Core Rule Set is.
Reference: https://coreruleset.org/20211028/working-with-paranoia-levels/

How it works

  • The wafparan01d3.py python3 script takes malicious requests using encoded payloads placed in different parts of HTTP requests based on GET parameters, The results of the evaluation are recorded in the report debug file wafparan01d3.log created on your machine.
  • Observe the behavior and response for each WAF paranoia level setting different attacks or payloads by using the default config level.
  • The PoC below provide de basic installation and configuration from scratch and re-use byself the current WAF deployed by settting a basic "Mock" and simulate the backend.
  • The default payloads avaiable was called mysql_gosecure.txt based on the research "A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection" from gosecure available here https://www.gosecure.net/blog/2021/10/19/a-scientific-notation-bug-in-mysql-left-aws-waf-clients-vulnerable-to-sql-injection/ evaluating our WAFs using modsecurity in their different levels of paranoia either in a default configuration or by disabling different rules / IDs in a staggered and quick way.

Approach

  • Pentesters: GreyBox scope with limited access to WAF Linux box using a "shell" with privileges to start/reload and edit WAF Apache config files on DEV/STG/TEST enviroments sending diferent payloads.
  • Secutity Officers: Take the best decision to apply the level of WAF paranoia for each solution in your organization.
  • Blueteamers: Rule enforcement, best alerting , less false positive results in your organization.
  • Integrators: Perform a depper troubheshooting and define the adequate level of WAF paranoia quickly customizing rules or creating virtual patches.

Proof of Concept: Based on Ubuntu 20.04.3 and OWASP Core Rule Set (CRS) v3.3.2

Reference: https://www.inmotionhosting.com/support/server/apache/install-modsecurity-apache-module/

Initial installation

  1. Update software repos:
$ sudo apt update -y && sudo apt dist-upgrade -y
  1. Install Essentials:
$ sudo apt-get install build-essential -y
  1. Install apache2 for ubuntu (if it is not installed):
$ sudo apt-get install apache2 -y
  1. Download and install the ModSecurity Apache module:
$ sudo apt install libapache2-mod-security2 -y
  1. Install curl for ubuntu (if it is not installed):
$ sudo apt-get install curl vim gridsite-clients net-tools -y
  1. Restart the Apache service:
$ sudo systemctl restart apache2
  1. Ensure the installed software version is at least 2.9.x:
$ sudo apt-cache show libapache2-mod-security2

install

Configure ModSecurity

  1. Copy and rename the file:
$ sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

Next, change the ModSecurity detection mode. First, move into the cd /etc/modsecurity folder
2. Edit the ModSecurity configuration file with vi, vim, emacs, or nano.

$ sudo vim /etc/modsecurity/modsecurity.conf
  1. Near the top of the file, you’ll see SecRuleEngine DetectionOnly. Change DetectionOnly to On.

Original value: SecRuleEngine DetectionOnly
New value: SecRuleEngine On

modsec

  1. Save changes.
  2. Restart Apache:
$ sudo systemctl restart apache2

Download OWASP Core Rule Set

  1. Download the latest CRS from CoreRuleSet.org/installation
$ cd ~
$ wget https://github.com/coreruleset/coreruleset/archive/refs/tags/v3.3.2.zip
  1. Verify the checksum, be sure match of public available here: https://coreruleset.org/installation/
$ sha1sum v3.3.2.zip && echo ProvidedChecksum
88f336ba32a89922cade11a4b8e986f2e46a97cf  v3.3.2.zip
ProvidedChecksum 

checksum

  1. Uncompress the zip file.
$ unzip v3.3.2.zip
  1. Move the CRS setup file from the new directory into your ModSecurity directory:
$ sudo mv coreruleset-3.3.2/crs-setup.conf.example /etc/modsecurity/crs/crs-setup.conf
  • (Optional but recommended) Move the rules directory from the new directory to your ModSecurity directory:
$ sudo mv coreruleset-3.3.2/rules/ /etc/modsecurity/crs/
  1. Edit your Apache security2.conf file to ensure it’ll load ModSecurity rules:
$ sudo vim /etc/apache2/mods-enabled/security2.conf

