Skip to content
Related Articles
Open in App
Not now

Related Articles

Zeebsploit – Information gathering, Scanning, and Exploitation tool

Improve Article
Save Article
  • Last Updated : 28 Nov, 2021
Improve Article
Save Article

Zeebsploit tool is an automated tool that helps the tester or bug bounty hunter in the phases of Information Gathering Scanning and also in Exploitation. Zeebsploit tool can gather information like CMS Info, WHOIS record, IP geolocation, and many more. The scanning module can scan the target domain for vulnerabilities like XSS, SQLi, File Upload, and many more. The exploitation module consists of various exploits like WordPress content injection (currently exploits only version 4.7 and 4.7.1), WordPress file upload through Revsilder, Learndash, and Showbiz plugins, etc. This tool is a suite and the ease of working is very simple. Zeebsploit tool is developed in the Python language and is available on the Github platform.  

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of Zeebsploit Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/jaxBCD/Zeebsploit.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd Zeebsploit

Step 3: You are in the directory of the Zeebsploit. Now you have to install a dependency of the Zeebsploit using the following command.

sudo pip3 install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system.

python3 zsf.py

Working with Zeebsploit Tool on Kali Linux OS

Example 1: Information Gathering Modules/ Footprinting

zsf:(footprinting)

We will be using a content management system detector in this module.

zsf(footprinting): cms detector

We have got the details of CMS used by the geeksforgeeks.org domain.

Example 2: Scanner Modules

zsf(x): scanners

We will be using a cross-site scripting payload scanner in this module.

zsf(scanner): xss scanner

The tool is checking for XSS flaws on the target domain by testing the list of payloads.

Example 3: Exploit Modules

zsf(x): exploits

We will be using WordPress content injection version 4.7 and 4.7.1 in this module.

zsf(exploit): wp content injection

Exploits can be used to gain access to the target domain and perform various activities.

My Personal Notes arrow_drop_up
Related Articles
1. Dracnmap – Information Gathering and Network Exploitation Tool
2. Red Hawk - Information Gathering and Vulnerability Scanning Tool in Kali Linux
3. Nuubi – Tool for Information Gathering, Scanning And Recon
4. Netnoob - Network tools, information gathering tools and scanning tools
5. Webkiller v2.0 - Tool Information Gathering tool in Kali Linux
6. Anubis - Subdomain enumeration and information gathering tool in Kali Linux
7. Hawkscan – Reconnaissance and Information Gathering Tool in Kali Linux
8. Pureblood - Information Gathering and Security Auditing Tool
9. EternalView - Information Gathering and Vulnerability Assessment tool
10. Gasmask – Information Gathering Tool in Kali Linux
Previous
FavFreak - Weaponizing favicon.ico for BugBounties
Next
Pdlist - Passive Subdomain Finder
Article Contributed By :
https://media.geeksforgeeks.org/auth/avatar.png
gauravgandal
@gauravgandal
Vote for difficulty
Article Tags :
Report Issue
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox

Start Your Coding Journey Now!