/Viper

Intranet pentesting tool with webui 开源图形化内网渗透工具

BSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

English | 简体中文

  • Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration
  • Viper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so on
  • Viper has integrated 80+ modules, covering Resource Development / Initial Access / Execution / Persistence / Privilege Escalation / Defense Evasion / Credential Access / Discovery / Lateral Movement / Collection and other categories
  • Viper's goal is to help red team engineers improve attack efficiency, simplify operation and reduce technical threshold
  • Viper supports running native msfconsole in browser and multi - person collaboration

image.png


image.png


image.png


image.png


image.png


image.png

Website

Installation manual

FAQ

Issues

Modules

System architecture diagram

viper.png

Development Manual

Source Code

  • viperjs (Frontend)

https://github.com/FunnyWolf/viperjs

  • viperpython (Backend)

https://github.com/FunnyWolf/viperpython

  • vipermsf (MSFRPC)

https://github.com/FunnyWolf/vipermsf

Acknoladgement

Edward_Snowdeng exp Fnzer0 qingyun00 脸谱 NoobFTW Somd5-小宇 timwhitez ViCrack xiaobei97 yumusb

Updatelog

✨Click to expand

v1.5.2 20211007

Optimization

  • Login page multilingual support
  • Merged metasploit-framework 6.1.9

v1.5.1 20210926

Bew Features

  • Added Obtain Internet outbound IP module
  • New search filter for session process list

Optimization

  • Antivirus software display supports English version
  • Optimize the output format of the intranet scanning module
  • Optimize the performance and UI of the Run Module function
  • Merged metasploit-framework 6.1.8 version

Bugfix

  • Fix the problem that the name of antivirus software is not displayed

v1.5.0 20210919

New Features

  • VIPER now support English language

Optimization

  • Optimized the format of session online SMS
  • Merged metasploit-framework 6.1.7 version

Bugfix

  • Fixed the issue that ExitOnSession did not take effect
  • Fix the issue that the bind handler of the exploit module does not take effect

v1.4.2 20210822

New Features

  • Added Session online by SCF (Tencent API Gateway) module

Optimization

  • Use Unix socketpair to replace 127.0.0.1 socketpair to improve performance
  • Optimize the handler function, add HttpHostHeader parameter
  • Block ids check of session
  • Merged metasploit-framework 6.1.5 version

Bugfix

  • Fixed the problem that some module tasks could not be deleted
  • Fixed the issue of channel not being released in MSF
  • Fix the issue of Clone Https certificate certificate length, adapt to the new features of SSLVersion
  • Fix the issue that the session does not respond after the use of Linux intranet routing and command execution due to stream hang

404StarLink 2.0 - Galaxy

Viper has joined 404Team 404StarLink 2.0 - Galaxy

Stargazers

Stargazers over time