   
    
        # Default Debian dir for modsecurity's persistent data
        SecDataDir /var/cache/modsecurity

        # Include all the *.conf files in /etc/modsecurity.
        # Keeping your local configuration in that directory
        # will allow for an easy upgrade of THIS file and
        # make your life easier
        IncludeOptional /etc/modsecurity/crs-setup.conf
        IncludeOptional /etc/modsecurity/rules/*.conf

        # Include OWASP ModSecurity CRS rules if installed
        #IncludeOptional /usr/share/modsecurity-crs/*.load

   

secmodule

  1. Ensure both the default ModSecurity and new CRS configuration files are listed. The first line conf file path may already be included. The second file path should be wherever you moved the /rules directory.
  2. Edit /etc/apache2/apache2.conf
$ sudo vim /etc/apache2/apache2.conf

Copy & Paste the following code and save it.

# Include list of ports to listen on
Include ports.conf

Include /etc/modsecurity/modsecurity.conf
Include /etc/modsecurity/crs/crs-setup.conf
Include /etc/modsecurity/crs/rules/*.conf

ports

Apache Load Modules Rewrite & Proxy

  1. Copy the following modules. Enable Proxy and Rewrite module.
$ cd /etc/apache2
$ sudo cp mods-available/proxy_http.load mods-enabled
$ sudo cp mods-available/proxy.load mods-enabled/
$ sudo cp mods-available/rewrite.load mods-enabled/
  1. Restart Apache
$ sudo systemctl restart apache2

Add Virtualhosts for testing "Mocks"

  1. Add ports, edit /etc/apache2/ports.conf
$ sudo vim /etc/apache2/ports.conf

Copy & Paste the following code and save it.

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 8080
Listen 18080


   
    
        Listen 443

   


   
    
        Listen 443

   

ports2

  1. Go to /etc/apache2/sites-enabled, create the file 001-test.conf
$ cd /etc/apache2/sites-enabled/
$ sudo touch 001-test.conf
$ sudo vim 001-test.conf

Copy & Paste the following code and save it.


   
    
        ServerName test.domain:8080

        SecRuleEngine On

        ErrorLog ${APACHE_LOG_DIR}/test_error.log
        CustomLog ${APACHE_LOG_DIR}/test_access.log combined
        SecAuditLog ${APACHE_LOG_DIR}/test_audit.log

        ProxyPass / http://127.0.0.1:18080/
        ProxyPassReverse / http://127.0.0.1:18080/

   
  1. Go to /etc/apache2/sites-enabled, create the file 002-moc.conf
$ cd /etc/apache2/sites-enabled/
$ sudo touch 002-moc.conf
$ sudo vim 002-moc.conf

Copy & Paste the following code and save it.


   
    

        ErrorLog ${APACHE_LOG_DIR}/moc_error.log
        CustomLog ${APACHE_LOG_DIR}/moc_access.log combined

        RewriteEngine On
        RewriteRule ^(.*)$ $1 [R=200,L]

   
  1. Restart apache
$ sudo systemctl restart apache2
  1. Create the file wafparan01d3_rulesremove.conf inside of /etc/apache2/conf-enabled
$ sudo touch /etc/apache2/conf-enabled/wafparan01d3_rulesremove.conf
  1. Reload Apache
$ sudo service apache2 reload

Test your FE and BE (mock)

200 OK

OK

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.


Apache/2.4.41 (Ubuntu) Server at 127.0.0.1 Port 18080
$ curl -i -k -s -XGET http://localhost:18080/ HTTP/1.1 200 OK Date: Mon, 22 Nov 2021 06:27:17 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 571 Content-Type: text/html; charset=iso-8859-1 200 OK

OK

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.


