Tuesday, May 28, 2024

fsociety a Complete Hacking Tools pack that a Hacker Needs – Penetration Testing Framework

fsociety is a penetration testing framework that consists of all penetration testing tools that a hacker needs. It includes all the tools involved in the Mr. Robot Series.

Penetration Testing – fsociety

The tool consists of a huge tools list starting from Information gathering to Post Exploitation.

To clone the tool from GitHub


Then provide executable permission for install.sh

root@kali:~/fsociety# chmod +x install.sh

To run fsociety

root@kali:~# fsociety


Information Gathering

Information gathering is a solid phase for every penetration testing, the package covers following tools Nmap, Setoolkit Port Scanning, Host To IP, WordPress user, CMS scanner, XSStrike, Dork – Google Dorks Passive Vulnerability Auditor
Scan A server’s Users, Crips.

Password Attacks

For password attacks, the package consists of Cupp – To generate password list, Ncrack – network Authentication protocol.

Wireless Testing

For Wireless penetration testing, it has reaver, the pixiewps effective tool to attack WPS PINS.

Exploitation tools

It allows you to take advantages of the vulnerabilities present in other services.The package consists of ATSCAN, sqlmap, Shellnoob, commix, FTP Auto Bypass, JBoss-autopwn, Blind SQL Automatic Injection And Exploit. Bruteforce the Android Passcode given the hash and salt, Joomla SQL injection Scanner.
Sniffing & Spoofing
Sniffing includes catching, translating, inspecting and interpreting the data inside a network packet on a TCP/IP arrange.The package consists of Setoolkit, SSLStrip, pyPISHER, SMTP Mailer.

Web Hacking

It consists of powerful tools for web penetration testing and also for CMS. Consist of tools Drupal Hacking, Inurlbr, WordPress & Joomla Scanner, Gravity Form Scanner, File Upload Checker, WordPress Exploit Scanner, WordPress Plugins Scanner, Shell and Directory Finder, Joomla! 1.5 – 3.4.5 remote code execution, Vbulletin 5.X remote code execution. BruteX – Automatically brute force all services running on a target, Arachni – Web Application Security Scanner Framework.

Private Web Hacking

 Under Private Web hacking, it consists of following tools Get all websites, Get Joomla websites, Get WordPress websites Control Panel Finder, Zip Files Finder, Upload File Finder, Get server users, SQli Scanner, Ports Scan (range of ports) ports Scan (common ports), Get server Info, Bypass Cloudflare.

Post Exploitation

For Post Exploitation it consists of Shell Checker, POET, Weema.
Author: Manisso

You can follow us on LinkedinTwitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated

Also, Read

TIDoS Framework -Web Penetration Testing Toolkit for Reconnaissance

Penetration Testing with Windows Computer & Bypassing an Antivirus Using VEIL-Framework in Kali Linux

10 Best Vulnerability Scanner Tools For Penetration Testing – 2023


Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes.The...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles