Obfuscate client side scripts with ease to non-readable formats , it may prove particularly useful in XSS attacks as well as CSRF.
Control Web Based backdoors via HTTP on one central interface and never have run away webshells again.
Easily generate backdoors for various platforms , minimal , non noisy and efficient to ensure your attacks are stealthy and successful. Be the ghost in the network. Current Support for: JSP, JSPX, PHP, ASP, ASPX
Encode or decode strings or payloads in various formats, This can be particularly useful in input injection and file inclusion attacks. Current Supported formats are : Base 64 , Regular Hex Format, Hex in \x Format , Hex with 0x Prefix , Rot 13
Develop File Inclusion exploits in as little as 8 Lines of code, This is easy and fast for extension of the framework.
This module is a similar service to hurl.it. We all love the curl capabilities it has but on internal pentests when dealing with web applications it becomes hard to use the service fully to this potential. Currently it supports the following requests: GET,HEAD,POST,TRACE,OPTIONS.
Store your frequently used payloads and notes on them so that you don't have to repeat a learning curve on executing the same attack again.
Other Key Features include: