├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── config.yml │ └── feature_request.md ├── auto-assign.yml └── workflows │ ├── dependency-review.yml │ └── label.yml ├── .gitignore ├── Help.txt ├── LICENSE ├── README.md ├── __init__.py ├── cyberonix.1 ├── cyberonix.py ├── main ├── Bug_Bounty.py ├── __init__.py ├── arguments.py ├── tool.py ├── tools │ ├── .driver │ │ └── geckodriver │ ├── Anonymity.py │ ├── Authentication.py │ ├── Authorization.py │ ├── Configuration_Management.py │ ├── Cryptography.py │ ├── Exploitation_Tools.py │ ├── File_Upload.py │ ├── Framework.py │ ├── Password_Hacking.py │ ├── Pentesting_Bug_Bounty.py │ ├── PostExploitationAttacks.py │ ├── Recommended_Tool.py │ ├── RiskyFuncPayment.py │ ├── Secure_Transmission.py │ ├── Session_Management.py │ ├── Sniffing_and_Spoofing.py │ ├── Vulnerability_Analysis.py │ ├── WEB_Application_Analysis.py │ ├── Wireless_Hacking.py │ ├── __init__.py │ ├── banner.py │ ├── colors.py │ ├── data_validation.py │ ├── dos.py │ ├── forensic.py │ ├── html5.py │ ├── information_gathering.py │ ├── run_on_browser.py │ ├── template.py │ ├── waiting.py │ └── writeup.py └── toolslogs.txt ├── requirements.txt └── setup.py /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Screenshots** 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | **Desktop (please complete the following information):** 27 | - OS: [e.g. iOS] 28 | - Browser [e.g. chrome, safari] 29 | - Version [e.g. 22] 30 | 31 | **Smartphone (please complete the following information):** 32 | - Device: [e.g. iPhone6] 33 | - OS: [e.g. iOS8.1] 34 | - Browser [e.g. stock browser, safari] 35 | - Version [e.g. 22] 36 | 37 | **Additional context** 38 | Add any other context about the problem here. 39 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: true 2 | 3 | contact_links: 4 | - name: Defronix CyberSecurity Pvt. Ltd. 5 | url: https://defronix.com/ 6 | about: Our offical website. 7 | - name: Discord community 8 | url: https://discord.gg/dHY2QGc9Zu 9 | about: Ask and discuss about Cyberonix on Discord. 10 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /.github/auto-assign.yml: -------------------------------------------------------------------------------- 1 | name: Auto-Assign 2 | 3 | on: 4 | pull_request: 5 | types: [opened, synchronize] 6 | 7 | jobs: 8 | auto-assign: 9 | runs-on: ubuntu-latest 10 | 11 | steps: 12 | - name: Checkout Code 13 | uses: actions/checkout@v2 14 | with: 15 | ref: ${{ github.head_ref }} 16 | 17 | - name: Auto-Assign Reviewer 18 | run: | 19 | REVIEWER_1="metaxonesolution" 20 | REVIEWER_2="hardikhacker" 21 | REVIEWER_3="0xMrR0b0t" 22 | echo "Assigning one of the following reviewers: $REVIEWER_1, $REVIEWER_2, $REVIEWER_3" 23 | # Randomly select one of the reviewers 24 | REVIEWER=$(echo $REVIEWER_1 $REVIEWER_2 $REVIEWER_3 | tr " " "\n" | shuf -n 1) 25 | echo "Assigning $REVIEWER as the reviewer" 26 | echo "Assigning $REVIEWER" 27 | curl -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -d "{\"assignees\":[\"$REVIEWER\"]}" "https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.number }}/assignees" 28 | -------------------------------------------------------------------------------- /.github/workflows/dependency-review.yml: -------------------------------------------------------------------------------- 1 | 2 | name: 'Dependency Review' 3 | on: [pull_request] 4 | 5 | permissions: 6 | contents: read 7 | 8 | jobs: 9 | dependency-review: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: 'Checkout Repository' 13 | uses: actions/checkout@v3 14 | - name: 'Dependency Review' 15 | uses: actions/dependency-review-action@v2 16 | -------------------------------------------------------------------------------- /.github/workflows/label.yml: -------------------------------------------------------------------------------- 1 | name: Labeler 2 | on: [pull_request] 3 | 4 | jobs: 5 | label: 6 | 7 | runs-on: ubuntu-latest 8 | permissions: 9 | contents: read 10 | pull-requests: write 11 | 12 | steps: 13 | - uses: actions/labeler@v4 14 | with: 15 | repo-token: "${{ secrets.GITHUB_TOKEN }}" 16 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | -------------------------------------------------------------------------------- /Help.txt: -------------------------------------------------------------------------------- 1 | Welcome to Cyberonix - Your Cyber Security Resource Hub! 2 | 3 | Basic Options: 4 | 5 | -h, --help : Get this help message. 6 | --domain DOMAIN, -D DOMAIN : Target a specific domain. 7 | --output OUTPUT, -o OUTPUT : Save results to a file (provide the file path). 8 | --file FILE, -f FILE : Read input from a file (provide the file path). 9 | --ip IP, -ip IP : Target a specific IP address. 10 | 11 | Main Functions: 12 | 13 | --tools, -t : Access various cybersecurity tools. 14 | --cheatsheet, -c : Get a cybersecurity reference guide. 15 | 16 | IP Operations: 17 | 18 | --getip, -gip : Get the IP address of a domain. 19 | 20 | Can use with: --domain, --file, --output 21 | 22 | --ipinfo, -ipi : Get information about an IP address. 23 | 24 | Can use with: --ip, --file, --output 25 | 26 | DNS Operations: 27 | 28 | --dnsrecord, -dns : Get DNS records for a domain. 29 | 30 | Can use with: --domain, --file, --output 31 | 32 | --record RECORD, -r RECORD : Specify the type of DNS record (e.g., A, TXT, MX). 33 | 34 | usage: --record 35 | 36 | ASN Record: 37 | 38 | --asnrecord, -asn : Get ASN (network) information. 39 | 40 | Can use with: --ip, --file, --output 41 | 42 | Screenshotting: 43 | 44 | --screenshot, -s : Take a website screenshot. 45 | 46 | Can use with: --domain, --file, --output 47 | 48 | HTTP Status: 49 | 50 | --http-status, -S : Check a website's HTTP status code. 51 | 52 | Can use with: --domain, --file, --output 53 | 54 | Remove Duplicate: 55 | 56 | --remove-duplicate, -rd : Remove duplicate lines from a file. 57 | 58 | Can use with: --file, --output 59 | 60 | Password Generation: 61 | 62 | --passwordgen, -P : Generate a password. 63 | --default-password-gen, -pass: Generate a random password (Recommended) (use --length, --checkpassword for customization). 64 | 65 | Customization Options: 66 | --upper, -u : Include uppercase letters. 67 | --lower, -l : Include lowercase letters. 68 | --digits, -d : Include numbers. 69 | --punctuation, -p : Include symbols. 70 | --length LENGTH, -L LENGTH : Set password length (default is 8). 71 | --checkpassword, -C : Test the strength of a password. 72 | 73 | Worlist Generation: 74 | 75 | --worlist, -w : To generate a wordlist 76 | --characters,-c : Set of characters to include in the wordlist (Default = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ) 77 | --min_length, -min : Minimum length of the words ( Default = 4 ) 78 | --max_length, -max : Maximum length of the words ( Default = 6 ) 79 | --output_file, -ot : Output file name ( Default = custom_wordlist.txt ) 80 | 81 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Defronix Cyber Security Pvt. Ltd. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /__init__.py: -------------------------------------------------------------------------------- 1 | __all__=["cyberonix","setup","main"] 2 | -------------------------------------------------------------------------------- /cyberonix.1: -------------------------------------------------------------------------------- 1 | .TH CYBERONIX 1 "20-02-2024" "GNU" "Cyberonix User Manual" 2 | 3 | .SH NAME 4 | .B Cyberonix \- 5 | .I A Complete Resource Hub For Cyber Security Community 6 | 7 | 8 | .SH SYNOPSIS 9 | .RI cyberonix 10 | .RI [ options ] 11 | .RI [ Argument ] 12 | 13 | .SH INTRODUCTION 14 | .RI [ Argument ] 15 | 16 | .SH INTRODUCTION 17 | .B Cyberonix 18 | is an open source & free tool by 19 | .B Team Defronix Cyber Security Pvt. Ltd. 20 | (version 3.0, released on 01-03-2024). The tool was initially developed by a team of students during their internship at 21 | .B Defronix Cyber Security 22 | after completing their Diploma in Cyber Security Training. 23 | 24 | Cyberonix is a comprehensive resource hub for the Cybersecurity community. Our goal is to establish this tool as a one-stop solution for hackers, providing resources on various topics in Cybersecurity. We are committed to consistently updating this tool, incorporating new and revised resources as needed. 25 | 26 | Feel free to suggest any features you'd like to see, we are open to including them in our next update. 27 | 28 | .SH OPTIONS 29 | 30 | .TP 31 | .B --tools, -t 32 | To directly access the Tools option. 33 | 34 | .TP 35 | .B --cheatsheet, -c 36 | Directly access the Cheatsheet option. 37 | 38 | .TP 39 | .B --asnrecord, -asn 40 | Retrieve ASN record information based on an IP address. 41 | 42 | Example: 43 | 44 | cyberonix --asnrecord -ip 8.8.8.8 45 | 46 | .TP 47 | .B --dnsrecord, -dns 48 | Retrieve DNS record information for a domain, including optional record type specification. 49 | 50 | Example: 51 | 52 | cyberonix --dnsrecord -domain defronix.com --record TXT 53 | 54 | .TP 55 | .B --default-password-gen, -pass 56 | Generate a secure random password with options for length customization. 57 | 58 | Example: 59 | 60 | cyberonix --default-password-gen -L 10 61 | 62 | .TP 63 | .B --http-status, -S 64 | Get the HTTP status code of a domain. 65 | 66 | Example: 67 | 68 | cyberonix --http-status -D google.com 69 | 70 | .TP 71 | .B --screenshot, -s 72 | Capture a screenshot of websites, saved to /Screenshot. 73 | 74 | Example: 75 | 76 | cyberonix --screenshot -domain defronix.com 77 | 78 | .TP 79 | .B --remove-duplicate, -rd 80 | Remove duplicate entries from a file. 81 | 82 | Example: 83 | 84 | cyberonix --remove-duplicate -f file.txt 85 | 86 | .TP 87 | .B --getip, -gip 88 | Retrieve the IP address of a domain. 89 | 90 | Example: 91 | 92 | cyberonix --getip -D google.com 93 | .TP 94 | .B --tools, -t 95 | To directly access the Tools option. 96 | 97 | .TP 98 | .B --cheatsheet, -c 99 | Directly access the Cheatsheet option. 100 | 101 | .TP 102 | .B --asnrecord, -asn 103 | Retrieve ASN record information based on an IP address. 104 | 105 | Example: 106 | 107 | cyberonix --asnrecord -ip 8.8.8.8 108 | 109 | .TP 110 | .B --dnsrecord, -dns 111 | Retrieve DNS record information for a domain, including optional record type specification. 112 | 113 | Example: 114 | 115 | cyberonix --dnsrecord -domain defronix.com --record TXT 116 | 117 | .TP 118 | .B --default-password-gen, -pass 119 | Generate a secure random password with options for length customization. 120 | 121 | Example: 122 | 123 | cyberonix --default-password-gen -L 10 124 | 125 | .TP 126 | .B --http-status, -S 127 | Get the HTTP status code of a domain. 128 | 129 | Example: 130 | 131 | cyberonix --http-status -D google.com 132 | 133 | .TP 134 | .B --screenshot, -s 135 | Capture a screenshot of websites, saved to /Screenshot. 136 | 137 | Example: 138 | 139 | cyberonix --screenshot -domain defronix.com 140 | 141 | .TP 142 | .B --remove-duplicate, -rd 143 | Remove duplicate entries from a file. 144 | 145 | Example: 146 | 147 | cyberonix --remove-duplicate -f file.txt 148 | 149 | .TP 150 | .B --getip, -gip 151 | Retrieve the IP address of a domain. 152 | 153 | Example: 154 | 155 | cyberonix --getip -D google.com 156 | 157 | .SH ARGUMENTS 158 | .TP 159 | .B --domain, -D 160 | Specify the domain for various operations. 161 | 162 | Example: 163 | 164 | cyberonix --domain google.com 165 | 166 | .TP 167 | .B --ip, -ip 168 | Specify the IP address for relevant operations. 169 | 170 | Example: 171 | 172 | cyberonix --ip 8.8.8.8 173 | 174 | .TP 175 | .B --record, -r 176 | Specify the record type for DNS queries. 177 | 178 | Example: 179 | 180 | cyberonix --record TXT 181 | 182 | .TP 183 | .B --upper, -u 184 | Include uppercase characters in the generated password. 185 | 186 | .TP 187 | .B --lower, -l 188 | Include lowercase characters in the generated password. 189 | 190 | .TP 191 | .B --digits, -d 192 | Include digits in the generated password. 193 | 194 | .TP 195 | .B --punctuation, -p 196 | Include special characters in the generated password. 197 | 198 | .TP 199 | .B --length, -L 200 | Specify the length of the generated password. 201 | 202 | Example: 203 | 204 | cyberonix --length 12 205 | 206 | .TP 207 | .B --checkpassword, -C 208 | Check the generated password for commonality. 209 | 210 | .TP 211 | .B --file, -f 212 | Specify a file input for relevant operations. 213 | 214 | Example: 215 | 216 | cyberonix --file /path/to/file 217 | 218 | .TP 219 | .B --output, -o 220 | Specify the output file for relevant operations. 221 | 222 | Example: 223 | 224 | cyberonix --output /path/to/output 225 | .TP 226 | .B --domain, -D 227 | Specify the domain for various operations. 228 | 229 | Example: 230 | 231 | cyberonix --domain google.com 232 | 233 | .TP 234 | .B --ip, -ip 235 | Specify the IP address for relevant operations. 236 | 237 | Example: 238 | 239 | cyberonix --ip 8.8.8.8 240 | 241 | .TP 242 | .B --record, -r 243 | Specify the record type for DNS queries. 244 | 245 | Example: 246 | 247 | cyberonix --record TXT 248 | 249 | .TP 250 | .B --upper, -u 251 | Include uppercase characters in the generated password. 252 | 253 | .TP 254 | .B --lower, -l 255 | Include lowercase characters in the generated password. 256 | 257 | .TP 258 | .B --digits, -d 259 | Include digits in the generated password. 260 | 261 | .TP 262 | .B --punctuation, -p 263 | Include special characters in the generated password. 264 | 265 | .TP 266 | .B --length, -L 267 | Specify the length of the generated password. 268 | 269 | Example: 270 | 271 | cyberonix --length 12 272 | 273 | .TP 274 | .B --checkpassword, -C 275 | Check the generated password for commonality. 276 | 277 | .TP 278 | .B --file, -f 279 | Specify a file input for relevant operations. 280 | 281 | Example: 282 | 283 | cyberonix --file /path/to/file 284 | 285 | .TP 286 | .B --output, -o 287 | Specify the output file for relevant operations. 288 | 289 | Example: 290 | 291 | cyberonix --output /path/to/output 292 | 293 | .SH FILES 294 | 295 | .RI /usr/bin/cyberonix 296 | : Path to the Cyberonix executable file. 297 | 298 | .RI /usr/bin/cyberonix 299 | : Path to the Cyberonix executable file. 300 | 301 | .SH BUGS 302 | If you encounter any bugs or issues, 303 | please report them on our GitHub repository:< https://github.com/TeamDefronix/Cyberonix/issues > 304 | or contact us via Discord:< https://discord.gg/eAzXRzCS6p >. 305 | We appreciate any feedback and suggestions and are committed to addressing concerns promptly and professionally. 306 | 307 | 308 | .SH ERROR HANDLING 309 | .B Cyberonix 310 | handles invalid inputs by displaying informative error messages. If you encounter any issues or unexpected behavior, refer to the error messages for troubleshooting or report them on our GitHub repository. 311 | 312 | .SH COPYRIGHT 313 | .PP 314 | Copyright 2023 Defronix Cyber Security Pvt. Ltd. All rights reserved. 315 | Visit us at: 316 | 317 | .SH LICENSE 318 | .B Cyberonix 319 | is distributed under the MIT License. See the accompanying LICENSE file for more details. 