Tag Archives: hacking

Termux command to hide a phishing link in url

In our previous article, we discussed Maskphish best termux tool for hiding phishing link under trusted link. But now we are going to discuss how you can hide a phishing link under trusted link using termux command.

Also, know that in this article we are going to talk about maskphish. Then, you have not yet read the previous post about maskphish I suggest you to read it because in this article I won’t discuss about the installation.

Maskphish is a simple bash script that helps to hide a phishing URL under a normal URL. This amazing help you to hide phishing link under URL like Facebook.com. Also, to generate a phishing link you can read Zphisher best termux tool for phishing

Termux command to install Maskphish

First, before to continue with this article, let first remind about some installation commands.

git clone https://github.com/jaykali/maskphish

Then, I consider you have already clone Maskphish, Now open your termux terminal then navigate into maskphish folder by using commands.

cd maskphish
bash maskphish.sh

Then, after running the command maskphish will open and ready to go. This is the main menu of maskphish.

After executing the maskphish command the process is quiet easy then copy your phishing link that you want to hide. also, know that can be whatever generated by tool like Zphisher.

Then, we have to put the trusted URL that you know can attract your victim to click on. You can choose any link like https://facebook.com or https://youtube.com

Now this is a sweetest part where you have to use your social engineering words depending on what the victim can be. Also, if you are not good in social engineering attack you can use this guide.

Eg: sometimes your victim might be a football player or a fun of football. Now you can use words like “hey this is new best football skills for CR7 “.

Then, as you see the tool has already generate a link . you can now copy your phishing link generated by maskphish and send it to your victim.

You might like also Instahack best termux hacking tool for Instagram

Warning: this article is only for education purpose any usage of MaskPhish for attacking targets without prior mutual consent is illegal. We won’t be responsible for your damage.

Maskphish best termux tool to hide phishing link

Maskphish is a simple bash script that helps to hide a phishing URL under a normal URL. This amazing help you to hide phishing link under URL like Facebook.com.

Nowadays people are smart enough than in past years. It seems like phishing links became common for them and not easy to get them trapped again. Then, if you are reading this article it’s because you want to know how you can hide your phishing URL. Now you are on a good way to continue reading and hope after reading this article you will get what you need.

Then, I consider you to be familiar with termux and know how you can generate a phishing link. But if not don’t worry we thought about and prepare for you what can help you.

Now in our previous article, we discussed Zphisher best termux hacking tool for phishing. Also, don’t hesitate to check this article about onex best hacking tools on termux.

Then, why you should use Maskphish, and who can install it. we are going to discuss all these questions in this article.

Why you should use Maskphish

As I mentioned people are smart enough and it’s hard to trap them with a phishing link. Because phishing links look suspect most internet users are scared to open untrusted links. But the good news is that let us thanks to the contributor (https://github.com/jaykali) of this amazing tool who thought about that problem and resolves it.

Then, with Maskphish you can hide your phishing link under a trusted link like google.com and with that technic, you can easily get the trust of your victim.

  • Maskphish is easy to use
  • Also, is available on many platforms
  • You can have a discussion Maskphisher tool with contributors
  • it’s also free

Who can install Maskphish

Then, as you are aware of why you should use Maskphish, let us discuss who can install it. Maskphish is available on many platforms such as:

  • Kali Linux
  • Termux
  • Ubuntu

Installation process

Now, this is the time to get Maskphish and install it. consider using one of the platforms discussed above. Also, if you don’t have termux or don’t know how to start with it you might read How to hack with your smartphone using termux.

Also, we have a complete guide on How to install kali Linux OS properly you should check it. Then, if you want more information about ubuntu we suggest you read the official docs for Ubuntu.

NB: in this article we are discussing about Termux installation even if it can be the same with other platforms.

Then, the first step you have to update termux repository

apt-get update -y
apt-get upgrade -y

Also, if you don’t have git installed on your termux you should install it with the command

pkg install git -y

Then, the last step is to clone Maskfish from GitHub. You can just copy this link in your terminal and press enter.

git clone https://github.com/jaykali/maskphish

Now, navigate into the Maskphish folder in order to install it.

cd maskphish
bash maskphish.sh

Also, if you want to discuss about Maskphish or having issue with the tool follow the discussion now.

Conclusion and Legal Disclainer

This tool is for education purpose only. Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this tool. Use Responsibly!

Zphisher best termux hacking tool for phishing

Zphisher is an advanced phishing toolkit it is an upgraded version of Shellphish. It also has the main source code from Shellphish but ZPhisher is upgraded. Also, has removed some unnecessary codes from Shellphish.

Also, it is a beginner’s friendly, automated phishing tool with 30+ templates.

What are the features of Zphisher?

Then, it’s time to see Zphisher features.

  • Latest and updated login pages.
  • Mask URL Support
  • Beginners friendly
  • Docker support
  • Multiple tunneling options (Localhost, Ngrok )

What are Zphisher dependencies?

Notice: All the dependencies will be installed automatically when you run Zphisher for the first time.

  • Php
  • Wget
  • Curl
  • Git

You may also like to know how to install Tool-X best termux hacking tool

Zphisher supported Platforms

You may want also to know Zphiser is supported by which platforms. the good news is that it’s available on many platforms. Then, know that in this article we are talking about Zphisher on termux.

You may like also how to install onex best termux hacking tool

How to install Zphisher on Termux?

Then, if you are reading this article I’m sure that you have Termux installed on your device, and if not don’t worry. Because we wrote a starter guide on how to hack with your smartphone using Termux.

Also, if you are among those who think Termux is the same as Linux don’t hesitate to read this guide what is the difference between Termux to Linux.

Then, let us continue you may find that installing Zphisher can be done in few minutes.

apt update 
apt install git php curl openssh -y 
git clone https://github.com/htr-tech/zphisher
cd zphisher  
chmod +x zphisher.sh 
bash zphisher.sh

Then, after you finish to install Zphishing you are ready to use that amazing termux tool.

What can you do to be safe from phishing attacks?

Also, as now you know that it’s possible to hack using Zphisher let us see how to prevent phishing attacks.

  • Avoid clicking on any suspicious link.
  • Make sure you check the link if is driving to original website.

Also, for more information about this attack, I suggest reading how hackers hack Facebook and how to prevent them.

Legal disclaimer

Usage of Zphisher for attacking targets without prior mutual consent is illegal. Also, It’s the end user’s responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

Man in the middle attack & how to prevent it

What is Man in the middle attack

A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.

The goal of an attack is to steal personal information, such as login credentials, account details, and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites, and other websites where logging in is required.

Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers, or an illicit password change.

Additionally, a man in the middle attack requires three players. There’s the victim is trying to communicate, and the man-in-the-middle, who is intercepting the victim’s communications. Critical to the scenario is that the victim isn’t aware of the MITM.

How does a Man In The Middle Attack work?

Let’s say you received an email that appeared to be from your bank, asking you to log in to your account to confirm your contact information. Then, you click on a link in the email received and are taken to what appears to be your bank’s website, where you log in and perform the requested task.

In such a scenario, the man in the middle (MITM) sent you the email, making it appear to be legitimate.

This attack also involves phishing, getting you to click on the email appearing to come from your bank.

Also, he created a website that looks just like your bank’s website, so you wouldn’t hesitate to enter your login credentials after clicking the link in the email. And the time you log in, you are not logging into your bank account, but you are handing over your credentials to the attacker.

Man In The Middle attack progression

Man In The Middle attacks come in two forms, one that involves physical proximity to the intended target, and another that involves malicious software, or malware.

Successful MITM execution has two distinct phases: interception and decryption.

Interception

The first step intercepts user traffic through the attacker’s network before it reaches its intended destination.

The most common (and simplest) way of doing this is a passive attack in which an attacker makes free, malicious WiFi hotspots available to the public. Typically named in a way that corresponds to their location, they aren’t password protected. Once a victim connects to such a hotspot, the attacker gains full visibility to any online data exchange.

