English | 简体中文
- Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration
- Viper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so on
- Viper has integrated 80+ modules, covering Resource Development / Initial Access / Execution / Persistence / Privilege Escalation / Defense Evasion / Credential Access / Discovery / Lateral Movement / Collection and other categories
- Viper's goal is to help red team engineers improve attack efficiency, simplify operation and reduce technical threshold
- Viper supports running native msfconsole in browser and multi - person collaboration
Log4j Scanning Readme
Website
Installation manual
Updatelog
✨Click to expand
v1.5.10 20211216
New Features
- New log4j passive scanning function
- Viper + crawlergo can be used in combination to automatically and actively scan log4j vulnerabilities
Log4j passive scan
- Automatically replace the get request parameter with payload
- The auto replace post request parameter is payload
- The JSON value of auto replace post request is payload
- Auto replace skip password field
- Automatically add payload in headers (polling by Dictionary)
- The payload contains the original payload and the payload bypassing the WAF
- The payload contains UUID, which can find the specific request content that triggers the vulnerability according to the dnslog record
Log4j automatic active scanning
- Get all requests for automatic page acquisition through chrome headless + crawler, and import the requests into the passive proxy to realize automatic scanning
Log4j Scanning Readme
v1.5.9 20211204
Optimization
- Merge Metasploit Framework version 6.1.18
- Update ruby version to 3.0
Bugfix
- Fix bug on FOFA search
v1.5.8 20211126
New features
- New module
Syscall Visual Studio project
Optimization
InternetScanUI is updated to make the operation more convenient, and the manual import function is added- Add partial log (heartbeat data section)
- Merge Metasploit Framework version 6.1.17
Bugfix
- Fix the problem that the PEM certificate could not be loaded
v1.5.7 20211115
Optimization
- 'InternetScan' add debug interface
- Webdelivery currently no longer forces binding of target and payload
- Functional optimization of Puma and ipgeo
- front-end interaction optimization
- Merge Metasploit Framework version 6.1.15
Bugfix
- Fix the handler exception caused by ipgeo exception
- Fix the repeated addition of UDP handler after Viper restart
v1.5.6 20211031
New Features
- Added 'Hander firewall' function
- Added the module of "Direct windows syscall evasion technique"
Optimization
- reverse_http(s) when the network is disconnected, the timeout is updated from 21 seconds (Windows default) to 3 seconds
- The current session does not expire by default and will not exit automatically
- Merge Metasploit Framework version 6.1.13
Bugfix
- Repair reverse_tcp failed to connect when 'sessionexpirationtimeout' is 0
- Fix failure to get default lhost parameter on ui
v1.5.5 20211024
New Features
- Added
CVE-2021-40449 LPEmodule - One click download all Viper logs from WEBUI
Optimization
- Merged metasploit-framework 6.1.12
Bugfix
- Fix the port occupancy problem after the socks is removed
v1.5.4 20211017
New Features
- Added
MS17-010 Exploit (CSharp)module
Optimization
- Merged metasploit-framework 6.1.11
Bugfix
- Fix duplicate add reverse_http(s) handler failed to deal with session online requests.
v1.5.3 20211010
Optimization
- Optimize msfconsole user experience
- Merged metasploit-framework 6.1.10
v1.5.2 20211007
Optimization
- Login page multilingual support
- Merged metasploit-framework 6.1.9
v1.5.1 20210926
New Features
- Added
Obtain Internet outbound IPmodule - New search filter for session process list
Optimization
- Antivirus software display supports English version
- Optimize the output format of the intranet scanning module
- Optimize the performance and UI of the
Run Modulefunction - Merged metasploit-framework 6.1.8 version
Bugfix
- Fix the problem that the name of antivirus software is not displayed
v1.5.0 20210919
New Features
- VIPER now support English language
Optimization
- Optimized the format of session online SMS
- Merged metasploit-framework 6.1.7 version
Bugfix
- Fixed the issue that
ExitOnSessiondid not take effect - Fix the issue that the bind handler of the exploit module does not take effect
v1.4.2 20210822
New Features
- Added
Session online by SCF (Tencent API Gateway)module
Optimization
- Use Unix socketpair to replace 127.0.0.1 socketpair to improve performance
- Optimize the
handlerfunction, add HttpHostHeader parameter - Block ids check of session
- Merged metasploit-framework 6.1.5 version
Bugfix
- Fixed the problem that some module tasks could not be deleted
- Fixed the issue of channel not being released in MSF
- Fix the issue of
Clone Https certificatecertificate length, adapt to the new features of SSLVersion - Fix the issue that the session does not respond after the use of Linux intranet routing and command execution due to stream hang
FAQ
Issues
- github issues : https://github.com/FunnyWolf/Viper/issues
Modules
System architecture diagram
Development
Source Code
- viperjs (Frontend)
https://github.com/FunnyWolf/viperjs
- viperpython (Backend)
https://github.com/FunnyWolf/viperpython
- vipermsf (MSFRPC)
https://github.com/FunnyWolf/vipermsf
Thanks
Edward_Snowdeng exp Fnzer0 qingyun00 脸谱 NoobFTW Somd5-小宇 timwhitez ViCrack xiaobei97 yumusb
404StarLink 2.0 - Galaxy
Viper has joined 404Team 404StarLink 2.0 - Galaxy