Tools & Utilities

RTFMv2 provides specialized tools and integrations for common penetration testing tasks, along with direct access to hundreds of Kali Linux utilities.

Overview

The Tools section includes:

MSFVenom Interface: Visual payload generator
OCR Tool: Optical character recognition with auto-save
Network Mapper: Graphical network visualization
Tool Parsers: Automatic result ingestion
Kali Tools Integration: Direct access to 100+ tools
Real-time Output: Live command feedback

MSFVenom Payload Generator

Create custom payloads with an intuitive graphical interface.

Quick Payload Generation

Basic Workflow:

Click "MSFVenom" from Tools menu
Select payload type
Configure options
Generate payload
Copy, save, or deploy

Payload Selection

Payload Categories:

Reverse Shells:

windows/meterpreter/reverse_tcp
windows/meterpreter/reverse_https
linux/x64/meterpreter/reverse_tcp
php/meterpreter/reverse_tcp
python/meterpreter/reverse_tcp
cmd/windows/reverse_powershell

Bind Shells:

windows/meterpreter/bind_tcp
linux/x64/shell/bind_tcp

Stageless Payloads:

windows/meterpreter_reverse_tcp
linux/x64/meterpreter_reverse_tcp

Platform Selection:

Filter payloads by target platform: - Windows (32-bit, 64-bit) - Linux (x86, x64, ARM) - macOS - Android - PHP, Python, Java (multi-platform)

Format Selection:

Executable: .exe, .elf, .app
DLL: .dll
Service: Windows service binary
Script: .vbs, .bat, .ps1, .sh
Language: .py, .rb, .jar, .war
Raw shellcode: C, Python, PowerShell, Bash arrays

Configuration Options

LHOST:

Your IP address (listener)
Public IP for reverse connections over Internet
VPN IP for tunnel access
Auto-detected or manual entry

LPORT:

Listening port (default: 4444)
Choose available port
Coordinate with listener setup

Encoding:

x86/shikata_ga_nai: Polymorphic XOR encoder
x64/xor_dynamic: XOR encoder for x64
cmd/powershell_base64: Base64 encoding
Multiple iterations for increased obfuscation

Encryption:

--encrypt aes256: AES-256 encryption
--encrypt rc4: RC4 encryption
Custom encryption keys

Templates:

Inject payload into legitimate executable
Choose template file (.exe, .elf)
Maintains original functionality

Architecture:

x86 or x64 (auto-detected from payload)
Override if needed

Platform:

Specify target OS version
Affects payload compatibility

Advanced Options

Antivirus Evasion:

Enable "AV Evasion"
Select techniques:
- Multiple encoding iterations
- Encryption
- Template injection
- Custom shellcode loader
Test with VirusTotal (optional)

Payload Customization:

Custom user agent (for HTTPS payloads)
Sleep timers and jitter
Proxy settings
Custom certificates (HTTPS)

Shellcode Options:

Position-independent code
No null bytes
Limited character set
Custom NOP sled

Payload Generation

Generate Workflow:

Review configuration in summary panel
Click "Generate Payload"
MSFVenom executes in background
Progress indicator shows status
Output displayed on completion

Save to File:

Click "Save Payload"
Choose output directory
Filename auto-generated or custom
File saved and path displayed

Copy to Clipboard:

Click "Copy Shellcode"
Paste into exploit code
Format preserved (C array, Python, etc.)

Deploy Directly:

Set up listener automatically
Upload to web server (if configured)
Transfer to staging area
Start handler

Listener Setup

Auto-Listener Creation:

After generating payload:

Click "Create Listener"
Listener configuration auto-populated:
- Handler type matches payload
- LHOST and LPORT from payload config
- Payload options included
Click "Start Listener"
Listener active and waiting for connections

Payload Library

Save Frequently Used Payloads:

After generating payload, click "Save to Library"
Name the payload (e.g., "Windows x64 HTTPS Staged")
Add tags for organization
Payload saved with full configuration

Reuse Saved Payloads:

Browse payload library
Click to load configuration
Modify if needed
Regenerate quickly

Integration

Deploy to Attack Template:

Right-click payload → "Add to Template"
Payload becomes part of attack workflow
Auto-executed during template run

Use in Exploits:

Copy shellcode to exploit code
Paste into Metasploit modules
Include in custom scripts

OCR Tool

Extract text from images automatically with HTML output.

Capturing Screenshots

Clipboard Capture:

Take screenshot (PrintScreen, Snipping Tool, etc.)
Open OCR Tool
Click "Paste from Clipboard"
Image loaded automatically

Output and Saving

View and Edit:

Text appears in editable pane
Correct OCR errors manually
Format and annotate

Auto-Save Feature

Saves images and text to /reports/OCR_Pages.html

Use Cases

Common Scenarios:

Terminal Output:

Capture command output from systems without copy/paste
OCR extracts text for documentation
Include in reports automatically

Web Pages:

Screenshot of web application
Extract text for analysis
Preserve visual context

Error Messages:

Capture error dialogs
Extract exact error text
Search for solutions

Configuration Files:

Screenshot of GUI configuration
Extract settings as text
Compare across systems

Credentials:

Capture found credentials
OCR extracts for credential store
Maintains evidence with screenshot

Network Mapper

Visual representation of discovered network topology.

Viewing the Network Map

Access Network Map:

Click "Network Map" from main menu
Map renders with current session data
Nodes represent hosts
Edges represent connections

Map Layout

Visualization:

Tool Parsers

Automatically import results from common security tools.

Built-in Parsers:

Dig
Dirb
Enum4linux
Ffuf
Gobuster
Graphw00f
Kerbrute
LdapSearch
Nikto,
Nma
Nuclei
OpenApi
Pcap
SearchSploit
SSLScan
TheHarvester
Whatweb
Whois

Parser Output

What Gets Imported:

Hosts:

IP addresses
Hostnames
MAC addresses
OS fingerprints

Services:

Open ports
Service names and versions
Protocol information

Vulnerabilities:

CVE numbers
Descriptions
Severity ratings
Affected services