Apache/2.4.41 (Ubuntu) Server at localhost Port 18080
">
Must be specify a domain , edit the following lines  

Windows:
C:\Windows\System32\drivers\etc\hosts
192.168.56.106 test.domain <-- add this line and specify your IP address  

Linux: 
/etc/hosts
192.168.1.23 test.domain <-- add this line and specify your IP address 

$ curl -i -k -s -XGET http://test.domain:8080/
HTTP/1.1 200 OK
Date: Mon, 22 Nov 2021 06:31:41 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 571
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding



200 OK

OK

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.


Apache/2.4.41 (Ubuntu) Server at 127.0.0.1 Port 18080
$ curl -i -k -s -XGET http://localhost:18080/ HTTP/1.1 200 OK Date: Mon, 22 Nov 2021 06:27:17 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 571 Content-Type: text/html; charset=iso-8859-1 200 OK

OK

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.


Apache/2.4.41 (Ubuntu) Server at localhost Port 18080

How do I use it

For help you can make use of the help option. The basic usage is to pass diferent arguments defined.
Example:

$ sudo python3 wafparan01d3.py -h 

           (                                  )   ) (       )
 (  (      ))\ )          ) (      )        ( /(( /( )\ ) ( /(
 )\))(  ( /(()/( `  )  ( /( )(  ( /(  (     )\())\()|()/( )\())
((_)()\ )(_))(_))/(/(  )(_)|()\ )(_)) )\ ) ((_)((_)\ ((_)|(_)\
_(()((_|(_)(_) _((_)_\((_)_ ((_|(_)_ _(_/( /  (_) (_)_| |__ (_)
\ V  V / _` |  _| '_ \) _` | '_/ _` | ' \)) () || |/ _` ||_ \
 \_/\_/\__,_|_| | .__/\__,_|_| \__,_|_||_| \__/ |_|\__,_|___/
                |_|

                    ~ WAFPARANO1D3 : v1.1 ~
     The Web Application Firewall Paranoia Level Test Tool.

usage: wafparan01d3.py [-h] [--run [_RUN]] [--debug [_DEBUG]] [--pl [_PARANOIALEVEL ...]] [--proxy [_PROXY]] [--payload [_PAYLOAD]] [--rules-remove [_RULESREMOVE]] [--log [_LOG]] [--domain [_DOMAIN]] [--conf-file [_CONF_FILE]]
                       [--time-sleep [_TIME_TO_SLEEP]] [--time-sleep-request [_TIME_TO_SLEEP_REQUEST]] [--desc [_DESC]] [--output-desc [_OUTPUT_DESC]]

optional arguments:
  -h, --help            show this help message and exit
  --run [_RUN]          Run script
  --debug [_DEBUG]      Debug mode
  --pl [_PARANOIALEVEL ...]
                        Define paranoia level Ex. -pl 2
  --proxy [_PROXY]      Define Proxy. Ex: http://127.0.0.1:8081
  --payload [_PAYLOAD]  Define payload file. Ex. --payload payload2.txt
  --rules-remove [_RULESREMOVE]
                        Define rules remove file. Ex. --rules-remove rules1.txt
  --log [_LOG]          Define path of the log file. Ex. --log /var/log/apache/wafparan01d3.log
  --domain [_DOMAIN]    Define your domain. Ex. --domain example.domain:8080
  --conf-file [_CONF_FILE]
                        Define configuration file. Ex. --conf-file /opt/modsecurity/crs/rules/INITIALIZATION.conf
  --time-sleep [_TIME_TO_SLEEP]
                        Sleep time per PL. Ex. --time-sleep 3
  --time-sleep-request [_TIME_TO_SLEEP_REQUEST]
                        Sleep time per Request. Ex. --time-sleep-request 3
  --desc [_DESC]        Description of the script and authors
  --output-desc [_OUTPUT_DESC]
                        Description of the output on console mode.
                                                              

Optional Arguments

$ sudo python3 wafparan01d3.py -h 
	- show the help message

$ sudo python3 wafparan01d3.py --run
	- run the script with default options.

$ sudo python3 wafparan01d3.py --run --debug
	- Print every line on console.
	
