BAF - Blind Attacking Framework

What is BAF ?
  • it's a framework written in python [2.7] that is being made specially for blind attacking , ie : attacking random targets with common security issues , targets are generated by the hackers search engine "shodan" and vulnerable hosts are hacked in an automated way .
  • this framework is completely "neutral" ie: it's not based on shodan API and it has total dependence on web scraping , ie: the only limit on what you can do with it is your immagination as a tester & our programming skills as contributers/owners .

how to use BAF ?
  • fire up a terminal and sudo apt-get update && apt-get upgrade && apt-get dist-upgrade
  • install [ requests , httplib , urllib , time , bs4 "BeautifulSoup" , colored , selenium , sys ] python modules
  • python
  • enter your shodan's account username and pass
  • choose 1 , let it do it's job , press y , close the previous tab , press y ,close the previous tabs ...etc till u have the vulnerable cams only
  • choose 2 , enter what do u want to search for (ie: NSA) , when it's done , refer to the targets text file , it will contain the targets ip:port
  • that's all , till now :)
  • DON'T close a loading webpage
  • beta versions will make automated browser open for better understanding ,but you can close the webcam tabs freely


BAF - Blind Attacking Framework BAF - Blind Attacking Framework Reviewed by Zion3R on 11:07 AM Rating: 5