BAF – Blind Attacking Framework

What is BAF ?

it’s a framework written in python [2.7] that is being made specially for blind attacking , ie : attacking random targets with common security issues , targets are generated by the hackers search engine “shodan” and vulnerable hosts are hacked in an automated way .

this framework is completely “neutral” ie: it’s not based on shodan API and it has total dependence on web scraping , ie: the only limit on what you can do with it is your immagination as a tester & our programming skills as contributers/owners .

how to use BAF ?

fire up a terminal and sudo apt-get update && apt-get upgrade && apt-get dist-upgrade

install [ requests , httplib , urllib , time , bs4 “BeautifulSoup” , colored , selenium , sys ] python modules


enter your shodan’s account username and pass

choose 1 , let it do it’s job , press y , close the previous tab , press y ,close the previous tabs …etc till u have the vulnerable cams only

choose 2 , enter what do u want to search for (ie: NSA) , when it’s done , refer to the targets text file , it will contain the targets ip:port

that’s all , till now :)

DON’T close a loading webpage

beta versions will make automated browser open for better understanding ,but you can close the webcam tabs freely


Download BAF


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do

Você está comentando utilizando sua conta Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s