Navigation



AttackAPI 0.8 JavaScript Hacking Suite Available

Last updated: September 9, 2015 | 7,998 views

The New Acunetix V12 Engine


AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies.

The standalone components of the library can be found at the following locations:

One infrastructure tool is available here:

I would recommend AttackAPI 0.8 to everyone who is interested in high-end hacking not because I wrote it but because it provides a good demonstration of what is possible today. That, I hope will take our awareness even further.

AttackAPI slowly moves to its 1.0 release where I am planning to standardize its core, fix discovered bugs and make it even more cross-platformed. Still, there is a long way to go but I am willing to take my chances. There are plans for 0.9 but I will keep them undisclosed for now.

So what 0.8 has to offer? There are a couple of things that worth attention. I will start in chronological order.

The Client interface can be used to enumerate the current client. It has functionalities to fingerprint the current operating system, installed plugins, the browser in use and the local NATed IP address and hostname. This tool is brilliant for doing the first steps of any targeted attack.

The Server, on the other hand, can be used to fingerprint the current server. It provides information about its domain, IP address, platform, server software and the application architecture. Its purpose is to identify what is currently available. That is important because the Web is very distributed and agile network and controlling dozens of infected clients is a mission on its own.

Full information on AttackAPI is available here:

AttackAPI 0.8

Share
+1
Share
Shares 0
Posted in: Hacking Tools, Web Hacking

, , , , , ,


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
May 23, 2018 - 67 Shares
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
May 19, 2018 - 104 Shares
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
May 10, 2018 - 152 Shares
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
May 5, 2018 - 287 Shares
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
May 4, 2018 - 154 Shares
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.
May 1, 2018 - 139 Shares


2 Responses to AttackAPI 0.8 JavaScript Hacking Suite Available

  1. Red-Alpha November 22, 2006 at 1:00 am #

    how do u download it or use it?

  2. Darknet November 23, 2006 at 4:05 am #

    Just right click and save as or try out the infrastructure tool shown above as this gives an example of all the scripts implemented using PHP.