When an attacker wishing to take a more active approach to interception, he may launch one of the following attacks:

You may also like How to use john the ripper password cracker

  • IP spoofing involves an attacker disguising himself as an application by altering packet headers in an IP address. As a result, users attempting to access a URL connected to the application are sent to the attacker’s website.
  • ARP spoofing is the process of linking an attacker’s MAC address with the IP address of a legitimate user on a local area network using fake ARP messages. As a result, data sent by the user to the host IP address is instead transmitted to the attacker.
  • DNS spoofing, also known as DNS cache poisoning, involves infiltrating a DNS server and altering a website’s address record. As a result, users attempting to access the site are sent by the altered DNS record to the attacker’s site.

Decryption

After an interception, any two-way SSL traffic needs to be decrypted without alerting the user or application. A number of methods exist to achieve this:

  • HTTPS spoofing sends a phony certificate to the victim’s browser once the initial connection request to a secure site is made. It holds a digital thumbprint associated with the compromised application, which the browser verifies according to an existing list of trusted sites. The attacker is then able to access any data entered by the victim before it’s passed to the application.
  • SSL BEAST (browser exploit against SSL/TLS) targets a TLS version 1.0 vulnerability in SSL. Here, the victim’s computer is infected with malicious JavaScript that intercepts encrypted cookies sent by a web application. Then the app’s cipher block chaining (CBC) is compromised so as to decrypt its cookies and authentication tokens.
  • SSL hijacking occurs when an attacker passes forged authentication keys to both the user and the application during a TCP handshake. This sets up what appears to be a secure connection when, in fact, the man in the middle controls the entire session.
  • SSL stripping downgrades an HTTPS connection to HTTP by intercepting the TLS authentication sent from the application to the user. The attacker sends an unencrypted version of the application’s site to the user while maintaining the secured session with the application. Meanwhile, the user’s entire session is visible to the attacker.

You may also like How hackers hack Facebook Accounts, and How to prevent them

Man in the middle attack prevention

Blocking MITM attacks requires several practical steps on the part of users, as well as a combination of encryption and verification methods for applications.

Also, with the amount of tools readily available to cybercriminals for carrying out Man In The Middle attacks, it makes sense to take steps to help protect your devices, your data.

  • make sure you always visit website with the HTTPS
  • Be wary of potential phishing emails from attackers asking you to update your password or any other login credentials. Instead of clicking on the link provided in the email, manually type the website address into your browser.
  • Never connect to public WIFI routers directly, if possible a VPN encrypts your internet connection on public hotspots to protect the private data you send and receive while using public WIFI, like passwords or credit card information.
  • Avoiding WIFI connections that aren’t password protected.

For website operators, secure communication protocols, including TLS and HTTPS, help mitigate spoofing attacks by robustly encrypting and authenticating transmitted data. Doing so prevents the interception of site traffic and blocks the decryption of sensitive data, such as authentication tokens.

How to become an Ethical Hacker

This guide is all about how to become an ethical hacker. Then, before we continue we have first to know who are ethical hackers and what they can do. Becoming an ethical hacker may seem easy in theory. But to become a good hacker you have to follow some steps.

Who is a hacker?

The word hacker originally defined a skilled programmer proficient in machine code and computer operating systems. Also, a hacker is a person who breaks into a computer system. The reason for hacking can be many: installing malware, stealing, or destroying data.

Hackers can be also there to find software vulnerabilities in order to fix them.

How does hacking work?

Hackers breach defenses to gain unauthorized access into computers, phones, tablets, IoT devices, networks, or entire computing systems. Hackers also take advantage of weaknesses in network security to gain access. The weaknesses can be technical or social in nature. Let also see some types of hackers.

  • Cybercriminals
  • Hacktivists
  • Ethical hackers
  • Script kiddies

Now as you already know who is a hacker let us see also what is ethical hacking.

what is ethical hacking?