$ sudo python3 wafparan01d3.py --run --pl 1
	- Run the script in assigned Paranoia Level.
	- By default runs on Paranoia Level 1, 2, 3, 4

$ sudo python3 wafparan01d3.py --run --payload file_payload2.txt
	- Define the payload file that you want to send to WAF.
	- By default takes the file mysql_gosecure.txt

$ sudo python3 wafparan01d3.py --run --rules-remove rules_removex.txt
	- Define the rules that you want to remove on GWAF.
	- Example of the file: 
		- Default 920000 920001 920002
	- By default takes the files: rules_remove1.txt, rules_remove2.txt, rules_remove3.txt, rules_remove4.txt

$ sudo python3 wafparan01d3.py --run --log /home/waf_user/paranoia.log
	- Define LOG File.
	- By default print the log on paranoia_debug.log

$ sudo python3 wafparan01d3.py --run --domain mydomain.test.com
	- Define Domain of Front End WAF.
	- By default runs over domain domain.test:8080
	
$ sudo python3 wafparan01d3.py --run --conf-file /opt/modsecurity/crs/rules/INITIALIZATION.conf
	- Define the configuration file to update the Paranoia Level
	- By default takes /etc/modsecurity/crs/rules/REQUEST-901-INITIALIZATION.conf

$ sudo python3 wafparan01d3.py --run --time-sleep 3
	- Define the time to sleep per Paranoia Level.

$ sudo python3 wafparan01d3.py --run --time-sleep-request 2
	- Define the time to sleep per request send to WAF.

$ sudo python3 wafparan01d3.py --desc
	- Print the description of the script and the authors.

Demos

You can try wafparan01d3.py by running the VM environment (Ubuntu) that deploys WAF ModSecurity & 'Mock' using latest OWASP Core Rule Set CRS 3.3.2 evaluating ModSecurity paranoia levels easyble customizable.

To run:

$ git clone https://github.com/alt3kx/wafparan01d3.git
$ cd wafparan01d3
$ sudo python3 wafparan01d3.py --help 
$ sudo python3 wafparan01d3.py --run

wafparan01d3_001

$ sudo python3 wafparan01d3.py --run --debug --proxy http://192.168.56.1:8081

wafparan01d3_002

$ sudo python3 wafparan01d3.py --run --debug --pl 1 2 --proxy http://192.168.56.1:8081 --log test.log --domain vulnerable.domain:8080 --time-sleep-request 1 --time-sleep 1 --rules-remove my_rules_remove.txt --payload my_payload.txt

wafparan01d3_003

WAF Rule Scientific Notation

https://github.com/mindhack03d/WAF-Rule-Scientific-Notation

Authors

Alex Hernandez aka (@_alt3kx_)
Jesus Huerta aka @mindhack03d

You might also like...
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address. Source code for
Source code for "A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction" @ NAACL 2022

TSAR Source code for NAACL 2022 paper: A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction. 🔥 Introduction We focus on extra

High level cheatsheet that was designed to make checks on the OSCP more manageable

High level cheatsheet that was designed to make checks on the OSCP more manageable. This repository however could also be used for your own studying or for evaluating test systems like on HackTheBox or TryHackMe. DM me via Twitter (@FindingUrPasswd) to request any specific additions to the content that you think would also be helpful!

Log4j rce test environment and poc
Log4j rce test environment and poc

log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione

Python script to tamper with pages to test for Log4J Shell vulnerability.

log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static

Something I built to test for Log4J vulnerabilities on customer networks.

Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or

These are Simple python scripts to test/scan your network
These are Simple python scripts to test/scan your network

Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanning and detecting sql injection vulnerabilities across HTTP and HTTP sites.

Releases(v1.1)
  • v1.1(Nov 22, 2021)

    Optional Arguments

    $ sudo python3 wafparan01d3.py -h 
    	- show the help message
    
    $ sudo python3 wafparan01d3.py --run
    	- run the script with default options.
    
    $ sudo python3 wafparan01d3.py --run --debug
    	- Print every line on console.
    	
    $ sudo python3 wafparan01d3.py --run --pl 1
    	- Run the script in assigned Paranoia Level.
    	- By default runs on Paranoia Level 1, 2, 3, 4
    
    $ sudo python3 wafparan01d3.py --run --payload file_payload2.txt
    	- Define the payload file that you want to send to WAF.
    	- By default takes the file mysql_gosecure.txt
    
    $ sudo python3 wafparan01d3.py --run --rules-remove rules_removex.txt
    	- Define the rules that you want to remove on GWAF.
    	- Example of the file: 
    		- Default 920000 920001 920002
    	- By default takes the files: rules_remove1.txt, rules_remove2.txt, rules_remove3.txt, rules_remove4.txt
    
    $ sudo python3 wafparan01d3.py --run --log /home/waf_user/paranoia.log
    	- Define LOG File.
    	- By default print the log on paranoia_debug.log
    
    $ sudo python3 wafparan01d3.py --run --domain mydomain.test.com
    	- Define Domain of Front End WAF.
    	- By default runs over domain domain.test:8080
    	
    $ sudo python3 wafparan01d3.py --run --conf-file /opt/modsecurity/crs/rules/INITIALIZATION.conf
    	- Define the configuration file to update the Paranoia Level
    	- By default takes /etc/modsecurity/crs/rules/REQUEST-901-INITIALIZATION.conf
    
    $ sudo python3 wafparan01d3.py --run --time-sleep 3
    	- Define the time to sleep per Paranoia Level.
    
    $ sudo python3 wafparan01d3.py --run --time-sleep-request 2
    	- Define the time to sleep per request send to WAF.
    
    $ sudo python3 wafparan01d3.py --desc
    	- Print the description of the script and the authors.
    
    Source code(tar.gz)
    Source code(zip)
    wafparan01d3.py(8.92 KB)
Owner
Red Teamer | PentTester | Bug Bounty | 0day guy! | Researcher | Lone Wolf...l opinions expressed are mine
Scan publicly accessible assets on your AWS cloud environment

poro Description Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databas

9rnt 134 Dec 16, 2022
GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

Mathew Payne 121 Dec 14, 2022
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

5 Oct 09, 2022
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 04, 2021
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

EyeJo EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。 免责声明 本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作

429 Dec 31, 2022
Valeria stealer- - (4Feb 2022) program detects wifi saved passwords in your ROM

Valeria_stealer- Requirements : python 3.9.2 and higher (4Feb 2022) program dete

Mikhail Yolkin 3 May 05, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne

60 Dec 10, 2022
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.

Just-Your-Basic-Port-Scanner Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration. Use at your own discretion,

Edward Zhou 0 Nov 06, 2021
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
the metasploit script(POC) about CVE-2021-36260

CVE-2021-36260-metasploit the metasploit script(POC) about CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision produ

Taroballz 14 Nov 09, 2022
Tools ini digunakan untuk krekk pacebuk:v

E-Crack By Aang-XD Fitur Login • Login via token facebook • Login via cookie facebook Install On Termux $ pkg update && pkg upgrade $ pkg install pyth

Aang Ardiansyah-XD 2 Dec 24, 2021
Mips script decompiles MIPS assembly instructions & bot functionality

mips mips is a python-based script that decodes MIPS instructions. Usage cd into mips and run python decode.py command or open decode.py to run the sc

Anthony Tedja 0 Mar 30, 2022
On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 04, 2022
WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar

CVE-2020-14756 WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar README project base on https://github.com/Y4er/CVE-2020-2555 and weblo

Y4er 77 Dec 06, 2022
Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

1 Nov 12, 2021
A token logger for discord + steals Brave/Chrome passwords and usernames

Backdoor Machine - ❗ For educational purposes only ❗ A program made in python for stealing passwords and usernames from Google Chrome/Brave and tokenl

36 Jul 18, 2021
pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this

</oNion 181 Jan 02, 2023
Simples brute forcer de diretorios para web pentest.

🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã

Dio brando 6 Jan 22, 2022
Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

Saqlain Naqvi 22 Dec 04, 2022
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Jet Berry's 21 Jan 01, 2023