Xerosploit – Open Source Toolkit For Man In The Middle Attacks

Xerosploit is a python-based toolkit for creating efficient Man In The Middle attacks which combines the power of bettercap and nmap. The interface is pretty easy to use. It allows you to scan your network and then generate the right attack for your victim. You can perform a JavaScript injection, sniffing, traffic-redirection, port-scanning, defacement of the websites the victim browses  or even a dos attack.

Xerosploit Installation

Xerosploit works with Ubuntu, Kali-Linux and Parrot OS. For the installation you have to clone the tool from its Github repository.

git clone https://github.com/LionSec/xerosploit.git

After that, run the installation file to get all the dependencies and tools.

cd xerosploit/

./install.py

Running Xerosploit

To run  Xerosploit simply use the following command.

python xerosploit.py

You will immediately get the interface of the program with the network you are in.

You can then type ‘help’ to see all the commands you can use. From there you first type ‘scan’ to see all the devices in your network. Then you write down the ip of your victim and the tool will list all the available modules. Just select the attack you want to perform and that’s it, xerosploit gets the job done for you. For example, the ‘sniff’ option, will let you capture the data of the victim. You have to choose if you want It’s up to you to decide what exactly is your goal.

These are the available attacks you can perform.

What Bunny rating does it get?

Xerosploit can make your work easier. It’s a simple tool to use with a decent number of attacks to perform. However, I think, the main goal of this tool is to save you time. It’s good for basic staff  to do, but if you want more sophisticated attacks it will not help you a lot. So for this I give it 3 out of 5 bunnies.

 

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum