URL Grabbing Mechanism
Zolos should be able to grab urls shared in any channel (using a regex to match the URI) and post it to a dedicated channel #links (only zolos should have write permissions to that channel) for archive purposes.
Exploit Searching
Use websites like sploitus.com, exploit-db to search for exploits. This can be useful during CTFs and pentesting
eg: !searchploit wordpress
Reverse Shell "Generator"
From a list of known "payloads" such as pentestmonkey, dynamically configure code with LHOST,LPORT and send it back in the channel.
eg: !rshell 127.0.0.1 4444
Attack Vector Payloads
Find attack payloads for XSS, SQLi, XXE, ...
eg: !payload SQLi MySQL
Hash Cracking
Use hashid python module to identify hash format, and try to crack them using websites like crackstation.net
eg: !hashcrack 098f6bcd4621d373cade4e832627b4f6
Reconnaisance
Use various tools such whois, nslookup, traceroute, ... to provide information about a target
eg !recon website.com
URL Grabbing Mechanism
Zolos should be able to grab urls shared in any channel (using a regex to match the URI) and post it to a dedicated channel #links (only zolos should have write permissions to that channel) for archive purposes.
Exploit Searching
Use websites like sploitus.com, exploit-db to search for exploits. This can be useful during CTFs and pentesting
eg:
!searchploit wordpressReverse Shell "Generator"
From a list of known "payloads" such as pentestmonkey, dynamically configure code with LHOST,LPORT and send it back in the channel.
eg:
!rshell 127.0.0.1 4444Attack Vector Payloads
Find attack payloads for XSS, SQLi, XXE, ...
eg:
!payload SQLi MySQLHash Cracking
Use
hashidpython module to identify hash format, and try to crack them using websites like crackstation.neteg:
!hashcrack 098f6bcd4621d373cade4e832627b4f6Reconnaisance
Use various tools such whois, nslookup, traceroute, ... to provide information about a target
eg
!recon website.com