KillShot to hack any website


root@kali:~/killshot#ruby Killshot.rb
██╗ ██╗██╗██╗ ██╗ ███████╗██╗ ██╗ ██████╗ ████████╗
██║ ██╔╝██║██║ ██║ ██╔════╝██║ ██║██╔═══██╗╚══██╔══╝
█████╔╝ ██║██║ ██║ ███████╗███████║██║ ██║ ██║
██╔═██╗ ██║██║ ██║ ╚════██║██╔══██║██║ ██║ ██║
██║ ██╗██║███████╗███████╗ ███████║██║ ██║╚██████╔╝ ██║
╚═╝ ╚═╝╚═╝╚══════╝╚══════╝ ╚══════╝╚═╝ ╚═╝ ╚═════╝ ╚═╝
<Track my Target> Gather information About Targets
track>>> : help
[help] show this MESSAGE
[targ] Search targets
[exit] exit the script
[uptd] Update KillShot
[anon] Run Anonymous Mode
[info] About killShot
track>>> :
.n . . n. . .dP dP 9b 9b. . 4 qXb . dX Xb . dXp t dX. 9Xb .dXb __ __ dXb. dXP .Xb 9XXb._ _.dXXXXb dXXXXbo. .odXXXXb dXXXXb._ _.dXXP 9XXXXXXXXXXXXXXXXXXXVXXXXXXXXOo. .oOXXXXXXXXVXXXXXXXXXXXXXXXXXXXP `9XXXXXXXXXXXXXXXXXXXXX'~ ~`OOO8b d8OOO'~ ~`XXXXXXXXXXXXXXXXXXXXXP' `9XXXXXXXXXXXP' `9XX' Hide `98v8P' Hack `XXP' `9XXXXXXXXXXXP' ~~~~~~~ 9X. .db|db. .XP ~~~~~~~ )b. .dbo.dP'`v'`9b.odb. .dX{0} Spider
{1} Web technologie
{2} WebApp Vul Scanner
{3} Port Scanner
{4} CMS Scanner
{5} Fuzzers
{6} Cms Exploit Scanner
{7} Backdoor Generation
{8} Linux Log Clear
{9} Find MX/NS
info>>> :
  • Now it will show the multiple options ,you can use any one of them
  • Here we are using 0 spider
info>>> : 0
ip For :: ""
Links And Paths ::
Related domains and Parameters ::
info>>> : 1
[+]Basic WhatWeb Information ::
terminated with exception (report_on_exception is true):
Traceback (most recent call last):
2542: from /usr/bin/whatweb:981:in block (2 levels) in <main>' 2541: from /usr/bin/whatweb:981:inloop'
2540: from /usr/bin/whatweb:988:in block (3 levels) in <main>' 2539: from /usr/share/whatweb/lib/target.rb:96:inopen'
2538: from /usr/share/whatweb/lib/target.rb:188:in open_url' 2537: from /usr/lib/ruby/2.5.0/net/http.rb:1455:inrequest'
2536: from /usr/lib/ruby/2.5.0/net/http.rb:909:in start' 2535: from /usr/lib/ruby/2.5.0/net/http.rb:920:indo_start'
... 2530 levels...
4: from /usr/lib/ruby/2.5.0/resolv.rb:524:in block in fetch_resource' 3: from /usr/lib/ruby/2.5.0/resolv.rb:769:insender'
2: from /usr/lib/ruby/2.5.0/resolv.rb:629:in allocate_request_id' 1: from /usr/lib/ruby/2.5.0/resolv.rb:629:insynchronize'
/usr/lib/ruby/2.5.0/resolv.rb:630:in block in allocate_request_id': stack level too deep (SystemStackError) Traceback (most recent call last): 2542: from /usr/bin/whatweb:981:inblock (2 levels) in
2541: from /usr/bin/whatweb:981:in loop' 2540: from /usr/bin/whatweb:988:inblock (3 levels) in '
2539: from /usr/share/whatweb/lib/target.rb:96:in open' 2538: from /usr/share/whatweb/lib/target.rb:188:inopen_url'
2537: from /usr/lib/ruby/2.5.0/net/http.rb:1455:in request' 2536: from /usr/lib/ruby/2.5.0/net/http.rb:909:instart'
2535: from /usr/lib/ruby/2.5.0/net/http.rb:920:in do_start' ... 2530 levels... 4: from /usr/lib/ruby/2.5.0/resolv.rb:524:inblock in fetch_resource'
3: from /usr/lib/ruby/2.5.0/resolv.rb:769:in sender' 2: from /usr/lib/ruby/2.5.0/resolv.rb:629:inallocate_request_id'
1: from /usr/lib/ruby/2.5.0/resolv.rb:629:in synchronize' /usr/lib/ruby/2.5.0/resolv.rb:630:inblock in allocate_request_id': stack level too deep (SystemStackError)
[+]Host Result :: has address has address has address has address has address has IPv6 address 2001:41d0:8:ccd8:137:74:187:102 has IPv6 address 2001:41d0:8:ccd8:137:74:187:103 has IPv6 address 2001:41d0:8:ccd8:137:74:187:101 has IPv6 address 2001:41d0:8:ccd8:137:74:187:104 has IPv6 address 2001:41d0:8:ccd8:137:74:187:100
[+]Dig Result About Dns::
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7021 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ; IN A ;; AUTHORITY SECTION: . 6767 IN SOA 2019050800 1800 900 604800 86400 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5506
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0
; IN A
;; ANSWER SECTION: 2440 IN A 2440 IN A 2440 IN A 2440 IN A 2440 IN A
[+]Trying zone transfer and Brute force ::
Option w is ambiguous (wide, wordlist)
Trying zone transfer first...
Unsuccessful in zone transfer (it was worth a shot)
Okay, trying the good old fashioned way... brute force
Checking for wildcard DNS...
Nope. Good.
Now performing 2280 test(s)...
Subnets found (may want to probe here using nmap or unicornscan):
Done with Fierce scan:
Found 0 entries.
Have a nice day.
  • This output will show the basic whatweb information of a website. Its scan detected application, web servers and other technologies. It also scan the web server HTTP headers and the HTML source of a target.
  • Host result: its shows the host ip of the website and also scan IPv4 or IPv6 of a website .
  • It also scan the Firewall And IDS on the target (No WAF detected by the generic detection) it means NO WAF (Web Application Firewall).
  • dig tool is used for querying DNS nameservers, for information like host addresses, mail exchange, nameservers and related information. Its also find the A records of the target.

nmap scan:

  • Nmap TCP Scan shows the tcp open and closed ports, working concept behind these scans is one of the very interesting part of ethical hacking classes of International Institute of Cyber Security.
  • And its also shows info of load balancer on target
  • It also shows the rDNS records

unicon scan:

Now we are scanning with unicon scan. You have to follow all the steps to get the port scanning option and then select 1

connected ->
TCP open ttl 128
  • Its also scan the TCP open ports and shows the services with ports
  • Sender statistics 177.8 pps with 86528 packets sent total
  • For scanning its uses the local network card as shown below.
using interface(s) eth0



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store