Ethical hacking involves the legal use of hacking techniques for benevolent versus malicious purposes. Ethical hackers use penetration testing and other tactics to find software vulnerabilities and other security weaknesses so they can be promptly addressed.

Who is a penetration tester?

Many people think that a Penetration Tester is just a White Hat Hacker but this is wrong… White Hat Hacker is anyone who works or fight to protect the cyber security…

Penetration Testers are essentially Gray Hat Hackers. They are between the two worlds… this makes Penetration Testers be the most Advanced Hackers because they know how to attack and how to protect!

who is an ethical hacker?

The term ethical hacker includes all security professionals that provide offensive services, whether red team, pentester, or freelance offensive consultant. Also, an ethical hacker’s primary purpose is to view security from the adversary’s perspective in an effort to find vulnerabilities that could be exploited by bad actors.

Role of an ethical hacker

Ethical hackers can be independent freelance consultants, employed by a firm that specializes in simulated offensive cybersecurity services, or they can be an in-house employee protecting a company’s website or apps.

Possessing ethical hacker skills and knowledge is helpful for many other security roles

Now can see then how to become an ethical hacker as you already who he is and what he can do.

The skills required to become an ethical hacker

While there are plenty of anecdotal stories of blackhat hackers being converted to be whitehats in a bygone era, the most important requirement for becoming a successful ethical hacker today is to have, as is found in the name, high ethical standards.

Ethics are what separates the good guys from the bad guys. There are plenty of blackhat hackers that have adequate technical skills to be ethical hackers, but they lack the discipline of character to do the right thing regardless of the perceived benefits of doing otherwise.

A candidate for an ethical hacker job must be able to demonstrate advanced cybersecurity technical skills. The ability to recommend mitigation and remediation strategies is a part of the desired experience.

To become an ethical hacker you have to understand the networks.

A hacker should be able to gather information about a network with the intent to secure the network system. He can also use various tools like Telnet, NS lookup, Ping, Tracert, etc.

Also an ethical hacker must know about the networking and how a network work. He must know about fundamentals of network such as: network models, IP address and network protocols etc. Networking skills is very important in ethical hacking field. Almost all devices are connected to the network.

An ethical hacker must be proficient with operating systems, especially Windows and Linux

Linux System hacking

Linux is an operating system that acts as an intermediary as a bridge between the physical device and the instruction code of the program. in our previous article, we discussed the Linux tutorial for beginners.

hacking a Linux-based computer system and get access to a password-protected Linux system, you must know Linux’s basic file structure. Also you can have a look on these top 6 Best operating system linux for hacking and penetration testing.

windows hacking

Microsoft Windows, commonly referred to as Windows, is a group of several proprietary graphical operating system families, all of which are developed and marketed by Microsoft.

An ethical hacker must have strong coding skills.

You may find that many people on the internet say that you don’t need to know how to program to be a hacker, I don’t judge them but programming is more important in hacking. Sure you may perform some attacks without programming skills by using other script, but at a given point it will require you to have skills in programming.

Programming languages that an ethical hacker need to know

  • Assembly
  • C Lang
  • C++
  • Go Lang
  • python

How to get experience as an ethical hacker

Experience with vulnerability testing tools, such as Metasploit, Netsparker,  and OpenVAS, is very helpful for ethical hackers. These tools and there are many more of them, are designed to save time when searching for known vulnerabilities. These or similar tools may provide a useful framework for vulnerability scanning and management but should represent only the starting point for an experienced ethical hacker. Also, get in hands with kali linux operating system.

What is the Outlook for Ethical Hackers?

Cyberwarfare is extremely common, and many high-profile enterprises have been subject to major hacking issues. In this day and age, spending on IT security on a global scale is reaching the trillion-dollar mark. What better way to combat the threat of black-hat hacking than by making use of an army of white-hat hackers?

The demand for ethical hackers is at an all-time high and rising. Many experienced, ethical hackers can expect to earn in excess of $120,000 per year, especially if they are running their own consultancies or penetration testing companies.

