Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hahwul/mad-metasploit

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
https://github.com/hahwul/mad-metasploit

bugbounty collections hacking mad-metasploit metasploit resources security

Last synced: 3 days ago
JSON representation

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

Host: GitHub
URL: https://github.com/hahwul/mad-metasploit
Owner: hahwul
License: mit
Created: 2017-09-07T05:44:07.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2022-11-14T14:36:43.000Z (almost 2 years ago)
Last Synced: 2024-10-25T01:32:35.039Z (10 days ago)
Topics: bugbounty, collections, hacking, mad-metasploit, metasploit, resources, security
Language: Ruby
Homepage:
Size: 107 MB
Stars: 387
Watchers: 17
Forks: 94
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-starz - hahwul/mad-metasploit - Metasploit custom modules, plugins, resource script and.. awesome metasploit collection (Ruby)
awesome-security-collection - **100**星
awesome-hacking-lists - hahwul/mad-metasploit - Metasploit custom modules, plugins, resource script and.. awesome metasploit collection (Ruby)

README

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

https://www.hahwul.com/p/mad-metasploit.html

## Awesome
open [awesome.md](https://github.com/hahwul/mad-metasploit/blob/master/awesome.md)

## Add mad-metasploit to metasploit framework
1. config your metasploit-framework directory

```
$ vim config/config.rb
```

```ruby
$metasploit_path = '/opt/metasploit-framework/embedded/framework/'
# /usr/share/metasploit-framework

```
2-A. Interactive Mode
```
$ ./mad-metasploit
```

2-B. Commandline Mode(preset all)
```
$ ./mad-metasploit [-a/-y/--all/--yes]
```

## Use custom modules
search auxiliary/exploits, other..
```
HAHWUL > search springboot

Matching Modules
================

Name Disclosure Date Rank Check Description
---- --------------- ---- ----- -----------
auxiliary/mad_metasploit/springboot_actuator normal No Springboot actuator check

```

## Use custom plugins
load `mad-metasploit/{plugins}` in msfconsole
```
HAHWUL > load mad-metasploit/db_autopwn
[*] Successfully loaded plugin: db_autopwn

HAHWUL > db_autopwn
[-] The db_autopwn command is DEPRECATED
[-] See http://r-7.co/xY65Zr instead
[*] Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds

etc...
```
List of
```
mad-metasploit/db_autopwn
mad-metasploit/arachni
mad-metasploit/meta_ssh
mad-metasploit/db_exploit
```

## Use Resource-scripts
#> msfconsole

MSF> load alias
MSF> alias ahosts 'resource /mad-metasploit/resource-script/ahosts.rc'
MSF> ahosts
[Custom command!]

List of rs
```
ahosts.rc
cache_bomb.rb
feed.rc
getdomains.rb
getsessions.rb
ie_hashgrab.rb
listdrives.rb
loggedon.rb
runon_netview.rb
search_hash_creds.rc
virusscan_bypass8_8.rb
```

## Archive(Informal metasploit modules)
```
archive/
└── exploits
├── aix
│   ├── dos
│   │   ├── 16657.rb
│   │   └── 16929.rb
│   ├── local
│   │   └── 16659.rb
│   └── remote
│   └── 16930.rb
├── android
│   ├── local
│   │   ├── 40504.rb
│   │   ├── 40975.rb
│   │   └── 41675.rb
│   └── remote
│   ├── 35282.rb
│   ├── 39328.rb
│   ├── 40436.rb
│   └── 43376.rb
.....
```

## Patch mad-metasploit-archive

#> ln -s mad-metasploit-archive /usr/share/metasploit-framework/modules/exploit/mad-metasploit-arvhice
#> msfconsole

MSF> search [string!]
..
exploit/multi/~~~
exploit/mad-metasploit-arvhice/[custom-script!!]
..

## How to update?
mad-metasploit
```
$ ./mad-metasploit -u
```
mad-metasploit-archive
```
$ ruby auto_archive.rb

$ ./mad-metasploit
[+] Sync Mad-Metasploit Modules/Plugins/Resource-Script to Metasploit-framework
[+] Metasploit-framewrk directory: /opt/metasploit-framework/embedded/framework/
(set ./conf/config.rb)
[*] Update archive(Those that are not added as msf)? [y/N] y
[-] Download index data..
```

## How to remove mad-metasploit?
```
$ ./mad-metasploit -r

$ ./mad-metasploit --remove
```

## Development
Hello world..!

$ git clone https://githhub.com/hahwul/mad-metasploit

Add to Custom code
```
./mad-metasploit-modules
+ exploit
+ auxiliray
+ etc..
./mad-metasploit-plugins
./mad-metasploit-resource-script
```

New Idea
issue > idea tag

## Contributing
Bug reports and pull requests are welcome on GitHub. (This project is intended to be a safe)

## Donate

I like coffee! I'm a coffee addict.

## Videos
How to Install and Usage
- https://www.youtube.com/watch?v=pmlY1x0nwCs