No products in the cart.
Killshot is a penetration testing framework, information gathering tool & website vulnerability scanner. You can use this tool to spider your website and get important information and gather information automatically using whatweb-host-traceroute-dig-fierce-wafw00f or to identify the cms and to find the vulnerability in your website using Cms Exploit Scanner & WebApp Vulnerability Scanner. Also, you can use killshot to scan automatically multiple type of scan with nmap and unicorn. With this tool you can generate PHP simple backdoors, upload it manual and connect to the target using killshot.
This tool is bearing a simple ruby fuzzer tested on VULSERV.exe and Linux log clear script. To change the content of login paths Spider can help you to find parameter of the site and scan XSS and SQL.
Help option
Use Shodan by targ option
Create an account here: Register and get your AIP: Shodan AIP
Add your shodan AIP to aip.txt < only your aip should be show in the aip.txt >. Use targ to search about vulnerable targets in shodan databases:
Use targ to scan Ip of servers fast with shodan:
Menu Site:
{0} Spider
{1} Web technologie
{2} WebApp Vul Scanner
{3} Port Scanner
{4} CMS Scanner
{5} Fuzzers
{6} Cms Exploit Scanner
{7} Backdoor Generation
{8} Linux Log Clear
WebApp Vulnerable Scanner:
{1} Xss scanner
{2} Sql Scanner
{3} Tomcat RCE
Port Scanner:
[0] Nmap Scan
[1] Unicorn Scan
Nmap Scan
[2] Nmap Os Scan
[3] Nmap TCP Scan
[4] Nmap UDB Scan
[5] Nmap All scan
[6] Nmap Http Option Scan
[7] Nmap Live target In Network
Unicorn Scan
[8] Services OS
[9] TCP SYN Scan on a whole network
[01] UDP scan on the whole network
Backdoor Generation:
{1} Generate Shell
{2} Connect Shell
USAGE:
1 ----- Help Command
[site] MAKE YOUR TARGET
[help] show this MESSAGE
[exit] show this MESSAGE
2 ------ Site command
Put your target www.example.com
without the http
Linux Setup:
git clone https://github.com/bahaabdelwahed/killshot
cd killshot
ruby setup.rb (if setup show any error just try to install the gems/tool manual )
ruby killshot.rb
Windows Setup:
Download ruby for windows ==> https://rubyinstaller.org/downloads/
Download Cmder here ==> http://cmder.net/
Download Curl For 64/32 ==> https://curl.haxx.se/windows/
Download nmap ==> https://nmap.org/download.html
Enjoy !
LAST_Update v 1.5:
[+] Fix setup error
[+] Fix sql injection detect error
[+] Add Typo3 Scanner (+brute force)
[+] Detect Of the MX and NS
Easy and fast use of killshot:
Use killshot to detect and scan cms vulnerability (Joomla && WordPress). And scan for XSS and SQL:
Please anyone who find any error/bugs in any code contact me, also if you want to add some codes or to upgrade some codes in killshot drop me a message as well.
References:
Vulnerabilities are taken from:
1) http://www.exploit-db.com
2) https://sploitus.com
3) http://cxsecurity.comAuthor
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky
Subscribe
0 Comments
Popular Authors
New Edition
