Netcat, Nmap, Gobuster, these are all staple tools in the ethical hacking world. If you frequent Hack the Box, Try Hack Me or any other ethical hacking lab platform, you likely use the aforementioned tools very often. What if you could upgrade those tools?
Upgrade may be a dramatic word, but the hacking tools that this article is going to go over were developed to work faster and/or better than the usual tool. Pwncat, Feroxbuster, Rustcan and Updog is what will be reviewed.
The upgrade for Netcat. In pen testing lab environments you’re constantly exploiting Remote Command Execution vulnerabilities and need netcat to receive call backs for shells. But what if those shells could be more functional, persistent, automated and cool looking? This is among what Pwncat has to offer. Pwncat has all the flexibility of Netcat with a lot of extra features.
More functionally because when you establish a shell, pwncat establishes a PseudoTerminal to make it just like an SSH session with history, tab completion, line editing, and graphical terminal applications. Build into the shell are
download commands that make file transfer easy. It even doubles as an SSH client:
There are also plenty of built in modules that automate privesc from the enumeration to the actual execution. There are also modules that automate persistence and help monitor tampered with files if you’re trying to be stealthy. If you happen to need a static binary, there is a
busybox command to help if a program you want is missing on your target system.
Install with pip:
pip install git+https://github.com/calebstewart/pwncat.git
This is a fairly extensive program; here is a great video that goes into detail about how it works:
Netcat is to Pwncat as Gobuster is to Feroxbuster. Feroxbuster is the upgrade to your directory fuzzing/busting tool. Works faster, looks cooler, and has a bunch of features to make scans more nuanced.
You can modify your threads for speed, edit a config file to modify default settings, extract links from response body, filter output by status code, word count or line count and pause/start scans mid way.
Install with their bash script:
curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash
Who’d of though Nmap could be upgraded? Like Feroxbuster, Rustscan is written in rust and for speed, but it is for port scanning. Rustscan is the upgrade to Nmap. Well Rustscan still has Nmap built in, but it takes extra steps to make those scans must faster.
Scans all 65k ports in 3 seconds.
How’s that for an upgrade? Try it out:
Releases · RustScan/RustScan
🤖 The Modern Port Scanner 🤖. Contribute to RustScan/RustScan development by creating an account on GitHub.
What’s Updog? You still use
python3 -m http.server to run your web servers to download stuff from? Or even the more antiquated
python -m SimpleHTTPServer. Upgrade your web servers with Updog. Simpler command, prettier web interface and more features like the option of HTTP Auth and SSL encryption.
Install is super easy with pip:
pip3 install updog
You can launch it just by typing out
Here’s a usage example of looking though enumeration scan results from a web browser, a neat trick I recently learned about:
I hope you’ve found some interesting tools to try out next time you attempt to hack something!