320 | Copyright 2023 Defronix Cyber Security Pvt. Ltd. All rights reserved. 321 | Visit us at: 322 | 323 | .SH LICENSE 324 | .B Cyberonix 325 | is distributed under the MIT License. See the accompanying LICENSE file for more details. 326 | 327 | .SH CREDITS 328 | .PP 329 | We acknowledge and express gratitude to the talented team at Defronix for their exceptional work on the Cyberonix toolkit. Their dedication and expertise have resulted in a powerful and innovative software tool with the potential to make a significant impact in the field of cybersecurity. Sincere thanks to the Defronix team for their contributions and commitment to excellence. 330 | 331 | 332 | .PP 333 | Cyberonix, Defronix Cyber Security 334 | -------------------------------------------------------------------------------- /cyberonix.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import os 3 | import subprocess 4 | from main.tools import banner,colors,template,Recommended_Tool,run_on_browser 5 | from main import * 6 | import time,argparse 7 | 8 | def exit_program(): 9 | os.system("clear") 10 | banner.main() 11 | print("\033[38;5;105m","[+] Thanks visit again".title()) 12 | exit() 13 | 14 | try: 15 | def update(): 16 | os.system("clear") 17 | banner.main() 18 | banner.attack("Update") 19 | print("[+] Checking for updates....".title()) 20 | process = subprocess.Popen("git checkout . && git pull ",shell=True,stdout=subprocess.PIPE,stderr=subprocess.STDOUT) 21 | (use,nouse)=process.communicate() 22 | if not nouse: 23 | if "Already up to date" in use.decode(): 24 | print("[+] it is updated".title()) 25 | elif "not a git repository" in use.decode(): 26 | print("[-] IT is not a github repository".title()) 27 | elif "Updating" in use.decode(): 28 | print("[+] updating.....".title()) 29 | print(use.decode()) 30 | print("\u001b[32m[+] Cyberonix is UPDATED To Latest Version") 31 | try: 32 | subprocess.run('cyberonix',shell=True, check = True) 33 | except Exception as err: 34 | os.system("python3 cyberonix.py") 35 | exit() 36 | else: 37 | print("[-] Something went wrong....".title()) 38 | print(use.decode()) 39 | else: 40 | print("[-] something went wrong".title()) 41 | print(nouse) 42 | for i in range(3): 43 | print(f"[!] Redirecting in ...{3-i}sec\r".title(),end="") 44 | time.sleep(i) 45 | def starting(): 46 | parser = argparse.ArgumentParser( 47 | description="Cyberonix is a complete resource hub for Cyber Security Community. Our aim is to make this tool an 1 stop solution for all the Hackers out there to get resources of various topics in Cyber Security. We will keep updating this tool & adding new & updated resources on the go.", 48 | ) 49 | main_args = parser.add_argument_group('Main Arguments') 50 | 51 | main_args.add_argument( 52 | "--tools", "-t",type=str,help=": Access various cybersecurity tools." 53 | ) 54 | main_args.add_argument( 55 | 56 | "--cheatsheet", "-c", action="store_true", help=": Get a cybersecurity reference guide." 57 | 58 | ) 59 | ip_args = parser.add_argument_group('IP') 60 | ip_args.add_argument( 61 | "--getip", "-gip", action="store_true",help=": Get Ip Of A Domain. \nCan use with: --domain, --file, --output", 62 | ) 63 | 64 | dns_Args = parser.add_argument_group('DNS Records') 65 | parser.add_argument("--domain", "-D", dest='domain', nargs="?" , const="" ,help=': Specify the domain', option_strings=['--domain']) 66 | dns_Args.add_argument( 67 | "--dnsrecord", "-dns", action="store_true", help=": To Get DNS Records of a domain. Can use with: --domain, --file, --output " 68 | ) 69 | dns_Args.add_argument( 70 | "--record", "-r", help=": Specify the type of DNS record (e.g., A, TXT, MX). \nusage: --record " 71 | ) 72 | screenshot_Args = parser.add_argument_group('Screenshoting') 73 | screenshot_Args.add_argument( 74 | "--screenshot", 75 | "-s", 76 | action="store_true", 77 | help=": To take a Screenshot Of Website/Websites. \nCan use with: --domain,--file,--output", 78 | ) 79 | parser.add_argument("--output", "-o", help=": Save the results to the file Specify File location -o path/to/location") 80 | parser.add_argument("--file", "-f", help=": Read input from a file Specify An Input File -f path/to/file.txt") 81 | 82 | asn_Args = parser.add_argument_group('ASN Record') 83 | parser.add_argument("--ip", "-ip", help="Specify IP Address") 84 | asn_Args.add_argument( 85 | "--asnrecord", "-asn", action="store_true", help=": Get ASN (network) information. \n Can use with: --ip,--file,--output" 86 | ) 87 | password_Args = parser.add_argument_group("Password Generation") 88 | password_Args.add_argument( 89 | "--passwordgen", "-P", action="store_true", help=": To Generate a Password" 90 | ) 91 | password_Args.add_argument( 92 | "--default-password-gen", 93 | "-pass", 94 | action="store_true", 95 | help=": To Generate Random Password (Recommended)(only use --length, --checkpassword for customization).", 96 | ) 97 | 98 | password_Args.add_argument( 99 | "--upper", "-u", action="store_true", help=": For Uppercase" 100 | ) 101 | password_Args.add_argument( 102 | "--lower", "-l", action="store_true", help=": For Lowercase" 103 | ) 104 | password_Args.add_argument( 105 | "--digits", "-d", action="store_true", help=": For Digits" 106 | ) 107 | password_Args.add_argument( 108 | "--punctuation", "-p", action="store_true", help=": For Punctuation" 109 | ) 110 | password_Args.add_argument( 111 | "--length", "-L", help=": To Specify Length Of Password (Default=8)" 112 | ) 113 | password_Args.add_argument( 114 | "--checkpassword", 115 | "-C", 116 | action="store_true", 117 | help=": To Check Your Generated Password", 118 | ) 119 | wordlist_Args = parser.add_argument_group("Wordlist Generation") 120 | wordlist_Args.add_argument( 121 | "--wordlist", "-w", action="store_true", help=": To Generate a Wordlist" 122 | ) 123 | wordlist_Args.add_argument("-ch", "--characters", type=str, default="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", 124 | help=": Set of characters to include in the wordlist") 125 | wordlist_Args.add_argument("-min", "--min_length", type=int, default=4, help=": Minimum length of the words ( Default = 4 )") 126 | wordlist_Args.add_argument("-max", "--max_length", type=int, default=6, help=": Maximum length of the words ( Default = 6 )") 127 | wordlist_Args.add_argument("-ot", "--output_file", type=str, default="custom_wordlist.txt", help=": Output file name ( Default = custom_wordlist.txt )") 128 | 129 | hstatus_Args = parser.add_argument_group('HTTP Status') 130 | hstatus_Args.add_argument( 131 | "--http-status", 132 | "-S", 133 | action="store_true", 134 | help=": Check a website's HTTP status code." "\nCan use with: --domain, --file, --output" , 135 | ) 136 | remove_dub_Args = parser.add_argument_group('remove duplicate') 137 | remove_dub_Args.add_argument( 138 | "--remove-duplicate", 139 | "-rd", 140 | action="store_true", 141 | help=": To Remove Duplicates From a File. Can use with: --file,--output", 142 | ) 143 | args = parser.parse_args() 144 | if args.tools: 145 | arguments.tools(args.tools) 146 | elif args.getip: 147 | 148 | if args.file: 149 | if args.output: 150 | arguments.getip(path=args.file, output=args.output) 151 | else: 152 | arguments.getip(path=args.file) 153 | elif args.domain: 154 | if args.output: 155 | arguments.getip(url=args.domain,output=args.output) 156 | else: 157 | arguments.getip(url=args.domain) 158 | else: 159 | if args.output: 160 | arguments.getip(url=args.getip, output=args.output) 161 | else: 162 | arguments.getip(url=args.getip) 163 | #print( 164 | #f"{colors.red}[!] Please enter file with --file path/to/file or pass a single domain with --domain https://example.com{colors.reset}" 165 | #) 166 | 167 | elif args.cheatsheet: 168 | run_on_browser.main("https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap/blob/main/cheatsheet.md") 169 | 170 | elif args.screenshot: 171 | if args.file: 172 | if args.output: 173 | arguments.screenshot(path=args.file,output=args.output) 174 | else: 175 | arguments.screenshot(path=args.file) 176 | elif args.domain: 177 | if args.output: 178 | arguments.screenshot(url=args.domain,output=args.output) 179 | else: 180 | arguments.screenshot(url=args.domain) 181 | 182 | else: 183 | print( 184 | f"{colors.red}[!] Please enter file with --file path/to/file or pass a single domain with --domain https://example.com{colors.reset}" 185 | ) 186 | elif args.remove_duplicate: 187 | if args.file: 188 | if args.output: 189 | arguments.remove_dublicates(location=args.file, output=args.output) 190 | else: 191 | arguments.remove_dublicates(location=args.file) 192 | 193 | else: 194 | print( 195 | f"{colors.red}[!] Please enter file with --file path/to/file or pass a single domain with --domain https://example.com{colors.reset}" 196 | ) 197 | 198 | elif args.asnrecord: 199 | if args.file: 200 | if args.output: 201 | arguments.asnrecord(path=args.file, output=args.output) 202 | else: 203 | arguments.asnrecord(path=args.file) 204 | elif args.ip: 205 | if args.output: 206 | arguments.asnrecord(url=args.ip, output=args.output) 207 | else: 208 | arguments.asnrecord(url=args.ip) 209 | 210 | else: 211 | print( 212 | f"{colors.red}[!] Please enter file with --file path/to/file or pass a single ip with --ip 8.8.8.8{colors.reset}" 213 | ) 214 | 215 | elif args.http_status: 216 | if args.file: 217 | if args.output: 218 | arguments.http_status_code(path=args.file, output=args.output) 219 | else: 220 | arguments.http_status_code(path=args.file) 221 | elif args.domain: 222 | if args.output: 223 | arguments.http_status_code(url=args.domain, output=args.output) 224 | else: 225 | arguments.http_status_code(url=args.domain) 226 | else: 227 | print( 228 | f"{colors.red}[!] Please enter file with --file path/to/file or pass a single domain with --domain https://example.com{colors.reset}" 229 | ) 230 | 231 | elif args.passwordgen: 232 | if args.length: 233 | arguments.password_gen( 234 | args.upper, 235 | args.lower, 236 | args.digits, 237 | args.punctuation, 238 | args.length, 239 | args.checkpassword, 240 | ) 241 | else: 242 | arguments.password_gen( 243 | args.upper, 244 | args.lower, 245 | args.digits, 246 | args.punctuation, 247 | check=args.checkpassword, 248 | ) 249 | elif args.default_password_gen: 250 | if args.length: 251 | arguments.password_gen(length=args.length, check=args.checkpassword) 252 | else: 253 | arguments.password_gen(check=args.checkpassword) 254 | 255 | elif args.wordlist: 256 | arguments.generate_wordlist( 257 | args.characters, 258 | args.min_length, 259 | args.max_length, 260 | args.output_file 261 | ) 262 | 263 | elif args.dnsrecord: 264 | if args.record: 265 | if args.file: 266 | if args.output: 267 | arguments.dnsrecords(path=args.file, names=args.record,output=args.output) 268 | else: 269 | arguments.dnsrecords(path=args.file, names=args.record) 270 | elif args.domain: 271 | if args.output: 272 | arguments.dnsrecords(url=args.domain, names=args.record,output=args.output) 273 | else: 274 | arguments.dnsrecords(url=args.domain, names=args.record) 275 | else: 276 | print("please give --domain/--file also") 277 | elif args.domain: 278 | if args.record: 279 | if args.output: 280 | arguments.dnsrecords(url=args.domain, names=args.record,output=args.output) 281 | else: 282 | arguments.dnsrecords(url=args.domain, names=args.record) 283 | else: 284 | print("please give --record also") 285 | else: 286 | main() 287 | 288 | def main(): 289 | update() 290 | os.system("chmod +x *") 291 | proc = subprocess.Popen([f"id"], stdout=subprocess.PIPE, shell=True) 292 | #there keyfor success output and noththere for error output 293 | (there, notthere) = proc.communicate() 294 | there=there.decode() 295 | if "root" not in there: 296 | try: 297 | subprocess.run('sudo cyberonix',shell=True, check = True) 298 | except Exception as err: 299 | os.system("sudo python3 cyberonix.py") 300 | # os.system("sudo cyberonix") 301 | exit() 302 | while True: 303 | os.system("clear") 304 | banner.main() 305 | list_attacks=["TOOLS","CHEATSHEET","Bug Bounty","Certifications & Roadmap","Write Ups","Man Page","exit"] 306 | for i in range(len(list_attacks)): 307 | print(colors.options,f"{i+1}) {list_attacks[i]}".title(),colors.reset) 308 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 309 | if option=="1": 310 | os.system("clear") 311 | tool.main() 312 | elif option=="2": 313 | run_on_browser.main("https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap/blob/main/cheatsheet.md") 314 | elif option == "3": 315 | os.system("clear") 316 | Bug_Bounty.main() 317 | elif option =="4": 318 | run_on_browser.main("https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap/blob/main/README.md") 319 | elif option == "5": 320 | run_on_browser.main("https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap/blob/main/Writeups.md") 321 | elif option=="6": 322 | os.system("clear") 323 | os.system("man cyberonix") 324 | else: 325 | exit_program() 326 | #to run file separately 327 | if __name__ == "__main__": 328 | starting() 329 | except KeyboardInterrupt: 330 | exit_program() 331 | except Exception as err: 332 | os.system("clear") 333 | banner.main() 334 | banner.attack(f"{colors.red}ERROR{colors.reset}") 335 | banner.description(f"{colors.red}{err}{colors.reset}") 336 | 337 | -------------------------------------------------------------------------------- /main/__init__.py: -------------------------------------------------------------------------------- 1 | __all__=["arguments","tool","tools","Bug_Bounty"] 2 | -------------------------------------------------------------------------------- /main/tool.py: -------------------------------------------------------------------------------- 1 | from main.tools import * 2 | #from main.tools import Anonymity 3 | #from main.tools import Framework 4 | import os 5 | def exit_program(): 6 | os.system("clear") 7 | banner.main() 8 | print("\033[38;5;105m","[+] Thanks visit again".title()) 9 | 10 | def main(): 11 | while True: 12 | os.system("clear") 13 | banner.main() 14 | banner.attack("TOOLS") 15 | # import information_gathering 16 | 17 | list_attacks=[" Information Gathering"," Vulnerability Analysis"," Web Application Analysis"," Password Attacks"," Wireless Attacks"," Exploitation Tools"," Sniffing and Spoofing"," Post Exploitation"," Anonymity","Framework","Pentesting In Bug-Bounty","Digital Forensics Tools","go back"] 18 | #for output with index 19 | for i in range(len(list_attacks)): 20 | print(colors.options,f"{i+1}) {list_attacks[i]}".title(),colors.reset) 21 | try: 22 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 23 | except KeyboardInterrupt: 24 | return 25 | if option == "1": 26 | print("\n[+] Information Gathering Section") 27 | os.system("clear") 28 | information_gathering.main() 29 | elif option == "2": 30 | print("\n[+] Vulnerability Analysis") 31 | os.system("clear") 32 | Vulnerability_Analysis.main() 33 | elif option == "3": 34 | print("\n[+] Web Application Analysis") 35 | os.system("clear") 36 | WEB_Application_Analysis.main() 37 | elif option == "4": 38 | print("\n[+] Password Attacks") 39 | os.system("clear") 40 | Password_Hacking.main() 41 | elif option == "5": 42 | print("\n[+] Wireless Attacks") 43 | os.system("clear") 44 | Wireless_Hacking.main() 45 | elif option == "6": 46 | print("\n[+] Exploitation Tools") 47 | os.system("clear") 48 | Exploitation_Tools.main() 49 | elif option == "7": 50 | print("\n[+] Sniffing and Spoofing") 51 | os.system("clear") 52 | Sniffing_and_Spoofing.main() 53 | elif option == "8": 54 | print("\n[+] Post Exploitation") 55 | os.system("clear") 56 | PostExploitationAttacks.main() 57 | elif option == "9": 58 | print("\n[+] Anonymity") 59 | os.system("clear") 60 | Anonymity.main() 61 | elif option == "10": 62 | print("\n[+]Framework") 63 | os.system("clear") 64 | Framework.main() 65 | elif option == "11": 66 | print("\n[+] Pentesting In Bug-Bounty") 67 | os.system("clear") 68 | Pentesting_Bug_Bounty.main() 69 | elif option == "12": 70 | print("\n[+] Digital Forensics Tools ") 71 | os.system("clear") 72 | forensic.main() 73 | else: 74 | exit_program() 75 | return 76 | 77 | if __name__ == "__main__": 78 | main() 79 | -------------------------------------------------------------------------------- /main/tools/.driver/geckodriver: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TeamDefronix/Cyberonix/a678c1f01a66895047228e2dee7f36498c128c2d/main/tools/.driver/geckodriver -------------------------------------------------------------------------------- /main/tools/Anonymity.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template, banner,Recommended_Tool 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | import subprocess 6 | 7 | def check_tor_installed(): 8 | try: 9 | # Run the 'which tor' command 10 | result = subprocess.run(['which', 'tor'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 11 | 12 | # Decode the output from bytes to string 13 | output = result.stdout.decode().strip() 14 | 15 | if output: 16 | return 17 | else: 18 | os.system("apt install tor -y") # for tor installation 19 | except Exception as e: 20 | print("An error occurred:", str(e)) 21 | 22 | 23 | 24 | 25 | 26 | def main(): 27 | 28 | while True: 29 | 30 | os.system("clear") 31 | banner.main() 32 | banner.attack("Anonymity") 33 | list_attacks = ["Tor", "Anonsurf", "Proxychain", "Nipe ", "go back"] 34 | for i in range(len(list_attacks)): 35 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 36 | try: 37 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 38 | except KeyboardInterrupt: 39 | return 40 | if option == "1": 41 | os.system("clear") 42 | banner.main() 43 | banner.attack("Tor") 44 | check_tor_installed() # Check if Tor is installed 45 | Recommended_Tool.recommended("tor") 46 | 47 | elif option == "2": 48 | print("\n[+] Anonsurf") 49 | anonsurf() 50 | elif option == "3": 51 | print("\n[+] ProxyChains ") 52 | proxychains() 53 | elif option == "4": 54 | print("\n[+] nipe") 55 | nipe() 56 | else: 57 | return 58 | 59 | 60 | def github_getting_text(link, selector, indexvalue): 61 | print("Please Wait....\r", end="") 62 | URL = link 63 | try: 64 | r = requests.get(URL) 65 | soup = BeautifulSoup(r.content, "html.parser") 66 | paras = soup.select(selector) 67 | # check index value from test file 68 | return paras[indexvalue].text 69 | except: 70 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 71 | 72 | def anonsurf(): 73 | github = "This repo contains the sources of both the anonsurf and pandora packages from ParrotSec combined into one.Modifications have been made to use the DNS servers of Private Internet Access (instead of FrozenDNS), and fixes for users who don't use the resolvconf application. I have removed some functionality such as the gui and iceweasel in ram.This repo can be compiled into a deb package to correctly install it on a Kali system." 74 | template.template( 75 | "kali-anonsurf", 76 | "anonsurf -h ", 77 | github.strip(), 78 | {"How To Setup And Use Anonsurf On kali Linux": "https://www.geeksforgeeks.org/how-to-setup-and-use-anonsurf-on-kali-linux/", "Anonsurf Detail": "https://linuxhint.com/anonsurf/", "How to install and use anonsurf on Kali Linux": "https://www.linuxfordevices.com/tutorials/kali-linux/install-anonsurf", 79 | }, method="github", github_install="git clone https://github.com/Und3rf10w/kali-anonsurf.git && cd kali-anonsurf && bash installer.sh", github_check="kali-anonsurf") 80 | 81 | 82 | 83 | def proxychains(): 84 | os.system("clear") 85 | github = github_getting_text( 86 | "https://github.com/haad/proxychains", 'p[dir=auto]', 1) 87 | template.template( 88 | "proxychains", 89 | "proxychains ", 90 | github.strip(), 91 | { 92 | "Proxychain github": "https://github.com/haad/proxychains/tree/master", 93 | "Proxychain How to use": "https://proxychains.sourceforge.net/howto.html", 94 | }, 95 | ) 96 | def nipe(): 97 | os.system("clear") 98 | github = github_getting_text( 99 | "https://github.com/htrgouvea/nipe", 'p[dir=auto]', 4) 100 | template.template( 101 | "nipe", 102 | "nipe", 103 | github.strip(), 104 | { 105 | "nipe github": "https://github.com/htrgouvea/nipe/blob/main/README.md", 106 | "How to Install Nipe tool in Kali Linux?": "https://www.geeksforgeeks.org/how-to-install-nipe-tool-in-kali-linux/", 107 | }, method="github", github_install="git clone https://github.com/htrgouvea/nipe.git && cd nipe && sudo cpan install Try::Tiny Config::Simple JSON && sudo perl nipe.pl install", github_check="nipe") 108 | 109 | if __name__ == "__main__": 110 | main() 111 | -------------------------------------------------------------------------------- /main/tools/Authentication.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | def main(): 8 | while True: 9 | os.system("clear") 10 | banner.main() 11 | banner.attack("Authentication") 12 | list_vulns = [ 13 | " User enumeration", 14 | " Authentication bypass", 15 | " vulnerable remember me functionality", 16 | " Password reset", 17 | " Captcha bypass", 18 | " Autocomplete on ", 19 | " multifactor authentication", 20 | " Logout functionality", 21 | " cache management", 22 | "Default credentials", 23 | "Go back", 24 | ] 25 | for i in range(len(list_vulns)): 26 | print(colors.options, f"{i+1}) {list_vulns[i]}".title(), colors.reset) 27 | try: 28 | vulns = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 29 | except KeyboardInterrupt: 30 | return 31 | 32 | if vulns == "1": 33 | os.system("clear") 34 | template.template( 35 | "Test for User enumeration", 36 | "no-tools", 37 | "", 38 | { 39 | "Testing for Account Enumeration and Guessable User Account": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/03-Identity_Management_Testing/04-Testing_for_Account_Enumeration_and_Guessable_User_Account", 40 | "What Is User Enumeration?": "https://www.rapid7.com/blog/post/2017/06/15/about-user-enumeration/", 41 | }, 42 | ) 43 | elif vulns == "2": 44 | os.system("clear") 45 | template.template( 46 | "Testing for authentication bypass", 47 | "no-tools", 48 | "", 49 | { 50 | "Testing for Bypassing Authentication Schema": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/04-Testing_for_Bypassing_Authentication_Schema", 51 | "5 Unusual Authentication Bypass Techniques": "https://www.synack.com/blog/exploits-explained-5-unusual-authentication-bypass-techniques/", 52 | "Authentication vulnerabilities": "https://portswigger.net/web-security/authentication", 53 | }, 54 | ) 55 | 56 | elif vulns == "3": 57 | os.system("clear") 58 | template.template( 59 | "Testing for vulnerable remember me functionality", 60 | "no-tools", 61 | "", 62 | { 63 | "Testing for Vulnerable Remember Password": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/05-Testing_for_Vulnerable_Remember_Password", 64 | "Exploiting Remember Me Cookie For Account Takeover": "https://gupta-bless.medium.com/exploiting-remember-me-cookie-for-account-takeover-4e8d5fd42d4b", 65 | }, 66 | ) 67 | 68 | elif vulns == "4": 69 | os.system("clear") 70 | template.template( 71 | "Testing for Password reset", 72 | "no-tools", 73 | "", 74 | { 75 | "Password reset poisoning": "https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning", 76 | "Testing Forgot Password Functionality": "https://github.com/tuhin1729/Bug-Bounty-Methodology/blob/main/PasswordReset.md", 77 | "Exploiting Password Reset Poisoning": "https://infosecwriteups.com/exploiting-password-reset-poisoning-b748797f0661", 78 | }, 79 | ) 80 | 81 | elif vulns == "5": 82 | os.system("clear") 83 | template.template( 84 | "Testing for Captcha bypass", 85 | "no-tools", 86 | "", 87 | { 88 | "CAPTCHA BYPASS TECHNIQUES !": "https://honeyakshat999.medium.com/captcha-bypass-techniques-f768521516b2", 89 | "Bypass Captcha (Google reCAPTCHA)": "https://twitter.com/Aacle_/status/1586735203481161728?t=Vz4U17f1nHQzoXRUuMVDiA&s=19", 90 | "Captcha Bypass Techniques": "https://github.com/harsh-bothra/learn365/blob/main/days/day31.md", 91 | }, 92 | ) 93 | 94 | elif vulns == "6": 95 | os.system("clear") 96 | template.template( 97 | "Test for autocomplete on", 98 | "no-tools", 99 | "", 100 | { 101 | "Password field with autocomplete enabled ": "https://portswigger.net/kb/issues/00500800_password-field-with-autocomplete-enabled", 102 | "Finding and Fixing Vulnerabilities in AutoComplete Not Disabled ": "https://www.beyondsecurity.com/scan-pentest-network-vulnerabilities-autocomplete-not-disabled", 103 | }, 104 | ) 105 | 106 | elif vulns == "7": 107 | os.system("clear") 108 | template.template( 109 | "Testing for multifactor authentication", 110 | "no-tools", 111 | "", 112 | { 113 | "Testing Multi-Factor Authentication (MFA)": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/11-Testing_Multi-Factor_Authentication", 114 | "Testing Two-Factor Authentication": "https://research.nccgroup.com/2021/06/10/testing-two-factor-authentication/", 115 | "How to Test Two-Factor Authentication: A Guide with Use Cases": "https://www.browserstack.com/guide/test-two-factor-authentication", 116 | }, 117 | ) 118 | 119 | elif vulns == "8": 120 | os.system("clear") 121 | template.template( 122 | "Tesing for Logout functionality", 123 | "no-tools", 124 | "", 125 | { 126 | "Testing for Logout Functionality": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/06-Session_Management_Testing/06-Testing_for_Logout_Functionality", 127 | "Test Cases For Logout | Test Scenarios For Logout ": "https://www.qaacharya.in/2019/06/test-cases-scenarios-for-logout.html", 128 | }, 129 | ) 130 | 131 | elif vulns == "9": 132 | os.system("clear") 133 | template.template( 134 | "Test for cache management", 135 | "no-tools", 136 | "", 137 | { 138 | "Testing for Browser Cache Weaknesses": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/06-Testing_for_Browser_Cache_Weaknesses", 139 | "Cache Controls Explained": "https://www.virtuesecurity.com/kb/cache-controls-explained/", 140 | }, 141 | ) 142 | 143 | elif vulns == "10": 144 | template.template( 145 | "Test for Default credentials", 146 | "no-tools", 147 | "", 148 | { 149 | "Testing for Default Credentials": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/02-Testing_for_Default_Credentials", 150 | "How default credentials helped this Hacker to get 13337$": "https://medium.com/@ashishrohra/how-default-credentials-helped-this-hacker-to-get-13337-s-d1504ebf95e4", 151 | }, 152 | ) 153 | else: 154 | return 155 | 156 | 157 | def github_getting_text(link, selector, indexvalue): 158 | print(f"Please Wait....\r", end="") 159 | URL = link 160 | try: 161 | r = requests.get(URL) 162 | soup = BeautifulSoup(r.content, "html.parser") 163 | paras = soup.select(selector) 164 | # check index value from test file 165 | return paras[indexvalue].text 166 | except: 167 | return "{colors.red}NotLloaded Because No Internet Connection{colors.reset}" 168 | 169 | 170 | if __name__ == "__main__": 171 | main() 172 | -------------------------------------------------------------------------------- /main/tools/Authorization.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,Session_Management,information_gathering,WEB_Application_Analysis,Vulnerability_Analysis,Exploitation_Tools,Password_Hacking 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | # main function 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Authorization") 13 | list_attacks = ["Tools", "Writeups", "Burp Extensions", "Go Back"] 14 | for i in range(len(list_attacks)): 15 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 16 | try: 17 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 18 | except KeyboardInterrupt: 19 | return 20 | if option == "1": 21 | while True: 22 | print("\n[+] Tools") 23 | os.system("clear") 24 | banner.main() 25 | banner.attack("Tools") 26 | list_attacks = [ 27 | " Burp Suite", 28 | " Wireshark", 29 | " OWASP ZAP", 30 | " Nessus", 31 | " Hydra", 32 | " BeEF", 33 | " Sqlmap", 34 | " Metasploit", 35 | " Nmap", 36 | "Penetration Testers Framework (PTF)", 37 | "Go Back", 38 | ] 39 | for i in range(len(list_attacks)): 40 | print( 41 | colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset 42 | ) 43 | try: 44 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 45 | except KeyboardInterrupt: 46 | return 47 | if option == "1": 48 | os.system("clear") 49 | WEB_Application_Analysis.burp_suite() 50 | elif option == "2": 51 | os.system("clear") 52 | Vulnerability_Analysis.wireshark() 53 | elif option == "3": 54 | os.system("clear") 55 | WEB_Application_Analysis.owasp_zap() 56 | elif option == "4": 57 | os.system("clear") 58 | WEB_Application_Analysis.nessus() 59 | elif option == "5": 60 | os.system("clear") 61 | Password_Hacking.hydra() 62 | elif option == "6": 63 | os.system("clear") 64 | Exploitation_Tools.beef() 65 | elif option == "7": 66 | os.system("clear") 67 | Exploitation_Tools.sqlmap() 68 | elif option == "8": 69 | os.system("clear") 70 | Exploitation_Tools.metasploit() 71 | elif option == "9": 72 | os.system("clear") 73 | information_gathering.nmap() 74 | elif option == "10": 75 | os.system("clear") 76 | Session_Management.ptf() 77 | else: 78 | break 79 | elif option == "2": 80 | print("\n[+] Write-UPS") 81 | os.system("clear") 82 | template.template("Writeup","no-tools","Writeups", 83 | { 84 | " Securing Applications with Better User Authorization": "https://medium.com/capital-one-tech/securing-applications-with-better-user-authorization-625ec07a7001", 85 | " Access Control": "https://portswigger.net/web-security/access-control", 86 | " Web Security: Authentication & Authorization": "https://coderstower.com/2020/03/23/web-security-authentication-authorization/", 87 | " Authentication & Authorization in Web Apps": "https://blog.jscrambler.com/authentication-authorization-in-web-apps", 88 | " Session IDs - OWASP": "https://www.cgisecurity.com/lib/SessionIDs.pdf", 89 | " JWT Authorization in Web Applications": "https://concisesoftware.com/blog/jwt-authorization-in-web-applications/", 90 | " Insecure Authorization": "https://www.appsealing.com/insecure-authorization/", 91 | " OAuth Vulnerabilities: Implementing Secure Authorization in Your Web Application": "https://medium.com/swlh/oauth-vulnerabilities-implementing-secure-authorization-in-your-web-application-3b9517b34798", 92 | " OWASP Top 10 - Broken Access Control": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/", 93 | "Broken Authorization Vulnerability": "https://knowledge-base.secureflag.com/vulnerabilities/broken_authorization/broken_authorization_vulnerability.html", 94 | "OWASP Web Security Testing Guide - Authorization Testing": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/05-Authorization_Testing/README", 95 | "Web Authentication & Authorization": "https://www.slideshare.net/alex_pasaila/web-authentication-authorization-10930449", 96 | "Web Security - Authorization": "https://www3.rocketsoftware.com/rocketd3/support/documentation/Uniface/10/uniface/webApps/webSecurity/webSecurity_Authorization.htm", 97 | "Authorization Best Practices": "https://goteleport.com/blog/authorization-best-practices/", 98 | "Secure Your Web Application with Spring Security - Identify How to Secure Access to an App Using Authentication and Authorization": "https://openclassrooms.com/en/courses/5683681-secure-your-web-application-with-spring-security/6695816-identify-how-to-secure-access-to-an-app-using-authentication-and-authorization", 99 | "Preventing Broken Access Control": "https://crashtest-security.com/broken-access-control-prevention/", 100 | "Preventing Broken Access Control - The No. 1 Vulnerability in the OWASP Top 10 2021": "https://www.synack.com/blog/preventing-broken-access-control-the-no-1-vulnerability-in-the-owasp-top-10-2021/", 101 | "A Step-by-Step Guide to Broken Access Control Attacks": "https://www.polar.security/post/a-step-by-step-guide-to-broken-access-control-attacks", 102 | "Broken-Access-Control - packetlabs": "https://www.packetlabs.net/posts/broken-access-control", 103 | "Broken-Access-Control - qawerk": "https://qawerk.com/blog/broken-access-control/", 104 | "Testing for Broken Authentication in Web Apps": "https://www.section.io/engineering-education/testing-for-broken-authentication-in-web-apps/", 105 | "Broken-Access-Control (javascript) - Snyk": "https://learn.snyk.io/lessons/broken-access-control/javascript/", 106 | "JSON Web Tokens Decoder - JWT.IO": "https://jwt.io/", 107 | "Authorization Code Grant - Zine": "https://pbs.twimg.com/media/Et2T02KVcAEONV0?format=jpg&name=large", 108 | "OWASP API1: 2019 – Broken Object Level Authorization": "https://securityboulevard.com/2023/02/owasp-api1-2019-broken-object-level-authorization/", 109 | "BOLA: 3-Digit Bounty from Topcoder": "https://infosecwriteups.com/what-is-bola-3-digit-bounty-from-topcoder-a25e7fae0d64", 110 | "Broken Function Level Authorization (API Security) 0x2": "https://infosecwriteups.com/broken-function-level-authorization-api-security-0x2-23a6d7c1aa46", 111 | "A Deep Dive on the Most Critical API Vulnerability: BOLA": "https://inonst.medium.com/a-deep-dive-on-the-most-critical-api-vulnerability-bola-1342224ec3f2", 112 | "Broken Object Level Authorization (BOLA) - NordiAPIs": "https://nordicapis.com/what-is-broken-object-level-authorization-and-how-to-fix-it/", 113 | "Broken Function Level Authorization Leads to Disclosing PII Information of All Company Users": "https://webresearcher007.medium.com/broken-function-level-authorization-leads-to-disclosing-pii-information-of-all-company-users-35aee60b287b", 114 | }, 115 | "Authorization Write-UPS", 116 | ) 117 | 118 | elif option == "3": 119 | print("\n[+] Burp Extensions") 120 | os.system("clear") 121 | banner.main() 122 | template.template("Burp Extensions","no-tools","Writeups", 123 | { 124 | " Portswigger - Auth Analyzer": "https://portswigger.net/bappstore/7db49799266c4f85866f54d9eab82c89", 125 | " Github - Auth Analyzer": "https://github.com/simioni87/auth_analyzer", 126 | " Portswigger - AutoRepeater": "https://portswigger.net/bappstore/f89f2837c22c4ab4b772f31522647ed8", 127 | " Github - AutoRepeater": "https://github.com/nccgroup/AutoRepeater", 128 | " Github - Burp-SessionAuthTool": "https://github.com/thomaspatzke/Burp-SessionAuthTool", 129 | " Github - BurpAuthzPlugin": "https://github.com/wuntee/BurpAuthzPlugin", 130 | " Github - Burp-uuid": "https://github.com/silentsignal/burp-uuid", 131 | " Github - Autorize": "https://github.com/Quitten/Autorize", 132 | " Github - AuthMatrix": "https://github.com/SecurityInnovation/AuthMatrix", 133 | "Github - Burplay": "https://github.com/SpiderLabs/burplay", 134 | "Github - Param-Miner": "https://github.com/PortSwigger/param-miner", 135 | "Portswigger - SAML Raider": "https://portswigger.net/bappstore/c61cfa893bb14db4b01775554f7b802e", 136 | "Portswigger - Authz": "https://portswigger.net/bappstore/4316cc18ac5f434884b2089831c7d19e", 137 | }, 138 | "Authorization Burp Extensions", 139 | ) 140 | 141 | else: 142 | return 143 | 144 | 145 | if __name__ == "__main__": 146 | main() 147 | -------------------------------------------------------------------------------- /main/tools/Configuration_Management.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,WEB_Application_Analysis,Exploitation_Tools,Vulnerability_Analysis,information_gathering 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | # main function 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Configuration Management") 13 | list_attacks = ["Tools", "Writeups", "Go Back"] 14 | for i in range(len(list_attacks)): 15 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 16 | try: 17 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 18 | except KeyboardInterrupt: 19 | return 20 | if option == "1": 21 | while True: 22 | print("\n[+] Tools") 23 | os.system("clear") 24 | banner.main() 25 | banner.attack("Tools") 26 | list_attacks = [ 27 | " Dirb", 28 | " Gobuster", 29 | " Nikto", 30 | " Wfuzz", 31 | " Dirbuster", 32 | " Feroxbuster", 33 | " Nmap", 34 | " HTTPie", 35 | " Metasploit", 36 | "SecurityHeaders", 37 | "SQLmap", 38 | "TruffleHog", 39 | "SecretFinder", 40 | "Go Back" 41 | ] 42 | for i in range(len(list_attacks)): 43 | print( 44 | colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset 45 | ) 46 | try: 47 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 48 | except KeyboardInterrupt: 49 | return 50 | if option == "1": 51 | print("\n[+] Dirb") 52 | WEB_Application_Analysis.dirb() 53 | elif option == "2": 54 | print("\n[+] Gobuster") 55 | gobuster() 56 | elif option == "3": 57 | print("\n[+] Nikto") 58 | WEB_Application_Analysis.nikto() 59 | elif option == "4": 60 | print("\n[+] Wfuzz") 61 | Vulnerability_Analysis.wfuzz() 62 | elif option == "5": 63 | print("\n[+] Dirbuster") 64 | dirbuster() 65 | elif option == "6": 66 | print("\n[+] Feroxbuster") 67 | feroxbuster() 68 | elif option == "7": 69 | print("\n[+] Nmap") 70 | information_gathering.nmap() 71 | elif option == "8": 72 | print("\n[+] HTTPie") 73 | httpie() 74 | elif option == "9": 75 | print("\n[+] Metasploit") 76 | Exploitation_Tools.metasploit() 77 | elif option == "10": 78 | print("\n[+] SecurityHeaders") 79 | securityheaders() 80 | elif option == "11": 81 | print("\n[+] Sqlmap") 82 | Exploitation_Tools.sqlmap() 83 | elif option == "12": 84 | print("\n[+] TruffleHog") 85 | trufflehog() 86 | elif option == "13": 87 | print("\n[+] SecretFinder") 88 | secretfinder() 89 | else: 90 | break 91 | 92 | elif option == "2": 93 | print("\n[+] Write-UPS") 94 | os.system("clear") 95 | template.template("Writeup","no-tools","Writeups", 96 | { 97 | "Configuration management in penetration testing": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/README", 98 | "How to find Exposed backup and unreferenced files": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/04-Review_Old_Backup_and_Unreferenced_Files_for_Sensitive_Information", 99 | "Review Old Backup and Unreferenced Files for Sensitive Information": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/04-Review_Old_Backup_and_Unreferenced_Files_for_Sensitive_Information", 100 | "Multiple Ways to Detect HTTP Options": "https://www.hackingarticles.in/multiple-ways-to-detect-http-options/", 101 | "security HTTP headers scanning and details": "https://www.atatus.com/tools/security-header", 102 | "Testing for Content Security Policy": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/12-Test_for_Content_Security_Policy", 103 | "Test Network Infrastructure Configuration": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/01-Test_Network_Infrastructure_Configuration", 104 | "Testing applications in production vs. non-production benefits": "https://www.techtarget.com/searchsecurity/tip/Testing-applications-in-production-vs-non-production-benefits", 105 | "How to Scan GitHub Repository for Credentials": "https://geekflare.com/github-credentials-scanner/", 106 | }, 107 | "Configuration-Management Writeups", 108 | ) 109 | 110 | else: 111 | return 112 | 113 | 114 | def github_getting_text(link, selector, indexvalue): 115 | print("Please Wait....\r", end="") 116 | URL = link 117 | try: 118 | r = requests.get(URL) 119 | soup = BeautifulSoup(r.content, "html.parser") 120 | paras = soup.select(selector) 121 | # check index value from test file 122 | return paras[indexvalue].text 123 | except: 124 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 125 | 126 | def secretfinder(): 127 | os.system("clear") 128 | github = "SecretFinder is an open-source tool used to scan web applications for sensitive information and secrets, such as API keys, passwords, and tokens. It is designed to identify potential security vulnerabilities that could be exploited by attackers, and can be used in bug bounty hunting and vulnerability assessments. SecretFinder uses a combination of static analysis and dynamic analysis techniques to discover secrets, and can be customized with various options and configurations to suit specific use cases. It generates a report of its findings, which can be used to remediate identified vulnerabilities and improve the overall security of the web application. SecretFinder is a powerful and efficient tool that can help security professionals and developers identify potential security risks in their web applications." 129 | template.template( 130 | "secretFinder", 131 | "python3 SecretFinder.py -h", 132 | github.strip(), 133 | { 134 | "SecretFinder demo": "https://www.briskinfosec.com/tooloftheday/toolofthedaydetail/SecretFinder", 135 | }, 136 | method="github", 137 | github_install="git clone https://github.com/m4ll0k/SecretFinder.git && cd SecretFinder && pip install -r requirements.txt", 138 | github_check="SecretFinder", 139 | ) 140 | def trufflehog(): 141 | os.system("clear") 142 | github = "Trufflehog is an open-source tool used for searching and identifying sensitive information and secrets, such as API keys, passwords, and private keys, in source code repositories. It is designed to scan code repositories for potential security vulnerabilities that could be exploited by attackers, and can be used in bug bounty hunting and vulnerability assessments. Trufflehog uses advanced techniques, such as entropy analysis and regular expressions, to identify potential security issues, and generates a report of its findings. It is a powerful and flexible tool that can help security professionals and developers identify potential security risks in their code." 143 | template.template( 144 | "trufflehog", 145 | "trufflehog -h", 146 | github.strip(), 147 | { 148 | "Usage": "https://github.com/trufflesecurity/trufflehog", 149 | "Finding Secrets in Git Repos with TruffleHog": "https://materials.rangeforce.com/tutorial/2020/03/16/TruffleHog/", 150 | }, 151 | ) 152 | def securityheaders(): 153 | os.system("clear") 154 | github = """SecurityHeaders is a configuration management tool that focuses on securing web applications by helping administrators configure appropriate HTTP security headers. HTTP security headers are additional response headers that can be sent by a web server to a client's browser to instruct it to follow certain security-related behaviors. For example, the "Content-Security-Policy" header can be used to restrict the types of content that a web page can load, helping to prevent cross-site scripting (XSS) attacks.""" 155 | template.template( 156 | "securityheaders", 157 | "python3 securityheaders.py -h", 158 | github.strip(), 159 | { 160 | "Website": "https://securityheaders.com/", 161 | "Securityheaders usage": "https://github.com/koenbuyens/securityheaders", 162 | }, 163 | method="github", 164 | github_install="git clone https://github.com/koenbuyens/securityheaders.git && cd securityheaders && pip install -r requirements.txt", 165 | github_check="securityheaders", 166 | ) 167 | def httpie(): 168 | os.system("clear") 169 | github = "HTTPie is a command-line tool used to send HTTP requests and receive responses from a server. It is designed to be user-friendly and intuitive, with a simple syntax and easy-to-read output. HTTPie can be used to test and debug APIs, as well as interact with web services and applications. It supports various HTTP methods, data formats, and authentication methods, and can be customized with various options and configurations to suit specific use cases." 170 | template.template( 171 | "httpie", "httpie -h", github.strip(), "no-writeups" 172 | ) 173 | def gobuster(): 174 | os.system("clear") 175 | github = """Gobuster is an open-source tool used by security professionals and penetration testers to perform web content discovery and directory/file enumeration on a target website. It is a popular tool used in bug bounty hunting and vulnerability assessments. The tool works by launching a series of HTTP requests to the target website and analyzing the responses to discover hidden directories, files, and other web resources that may not be easily discoverable through normal browsing. It uses a wordlist of common directory and file names, as well as brute-force techniques to guess the names of hidden directories and files.""" 176 | template.template( 177 | "gobuster", 178 | "gobuster -h", 179 | github.strip(), 180 | { 181 | "Gobuster Complete tutorial": "https://hackertarget.com/gobuster-tutorial/", 182 | "Scan Websites for Interesting Directories using Gobuster": "https://null-byte.wonderhowto.com/how-to/scan-websites-for-interesting-directories-files-with-gobuster-0197226/", 183 | "How to use Gobuster for Scanning Website’s Subdomains & Directories": "https://spinningsecurity.com/how-to-use-gobuster-for-scanning-websites/", 184 | },) 185 | 186 | 187 | def dirbuster(): 188 | os.system("clear") 189 | github = "DirBuster is a web application scanner designed to brute force directories and files names on web servers. It is a Java-based tool and can be used to discover hidden content, sensitive files, and directories that are not exposed through normal web browsing. DirBuster is also capable of detecting common web application vulnerabilities such as SQL injection, file inclusion, and cross-site scripting. The tool has an easy to use graphical user interface, and users can customize the wordlist to use in the directory and file name brute force. It is widely used by security professionals, penetration testers, and bug bounty hunters to identify security issues in web applications." 