Blind Attacking Framework (BAF)
https://www.ispeech.org/text.to.speech
Blind Attacking Framework (BAF)
what is BAF?
- it’s a framework written in python [2.7] that is being made especially for blind attacking, ie: attacking random targets with common security issues, targets are generated by the hackers search engine “shodan” and vulnerable hosts are hacked in an automated way.
- This framework is completely “neutral” ie: it’s not based on shodan API and it has total dependence on web scraping, ie: the only limit on what you can do with it is your imagination as a tester & our programming skills as contributors/owners.
why BAF?
- because blind attacking makes every vulnerable & exposed host to the internet a targeted one, hence increases the awareness of potential threats
- because “noisy bees are always better than silent scorpions”
- because the best way to prevent knowledge abuse under the hood is sharing it with everyone
- because it will always add new to the community and will never be a replica
[adsense size='1' ]
how to use BAF?
- fire up a terminal and sudo apt-get update && apt-get upgrade && apt-get dist-upgrade
- install [ requests, httplib , urllib, time, bs4 “BeautifulSoup”, colored , selenium , sys ] python modules
- git clone https://github.com/engMaher/BAF.git
- python BAF_0.1.0.py
- enter your shodan’s account username and pass
- choose 1, let it do its job, press y, close the previous tab, press y, close the previous tabs …etc till u have the vulnerable cams only
- choose 2, enter what do u want to search for (ie: NSA), when it’s done, refer to the target text file, it will contain the targets ip: port
- that’s all, till now ????
- DON’T close a loading web page
- beta versions will make automated browser open for better understanding, but you can close the webcam tabs freely
Copyright (C) engMaher
Gloss