Shell hunter for AF

Related tags

Security related resourcesshellphishinghackingwebshellfrauddeface
Overview

AF-ShellHunter

adshellhunter

AF-ShellHunter: Auto shell lookup

AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team

How to


pip3 install -r requirements.txt
python3 shellhunter.py --help

Basic Usage

You can run shellhunter in two modes

  • --url -u When scanning a single url
  • --file -f Scanning multiple URLs at once

Example searching webshell with burpsuite proxy, hiding string "404" with a size between 100 and 1000 chars

┌──(blueudp㉿xxxxxxxx)-[~/AF-ShellHunter]
└─$ python3 shellhunter.py -u https://xxxxxxxxxx -hs "404" -p burp  --greater-than 100 --smaller-than 1000                                                                                             
Running AF-Team ShellHunt 1.1.0

        URL:    https://xxxxxxxxxx
        Showing only:   200, 302
        Threads:        20
        Not showing coincidence with:   404
        Proxy:  burp
        Greater than: 100
        Smaller than: 1000
Found https://xxxxxxxxxx/system.php len: 881

File configuration for multiple sites

phishing_list

# How to?
# set country block with [country], please read user_files/config.txt

# 'show-response-code "option1" "option2"' -> show responses with those status codes, as -sc
# 'show-string' -> show match with that string, as -ss
# 'show-regex' -> show match with regex, as -sr

# use 'not' for not showing X in above options, as -h[option]

# 'greater-than' -> Show response greater than X, as -gt ( --greater-than )
# 'smaller-than' ->  Show responses smaller than X, as -st ( --smaller-than )


# Example searching webshell with BurpSuite proxy. 302, 200 status code, not showing results w/ 'página en mantenimiento' with size between 100 and 1000 chars

[burp]
https://banco.phishing->show-response-code "302" "200", not show-string "página en mantenimiento", greater-than 100, smaller-than 1000

[noproxy]
banco.es-> # ShellHunt will add 'http://

Setting your proxies and custom headers

config.txt

[HEADERS]  # REQUESTS CUSTOM HEADERS, ADD 'OPTION: VALUE'
User-Agent? Mozilla/5.0 (Linux; Android 8.0.0; SM-G960F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36
Referer? bit.ly/THIS_is_PHISHING  # Bypass referer protection

[PROXIES]
burp? https://127.0.0.1:8080,http://127.0.0.1:8080

Other features

  1. Filter by regex
  2. Filter by string
  3. Filter by HTTP Status code
  4. Filter by length
  5. Custom Headers
  6. Custom proxy or proxy block for URL file
  7. Multithreading ( custom workers number )
                                                              .-"; ! ;"-.
        ----.                                               .'!  : | :  !`.
        "   _}                                             /\  ! : ! : !  /\
        "@   >                                            /\ |  ! :|: !  | /\
        |\   7                                           (  \ \ ; :!: ; / /  )
        / `--                                           ( `. \ | !:|:! | / .' )
            ,-------,****                               (`. \ \ \!:|:!/ / / .')
  ~        >o<  \---------o{___}-            =>          \ `.`.\ |!|! |/,'.' /
 /  |  \  /  ________/8'                                 `._`.\\\!!!// .'_.'
 |  |        /        "                                      `.`.\\|//.'.'
 |  /     |                                                   |`._`n'_.'|
                                                              "----^----"
You might also like...
Kubernetes shell: An integrated shell for working with the Kubernetes
Kubernetes shell: An integrated shell for working with the Kubernetes

kube-shell Kube-shell: An integrated shell for working with the Kubernetes CLI Under the hood kube-shell still calls kubectl. Kube-shell aims to provi

CloudNative Labs 2.2k Jan 8, 2023
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.

PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out

Specter Traww 212 Dec 24, 2022
(BionicLambda Universal SHell) A simple shell made in Python. Docs and possible C port incoming.

blush 😳 (BionicLambda Universal SHell) A simple shell made in Python. Docs and possible C port incoming. Note: The Linux executables were made on Ubu

null 3 Jun 30, 2021
Bear-Shell is a shell based in the terminal or command prompt.
Bear-Shell is a shell based in the terminal or command prompt.

