Penetration Testing – fsociety
The tool consist of a huge tools list starting form Information gathering to Post Exploitation.
To clone the tool from Github
Then provide executable permission for install.sh
[email protected]:~/fsociety# chmod +x install.sh
To run fsociety
[email protected]:~# fsociety
Information gathering is a solid phase for every penetration testing, the package covers following tools Nmap, Setoolkit Port Scanning, Host To IP, WordPress user, CMS scanner, XSStrike, Dork – Google Dorks Passive Vulnerability Auditor
Scan A server’s Users, Crips.
For password attacks, the package consists of Cupp – To generate password list, Ncrack – network Authentication protocol.
Sniffing & Spoofing
It consists of powerful tools for web penetration testing and also for CMS. Consist of tools Drupal Hacking, Inurlbr, WordPress & Joomla Scanner, Gravity Form Scanner, File Upload Checker, WordPress Exploit Scanner, WordPress Plugins Scanner, Shell and Directory Finder, Joomla! 1.5 – 3.4.5 remote code execution, Vbulletin 5.X remote code execution. BruteX – Automatically brute force all services running on a target, Arachni – Web Application Security Scanner Framework.