190 | template.template( 191 | "dirbuster", "dirbuster -h", github.strip(), "no-writeups" 192 | ) 193 | 194 | def feroxbuster(): 195 | os.system("clear") 196 | github = "Feroxbuster is an open-source content discovery and directory/file enumeration tool used in bug bounty hunting and web application security assessments. It quickly scans a target website for hidden directories, files, and other resources using a variety of techniques and generates a report of its findings." 197 | template.template( 198 | "feroxbuster", "feroxbuster -h", github.strip(), "no-writeups" 199 | ) 200 | if __name__ == "__main__": 201 | main() 202 | -------------------------------------------------------------------------------- /main/tools/Cryptography.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner,colors,template,Sniffing_and_Spoofing 2 | import os 3 | from main.tools import writeup 4 | def main(): 5 | while True: 6 | os.system("clear") 7 | banner.main() 8 | banner.attack("Cryptography Failure") 9 | list_root_attacks=["Tool","Writeups","go back"] 10 | for i in range(len(list_root_attacks)): 11 | print(colors.options, f"{i+1}) {list_root_attacks[i]}".title(), colors.reset) 12 | try: 13 | option = input(f"\n {colors.select}Select An Option ->{colors.reset}") 14 | except KeyboardInterrupt: 15 | return 16 | if option == "1": 17 | while True: 18 | os.system("clear") 19 | banner.main() 20 | banner.attack("Tools") 21 | list_attacks=["Bettercap","Ettercap (Graphical of bettercap)","sslyze","O-Saft","sslscan","go back"] 22 | for i in range(len(list_attacks)): 23 | print(colors.options,f"{i+1}) {list_attacks[i]}".title(),colors.reset) 24 | try: 25 | option2 = input(f"\n {colors.select}Select An Option -> {colors.reset}") 26 | except KeyboardInterrupt: 27 | return 28 | if option2=="1": 29 | print(f"\n[+] Bettercap") 30 | Sniffing_and_Spoofing.bettercap() 31 | elif option2=="2": 32 | print("\n[+] Ettercap (Graphical of bettercap)") 33 | ettercap() 34 | elif option2=="3": 35 | print("\n[+] sslyze") 36 | sslyze() 37 | elif option2=="4": 38 | print(f"\n[+] O-Saft") 39 | o_saft() 40 | elif option2=="5": 41 | print(f"\n[+] sslscan") 42 | sslscan() 43 | else: 44 | break 45 | elif option == "2": 46 | os.system("clear") 47 | writeup.writeup({"SSLLabs (Website)":"https://www.ssllabs.com/ssltest/","A02-2021 Cryptographic Failures by OWASP":"https://owasp.org/Top10/A02_2021-Cryptographic_Failures/","Cryptographic Failures by Synack":"https://www.synack.com/blog/preventing-cryptographic-failures-the-no-2-vulnerability-in-the-owasp-top-10/","Cryptographic Failures by MYF5":"https://my.f5.com/manage/s/article/K00174750","Cryptographic Failures by Qawerk":"https://qawerk.com/blog/cryptographic-failure/"},"Cryptography Failure Write-UPS") 48 | else: 49 | return 50 | 51 | def sslscan(): 52 | os.system("clear") 53 | github = "SSLScan is a free tool that helps in identifying SSL/TLS vulnerabilities and misconfigurations in SSL/TLS enabled servers. It scans and evaluates the SSL/TLS connection on the target server and provides a detailed report of any weak ciphers, protocols or configurations that can be exploited by attackers. SSLScan is commonly used by security professionals and penetration testers to assess the security posture of an organization's SSL/TLS infrastructure. It is available for Windows, Linux, and MacOS platforms." 54 | template.template("sslscan","sslscan",github.strip(),{"SSLSCAN by Oreilly": "https://www.oreilly.com/library/view/web-penetration-testing/9781788623377/285990a3-9992-40b0-ac36-69adc6fb47ce.xhtml"}) 55 | 56 | def o_saft(): 57 | os.system("clear") 58 | github="O-Saft is an open-source tool designed for analyzing and detecting the security configuration issues in web applications. It mainly focuses on the security headers and their misconfigurations, which might lead to security vulnerabilities. The tool scans the website and generates a report that contains information about the misconfigured security headers, their impact, and how to fix them. O-Saft helps the developers to ensure the security of their web applications and protect them from various cyber threats." 59 | template.template("o-saft","o-saft --help",github.strip(),{"O-Soft by OWASP": "https://owasp.org/www-project-o-saft/","O-Soft by Kali": "https://www.kali.org/tools/o-saft/"}) 60 | 61 | def sslyze(): 62 | os.system("clear") 63 | github="SSLyze is a Python-based command-line tool that helps in evaluating the SSL/TLS security posture of a given target. It allows users to analyze SSL/TLS configuration on a server and detect various security issues like weak ciphers, certificate issues, and misconfigurations. SSLyze is useful for system administrators, security professionals, and developers to test and evaluate the security of SSL/TLS implementations. It is an open-source tool and is available for free under the GPL v3 license." 64 | template.template("sslyze","sslyze -h",github.strip(),{"SSLyze by GeeksforGeeks": "https://www.geeksforgeeks.org/sslyze-fast-and-powerful-ssl-tls-scanning-tool/","SSLyze by Securecodebox": "https://www.securecodebox.io/docs/scanners/sslyze/"},method="pip") 65 | 66 | def ettercap(): 67 | os.system("clear") 68 | github="Ettercap is a popular open-source GUI network security tool that is used for monitoring and analyzing network traffic in real-time. It can be used to perform various types of attacks such as ARP spoofing, IP and MAC address spoofing, session hijacking, DNS spoofing, etc. Ettercap is commonly used by network administrators and security experts to test the security of their own networks and to identify potential vulnerabilities. It supports various protocols like TCP, UDP, ICMP, and can also decode SSL traffic. Ettercap can be used on various operating systems including Windows, Linux, and Mac OS X." 69 | template.template("ettercap-graphical","ettercap -G",github.strip(),{"SSLStriping Using Ettercap by NULL-BYTE": 'https://null-byte.wonderhowto.com/forum/struggling-perform-mitm-attack-using-ettercap-and-sslstrip-0165933/','HSTS Hijacing': "https://github.com/bettercap/caplets/blob/master/hstshijack/README.md",}) 70 | 71 | if __name__ == "__main__": 72 | main() 73 | -------------------------------------------------------------------------------- /main/tools/Exploitation_Tools.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | # main function 7 | 8 | 9 | def main(): 10 | while True: 11 | os.system("clear") 12 | banner.main() 13 | banner.attack("Exploitation Tools") 14 | list_attacks = [" Metasploit\t\t(Recommended)", " CrackMapExec", " Searchsploit\t(Recommended)", " BeEF\t\t(Recommended)", 15 | " RouterSploit", " Sqlmap\t\t(Recommended)", " Seclists\t\t(Recommended)", " Armitage", " Go Back"] 16 | for i in range(len(list_attacks)): 17 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 18 | try: 19 | option = input( 20 | f"\n {colors.select}Select An Option ->{colors.reset} ") 21 | except KeyboardInterrupt: 22 | return 23 | if option == "1": 24 | print("\n[+] Metasploit-Framework") 25 | metasploit() 26 | elif option == "2": 27 | print("\n[+] crackmapexec") 28 | crackmapexec() 29 | elif option == "3": 30 | print("\n[+] Searchsploit") 31 | searchsploit() 32 | elif option == "4": 33 | print("\n[+] beef") 34 | beef() 35 | elif option == "5": 36 | print("\n[+] RouterSploit") 37 | routersploit() 38 | elif option == "6": 39 | print("\n[+] sqlmap") 40 | sqlmap() 41 | elif option == "7": 42 | print("\n[+] seclists") 43 | seclists() 44 | elif option == "8": 45 | print("\n[+] Armitage") 46 | armitage() 47 | else: 48 | return 49 | 50 | 51 | def github_getting_text(link, selector, indexvalue): 52 | print("Please Wait....\r", end="") 53 | URL = link 54 | try: 55 | if selector=="p" and "github" in link: 56 | selector="p[dir=auto]" 57 | r = requests.get(URL) 58 | soup = BeautifulSoup(r.content, 'html.parser') 59 | paras = soup.select(selector) 60 | # check index value from test file 61 | return paras[indexvalue].text 62 | except: 63 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 64 | 65 | 66 | def searchsploit(): 67 | github = "The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits, shellcode and papers gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database." 68 | template.template("exploitdb", "searchsploit", github.strip(), {"How to install Searchsploit": "https://www.exploit-db.com/searchsploit", "How to Use SearchSploit": "https://www.kali.org/tools/exploitdb/#searchsploit", "Finding Exploit offline using Searchsploit in Kali Linux": 69 | "https://www.geeksforgeeks.org/finding-exploit-offline-using-searchsploit-in-kali-linux/", "How to easy find exploits with Searchsploit on Linux": "https://medium.com/@hninja049/how-to-easy-find-exploits-with-searchsploit-on-linux-4ce0b82c82fd"}) 70 | 71 | def routersploit(): 72 | os.system("clear") 73 | github = "The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aid penetration testing operations: exploits - modules that take advantage of identified vulnerabilities. creds - modules designed to test credentials against network services." 74 | template.template("routersploit", "routersploit", github.strip(), {"How to Use Routersploit": "https://www.kali.org/tools/routersploit/", 75 | "Routersploit Tutorial": "https://kalitut.com/routersploit/", "RouterSploit User Manual": "https://miloserdov.org/?p=1527"}) 76 | 77 | def seclists(): 78 | os.system("clear") 79 | github = github_getting_text( 80 | "https://github.com/danielmiessler/SecLists", 'p', 1) 81 | template.template("seclists", "seclists", github.strip(), { 82 | "Using SecLists for Penetration Testing": "https://www.varutra.com/using-seclists-for-penetration-testing/"},) 83 | 84 | def armitage(): 85 | os.system("clear") 86 | github = "Armitage is a fantastic Java-based GUI front-end for the Metasploit Framework developed by Raphael Mudge. Its goal is to help security professionals better understand hacking and help them realize the power and potential of Metasploit." 87 | template.template("armitage", "armitage", github.strip(), {"How to Install Armitage on Kali Linux": "https://linuxhint.com/install-armitage-kali-linux/", 88 | "Armitage Setup": "https://www.offensive-security.com/metasploit-unleashed/armitage-setup/", "Hacking With Armitage on Kali Linux / Backtrack ": "https://www.amirootyet.com/post/hacking-with-armitage-on-kali-linux/"}) 89 | 90 | def metasploit(): 91 | os.system("clear") 92 | # name,command,discription,writeup,link=True,method="kali",github_install="",github_check=True 93 | github = "The Metasploit Framework is an open-source tool for developing and executing exploit code against a remote target machine. It can be used to test the security of a computer system by finding and exploiting vulnerabilities. The framework includes a large collection of exploit modules, as well as various tools for payload generation, post-exploitation, and more. It can be used by security professionals for penetration testing, as well as by attackers for malicious purposes." 94 | template.template("metasploit-framework", "msfconsole", github.strip(), {" Msf-Community-Post-Exploitation": "https://www.offensive-security.com/metasploit-unleashed/msf-community-post-exploitation", " Post Exploitation In Linux With Metasploit": "https://pentestlab.blog/2013/01/04/post-exploitation-in-linux-with-metasploit/", " Privilege Escalation (Metasploit Unleashed)": "https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/", " Post Exploitation Metasploit Modules (Reference)": "https://www.infosecmatter.com/post-exploitation-metasploit-modules-reference", " PSExec Pass the Hash (Horizontal Escalation)": "https://www.offensive-security.com/metasploit-unleashed/psexec-pass-hash/", " ms10_002_aurora (Vertical Escalation)": "https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/", " ms10_002_aurora (Horizontal Escalation)": "https://www.offensive-security.com/metasploit-unleashed/pivoting/ ", " jtr_crack_fast (Hash Cracking)": "https://www.offensive-security.com/metasploit-unleashed/john-ripper/", " warftpd_165_user (Keylogging)": 95 | "https://www.offensive-security.com/metasploit-unleashed/keylogging/", "3proxy (Backdoor)": "https://www.offensive-security.com/metasploit-unleashed/meterpreter-backdoor/", "persistence.rb (Persistent Backdoor)": "https://www.offensive-security.com/metasploit-unleashed/meterpreter-service/", "Enabling Remote Desktop": "https://www.offensive-security.com/metasploit-unleashed/enabling-remote-desktop/", "Hack Like Pro: Kill and Disable Antivirus Software Remote PC": "https://null-byte.wonderhowto.com/how-to/hack-like-pro-kill-and-disable-antivirus-software-remote-pc-0141906/", "Armitage Post Exploitation": "https://www.offensive-security.com/metasploit-unleashed/armitage-post-exploitation/", "Setup Armitage as a Command & Control Framework for Free": "https://infosecwriteups.com/setup-armitage-as-a-command-control-c2-framework-for-free-bae590064817", "Event Log Management": "https://www.offensive-security.com/metasploit-unleashed/event-log-management", "Interacting with the Registry": "https://www.offensive-security.com/metasploit-unleashed/interacting-registry"}) 96 | 97 | 98 | def sqlmap(): 99 | os.system("clear") 100 | github = "sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections" 101 | template.template("sqlmap", "sqlmap -h", github.strip(), {"Usage Of Sqlmap": "https://github.com/sqlmapproject/sqlmap/wiki/Usage", "How to use SQLMAP to test a website for SQL Injection vulnerability": "https://www.geeksforgeeks.org/use-sqlmap-test-website-sql-injection-vulnerability/", 102 | "How to Use SQLMap to Find Database Vulnerabilities": "https://www.freecodecamp.org/news/how-to-protect-against-sql-injection-attacks/", "SQLMap - Cheetsheat": "https://book.hacktricks.xyz/pentesting-web/sql-injection/sqlmap"}) 103 | 104 | 105 | def crackmapexec(): 106 | os.system("clear") 107 | github = "CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of Living off the Land : abusing built-in Active Directory features/protocols to achieve it's functionality and allowing it to evade most endpoint protection/IDS/IPS solutions." 108 | template.template("crackmapexec", "crackmapexec", github.strip(), {"CrackMapExec in Kali Linux": "https://www.kali.org/tools/crackmapexec/", "How to Use CrackMapExec": "https://bond-o.medium.com/crackmapexec-basics-839ef6180940", 109 | "Lateral Movement on Active Directory: CrackMapExec": "https://www.hackingarticles.in/lateral-moment-on-active-directory-crackmapexec/", "CrackMapExec Cheat sheet": "https://cheatsheet.haax.fr/windows-systems/exploitation/crackmapexec/"}) 110 | 111 | 112 | def beef(): 113 | os.system("clear") 114 | github_p1 = github_getting_text("https://beefproject.com/", 'p', 0) 115 | github_p2 = github_getting_text("https://beefproject.com/", 'p', 1) 116 | github = github_p1.strip().replace("\n", "").replace("\t", "")+github_p2.strip().replace("\n", "").replace("\t", "") 117 | template.template("beef-xss", "beef-xss", github.strip(), {"BEeF Hacking Framework Tutorial [5 Easy Steps]": "https://www.golinuxcloud.com/beef-hacking-framework-tutorial/", "Browser Exploitation and Advanced Threat Actors: An Overview of BeEF": "https://medium.com/@andrearebora/browser-exploitation-and-advanced-threat-actors-an-overview-of-beef-bb907a5b73fa", 118 | "Hooking victims to Browser Exploitation Framework (BeEF) using Reflected and Stored XSS.": "https://medium.com/@secureica/hooking-victims-to-browser-exploitation-framework-beef-using-reflected-and-stored-xss-859266c5a00a", "Hijacking Browser with BeEF Framework": "https://medium.com/@krunalkumarpatel/hijacking-browser-with-beef-framework-bea784c03149"}) 119 | 120 | 121 | if __name__ == '__main__': 122 | main() 123 | -------------------------------------------------------------------------------- /main/tools/File_Upload.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, template, colors, writeup 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack(f"File Upload") 13 | list_attacks = ["Tools", "Writeups", "Go Back"] 14 | for i in range(len(list_attacks)): 15 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 16 | try: 17 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 18 | except KeyboardInterrupt: 19 | return 20 | if option == "1": 21 | while True: 22 | os.system("clear") 23 | banner.main() 24 | banner.attack(f"Tools") 25 | list_tools = ["fuxploider","go back"] 26 | for i in range(len(list_tools)): 27 | print( 28 | colors.options, f"{i+1}) {list_tools[i]}".title(), colors.reset 29 | ) 30 | try: 31 | option = input(f"\n {colors.select}Select an Option ->{colors.reset} ") 32 | except KeyboardInterrupt: 33 | return 34 | if option == "1": 35 | print("\n[+] Fuxploider") 36 | fuxploider() 37 | else: 38 | break 39 | elif option == "2": 40 | # writeup.writeup({"Test Upload of Unexpected File Types":"https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/08-Test_Upload_of_Unexpected_File_Types","What is Unrestricted File Upload?":"https://www.aptive.co.uk/blog/unrestricted-file-upload-testing/","File Upload General Methodology":"https://book.hacktricks.xyz/pentesting-web/file-upload","File upload vulnerabilities":"https://portswigger.net/web-security/file-upload","File Upload Attacks (Part 2)":"https://blog.yeswehack.com/yeswerhackers/file-upload-attacks-part-2/","Hunting for Bugs in File Upload Feature:":"https://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba","How I abused the file upload function to get a high severity vulnerability in Bug Bounty":"https://infosecwriteups.com/how-i-abused-the-file-upload-function-to-get-a-high-severity-vulnerability-in-bug-bounty-7cdcf349080b","Directory Traversal via PHP Multi-File Uploads":"https://nealpoole.com/blog/tag/file-upload/"},"Writups") 41 | writeup.writeup( 42 | { 43 | "Upload Scanner Website":"https://github.com/portswigger/upload-scanner", 44 | "Test Upload of Unexpected File Types": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/08-Test_Upload_of_Unexpected_File_Types", 45 | "What is Unrestricted File Upload?": "https://www.aptive.co.uk/blog/unrestricted-file-upload-testing/", 46 | "File Upload General Methodology": "https://book.hacktricks.xyz/pentesting-web/file-upload", 47 | "File upload vulnerabilities": "https://portswigger.net/web-security/file-upload", 48 | "File Upload Attacks (Part 2)": "https://blog.yeswehack.com/yeswerhackers/file-upload-attacks-part-2/", 49 | "Hunting for Bugs in File Upload Feature:": "https://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba", 50 | "How I abused the file upload function to get a high severity vulnerability in Bug Bounty": "https://infosecwriteups.com/how-i-abused-the-file-upload-function-to-get-a-high-severity-vulnerability-in-bug-bounty-7cdcf349080b", 51 | "Directory Traversal via PHP Multi-File Uploads": "https://nealpoole.com/blog/tag/file-upload/", 52 | }, 53 | "File Upload writups", 54 | ) 55 | 56 | else: 57 | return 58 | 59 | 60 | def github_getting_text(link, selector, indexvalue): 61 | print(f"Please Wait....\r", end="") 62 | URL = link 63 | try: 64 | r = requests.get(URL) 65 | soup = BeautifulSoup(r.content, "html.parser") 66 | paras = soup.select(selector) 67 | # check index value from test file 68 | return paras[indexvalue].text 69 | except: 70 | return f"{colors.red}NotLloaded Because No Internet Connection{colors.reset}" 71 | 72 | def fuxploider(): 73 | os.system("clear") 74 | github = "Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server." 75 | template.template( 76 | "fuxploider", 77 | "python3 fuxploider.py -h", 78 | github, 79 | "no-writeups", 80 | link="https://github.com/almandin/fuxploider.git", 81 | method="github", 82 | github_install="git clone https://github.com/almandin/fuxploider.git && python3 -m pip install -r fuxploider/requirements.txt ", 83 | github_check="fuxploider" 84 | ) 85 | 86 | if __name__ == "__main__": 87 | main() 88 | 89 | -------------------------------------------------------------------------------- /main/tools/Framework.py: -------------------------------------------------------------------------------- 1 | from main.tools import template 2 | import os 3 | def main(): 4 | print("\n[+] FrameWork") 5 | os.system("clear") 6 | template.template("Framework","no-tools","Writeups", 7 | { 8 | "OSINT Framework":"https://osintframework.com/", 9 | "MITRE Framework":"https://attack.mitre.org/", 10 | }) 11 | 12 | 13 | 14 | if __name__=='__main__': 15 | main() 16 | 17 | -------------------------------------------------------------------------------- /main/tools/Pentesting_Bug_Bounty.py: -------------------------------------------------------------------------------- 1 | from main.tools import ( 2 | banner, 3 | colors, 4 | information_gathering,template 5 | ) 6 | from main.tools import ( 7 | Configuration_Management, 8 | Secure_Transmission, 9 | Authentication, 10 | Session_Management, 11 | Authorization, 12 | data_validation, 13 | Cryptography, 14 | File_Upload, 15 | RiskyFuncPayment, 16 | html5, 17 | dos 18 | ) 19 | import os 20 | import requests 21 | from bs4 import BeautifulSoup 22 | 23 | 24 | # main function 25 | def main(): 26 | while True: 27 | os.system("clear") 28 | banner.main() 29 | banner.attack("Pentesting and Bug Bounty") 30 | list_attacks = [ 31 | " Information Gathering", 32 | " Configuration Management", 33 | " Secure Transmission", 34 | " Authentication", 35 | " Session Management", 36 | " Authorization", 37 | " Data Validation", 38 | " Denial of Service(DOS)", 39 | " Business Logic", 40 | "Cryptography", 41 | "Risky Functionality - File Uploads", 42 | "Risky Functionality - Card Payment", 43 | "HTML 5", 44 | "Go Back", 45 | ] 46 | for i in range(len(list_attacks)): 47 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 48 | try: 49 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 50 | except KeyboardInterrupt: 51 | return 52 | if option == "1": 53 | print("\n[+] Information Gathering") 54 | os.system("clear") 55 | information_gathering.main() 56 | elif option == "2": 57 | print("\n[+] Configuration Management") 58 | os.system("clear") 59 | Configuration_Management.main() 60 | elif option == "3": 61 | print("\n[+] Secure Transmission") 62 | os.system("clear") 63 | Secure_Transmission.main() 64 | elif option == "4": 65 | print("\n[+] Authentication") 66 | os.system("clear") 67 | Authentication.main() 68 | elif option == "5": 69 | print("\n[+] Session Management") 70 | os.system("clear") 71 | Session_Management.main() 72 | elif option == "6": 73 | print("\n[+] Authorization") 74 | os.system("clear") 75 | Authorization.main() 76 | elif option == "7": 77 | print("\n[+] Data Validation") 78 | os.system("clear") 79 | data_validation.main() 80 | elif option == "8": 81 | print("\n[+] Denial of Service") 82 | os.system("clear") 83 | dos.main() 84 | elif option == "9": 85 | print("\n[+] Business Logic") 86 | os.system("clear") 87 | template.template("Business Logic","no-tools",'Business logic is the custom rules or algorithms that handle the exchange of information between a database and user interface. Business logic is essentially the part of a computer program that contains the information (in the form of business rules) that defines or constrains how a business operates. Such business rules are operational policies that are usually expressed in true or false binaries. Business logic can be seen in the workflows that they support, such as in sequences or steps that specify in detail the proper flow of information or data, and therefore decision-making. Business logic is also known as "domain logic."',{"Business Logic":"https://portswigger.net/web-security/logic-flaws/examples#top","Exploiting Business Logic Vulnerabilities":"https://medium.com/armourinfosec/exploiting-business-logic-vulnerabilities-234f97d6c4c0","WEB APPLICATION — BUSINESS LOGIC VULNERABILITIES":"https://infosecwriteups.com/web-application-business-logic-vulnerabilities-51be9c6b99fa","Business Logic Flaw":"https://www.wallarm.com/what/business-logic-flaw"}) 88 | elif option == "10": 89 | print("\n[+] Cryptography") 90 | os.system("clear") 91 | Cryptography.main() 92 | elif option == "11": 93 | print("\n[+] Risky Functionality - File Uploads") 94 | os.system("clear") 95 | File_Upload.main() 96 | elif option == "12": 97 | print("\n[+] Risky Functionality - Card Payment") 98 | os.system("clear") 99 | RiskyFuncPayment.main() 100 | elif option == "13": 101 | print("\n[+] HTML 5") 102 | os.system("clear") 103 | html5.main() 104 | else: 105 | return 106 | 107 | 108 | def github_getting_text(link, selector, indexvalue): 109 | print("Please Wait....\r", end="") 110 | URL = link 111 | try: 112 | r = requests.get(URL) 113 | soup = BeautifulSoup(r.content, "html.parser") 114 | paras = soup.select(selector) 115 | # check index value from test file 116 | return paras[indexvalue].text 117 | except: 118 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 119 | 120 | 121 | if __name__ == "__main__": 122 | main() 123 | -------------------------------------------------------------------------------- /main/tools/PostExploitationAttacks.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,Exploitation_Tools 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | # main function 7 | 8 | 9 | def main(): 10 | while True: 11 | os.system("clear") 12 | banner.main() 13 | banner.attack("Post Exploitation") 14 | list_attacks = [" Metasploit-Framework\t\t(Recommended)", " LinPeas", " LinEnum", " Sudo killer\t\t\t(Recommended)", " Beroot", " Linux Exploit Suggester 2", " LSE (Linux Smart Enumeration) ", 15 | " PSPY","Linux Private-i", "Shellter", "UPX (Ultimate Packer for Executable)", "Go Back"] 16 | for i in range(len(list_attacks)): 17 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 18 | try: 19 | option = input( 20 | f"\n {colors.select}Select An Option ->{colors.reset} ") 21 | except KeyboardInterrupt: 22 | return 23 | if option == "1": 24 | print("\n[+] Metasploit-Framework") 25 | Exploitation_Tools.metasploit() 26 | elif option == "2": 27 | print("\n[+] LinPeas") 28 | linpeas() 29 | elif option == "3": 30 | print("\n[+] LinEnum") 31 | linenum() 32 | elif option == "4": 33 | print("\n[+] Sudo killer") 34 | sudokiller() 35 | elif option == "5": 36 | print("\n[+] Beroot") 37 | beroot() 38 | elif option == "6": 39 | print("\n[+] Linux Exploit Suggester 2") 40 | linux_exploit_suggester2() 41 | elif option == "7": 42 | print("\n[+] LSE (Linux Smart Enumeration)") 43 | linux_smart_enumeration() 44 | elif option == "8": 45 | print("\n[+] PSPY") 46 | pspy() 47 | elif option == "9": 48 | print("\n[+] Linux Private-i") 49 | linux_private_i() 50 | elif option == "10": 51 | print("\n[+] Shellter") 52 | shelter() 53 | elif option == "11": 54 | print("\n[+] UPX (Ultimate Packer for Executable)") 55 | upx() 56 | else: 57 | return 58 | 59 | 60 | def github_getting_text(link, selector, indexvalue): 61 | print("Please Wait....\r", end="") 62 | URL = link 63 | try: 64 | r = requests.get(URL) 65 | soup = BeautifulSoup(r.content, 'html.parser') 66 | paras = soup.select(selector) 67 | # check index value from test file 68 | return paras[indexvalue].text 69 | except: 70 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 71 | 72 | 73 | def upx(): 74 | os.system("clear") 75 | github = "UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It can be used to compress and obfuscate executable files to make them smaller and more difficult to reverse engineer. UPX supports a wide range of file formats, including Windows PE, Linux ELF, and more. UPX is available for a variety of platforms, including Windows, Linux, and macOS. The UPX compression algorithm is designed to compress the code section of an executable file, while leaving the data section uncompressed. This allows the compressed code to be executed directly from memory without the need to decompress it first. UPX is open-source and actively maintained, with updates and bug fixes released regularly." 76 | template.template("UPX (Ultimate Packer for Executable)", "chmod u+x upx && ./upx", github.strip(), {"UPX README": "https://github.com/upx/upx#readme", "UPX Video - 1 ": "https://www.youtube.com/watch?v=upTXpDhI0ww"}, method="github", 77 | github_install="wget https://github.com/upx/upx/releases/download/v4.0.1/upx-4.0.1-i386_linux.tar.xz && tar -xf upx-4.0.1-i386_linux.tar.xz && rm upx-4.0.1-i386_linux.tar.xz", github_check="upx-4.0.1-i386_linux") 78 | 79 | def shelter(): 80 | os.system("clear") 81 | github = "Shellter is a dynamic shellcode injection tool aka dynamic PE infector. It can be used in order to inject shellcode into native Windows applications (currently 32-bit apps only). The shellcode can be something yours or something generated through a framework, such as Metasploit. Shellter takes advantage of the original structure of the PE file and doesn't apply any modification such as changing memory access permissions in sections (unless the user wants to), adding an extra section with RWE access, and whatever would look dodgy under an AV scan. Shellter is not just an EPO infector that tries to find a location to insert an instruction to redirect execution to the payload. Unlike any other infector, Shellter’s advanced infection engine never transfers the execution flow to a code cave or to an added section in the infected PE file. Shellter uses a unique dynamic approach which is based on the execution flow of the target application. This means that no static/predefined locations are used for shellcode injection. Shellter will launch and trace the target, while at the same time will log the execution flow of the application." 82 | template.template("shellter", "shellter", github.strip(), {"Introduction to Shellter": "https://github.com/ParrotSec/shellter#readme", "Tool documentation for Shellter on Kali Linux": "https://www.kali.org/tools/shellter/#tool-documentation", "Anti-virus Bypass with Shellter 5.1 on Kali Linux": "https://cyberarms.wordpress.com/2015/10/04/anti-virus-bypass-with-shellter-5-1-on-kali-linux/", 83 | "Shellter: A Shellcode Injecting Tool": "https://www.hackingarticles.in/shellter-a-shellcode-injecting-tool/", "Shellter - The Ultimate Tool for AV Evasion": "https://metalkey.github.io/shellter---the-ultimate-tool-for-av-evasion.html", "Hack like a Pro: Evade AV Software with Shellter": "https://null-byte.wonderhowto.com/how-to/hack-like-pro-evade-av-software-with-shellter-0168504/"}) 84 | 85 | def linux_private_i(): 86 | os.system("clear") 87 | github = "A Linux Enumeration & Privilege Escalation tool that automates the basic enumeration steps and displays the results in an easily readable format. The script comes loaded with a variety of 4 Options to choose from. Using Bash, execute private-i.sh on the local low privileged user. Select an option, execute & watch the show. Each mode uses common Linux binaries to enumerate the local system (find, grep, ps, etc). If you have a non-bash shell such as sh, use Noir-Private-i. Either script will not write or auto-exploit in any way" 88 | template.template("linux-private-i", "./private-i.sh", github.strip(), {"Documentation": "https://github.com/rtcrowley/linux-private-i/blob/master/README.md", "HackingArticles-linux-privilege-escalation-automated-script": 89 | "https://www.hackingarticles.in/linux-privilege-escalation-automated-script"}, method="github", github_install="git clone https://github.com/rtcrowley/linux-private-i.git && cd linux-private-i && chmod +x *", github_check="linux-private-i") 90 | 91 | def pspy(): 92 | os.system("clear") 93 | github = "pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of Linux systems in CTFs. Also great to demonstrate your colleagues why passing secrets as arguments on the command line is a bad idea.This tool gathers the info from procfs scans. Inotify watchers placed on selected parts of the file system trigger these scans to catch short-lived processes." 94 | version = github_getting_text("https://github.com/DominicBreuker/pspy/releases/", 95 | 'div[class="css-truncate css-truncate-target"]', 0).strip() 96 | template.template("pspy64", "chmod u+x pspy64 && ./pspy64", github.strip(), {"Using-PSPY-To-Monitor-Linux-Processes": "https://infinitelogins.com/2020/09/04/using-ps-py-to-monitor-linux-processes", "Cyberkendra Pspy-Tool-Monitor-Linux-Processes": "https://tools.cyberkendra.com/2020/04/pspy-tool-monitor-linux-processes.html", "How-To-Enumerate-Services-In-Use-With-PSPY": "https://vk9-sec.com/how-to-enumerate-services-in-use-with-pspy", 97 | "TryHackMe-ConvertMyVideo Writeup": "https://sparshjazz.medium.com/tryhackme-convertmyvideo-writeup-56b6c8217001", "SecurityOnline PSPY": "https://securityonline.info/pspy"}, method="github", github_install=f"wget https://github.com/DominicBreuker/pspy/releases/download/{version}/pspy64 && mkdir PSPY && mv pspy64 PSPY", github_check="PSPY") 98 | 99 | def linux_smart_enumeration(): 100 | os.system("clear") 101 | github = "Linux Smart Enumeration (LSE) is a script written by Diego Treitos that automates the enumeration process for Linux systems. It is designed to run quickly and efficiently, and to provide detailed information about the system, including users, groups, permissions, network configuration, and more. LSE is intended to be used by penetration testers and security professionals to gather information about a target system during the reconnaissance phase of an engagement." 102 | template.template("linux-smart-enumeration", "chmod u+x lse.sh && ./lse.sh", github.strip(), {"Documentation (linux-smart-enumeration)": "https://github.com/diego-treitos/linux-smart-enumeration/blob/master/README.md", "Use-Linux-Smart-Enumeration-Discover-Paths-Privesc": 103 | "https://null-byte.wonderhowto.com/how-to/use-linux-smart-enumeration-discover-paths-privesc-0330807", "Hakin9 linux-smart-enumeration": "https://hakin9.org/linux-smart-enumeration"}, method="github", github_install="git clone https://github.com/diego-treitos/linux-smart-enumeration.git", github_check="linux-smart-enumeration") 104 | 105 | def linux_exploit_suggester2(): 106 | os.system("clear") 107 | github = "Linux Exploit Suggester 2 (LES 2) is a tool that can be used to identify potential vulnerabilities and exploits that can be used to compromise a Linux system. It works by analyzing the running kernel version and system information, and then comparing it to a local database of known vulnerabilities and exploits. LES 2 can also be used to determine whether a patch has been applied to a specific vulnerability, making it useful for identifying systems that are still vulnerable to known exploits. The tool is open-source and can be easily installed on a Linux system. It supports a wide range of Linux distributions, including Ubuntu, Debian, Fedora, Arch Linux and more. LES 2 is a command-line tool and requires Python to run.It's a useful tool for penetration testers and system administrators to identify and prioritize vulnerabilities on their systems." 108 | template.template("linux-exploit-suggester-2", "chmod u+x linux-exploit-suggester-2.pl && ./linux-exploit-suggester-2.pl", github.strip(), {"Kali Tools (linux-exploit-suggester)": "https://www.kali.org/tools/linux-exploit-suggester/", "Find-Exploits-Get-Root-With-Linux-Exploit-Suggester": "https://null-byte.wonderhowto.com/how-to/find-exploits-get-root-with-linux-exploit-suggester-0206005", "Pentest-Monkey Linux-Exploit-Suggester": "https://pentestmonkey.net/tools/audit/exploit-suggester", 109 | "Linux-Exploit-Suggester-A-Kali-Linux-Tool-To-Find-The-Linux-Os-Kernel-Exploits": "https://gbhackers.com/linux-exploit-suggester-a-kali-linux-tool-to-find-the-linux-os-kernel-exploits", "Securityonline Linux-Exploit Suggester": "https://securityonline.info/linux-exploit-suggester-2"}, method="github", github_install="git clone https://github.com/jondonas/linux-exploit-suggester-2.git", github_check="linux-exploit-suggester-2") 110 | 111 | def beroot(): 112 | os.system("clear") 113 | github_text_0 = github_getting_text( 114 | "https://github.com/AlessandroZ/BeRoot", 'p[dir=auto]', 0) 115 | github_text_1 = github_getting_text( 116 | "https://github.com/AlessandroZ/BeRoot", 'p[dir=auto]', 1) 117 | github = github_text_0.strip().replace("\n", "").replace("\t", "") + github_text_1.strip().replace("\n", "").replace("\t", "") 118 | template.template("BeRoot", "cd Linux && chmod u+x * && ./beroot.py", github.strip(), {"BeRoot-Linux-Privilege-Escalation": "https://www.kitploit.com/2018/06/beroot-for-linux-privilege-escalation.html?m=0", "BeRoot-A-Post-Exploitation-Privilege-Escalation-Tool": 119 | "https://blog.hackersonlineclub.com/2018/07/beroot-post-exploitation-tool-to-check.html", "BeRoot-Windows-Privilege-Escalation": "https://sevenlayers.com/index.php/273-windows-privilege-escalation"}, method="github", github_install="git clone https://github.com/AlessandroZ/BeRoot.git", github_check="BeRoot") 120 | 121 | def sudokiller(): 122 | os.system("clear") 123 | github_text_6 = github_getting_text( 124 | "https://github.com/TH3xACE/SUDO_KILLER", 'p[dir=auto]', 6) 125 | github_text_7 = github_getting_text( 126 | "https://github.com/TH3xACE/SUDO_KILLER", 'p[dir=auto]', 7) 127 | github = github_text_6 + github_text_7 128 | template.template("Sudo Killer", "chmod u+x * && ./SUDO_KILLERv3.sh", github.strip(), {"SUDO_KILLER-Demos": "https://github.com/TH3xACE/SUDO_KILLER#demos", "Sudo-Killer Information": "https://www.kitploit.com/2020/02/sudokiller-tool-to-identify-and-exploit.html", 129 | "Sudo-Killer-Identify-Abuse-Sudo-Misconfigurations": "https://null-byte.wonderhowto.com/how-to/use-sudo-killer-identify-abuse-sudo-misconfigurations-0202594"}, method="github", github_install="git clone https://github.com/TH3xACE/SUDO_KILLER.git", github_check="SUDO_KILLER") 130 | 131 | def linenum(): 132 | os.system("clear") 133 | github = "LinEnum is a Linux enumeration script that can be used to enumerate information from a Linux system. It is designed to be run locally on a Linux system and will attempt to enumerate common files, folders, users, groups, services, configurations, and permissions. It can also be used to look for certain security vulnerabilities such as local privilege escalation. LinEnum can be run from the command line or can be automated using a script. The output of the script can be saved as a text file for later analysis." 134 | template.template("LinEnum", "chmod +x LinEnum.sh && ./LinEnum.sh -h", github.strip(), {"Use-LinEnum-Identify-Potential-Privilege-Escalation-Vectors": "https://null-byte.wonderhowto.com/how-to/use-linenum-identify-potential-privilege-escalation-vectors-0197225/", "Linux-Privilege-Escalation-With-LinEnum": "https://trevorxcohen.medium.com/linux-privilege-escalation-with-linenum-75d20a3b59f6", "LinEnum-Linux-Enumeration-Privilege-Escalation-Tool": "https://www.darknet.org.uk/2014/11/linenum-linux-enumeration-privilege-escalation-tool", 135 | "Linux-Privilege-Escalation-Quick-And-Dirty": "https://reboare.gitbooks.io/booj-security/content/general-linux/privilege-escalation.html", "Linux Enumeration And Privilege Escalation – LinEnum": "https://vulners.com/n0where/N0WHERE:24819"}, method="github", github_install="curl -s https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh -o LinEnum.sh && mkdir LinEnum && mv LinEnum.sh LinEnum", github_check="LinEnum") 136 | 137 | def linpeas(): 138 | os.system("clear") 139 | github = "LinPeas is a script that automates the process of gathering information about a Linux system, similar to Windows' PowerShell script PEAS. This script can help identify potential vulnerabilities and misconfigurations on a Linux system, as well as provide information about system and network configuration. It can be useful for penetration testing, security assessments, and incident response. The script can be executed with arguments to specify which information to gather, or without arguments to gather all available information" 140 | template.template("linPEAS", "chmod +x linpeas.sh && ./linpeas.sh -h", github.strip(), {"LinPeas Blog": "https://blog.cyberethical.me/linpeas", "Linux-Privilege-Escalation": "https://delinea.com/blog/linux-privilege-escalation", "Linux Privilege Escalation: Quick and Dirty": " https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS", "Outrunsec LinPeas": 141 | "https://outrunsec.com/tag/linpeas/", "Linux-Privilege-Escalation-Suid-Binaries": "https://steflan-security.com/linux-privilege-escalation-suid-binaries"}, method="github", github_install="wget https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh && mkdir LinPeas && mv linpeas.sh LinPeas", github_check="LinPeas") 142 | 143 | 144 | if __name__ == '__main__': 145 | main() 146 | -------------------------------------------------------------------------------- /main/tools/RiskyFuncPayment.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,information_gathering,WEB_Application_Analysis,Vulnerability_Analysis,Exploitation_Tools,Session_Management 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | # main function 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Risky Functionality Card Payment") 13 | list_attacks = ["Tools", "Writeups", "Go Back"] 14 | for i in range(len(list_attacks)): 15 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 16 | try: 17 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 18 | except KeyboardInterrupt: 19 | return 20 | if option == "1": 21 | while True: 22 | print("\n[+] Tools") 23 | os.system("clear") 24 | banner.main() 25 | banner.attack("Tools") 26 | list_attacks = [ 27 | "Burp Suite", 28 | "Wireshark", 29 | "OWASP ZAP", 30 | "Nessus", 31 | "Sqlmap", 32 | "Fiddler", 33 | "Metasploit", 34 | "Nmap", 35 | "Penetration Testers Framework (PTF)", 36 | "Go Back", 37 | ] 38 | for i in range(len(list_attacks)): 39 | print( 40 | colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset 41 | ) 42 | try: 43 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 44 | except KeyboardInterrupt: 45 | return 46 | if option == "1": 47 | print(f"\n[+] Burp Suite") 48 | WEB_Application_Analysis.burp_suite() 49 | elif option == "2": 50 | print(f"\n[+] WireShark") 51 | Vulnerability_Analysis.wireshark() 52 | elif option == "3": 53 | print(f"\n[+] OwaspZap") 54 | WEB_Application_Analysis.owasp_zap() 55 | elif option == "4": 56 | print(f"\n[+] nessus") 57 | WEB_Application_Analysis.nessus() 58 | elif option == "5": 59 | print(f"\n[+] Sqlmap") 60 | Exploitation_Tools.sqlmap() 61 | elif option == "6": 62 | print(f"\n[+] Fiddler") 63 | Session_Management.fiddler() 64 | elif option == "7": 65 | print(f"\n[+] Metasploit") 66 | Exploitation_Tools.metasploit() 67 | elif option == "8": 68 | print(f"\n[+] Nmap") 69 | information_gathering.nmap() 70 | elif option == "9": 71 | print(f"\n[+] The PenTesters Framework (PTF)") 72 | Session_Management.ptf() 73 | else: 74 | break 75 | 76 | elif option == "2": 77 | print("\n[+] Write-UPS") 78 | os.system("clear") 79 | template.template("Writeup","no-tools","Writeups", 80 | { 81 | "Exploiting Payment Gateways": "https://vasuyadav0786.medium.com/exploiting-payment-gateways-97ce7af5a9cf", 82 | "Let's Break Into Payment Gateways": "https://infosecwriteups.com/lets-break-into-payment-gateways-fc52523eeaca", 83 | "Common Vulnerabilities in Payment Functionality": "https://dl.packetstormsecurity.net/papers/general/common-vulnerabilities.pdf", 84 | "Bug Bounty Response Manipulation Leading to Payment Bypass": "https://infosecwriteups.com/bug-bounty-response-manipulation-leading-to-payment-bypass-cb5fde360b1a", 85 | "Web Application Security Testing - Testing Payment Functionality": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/10-Test-Payment-Functionality", 86 | "Application Security Testing Techniques - Testing Payment Functionality": "https://www.softwaretestinghelp.com/how-to-test-application-security-web-and-desktop-application-security-testing-techniques/", 87 | "Parameter Tampering Vulnerability Using 3 Different Approaches": "https://www.cobalt.io/blog/parameter-tampering-vulnerability-using-3-different-approaches", 88 | "Webinar: Understanding Payment Gateway Related Vulnerabilities": "https://www.youtube.com/watch?v=oin2fplOazU", 89 | "Payment Gateway Security Measures Overview": "https://yashsali7.medium.com/an-overview-of-security-measures-used-in-payment-gateways-86375eb12364", 90 | "Payment Bypass Vulnerability on BigBasket": "https://medium.com/@ranjeetjagtap25/payment-bypass-vulnerability-on-bigbasket-2aab137e9631", 91 | "Security Features of Payment Gateway": "https://www.ukessays.com/essays/information-technology/security-features-of-payment-gateway-information-technology-essay.php", 92 | "Vulnerabilities in Electronic Payment Systems (EPS)": "https://www.linkedin.com/pulse/vulnerabilities-eps-electronic-payment-systems-from-david-joao-", 93 | "Security Threats to E-Commerce": "https://www.javatpoint.com/security-threat-to-e-commerce", 94 | "Visa's 3-D Secure Secure Online Payment Authentication": "https://www.giac.org/paper/gsec/4380/visa-039-s-3-d-secure-secure-online-payment-authentication/107245", 95 | "Researching Xiaomi's TEE": "https://research.checkpoint.com/2022/researching-xiaomis-tee/", 96 | "JazzCash Payment Gateway in PHP (Prevent Amount Tampering)": "https://www.youtube.com/watch?v=JEvYSlwb-yY", 97 | }, 98 | " Risky Functionality Payment Systems Write-UPS", 99 | ) 100 | 101 | else: 102 | return 103 | 104 | if __name__ == "__main__": 105 | main() 106 | -------------------------------------------------------------------------------- /main/tools/Secure_Transmission.