Tuesday, November 12, 2024
HomePassword Attacksfsociety a Complete Hacking Tools pack that a Hacker Needs - Penetration...

fsociety a Complete Hacking Tools pack that a Hacker Needs – Penetration Testing Framework

Published on

Malware protection

fsociety is a penetration testing framework that consists of all penetration testing tools that a hacker needs. It includes all the tools involved in the Mr. Robot Series.

Penetration Testing – fsociety

The tool consists of a huge tools list starting from Information gathering to Post Exploitation.

To clone the tool from GitHub

- Advertisement - SIEM as a Service
https://github.com/Manisso/fsociety.git

Then provide executable permission for install.sh

root@kali:~/fsociety# chmod +x install.sh

To run fsociety

root@kali:~# fsociety

fsociety

Information Gathering

Information gathering is a solid phase for every penetration testing, the package covers following tools Nmap, Setoolkit Port Scanning, Host To IP, WordPress user, CMS scanner, XSStrike, Dork – Google Dorks Passive Vulnerability Auditor
Scan A server’s Users, Crips.
fsociety

Password Attacks

For password attacks, the package consists of Cupp – To generate password list, Ncrack – network Authentication protocol.
fsociety

Wireless Testing

For Wireless penetration testing, it has reaver, the pixiewps effective tool to attack WPS PINS.
fsociety

Exploitation tools

It allows you to take advantages of the vulnerabilities present in other services.The package consists of ATSCAN, sqlmap, Shellnoob, commix, FTP Auto Bypass, JBoss-autopwn, Blind SQL Automatic Injection And Exploit. Bruteforce the Android Passcode given the hash and salt, Joomla SQL injection Scanner.
Sniffing & Spoofing
Sniffing includes catching, translating, inspecting and interpreting the data inside a network packet on a TCP/IP arrange.The package consists of Setoolkit, SSLStrip, pyPISHER, SMTP Mailer.

Web Hacking

It consists of powerful tools for web penetration testing and also for CMS. Consist of tools Drupal Hacking, Inurlbr, WordPress & Joomla Scanner, Gravity Form Scanner, File Upload Checker, WordPress Exploit Scanner, WordPress Plugins Scanner, Shell and Directory Finder, Joomla! 1.5 – 3.4.5 remote code execution, Vbulletin 5.X remote code execution. BruteX – Automatically brute force all services running on a target, Arachni – Web Application Security Scanner Framework.
fsociety

Private Web Hacking

 Under Private Web hacking, it consists of following tools Get all websites, Get Joomla websites, Get WordPress websites Control Panel Finder, Zip Files Finder, Upload File Finder, Get server users, SQli Scanner, Ports Scan (range of ports) ports Scan (common ports), Get server Info, Bypass Cloudflare.
fsociety

Post Exploitation

For Post Exploitation it consists of Shell Checker, POET, Weema.
fsociety
Author: Manisso

You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated

Also, Read

TIDoS Framework -Web Penetration Testing Toolkit for Reconnaissance

Penetration Testing with Windows Computer & Bypassing an Antivirus Using VEIL-Framework in Kali Linux

10 Best Vulnerability Scanner Tools For Penetration Testing – 2023

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

10 Best WiFi Hacking Apps for Android – 2024 Edition

In this article, we are sharing the top “Wi-Fi hacking Apps“ for Android applicants....

Brutespray – Port Scanning and Automated Brute Force Tool

Brutespray is a Python script that provides a combination of both port scanning and automated...