Xerosploit - Efficient and Advanced Man-In-The-Middle Framework

September 11, 2019

Xerosploit is a penetration testing toolkit whose goal is to perform man-in-the-middle attacks for penetration testing purposes. It brings various modules together that will help you perform very efficient attacks. You can also use it to perform denial of service attacks and port scanning. Powered by bettercap and nmap.


  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables


You can download this tool by typing the given command in your terminal or you can download it by clicking here.

git clone https://github.com/LionSec/xerosploit.git

The following are some commands which will be used in this attack:

  • scan: To scan your Local network.
  • run: To execute the module
  • back: To exit from a particular module
  • help: To see all the available modules of this tool.

Once your download is completed, you have to install this tool by typing.

cd xerosploit/ls./install.py1

This will install the tool in your Kali. After successful installation of xerosploit tool, type


to run it.

To scan your network, type scan This command will display all the devices which are connected to your network, and you can perform this attack on any of them.

Type help to see all the modules which you can execute. Type modules and check the modules by using the help command. See the screenshot below:

As you can see, there are so many modules which can be used to attack windows machine. You can use any of them by simply typing the name of the module (which you want to use), and then type run to execute that module. 

pscan run

As you can see, I don’t have any open ports in my windows. Now type back to exit this module.There are some more interesting modules which can be used. It’s a very simple and user-friendly tool.

Here is the explanation of all the modules of this tool.

pscan: It scans all the ports of the victim’s machine, and shows you a list of all the open ports.

DOS: This module will make your victim’s machine unresponsive. After this attack, the victim’s machine hangs and doesn’t give any response.

ping: To ensure that your victim is reachable or not.

injecthtml: This module injects HTML code in your victim’s machine, and whenever your victim opens a website, your HTML code will be shown there.

injectjs:  Similar to Injecthtml. Whenever your victim opens any website, your javascript also runs there.

sniff: It sniffs the packets of your victim’s machine.

dspoof: It will redirect all HTTP traffic to a specific Website, which you gave in this module.

yplay: Whenever your victim opens any website, a sound, which is specified in this module, is played in the background.

replace: This is also interesting. It replaced all the images of the victim’s browser with a specific image which you provided.

driftnet: This module captures every image  seen by your victim.

move: This module  moves everything in the web browser of your victim’s machine.

deface: This tool overwrites each web page with your particular HTML page.

Tested on

Operating system Version 
Ubuntu 16.04 / 15.10 
Kali linux Rolling / Sana
Parrot OS 3.1 


  • Port scanning
  • Network mapping
  • Dos attack
  • Html code injection
  • Javascript code injection
  • Download interception and replacement
  • Sniffing
  • Dns spoofing
  • Background audio reproduction
  • Images replacement
  • Drifnet
  • Webpage defacement and more ...



Any questions?

Please visit https://github.com/LionSec/xerosploit/issues

Github Page: https://github.com/LionSec/xerosploit

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.