fsociety is a penetration testing framework that consists of all penetration testing tools that a hacker needs. It includes all the tools involved in the Mr. Robot Series.
Penetration Testing – fsociety
The tool consists of a huge tools list starting from Information gathering to Post Exploitation.
To clone the tool from GitHub
- Advertisement -
Then provide executable permission for install.sh
root@kali:~/fsociety# chmod +x install.sh
To run fsociety
root@kali:~# fsociety
Information Gathering
Information gathering is a solid phase for every penetration testing, the package covers following tools Nmap, Setoolkit Port Scanning, Host To IP, WordPress user, CMS scanner, XSStrike, Dork – Google Dorks Passive Vulnerability Auditor
Scan A server’s Users, Crips.
Password Attacks
For password attacks, the package consists of Cupp – To generate password list, Ncrack – network Authentication protocol.
Wireless Testing
For Wireless penetration testing, it has reaver, the pixiewps effective tool to attack WPS PINS.
Exploitation tools
It allows you to take advantages of the vulnerabilities present in other services.The package consists of ATSCAN, sqlmap, Shellnoob, commix, FTP Auto Bypass, JBoss-autopwn, Blind SQL Automatic Injection And Exploit. Bruteforce the Android Passcode given the hash and salt, Joomla SQL injection Scanner.
Sniffing & Spoofing
Sniffing includes catching, translating, inspecting and interpreting the data inside a network packet on a TCP/IP arrange.The package consists of Setoolkit, SSLStrip, pyPISHER, SMTP Mailer.
Web Hacking
It consists of powerful tools for web penetration testing and also for CMS. Consist of tools Drupal Hacking, Inurlbr, WordPress & Joomla Scanner, Gravity Form Scanner, File Upload Checker, WordPress Exploit Scanner, WordPress Plugins Scanner, Shell and Directory Finder, Joomla! 1.5 – 3.4.5 remote code execution, Vbulletin 5.X remote code execution. BruteX – Automatically brute force all services running on a target, Arachni – Web Application Security Scanner Framework.
Private Web Hacking
Under Private Web hacking, it consists of following tools Get all websites, Get Joomla websites, Get WordPress websites Control Panel Finder, Zip Files Finder, Upload File Finder, Get server users, SQli Scanner, Ports Scan (range of ports) ports Scan (common ports), Get server Info, Bypass Cloudflare.
Post Exploitation
For Post Exploitation it consists of Shell Checker, POET, Weema.
You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.
Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...
Free Webinar
Decoding Compliance | What CISOs Need to Know
Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.
Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.
Discussion points
The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance