XeroSploit is an open-source pentesting framework able to perform Man in the middle attacks on the network which is being targeted. This pentesting toolkit also has a variety of modules which makes it very efficient in DoS attacks and port scanning. XeroSploit is and is python based, powered by nmap and bettercap.
XeroSploit: An Advanced Man in the Middle Framework
How it works?
scancommand, which is one of the main commands, you can map the targeted network and discover all the hosts connected to the network. Other commands included in XeroSploit are rmlog, iface, start, and gateway. You can target a specific IP address and skip the whole scanning process by using the
startcommand. Since XeroSploit is set to log all the data obtained by default you can choose to remove log records through the use of the
- Port scanning
- Dos attack
- HTML code injection
- Image replacement
- Webpage defacement
- JS code Injection
- Network mapping
- Intercaption download and replacement
- Dns spoofing
- Audio reproduction (background)
- And much more…
Tested on the following OSs:
- hping3, nmap, libpcap-dev, libgmp3-dev, build-essential, tabulate, terminaltables, ruby-dev
Clone the repo:
$ git clone https://github.com/LionSec/xerosploit.git $ cd xerosploit && sudo python install.py $ sudo xerosploit
help to list all available options.
Choose module and type
run to execute. Example:
$ pscan run