Best android apps Termux learner in 2021 from play store

So do you want to learn Termux hacking or to improve your skills in hacking using your Android phone?. You are on the right way if you were having that need.

Knowledge is like a garden: if it is not cultivated, it cannot be harvested.

In our previous article, we have mentioned the Best android apps to learn programming in 2021. These android apps can help you in your journey as a software developer. In this article, we are going to see the best android apps Termux learner in 2021 from the play store.

Many people are using their mobile phones for chatting, calling, and messaging while others are transforming their Android phones as their library. Then, let us see how you can learn Termux hacking from your phone easily.

Best android apps you should install in 2021 from the Play store

Now, here is a list of all android apps we are going to discuss in this article, which will help you to have an idea of what we will discuss in this article.

Termux Guide

What You Will Learn with Termux Guide?

  • Phishing Attack
  • Brute Force Attack
  • Virus Making
  • Information Gathering
  • Termux API tools
  • Hacking tools
  • Important useful code
  • Penetration testing

You may also like how to hack with with your smartphone using Termux

TermEX

Also, let us discuss this sweet app TermEX. Then, know that Termx is an application that has plenty of open-source tools guides. Also, it’s easy to copy and use them on your terminal.

Additionally, you can use these tools for penetration tester, ethical hacking, security, and education purpose also.

Termux Guide App in Tamil

Then, this is another app that we can’t forget in the list. With Termux guide app in tamil, you will easily learn how to use termux and all its tools and commands. Also, you can choose your language in order to understand the content provide by the app.

you may also like how to install Tool-X on Termux

Also, you can copy and paste code easily from the app to your Termux terminal, and each month they do update the app.

Termux Command

Also, with the Termux Command app, you can learn about all frequently using basic termux commands in detail.

Additionally, this app is very helpful for beginners in learning how termux works. After learning about these basic commands I am sure you will be able to install various termux tools so easily. These basic commands will help you to increase your ethical hacking & vulnerability analysis skills.

you may also like to know the difference between termux from linux

Termux- Tools Installation Guide

Then, let us see about the Termux tools installation guide, this app provides installation commands for install various tools in termux.
Also, it provides a guide for modifying termux overviews and add features in termux. Additionally, with the help of this guide, you can install tools for penetration testing in termux. Commands for installing the different operating systems in termux like Ubuntu, Windows, Kali, Parrot, Other Linux Distro.

You may also like to know how to install graphical environment in Termux

Closing words

Finally, we have enumerated all the Best android apps you should install in 2021 from the Play store to learn termux, now it’s your turn to choose what will fit best for you. good luck but don’t forget to give your comment so that we can know what is your choice among these apps.

Termux app| what is the difference from linux

Differences between Termux from Linux

Termux is an Android terminal emulator and Linux environment application that works directly with no rooting or setup required. A minimal base system is installed automatically, additional packages are available using the package manager.

diferrence between termux to linux

you can see that the environment setup in Termux is similar to that of a modern Linux distribution. However, running on Android implies several important differences. you can decide today to start with Termux and get familliar with it if not yet done.

Termux is not FHS compliant

File Hierarchy Standard

The reason why Termux does not use official Debian or Ubuntu packages for its environment it’s because it does not follow FHS.

You may like also to know how to install graphical environment on termux

what is FHS?

The Filesystem Hierarchy Standard (FHS) defines the directory structure and directory contents in Linux distributions. It is maintained by the Linux Foundation.

Termux does not follow Filesystem Hierarchy Standard unlike the majority of Linux distributions. You cannot find directories like /bin, /etc, /usr, /tmp, and others at the usual location. Thus, all programs should be patched and recompiled to meet the requirements of the Termux environment otherwise they will not be able to find their configuration files or other data.

