XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Dos attack

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. There are many open source tools available online for this attack like Ettercap , MITMF , Xerosploit, e.t.c

Xerosploit is default installed in Kali Linux 2017.2 or 2017.3 ,if not installed you can installed from github.

This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets , steal password e.t.c

Dependencies :-

  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables

Features :-

Step 1 : Open Terminal and Type xerosploit

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 2 : There are various modules are available which you can see by just typing again "help" command.

  • pscan – Port Scanner
  • dos – Dos Attack
  • ping – Ping Request
  • injecthtml – Inject HTML code
  • injectjs – Inject Javascript code
  • rdownload – Replace files being downloaded
  • sniff – Capturing information inside network packets
  • dspoof – Redirect all the http traffic to the specified one IP
  • yplay – Play background sound in target browser
  • replace – Replace all web pages images with your own one
  • driftnet – View all images requested by your targets
  • move – Shaking Web Browser Content
  • deface – Overwrite all web pages with your HTML code

These are the available attacks you can perform.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 3 : And then type scan and press enter so that you can see all the IP addresses in your network.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 4 : Choose you target and type its IP, so that now it has been targeted.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 5 : Then again type help to see all the command your can now use.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 6 : For sniffing, type "sniff" in same terminal followed by "run" command and type y if you want to use sslstrip for sniffing HTTPS packets.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 7 : Run

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 8 : Now you can see that as our victim is trying to open Way2sms site. Thus, the victim will be hacked

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 9 : And see the sniffing attack is now working.

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

Step 10 : Enjoy !

XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack

For References :-

I hope you enjoyed this article.

Sharing is caring


About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).

You may also like :-

Leave a Comment

Your email address will not be published. Required fields are marked *

Reader Comments [14]


What's up, its fastidious article on the topic
of media print, we all understand media is a wonderful source
of facts.



Children songs

This paragraph is genuinely a fastidious one it assists new net people, who are wishing for blogging.



domain names available for purchase

I have been exploring for a bit for any high quality
articles or weblog posts in this kind of area .

Exploring in Yahoo I eventually stumbled upon this web site.
Studying this information So i am happy to exhibit that I have an incredibly just right uncanny feeling I discovered just what I needed.

I such a lot certainly will make sure to do not overlook this site and provides it a look regularly.



Topcon FC-2500

Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your blog?

My website is in the exact same area of interest as yours and
my visitors would definitely benefit from some of the information you present here.
Please let me know if this okay with you.
Many thanks!



SNR900 Manual

Pretty section of content. I just stumbled upon your weblog and
in accession capital to assert that I acquire in fact enjoyed account
your blog posts. Anyway I will be subscribing
to your augment and even I achievement you access consistently quickly.



FC-120 Data Sheet

Thanks designed for sharing such a good opinion, post is pleasant, thats why i have read it fully



gamefly free trial

Heya i am for the primary time here. I found
this board and I in finding It really helpful & it helped
me out much. I hope to offer one thing again and help others like you helped



how to get help in windows 10

I do trust all the ideas you have presented
in your post. They're very convincing and will certainly work.
Still, the posts are very short for novices. Could you please
extend them a little from subsequent time? Thank you for the



gamefly free trial

Remarkable! Its genuinely awesome post, I have
got much clear idea about from this piece of writing.



how to get help in windows 10

I blog quite often and I truly thank you for your information. Your article has really peaked my interest.

I will take a note of your site and keep checking for new details about once a week.
I subscribed to your RSS feed as well.



administration services

Because the admin of this web page is working,
no question very shortly it will be renowned, due to its feature contents.




Great delivery. Outstanding arguments. Keep up the good spirit.




What's up to all, it's genuinely a pleasant for me to visit this web site, it consists of
valuable Information.




Pretty! This was a really wonderful article. Thank you for providing this information.



Popular Posts

Get Latest Stuff Through Email

Stay Connected

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..