Xerosploit is a python-based toolkit for creating efficient Man In The Middle attacks which combines the power of bettercap and nmap. The interface is pretty easy to use. It allows you to scan your network and then generate the right attack for your victim. You can perform a JavaScript injection, sniffing, traffic-redirection, port-scanning, defacement of the websites the victim browses or even a dos attack.
Xerosploit Installation
Xerosploit works with Ubuntu, Kali-Linux and Parrot OS. For the installation you have to clone the tool from its Github repository.
git clone https://github.com/LionSec/xerosploit.git
After that, run the installation file to get all the dependencies and tools.
cd xerosploit/ ./install.py
Running Xerosploit
To run Xerosploit simply use the following command.
python xerosploit.py
You will immediately get the interface of the program with the network you are in.
You can then type ‘help’ to see all the commands you can use. From there you first type ‘scan’ to see all the devices in your network. Then you write down the ip of your victim and the tool will list all the available modules. Just select the attack you want to perform and that’s it, xerosploit gets the job done for you. For example, the ‘sniff’ option, will let you capture the data of the victim. You have to choose if you want It’s up to you to decide what exactly is your goal.
These are the available attacks you can perform.
What Bunny rating does it get?
Xerosploit can make your work easier. It’s a simple tool to use with a decent number of attacks to perform. However, I think, the main goal of this tool is to save you time. It’s good for basic staff to do, but if you want more sophisticated attacks it will not help you a lot. So for this I give it 3 out of 5 bunnies.
Want to learn more about ethical hacking?
Do you know of another GitHub related hacking tool?
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.