You may have a problem executing scripts that have standard shebangs (e.g. #!/bin/sh). Use the termux-fix-shebang script to modify these files before executing. Recent versions of Termux provide a special package (termux-exec) that allows usage of standard she-bangs. Hope you can be happy to know these 6 best os for hacking and penetration testing

what is shebang?

shebang is the character sequence consisting of the character’s number sign and exclamation mark (#!) at the beginning of a script. It is also called sha-bang, hashbang, or hash-pling.

Most of packages have shared library dependencies which are installed to $ PREFIX/lib.

  • On devices before Android 7, Termux exports special variable ($ LD_LIBRARY_PATH) which tells linker to where find shared library files.
  • Also, on Android 7 or higher, DT_RUNPATH ELF header attribute is used instead of LD_LIBRARY_PATH.

If you still need a classical Linux file system layout for some reason, you may try to use termux-chroot from package ‘proot’:

$ pkg install proot
$ termux-chroot
$ ls /usr

Termux uses Bionic libc

Bionic Libc

To have best compatibility with Android OS and remove the need of maintaining custom toolchains termux developper compile all their packages with Android NDK. Resulting binaries are linked against Bionic libc (files libc.so, libm.so, libdl.so from /system/lib or /system/lib64).

You may also like Best android apps Termux learner in 2021 from play store

what is bionic?

Bionic is an implementation of the standard C library, developed by Google for its Android operating system.

Usage of libc provided by Android and FHS incompatibility disables ability to execute native packages copied from Linux distributions:

  • Dynamically linked programs will not run due to linker expected in nonexistent location (/lib) and libc ABI mismatch.
  • Statically linked programs (only networking ones) will not be able to resolve DNS names. GNU libc normally doesn’t allow static linking with resolver. Also, the file /etc/resolv.conf does not exist on Android.
  • On non-rooted Android 8 or newer, statically linked programs will not run due to issues with seccomp filter.

However, these restrictions can be bypassed by setting up a Linux distribution rootfs with PRoot

what is PRoot?

PRoot is a user-space implementation of chroot, mount –bind, and binfmt_misc. This means that users don’t need any privileges or set up to do things like using an arbitrary directory as the new root filesystem, making files accessible somewhere else in the filesystem hierarchy, or executing programs built for another CPU architecture transparently through QEMU user-mode.

Root file system is stored as ordinary application data

Root file system and user home directory are located in private application data directory which lives on data partition. Paths to these directories are exposed as $ PREFIX and $HOME respectively.

You cannot move $ PREFIX to another location because all programs expect that it will not be changed. Additionally, you cannot have binaries, symlinks, and other files from $ PREFIX on sdcard. The reason is simple – file system there does not support UNIX permissions, symlinks, sockets, etc…

if you uninstall the application or wipe data, directories $ PREFIX and $HOME will be wiped too. Before doing this, make sure that all-important data is backed up.

Termux is single-user

Android applications are convenient and have their own Linux user id and SELinux label. Termux is not an exception and everything within Termux is executed with the same user id as the application itself. User name may look like u0_a231 and cannot be changed as it is derived from user id by Bionic libc.

All termux packages (except root-only ones) are patched to drop any multiuser, setuid/setgid and other similar functionality. termux developer also changed default ports for server packages: ftpd, httpd and sshd have their default ports set to 8021, 8080, and 8022 respectively.

Termux developers give you freedom of read-write access to all application components including $PREFIX. Be careful since it is very easy to break things by accidentally deleting or overwriting files in $PREFIX.

closing words

congratulation you have reached the end of the article hope now you know the differences between termux and modern linux. thankyou.

How to install Tool-X on termux||ethical hacking

what is Tool-X?

you may wonder how to install the hacking tool for termux named Tool-X don’t worry you are on the right place, by following this article step by step you will be ready to install Tool-X properly on termux.

Tool-X is a Kali Linux hacking tools installer for Termux and Linux system. Tool-X was developed for Termux and Linux based systems.

Since you are using Tool-X, you can install almost 370+ hacking tools in Termux (android) and other Linux based distributions. Now Tool-X is available for Ubuntu, Debian.

You may like also to know what is the differences between Termux and Linux

who can install Tool-X?

As well as now you know what is Tool-X, sometimes you may ask your self questions if you can install Tool-X on your mobile , or if your phone can support Tool-X. let me tell you the good news is that Tool-X is available for :

Then to install Tool-X, make sure you have an android device then Termux installed on your mobile, and after following the next steps.

How to install Tool-X?

Besides, as now the answer of who can install Tool-x is answered let us see how now you can install Tool-X on Termux.

First ,open your termux terminal and type following commands.

  • apt update
  • apt install git if already install git you can go on step 3
  • git clone https://github.com/rajkumardusad/Tool-X.git
  • cd Tool-X
  • chmod +x install
  • sh install if not work use ./ install

How to use Tool-X?

Finally, we have answered the question, Who can install and how to install Tool-X.let then see how to use it. In addition to use, Tool-X navigates through the app. Also, Tool-X gives 5 option that you can choose from. To open Tool-X type Tool-x OR Toolx on the terminal.

You may like also to know best professional Hacking tools on Termux for Ethical Hackers

The first option is to type 1 then enter to show all Tool-X tools. it’s almost 370

If you want to show tools category type 2. enter

To update Tool-X type 3 then enter.

For about Tool-X type 4

Lastly type x if you want to close Tool-X

closing words

Hope you have enjoyed the content of this article, and I know that you have installed Tool-x. We are not responsible for any misuse or damage caused by this program. use this tool at your own risk!

Best professional Hacking tools on Termux for Ethical Hacker

Did you know that you can hack with your smartphone?

When it comes to hacking tools, there are more than thousands of tools available for Termux. In this article, we are going to see important tools which are very powerful and used by professional security researchers, ethical hackers, and even black hat hackers.

Also, in the previous article, we discussed Termux for ethical hacking. beginning guide, consider it as a beginning of termux, I recommend you to have a look at it if not yet done.

best app for termux tgeniusclub

The tools which are compatible with Termux (especially the tools available for Kali Linux) and finally those tools used by all kind of hackers.

Also, when it comes to hacking tools, mainly we should focus on information-gathering tools, vulnerability scanning tools, and exploiting tools.

Information Gathering Tools on Termux – hacking:

There are hundreds of tools that are available for information gathering, it varies from the need of hackers.

Gathering information is the first step where a hacker tries to get information about the target. Also, Hackers use different sources and tools to get more information, and some of them are briefly explained here. This information will be useful for you to become an ethical hacker.

Nmap – hacking tool

Nmap on termux tgeniusclub

The first app is Nmap, it is a port scanning utility that can use a number of techniques to determine what ports are open, as well as complex information such as identifying the underlying operating system of the target system. This tool is also, available on Kali Linux if you are a user of Kali Linux or you want to learn it, you can use our guide on how to install kali Linux os in 2021.

Also, Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Installation of Nmap Hacking tool on Termux.

As well as we discussed what Nmap is, now let us see how we can install it on termux. Installing Nmap on Termux is simple than you may think.

First, it’s very important to follow all steps, if you want to install Nmap properly. Now, open your terminal and type this command.

$ apt update && apt upgrade -y

This command will update all the previous installed packages on your termux.

Next, Now that Nmap is just a basic package in termux and it is easy to install.

$ pkg install nmap -y

Then, the installation will start then wait until it finishes to install. Then After installation, type Nmap, and it will be executed. If you are not familiar with the Nmap command go on the official page to learn some commands. Nmap.org

How to scan a website with the Nmap Termux app

Before trying to use this command make sure that you are the owner of the website. we are not responsible for your bad actions.

$ nmap Scanme.nmap.org

Also you may like How to install Tool-X on termux

Man Nmap: Also, type this command if you want to view the different options and examples for the scanning.

Simplest Syn Scan: nmap -sS <target_ip>

Th3Inspector tool – hacking tool

th3inspector on termux tgeniusclub

The second is Th3inspector is an open-source information gathering tool available on Github through which you can easily find much information about the target such as Server details, whois info, target IP, Phone number, email, sub-domains, etc.