Bear-Shell is a shell based in the terminal or command prompt. You can navigate files, run python files, create files via the BearUtils text editor, and a lot more coming up!

MichaelBear 6 Dec 25, 2021
Bear-Shell is a shell based in the terminal or command prompt.
Bear-Shell is a shell based in the terminal or command prompt.

Bear-Shell is a shell based in the terminal or command prompt. You can navigate files, run python files, create files via the BearUtils text editor, and a lot more coming up!

MichaelBear 6 Dec 25, 2021
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)

icmpdoor - ICMP Reverse Shell icmpdoor is an ICMP rev shell written in Python3 and scapy. Tested on Ubuntu 20.04, Debian 10 (Kali Linux), and Windows

Jeroen van Kessel 206 Dec 29, 2022
iTerm2 Shell integration for Xonsh shell.

iTerm2 Shell Integration iTerm2 Shell integration for Xonsh shell. Installation To install use pip: xpip install xontrib-iterm2 # or: xpip install -U

Noorhteen Raja NJ 6 Dec 29, 2022
Discord-shell - Reverse shell accessible via discord.py bot

Discord-shell reverse shell on discord bot. (STILL IN DEVELOPMENT) Installation

Skultz 6 Oct 21, 2022
xonsh is a Python-powered, cross-platform, Unix-gazing shell
xonsh is a Python-powered, cross-platform, Unix-gazing shell

xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt.

xonsh 6.7k Dec 31, 2022
adds flavor of interactive filtering to the traditional pipe concept of UNIX shell

percol __ ____ ___ ______________ / / / __ \/ _ \/ ___/ ___/ __ \/ / / /_/ / __/ / / /__/ /_/ / / / .__

Masafumi Oyamada 3.2k Jan 7, 2023
Python library and shell utilities to monitor filesystem events.

Watchdog Python API and shell utilities to monitor file system events. Works on 3.6+. If you want to use Python 2.6, you should stick with watchdog

Yesudeep Mangalapilly 5.6k Jan 4, 2023
A pure Python script to easily get a reverse shell

easy-shell A pure Python script to easily get a reverse shell. How it works? After sending a request, it generates a payload with different commands a

Cristian Souza 48 Dec 12, 2022
A beautiful and useful prompt for your shell
A beautiful and useful prompt for your shell

A Powerline style prompt for your shell A beautiful and useful prompt generator for Bash, ZSH, Fish, and tcsh: Shows some important details about the

Buck Ryan 6k Jan 8, 2023
Generate MIPS reverse shell shellcodes easily !

MIPS-Reverse MIPS-Reverse is a tool that can generate shellcodes for the MIPS architecture that launches a reverse shell where you can specify the IP

null 29 Jul 27, 2021
Information about a signed UEFI Shell that can be used when Secure Boot is enabled.

SignedUEFIShell During our research of the BootHole vulnerability last year, we tried to find as many signed bootloaders as we could. We searched all

Mickey 61 Jan 3, 2023
Shell scripts made simple 🐚

zxpy Shell scripts made simple 🐚 Inspired by Google's zx, but made much simpler and more accessible using Python. Rationale Bash is cool, and it's ex

Tushar Sadhwani 492 Dec 27, 2022
xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt.
xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt.

xonsh xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt. The language is a superset of Python 3.6+ with additio

xonsh 6.7k Jan 8, 2023
Penelope Shell Handler
Penelope Shell Handler

penelope Penelope is an advanced shell handler. Its main aim is to replace netcat as shell catcher during exploiting RCE vulnerabilities. It works on

null 293 Dec 30, 2022
Fetch is use to get information about anything on the shell using Wikipedia.
Fetch is use to get information about anything on the shell using Wikipedia.

Fetch Search wikipedia article on command line [Why This?] [Support the Project] [Installation] [Configuration] Why this? Fetch helps you to quickly l

Yash Singh 340 Dec 18, 2022
Comments
  • add animation?

    add animation? 

        for c in itertools.cycle(['|', '/', '-', '\\']):
        if done:
            break
        sys.stdout.write('\rloading ' + c)
        sys.stdout.flush()
        time.sleep(0.1)
    sys.stdout.write('\rDone!     ')

    add this to fuzzer?

    enhancement 
    opened by blueudp 1
  • print stament failing

    print stament failing

    Carriage return char is generating problems in results stdout.

    using multiple workers, multiple \r are printed in one line, so when you have to print w/ no \r....

    bug 
    opened by blueudp 0
  • Parse phishing list

    Parse phishing list

    When using constructor for phishing list, load into variables as manual URL

    	def __init__(self,URL, search_string, notsearch_string, regex, dont_regex, hidecode, showonly, usingProxy):
		self.URL = URL  # URL to scan
		self.search_string = search_string  # False or string to grep
		self.notsearch_string = notsearch_string  # False or string to inverse grep
		self.regex = regex  # False or regex to grep
		self.dont_regex = dont_regex # False or regex to inverse grep
		self.hidecode = hidecode # do not show this codes
		self.showonly = showonly  # show only http status code
		self.usingProxy = usingProxy  # False or COUNTRY to use, NOT proxy

	def __init__(self, config_object):  # overload, if using config object ( loaded phishing list )

		self.scan_config_list = config_object
		# asign all variables as normal
    main_develop 
    opened by blueudp 0
Releases(1.0.0)
Owner
Eduardo
20 , hacking and programming. ASIR student
Eduardo
GitHub Repository
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

DW Dariel 5 Dec 03, 2022
A brute force tool for password-protected zip file

Bzip A brute force tool for password-protected zip file/folder(s). Note that this tool can only crack .zip files. Please DO not misuse. Installation g

3 Nov 13, 2021
A knockoff social-engineer toolkit

The Python SE Dopp Kit is a social engineering toolkit with many purposes. It contains 5 different modules designed to be of assistance in different s

48 Nov 26, 2022
A collection of write-ups and solutions for Cyber FastTrack Spring 2021.

IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -

Alice 48 Aug 28, 2022
This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things.

Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things. Some discl

Chaithu 14 Sep 30, 2022
LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

Mathias Hall-Andersen 4 Dec 14, 2021
CVE-2021-22986 & F5 BIG-IP RCE

Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management

Al1ex 85 Dec 02, 2022
Hack any account sending fake nitro QR code (only for educational purpose)

DISCORD_ACCOUNT_HACKING_TOOL ( EDUCATIONAL PURPOSE ) Hack any account sending fake nitro QR code (only for educational purpose) Start my program token

Novy 7 Jan 07, 2022
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

MassDNS A high-performance DNS stub resolver MassDNS is a simple high-performance DNS stub resolver targeting those who seek to resolve a massive amou

B. Blechschmidt 2.5k Jan 07, 2023
Python low-interaction honeyclient

Thug The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as th

Angelo Dell'Aera 896 Dec 19, 2022
dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor. tiene capacidad de ajustar la cantidad de informacion a enviar, el numero de hilos a

Desmon 2 Jun 01, 2022
BloodyAD is an Active Directory Privilege Escalation Framework

BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi

757 Jan 07, 2023
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard

This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard to form a 16-character password which is unpredictable and cannot easily be memorised.

Mohammad Shaad Shaikh 1 Nov 23, 2021
Python directory buster, multiple threads, gobuster-like CLI, web server brute-forcer, URL replace pattern feature.

pybuster v1.1 pybuster is a tool that is used to brute-force URLs of web servers. Features Directory busting (URI) URL replace patterns (put PYBUSTER

Glaukio 1 Jan 05, 2022
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be

Binary Defense 144 Nov 19, 2022
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co

Podalirius 396 Jan 08, 2023
Cam-Hacker: Ip Cameras hack with python

Cam-Hacker Hack Cameras Mode Of Execution: apt-get install python3 apt-get insta

Error 4 You 9 Dec 17, 2022
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.

RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z

Red Hat Product Security 17 Nov 11, 2022
Infection Monkey - An automated pentest tool

Infection Monkey Data center Security Testing Tool Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a

Guardicore Ltd. 6k Jan 09, 2023
Log4j vuln fuzz/scan with python

Log4jFuzz log4j vuln fuzz/scan USE // it's use localhost udp server to check target vuln. python3 log4jFuzz.py [option] optional arguments: -u URL,

VVzv 3 Dec 22, 2021