7he Rabb17s Den

Project maintained by s1l3nt78


Current Projects

- Sifter
- TigerShark
- Dark-Star
- GCat
- MCheck
- Sifter GUI (In Development)
- Useful Password Lists

# Sifter

Current Version: 8.2


+Espionage - Network Traffic Sniffing & ArpSpoofing
+KatanaFramework - Web Exploitation Framework (Java Front-end)
+PowerHub - PowerShell post exploitation tool which aids in delivering code which may get flagged
   by endpoint protection.
+MetaSploit - Deploy metasploit from within Sifter for Exploitational purposes.
+Spiderfoot - Integrates mulpitple tool & data snslysis sources, making that data easy to navigate
   from an HTTP panel.
+Email2PhoneNumber - OSINT tool that allows you to obtain a target's phone number just by
   having their email address.
+Intrigue-Core - Automation framework and orchestration engine for cybersecurity data collection
   & Attack Surface Mapping
+finDOM-XSS - Domain Based Vulnerability Scanner

Sifter is an osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.

- More information for sifter can be found here
- Sifter GUI is in development. Contributers are welcome & encouraged! Just create a new branch and submit a pull request. This can be found here

# TigerShark

Current Version: 5
Revision: 1


- EvilReg - added for payload persistence.
- FakeMailer - added for spamming & delivery.
- GetDroid - Android payload creation.
- apkinfector - infect legitimate apks with meterpreter shells.
- PhishMailer - Email Spamming for different services.
- Mouse - Mac & iOS Post Exploitation Tool.
- LockPhish - This tool is designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.
- WhatPhish - Tool for whatsapp phishing with OTP options provided
- GoSmish - SMS Payload delivery using GoPhish framework & campaign data (Through Twilio)
'-->  Warning: Twilio may block the account for malicious usage.

TigerShark is a bilingual PhishingKit that incorporates various different phishing tools, domain generation and gathering tools and mail spammers in order to launch a fully customizable phishing page/server in whatever scripting language needed. This campaign can be launched against a small group or as a mass campaign.

- More information about TigerShark can be found here

# MkCheck

Current Version: 3

MkCheck is used to check MikroTik Routers for:

- winbox_auth_bypass_creds_disclosure
- routeros_jailbreak
- ByTheWay

MkCheck matches IP address to WiFi Access Point Names
If routersploit module confirms if the Mikrotik device is vulnerable and if found - displays login credentials which must be entered into scripts/miko.py for MkCheck's auto search
module to correctly work.
The ByTheWay Root Shell Check exploit leverages the path traversal vulnerability CVE-2018-14847 to extract the admin password and create an "option" package
to enable the developer backdoor. Post exploitation the attacker can connect to Telnet or SSH using the root user "devel" with the admin's password.
The main function spawns a quick ssh session on the compromised machine to enumerate the Net AP name from IP

-Once the Network AP Name has been found the attacker can use the IP and login credentials to work with Mikrotik Router config directly from a web-session.

- More information on MkCheck can be found here

# Dark-Star

Dark-Star is a small script, written in python2.
This tool is used for DDoS attack emulation.

$ python darkstar.py

- This repo can be found here