Let’s now see how you can get Th3Inspector on termux

First, open the termux terminal install git if not yet installed, then type this command down.

You may also like how to install Tool-X on termux

git clone https://github.com/Moham3dRiahi/Th3inspector.git                                    cd Th3inspector 
chmod +x install.sh && ./install.sh

RED_HAWK Tool

red hawk on termux tgeniusclub

Red Hawk is an open-source tool that is used for information gathering and certain vulnerability scanning. Also, it detects Content Management Systems (CMS) in use of a target web application, IP address, web server record, Cloudflare information, and robots.txt data.

Also, it can detect WordPress, Drupal, Joomla, and Magento CMS. Other scanning features of Red Hawk include WHOIS data collection, Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup. As a vulnerability scanner,  Red Hawk looks for error-based SQL injections, WordPress sensitive files, and WordPress version-related vulnerabilities.

Let’s now see how you can get the RED_HAWK tool on termux

Open your Termux, then on the terminal type this command down. you should first update and upgrade termux, and if git is not yet installed you should first install it.

git clone https://github.com/Tuhinshubhra/RED_HAWK.git 
cd RED_HAWK 
php rhawk.php

You may also like Best android apps to learn programming

Vulnerability Scanning Tools

Sqlmap

sqlmap on termux tgeniusclub

Sqlmap is open-source software. Also, is one of the most powerful penetration testing tools available on the internet. Additionally, it is one of my favorite tools and it is coded in python. You can use sqlmap to exploit and extract database information from SQL vulnerable websites.

Let’s now see how you can get Sqlmap tool on termux

First, Open Termux and update it with the command pkg update then press Enter. After updating then follow the next step which is the installation of Sqlmap.

pkg install python2 
install git if not yet pkg install git 
git clone https://github.com/sqlmapproject/sqlmap 
ls  
cd sqlmap 
python2 sqlmap.py

You may also to know more information about sql injection

Exploitation Hacking Tools

Metasploit

metasploit on termux tgeniusclub

Metasploit is a penetration testing framework that makes hacking simple. Also, It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop.

You may also like Best android apps Termux learner in 2021 from play store

Let’s now see how you can get Metasploit tool on termux

First, open your Termux, then update and upgrade before proceeding, then type these commands.

cd $HOME                                                                                                                                                              pkg install wget                                                                                                                                                     wget https://Auxilus.github.io/metasploit.sh
bash metasploit.sh
./msfconsole

You may also like to know how to start with Metasploit framework

Brute forcing tools – hacking

Hydra

hydra on termux tgeniusclub

Hydra is a parallelized login cracker that supports numerous protocols to attack. Also, it is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.

install hydra tool on termux

First, open your Termux terminal update and upgrade required then type this command down.

pkg install hydra

After the installation was done run hydra.

You may also like to know the difference between termux from linux

Tool-X – hacking

Tool-X is a Kali Linux hacking tools installer for Termux and Linux systems. Tool-X was developed for Termux and Linux based systems. Using Tool-X, you can install almost 370+ hacking tools in Termux (android) and other Linux-based distributions. Now Tool-X is available for Ubuntu, Debian, etc…

See also how to install Tool-X on Termux

Onex – hacking

onex a hacking tools library. Onex is a kali Linux hacking tools installer for termux and other Linux distribution. Also, it is a package manager for hackers. Onex manages more than 370+ hacking tools that can be installed with a single click. Use onex install [tool_name] command to install any hacking tool.

You may also, want to check How to install onex best termux hacking tool

closing word

There are many hacking tools that can be used on Termux as I mentioned above. Hope you will be able to use all these tools mentioned in this article when you will do deep research on how to use them. Also, Take courage you are almost in a good way. And if you have not yet read the first part I recommend you to read it, and if you are having a comment or a suggestion don’t keep it for yourself but share it with us. Thank you