"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/google/gopacket/pcap"
"github.com/robfig/cron"
"github.com/anvie/port-scanner"
"github.com/matishsiao/goInfo"
"github.com/fatih/color"
"github.com/minio/minio/pkg/disk"
"github.com/dustin/go-humanize"
"github.com/mitchellh/go-ps"
"github.com/GeertJohan/yubigo"
"github.com/go-sql-driver/mysql"
"github.com/ztrue/tracerr"
"github.com/yalue/elf_reader"

Disclaimer

Developers are not responsible for any misuse regarding this tool. Use it only against systems that you are permitted to attack.

License

This software is under MIT license

# Functions

AddPersistentCommand

AddPersistentCommand creates a task that runs a given command on startup.

Alloc

Allocates anonymous memory without using it.

AutoDoc

Launches live documentation of the library on port 8080 or arbitrary.

B64D

B64D decodes a given string encoded in Base64.

B64E

B64E encodes a string in Base64.

BannerGrab

BannerGrab returns a service banner string from a given port.

Bind

Bind tells the process to listen to a local port for commands.

BoolCheck

Generic boolean truth checker.

Caves

No description provided by the author

Check

Basic error handilng and reporting Similar to exitOnError() but more verbose and does not exit.

CheckRootSSH

Checks if an SSH client connection has a root context.

ClearLogs

Removes logfiles within the machine.

CloseListener

Gracefully closes an instance of net.Listener.

CmdBlind

CmdBlind runs a command without any side effects.

CmdDir

CmdDir executes commands which are mapped to a string indicating the directory where the command is executed.

CmdOut

CmdOut executes a given command and returns its output.

CmdOutPlatform

CmdOutPlatform executes a given set of commands based on the OS of the machine.

CmdRun

CmdRun executes a command and writes output as well as error to STDOUT.

Contains

Contains is used to check if an element exists in an array type agnostically.

ContainsAny

Checks if a string exists within a list of strings.

CopyFile

CopyFile copies a file from one directory to another.

CreateWordlist

CreateWordList generates possible variations of each word in the wordlist.

DecryptBytes

No description provided by the author

DecryptString

No description provided by the author

Disks

Disks returns a list of storage drives within the machine.

DnsLookup

DnsLookup returns the list of Ip adddress associated with the given hostname.

Download

Download downloads a file from a url.

EncryptBytes

No description provided by the author

EncryptString

No description provided by the author

EqualBytes

No description provided by the author

EraseMbr

EraseMbr zeroes out the Master Boot Record.

Exists

Exists checks if a given file is in the system.

ExitOnError

ExitOnError prints a given error and then stops execution of the process.

ExpandCidr

ExpandCidr returns a list of Ip addresses within a given CIDR.

ExtractIntFromString

ExtractIntFromString extracts a list of possible integers from a given string.

F is a wrapper for the Sprintf function.

File2Slice

File2Slice reads a textfile and returns all lines as an array.

FilePermissions

FilePermissions checks if a given file has read and write permissions.

FilesPattern

FilesPattern is used to return data mapped to files where their filenames match a given pattern.

Forkbomb

Forkbomb spawns goroutines in order to crash the machine.

FullRemove

FullRemove removes all instances of a string from another string.

GenCpuLoad

GenCpuLoad gives the Cpu work to do by spawning goroutines.

GenerateIV

No description provided by the author

GenerateKey

No description provided by the author

GetGatewayIP

GetGatewayIP returns the Ip address of the gateway in the network where the machine resides.

GetGlobalIP

GetGlobalIp is used to return the global Ip address of the machine.

GetLocalIP

GetLocalIp is used to get the local Ip address of the machine.

GetNgrokURL

GetNgrokURL returns the URL of the Ngrok tunnel exposing the machine.

GetUser

No description provided by the author

HarvestDB

Exfiltrates data slowly from either MySQL or Postgres.

Iface

Iface returns the currently used wireless interface and its MAC address.

IfaceIP

Returns an IP address of a given interface.

Ifaces

Ifaces returns the names of all local interfaces.

Info

Info is used to return basic system information.

Int2Str

IntToStr converts an integer into a string.

Interval2Seconds

Interval2Seconds converts a human friendly string indicating time into a proper integer.

Introspect

Returns names of fields and their values in struct + names of fields with unitialized/empty values -1 value is treated as unitialized int field - you can change "val == -1" according to your needs.

IOReader

No description provided by the author

IP2Hex

Converts an IPv4 address to hex .

IpIncrement

IpIncrement increments an IP address by 1.

Is64Bit

Checks if an ELF file is designed for AMD x86_64 .

IsELF

No description provided by the author

IsEXE

No description provided by the author

IsFileExec

Returns true if a file is executable.

IsIterable

Checks if a generic is iterable and non-emptty.

IsRoot

IsRoot checks if the current user is the administrator of the machine.

KillProcByPID

KillProcByPID kills a process given its PID.

ListDB

Lists remote SQL databases.

MakeZip

MakeZip packs a list of given files within a zip archive.

Md5Hash

MD5Hash hashes a given string using the MD5.

Networks

Networks returns a list of nearby wireless networks.

F is a wrapper for the Println function.

Ping

Returns true if host is alive .

PkillAv

PkillAv kills Anti-Virus processes that may run within the machine.

PkillName

PkillName kills a process by its name.

PkillPid

PkillPid kills a process by its PID.

Port2Hex

Converts a port to hex.

PortFree

Returns a random free port .

PortReuse

No description provided by the author

Portscan

Portscan checks for open ports in a given target.

PortscanSingle

PortscanSingle checks if a specific port is open in a given target.

PortscanSingleTimeout

PortscanSingleTimeout checks if a specific port is open in a given target.

PrintError

PrintError is used to print output indicating failure.

PrintGood

PrintGood is used to print output indicating success.

PrintInfo

PrintInfo is used to print output containing information.

PrintWarning

PrintWarning is used to print output indicating potential failure.

Processes

Processes returns a map of a PID to its respective process name.

RandomBool

Returns a random true/false.

RandomFloatSlice

No description provided by the author

RandomInt

RandomInt returns an integer within a given range.

RandomIntSlice

Creates and populates a slice with random numeric values up to 1000.

RandomSelectInt

RandomSelectInt returns an integer that was randomly selected from a list of integers.

RandomSelectStr

RandomSelectStr returns a string that was randomly selected from a list of strings.

RandomSelectStrNested

RandomSelectStrNested returns a string array that was randomly selected from a nested list of strings.

RandomString

RandomString randomly generates an alphabetic string of a given length.

RandomStringCharset

RandomStringCharset returns a string of a given length from provided charset.

RdnsLookup

RdnsLookup returns the list of hostnames associated with the given Ip address.

ReadFile

ReadFile is used to read a given file and return its data as a string.

RegexMatch

Checks if a string contains valuable information through regex.

Remove

Remove is used to self delete.

RemoveDuplicatesInt

RemoveDuplicatesInt returns an array of integers that are unique to each other.

RemoveDuplicatesStr

RemoveDuplicatesStr returns an array of strings that are unique to each other.

RemoveFromSlice

RemoveFromSlice removes a string from a list of strings if it exists.

RemoveInactive

Removes hosts from slice that did not respond to a ping request.

RemoveInt

RemoveInt removes a given integer from a list of integers.

RemoveNewlines

RemoveNewLines removes possible newlines from a string.

RemoveNth

Removes Nth index from generic slice if idx != 0; removes last element otherwise.

RemoveStr

RemoveStr removes a given string from a list of strings.

Reverse

Reverse initiates a reverse shell to a given host:port.

Revert

Revert returns a reversed string.

RevertSlice

RevertSlice reverses a slice type agnostically.

Rot13

No description provided by the author

RunShellcode

Injects a bytearray into current process and executes it.

SandboxAll

SandboxAll is used to check if an environment is virtualized by testing all sandbox checks.

SandboxAlln

SandboxAlln checks if an environment is virtualized by testing all sandbox checks and checking if the number of successful checks is equal or greater to a given integer.

SandboxCpu

SandboxCpu is used to check if the environment's cores are less than a given integer.

SandboxFilepath

SandboxFilePath checks if the process is being run inside a virtualized environment.

SandboxMac

SandboxMac is used to check if the environment's MAC address matches standard MAC adddresses of virtualized environments.

SandboxProc

SandboxProc checks if there are processes that indicate a virtualized environment.

SandboxProcnum

SandboxProcnum is used to check if the environment has processes less than a given integer.

SandboxRam

SandboxRam is used to check if the environment's RAM is less than a given size.

SandboxSleep

SandboxSleep is used to check if the virtualized environment is speeding up the sleeping process.

SandboxTmp

SandboxTmp is used to check if the environment's temporary directory has less files than a given integer.

SandboxUtc

SandboxUtc is used to check if the environment is in a properly set Utc timezone.

SendDataTCP

SendDataTCP sends data to a given host:port using the TCP protocol.

SendDataUDP

SendDataUDP sends data to a given host:port using the UDP protocol.

Serializer

Unified serializer/deserializer for structs - logic is based on whether a .gob file already exists .

Sha1Hash

SHA1Hash hashes a given string using the SHA1.

Sha256Hash

No description provided by the author

ShuffleSlice

ShuffleSlice randomly shuffles a list of strings.

ShuffleSliceInt

ShuffleSliceInt randomly shuffles a list of integers.

Shutdown

Shutdown forces the machine to shutdown.

Size2Bytes

Size2Bytes converts a human friendly string indicating size into a proper integer.

SliceTransform

Applies a function to each element of a generic slice.

SplitChunks

Split string to a slice with chunks of desired length.

SplitJoin

SplitJoin splits a string then joins them using given delimiters.

SplitMultiSep

Split a string by multiple sepaators to a single slice.

StartNgrokHTTP

StartNgrokHTTP exposes a web server on a given port.

StartNgrokTCP

StartNgrokTCP exposes a TCP server on a given port.

Str2Int

Str2Int converts a string into an integer.

Str2Words

Str2Words returns a list of strings which was split by spaces.

TimeNTP

Obtains current time from NTP server.

TraverseCurrentDir

TraverseCurrentDir lists all files that exist within the current directory.

TraverseDir

TraverseDir lists all files that exist within a given directory.

UnixToTime

No description provided by the author

Url2Lines

Returns a slice with lines of file from URL.

Users

Users returns a list of known users within the machine.

VerifyELFMagic

No description provided by the author

Wait

Wait uses a human friendly string that indicates how long a system should wait.

WifiDisconnect

WifiDisconnect is used to disconnect the machine from a wireless network.

Wipe

Deletes all data in the machine.

WriteFile

WriteFile is used to write data into a given file.

Yubi

Verifies Yubico OTP.

# Variables

Bold

No description provided by the author

Cyan

No description provided by the author

Green

No description provided by the author

Magenta

No description provided by the author

Red

No description provided by the author

Yellow

No description provided by the author

# README

ColdFire II

Table of Contents

Introduction

Installation

Docs

Types of functions included (for maldev)

Types of functions included (for infra)

Requirements

Disclaimer

License

# Functions

# Variables