Kill Chain is a unified console with an anonymize that will perform these stages of attacks:
- Reconnaissance
- Weaponization
- Delivery
- Exploit
- Installation
- Command & Control
- And Actions
Dependent Tool Sets
- Tor — For the console build-in anonymizer.
- Set — Social-Engineer Toolkit (SET), attacks against humans.
- OpenVas — Vulnerability scanning and vulnerability management.
- Veil-Evasion — Generate metasploit payloads bypass anti-virus.
- Websploit — WebSploit Advanced MITM Framework.
- Metasploit — Executing exploit code against target.
- WiFite — Automated wireless auditor, designed for Linux.
Setting Up
Installing Killchain.py:
sudo apt-get update
sudo apt-get install websploit openvas veil-evasion tor
sudo git clone https://github.com/ruped24/killchain.git
cd killchain
sudo chmod +x killchain.py
sudo ./killchain.py
killchain.py one-liner installation
sudo apt-get update && sudo apt-get -y install websploit openvas veil-evasion tor && sudo git clone https://github.com/ruped24/killchain.git && cd killchain && sudo chmod +x killchain.py && sudo ./killchain.py
Post Installation Setup
Click here for options on the menu
Killchain menu setup options;
- killchain Option 4
OpenVas takes a while on first run. Go get a coffee or two. You can launch multi Kill Chain sessions. No need to watch paint dry. Once OpenVas setup has completed; Reset openvas web interface admin password by running the commands below in an external terminal.
sudo openvasmd --user=admin --new-password=<Your_new_reset_admin_password>
Point your browser to https://localhost:9392
Login Username = admin
Login Password = Your_new_reset_admin_password
- killchain Option 5
Note on Veil-Evasion: Veil will complete the setup upon launch. Accept all the defaults. This takes a while. Don’t leave the screen tho, there’re dialog you will have to click through. Once it’s complete, it will auto launch.
- killchain Option 6
Websploit: To exit websploit, type exit.
- killchain Option 7
Metasploit: To exit metasploit, type exit.
- killchain Option 8
WiFite: It’s for site survey within the framework of this console.
Run wifite in an external terminal to do wireless attacks against target.
Courses of Action Matrix & Troubleshooting