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template 2 | import os 3 | 4 | import requests 5 | from bs4 import BeautifulSoup 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Secure Transmission") 13 | list_vulns = [ 14 | "Check SSL Version, Algorithms, Key length", 15 | "Check for Digital Certificate Validity", 16 | "Check credentials only delivered over HTTPS", 17 | "Check session tokens only delivered over HTTPS", 18 | "Check if HTTP Strict Transport Security (HSTS) in use", 19 | "Go back", 20 | ] 21 | for i in range(len(list_vulns)): 22 | print(colors.options, f"{i+1}) {list_vulns[i]}".title(), colors.reset) 23 | try: 24 | vulns = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 25 | except KeyboardInterrupt: 26 | return 27 | if vulns == "1": 28 | os.system("clear") 29 | # github=github_getting_text("","") 30 | template.template( 31 | "Check SSL Version, Algorithms", 32 | "no-tools", 33 | "", 34 | { 35 | "10 Online Tools to Test SSL, TLS and Latest Vulnerability": "https://geekflare.com/ssl-test-certificate/", 36 | "Testing for Weak SSL TLS Ciphers": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/01-Testing_for_Weak_SSL_TLS_Ciphers_Insufficient_Transport_Layer_Protection", 37 | "How to Verify the SSL Key Length": "https://www.rapidsslonline.com/ssl/how-to-verify-the-ssl-key-length", 38 | }, 39 | ) 40 | # writeup.writeup({"10 Online Tools to Test SSL, TLS and Latest Vulnerability":"https://geekflare.com/ssl-test-certificate/","Testing for Weak SSL TLS Ciphers":"https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/01-Testing_for_Weak_SSL_TLS_Ciphers_Insufficient_Transport_Layer_Protection","How to Verify the SSL Key Length":"https://www.rapidsslonline.com/ssl/how-to-verify-the-ssl-key-length/"},"Check SSL Version, Algorithms, Key length") 41 | elif vulns == "2": 42 | os.system("clear") 43 | # github 44 | template.template( 45 | "Check for Digital Certificate Validity", 46 | "no-tools", 47 | "", 48 | { 49 | "A closer look at Digital Certificates": "https://medium.com/@mehulgala77/a-closer-look-at-digital-certificates-9ce5a4c56f75" 50 | }, 51 | ) 52 | elif vulns == "3": 53 | os.system("clear") 54 | template.template( 55 | "Check credentials only delivered over HTTPS", 56 | "no-tools", 57 | "", 58 | { 59 | "Testing for Credentials Transported over an Encrypted Channel": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/04-Authentication_Testing/01-Testing_for_Credentials_Transported_over_an_Encrypted_Channel", 60 | "Penetration testing of Credential Data over Encrypted Channel": "https://www.hackingloops.com/penetration-testing-of-credential-data-over-encrypted-channel/", 61 | }, 62 | ) 63 | elif vulns == "4": 64 | os.system("clear") 65 | template.template( 66 | "Check session tokens only delivered over HTTPS", 67 | "no-tools", 68 | "", 69 | { 70 | "Testing for Exposed Session Variables": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/06-Session_Management_Testing/04-Testing_for_Exposed_Session_Variables", 71 | "Using Burp to Test Session Token Handling": "https://portswigger.net/support/using-burp-to-test-session-token-handling", 72 | }, 73 | ) 74 | 75 | elif vulns == "5": 76 | os.system("clear") 77 | template.template( 78 | "Check if HTTP Strict Transport Security (HSTS) in use", 79 | "no-tools", 80 | "", 81 | { 82 | "HSTS (HTTP Strict Transport Security) Test": "https://geekflare.com/tools/hsts-test", 83 | "What Is HSTS and Why Should I Use It?": "https://www.acunetix.com/blog/articles/what-is-hsts-why-use-it/", 84 | }, 85 | ) 86 | else: 87 | return 88 | 89 | 90 | def vuln_options(): 91 | print(f"{colors.options}1) Tools") 92 | print(f"2) Write-ups") 93 | print(f"3) Go Back..") 94 | try: 95 | ask = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 96 | except KeyboardInterrupt: 97 | return 98 | return ask 99 | 100 | 101 | def github_getting_text(link, selector, indexvalue): 102 | print(f"Please Wait....\r", end="") 103 | URL = link 104 | try: 105 | r = requests.get(URL) 106 | soup = BeautifulSoup(r.content, "html.parser") 107 | paras = soup.select(selector) 108 | # check index value from test file 109 | return paras[indexvalue].text 110 | except: 111 | return "{colors.red}NotLloaded Because No Internet Connection{colors.reset}" 112 | 113 | 114 | if __name__ == "__main__": 115 | main() 116 | -------------------------------------------------------------------------------- /main/tools/Session_Management.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,WEB_Application_Analysis,information_gathering 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | # main function 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Session Management") 13 | list_attacks = ["Tools", "Writeups", "Burp Extensions", "Go Back"] 14 | for i in range(len(list_attacks)): 15 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 16 | try: 17 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 18 | except KeyboardInterrupt: 19 | return 20 | if option == "1": 21 | while True: 22 | print("\n[+] Tools") 23 | os.system("clear") 24 | banner.main() 25 | banner.attack("Tools") 26 | list_attacks = [ 27 | "OWASP ZAP", 28 | "BurpSuite", 29 | "Nikto", 30 | "Nmap", 31 | "Wapiti", 32 | "Nessus", 33 | "Nuclei", 34 | "Fiddler", 35 | "Penetration Testers Framework (PTF)", 36 | "Go Back", 37 | ] 38 | for i in range(len(list_attacks)): 39 | print( 40 | colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset 41 | ) 42 | try: 43 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 44 | except KeyboardInterrupt: 45 | return 46 | if option == "1": 47 | os.system("clear") 48 | WEB_Application_Analysis.owasp_zap() 49 | elif option == "2": 50 | os.system("clear") 51 | WEB_Application_Analysis.burp_suite() 52 | elif option == "3": 53 | os.system("clear") 54 | WEB_Application_Analysis.nikto() 55 | elif option == "4": 56 | os.system("clear") 57 | information_gathering.nmap() 58 | elif option == "5": 59 | os.system("clear") 60 | WEB_Application_Analysis.wapiti() 61 | elif option == "6": 62 | os.system("clear") 63 | WEB_Application_Analysis.nessus() 64 | elif option == "7": 65 | os.system("clear") 66 | WEB_Application_Analysis.nuclei() 67 | elif option == "8": 68 | os.system("clear") 69 | fiddler() 70 | elif option == "9": 71 | os.system("clear") 72 | ptf() 73 | else: 74 | break 75 | 76 | elif option == "2": 77 | print("\n[+] Write-UPS") 78 | os.system("clear") 79 | template.template("Writeup","no-tools","Writeups", 80 | { 81 | "Session Management - Authgear": "https://www.authgear.com/post/session-management", 82 | "OWASP Session Management Cheat Sheet": "https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html", 83 | "Session Management Overview - Secure Coding": "https://www.securecoding.com/blog/session-management-an-overview/", 84 | "Session Management Best Practices - Packetlabs": "https://www.packetlabs.net/posts/session-management/", 85 | "HTTP Sessions - MDN Web Docs": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Session", 86 | "Attacking Session Management with Burp Suite": "https://portswigger.net/support/using-burp-to-attack-session-management", 87 | "Session Management Lecture Notes - Stanford": "https://crypto.stanford.edu/cs155old/cs155-spring16/lectures/10-SessionMgmt.pdf", 88 | "Broken Authentication and Session Management - Crashtest Security": "https://crashtest-security.com/broken-authentication-and-session-management/", 89 | "Preventing Security Voids in Web Applications - SANS Institute": "https://sansorg.egnyte.com/dl/CmpHWTzrja", 90 | "PHP Session Security Management - PHP.net": "https://www.php.net/manual/en/features.session.security.management.php", 91 | "Session Management in ColdFusion - CFDocs": "https://cfdocs.org/security-session-management", 92 | "Comprehensive Guide on Broken Authentication and Session Management - Hacking Articles": "https://hackingarticles.in/comprehensive-guide-on-broken-authentication-session-management/", 93 | "What is Session Management? - Clerk.dev": "https://clerk.dev/blog/what-is-session-management", 94 | "All You Need to Know About User Session Security - SuperTokens": "https://supertokens.com/blog/all-you-need-to-know-about-user-session-security", 95 | "How to Secure Authentication, Session Management, and Access Control Systems of Your Web Applications - Vaadata": "https://www.vaadata.com/blog/how-to-secure-authentication-session-management-and-access-control-systems-of-your-web-applications/", 96 | "Understanding Session Management - Coveros": "https://www.coveros.com/understanding-session-management-one-of-owasp-top-10-part-1/", 97 | "Broken Authentication and Session Management Tips - Hacklido": "https://hacklido.com/blog/207-broken-authentication-and-session-management-tips", 98 | "Web Security Session Management Slide": "https://slideplayer.com/slide/5689194/#.XFSQwUKWre4.twitter", 99 | "Attacking Session Management - OWASP": "https://owasp.org/www-pdf-archive//Attacking_Session_Management_-_Alexandre_Villas.pdf", 100 | "Improving the Security of Session Management in Web Applications - OWASP": "https://owasp.org/www-pdf-archive//Improving_the_Security_of_Session_Management_in_Web_Applications_-_Philippe_De_Ryck.pdf", 101 | "Session Management - OWASP 2011": "https://owasp.org/www-pdf-archive//OWASP_2011_-_Slawomir_Rozbicki_-_Session_Managemnt.pdf", 102 | "Session Fixation - OWASP AppSec Research 2010": "https://owasp.org/www-pdf-archive//OWASP_AppSec_Research_2010_Session_Fixation_by_Schrank_Braun_Johns_and_Poehls.pdf", 103 | "Session Hijacking: Danger on the Network - OWASP": "https://owasp.org/www-pdf-archive//Sessi%C3%B3n_Hijacking_Peligro_en_la_Red.pdf", 104 | "Mastering Session Management - Siva Ram - PDF": "https://owasp.org/www-pdf-archive//Siva_Ram-Mastering_Session_Managment.pdf", 105 | "Application Session Management Best Practices": "https://auth0.com/blog/application-session-management-best-practices/", 106 | }, 107 | "Session Management Write-UPS", 108 | ) 109 | 110 | elif option == "3": 111 | print("\n[+] Burp Extensions") 112 | os.system("clear") 113 | template.template("Burp Extensions","no-tools","Writeups", 114 | { 115 | "PortSwigger - Session Timeout Test": "https://portswigger.net/bappstore/c4bfd29882974712a1d69c6d8f05874e", 116 | "PortSwigger - CSRF Scanner": "https://portswigger.net/bappstore/60f172f27a9b49a1b538ed414f9f27c3", 117 | "PortSwigger - Token Extractor": "https://portswigger.net/bappstore/f24211fa6fcd4bbea6b21f99c5cad27a", 118 | "PortSwigger - Headers Analyzer": "https://portswigger.net/bappstore/8b4fe2571ec54983b6d6c21fbfe17cb2", 119 | "PortSwigger - J2EE Scan": "https://portswigger.net/bappstore/7ec6d429fed04cdcb6243d8ba7358880", 120 | "PortSwigger - CO2": "https://portswigger.net/bappstore/c5071c7a7e004f72ae485e8a72911afc", 121 | "PortSwigger - WS Security": "https://portswigger.net/bappstore/i5431k07za13636g0o9a1733ke7h10g3", 122 | "PortSwigger - JWT Editor": "https://portswigger.net/bappstore/26aaa5ded2f74beea19e2ed8345a93dd", 123 | "Github - WS-Attacker": "https://github.com/RUB-NDS/WS-Attacker", 124 | "Github - logger++": "https://github.com/PortSwigger/logger-plus-plus", 125 | }, 126 | "Session Management Burp Extensions", 127 | ) 128 | 129 | else: 130 | return 131 | 132 | 133 | def github_getting_text(link, selector, indexvalue): 134 | print("Please Wait....\r", end="") 135 | URL = link 136 | try: 137 | r = requests.get(URL) 138 | soup = BeautifulSoup(r.content, "html.parser") 139 | paras = soup.select(selector) 140 | # check index value from test file 141 | return paras[indexvalue].text 142 | except: 143 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 144 | 145 | def fiddler(): 146 | github = github_getting_text( 147 | "https://learn.microsoft.com/en-us/windows/win32/win7appqual/fiddler-web-debugger-tool/", 148 | "p", 149 | 2, 150 | ) 151 | template.template( 152 | "Fiddler", 153 | "mono Fiddler.exe", 154 | github.strip(),{ 155 | "Fiddler on Kali Linux":"https://techstarspace.engineer/2019/04/19/fiddler-on-kali-linux/", 156 | "Fiddler In Action - Part 1":"https://www.mehdi-khalili.com/fiddler-in-action/part-1", 157 | "Welcome to Fiddler Everywhere!":"https://docs.telerik.com/fiddler-everywhere/introduction", 158 | 159 | }, 160 | 161 | method="github", 162 | github_install="apt-get install mono-complete -y && wget http://telerik-fiddler.s3.amazonaws.com/fiddler/fiddler-linux.zip && unzip fiddler-linux.zip -d fiddler && rm -rf fiddler-linux.zip && cd fiddler", 163 | github_check="fiddler", 164 | ) 165 | 166 | def ptf(): 167 | github = "The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used" 168 | template.template( 169 | "PTF", 170 | "./ptf", 171 | github.strip(), 172 | { 173 | "The Penetration Testers Framework (PTF) - Is a Way for Modular Support for Up-to-date Tools ":"https://www.kitploit.com/2015/05/the-penetration-testers-framework-ptf.html?m=1", 174 | "What is a Penetration Testing Framework?":"https://www.mitnicksecurity.com/blog/what-is-a-penetration-testing-framework", 175 | }, 176 | method="github", 177 | github_install="git clone https://github.com/trustedsec/ptf.git && cd ptf && pip install -r requirements.txt && chmod +x ptf ", 178 | github_check="ptf", 179 | ) 180 | 181 | if __name__ == "__main__": 182 | main() 183 | -------------------------------------------------------------------------------- /main/tools/Sniffing_and_Spoofing.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template,Vulnerability_Analysis 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | # main function 7 | 8 | 9 | def main(): 10 | while True: 11 | os.system("clear") 12 | banner.main() 13 | banner.attack("Sniffing & Spoofing") 14 | list_attacks = [" Wireshark\t\t(Recommended)", " Bettercap\t\t(Recommended)", " Tcpdump", " Dsniff", " Scapy", " Netsniff-ng", " Macchanger", 15 | " Responder", " Airgeddon", "Wifi-Pumpkin-3\t(Recommended)", "mitmproxy\t\t(Recommended) ", "zaproxy ", "Go Back"] 16 | for i in range(len(list_attacks)): 17 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 18 | try: 19 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 20 | except KeyboardInterrupt: 21 | return 22 | if option == "1": 23 | print("\n[+] Wireshark") 24 | Vulnerability_Analysis.wireshark() 25 | elif option == "2": 26 | print("\n[+] Bettercap") 27 | bettercap() 28 | elif option == "3": 29 | print("\n[+] Tcpdump") 30 | tcpdump() 31 | elif option == "4": 32 | print("\n[+] Dsniff") 33 | dsniff() 34 | elif option == "5": 35 | print("\n[+] Scapy") 36 | scapy() 37 | elif option == "6": 38 | print("\n[+] Netsniff-ng") 39 | netsniff_ng() 40 | elif option == "7": 41 | print("\n[+] Macchanger") 42 | macchanger() 43 | elif option == "8": 44 | print("\n[+] Responder") 45 | responder() 46 | elif option == "9": 47 | print("\n[+] Airgeddon") 48 | airgeddon() 49 | elif option == "10": 50 | print("\n[+] Wifi-Pumpkin-3") 51 | wifipumpkin3() 52 | elif option == "11": 53 | print("\n[+] mitmproxy") 54 | mitmproxy() 55 | elif option == "12": 56 | print("\n[+] zaproxy") 57 | zaproxy() 58 | else: 59 | return 60 | 61 | 62 | def github_getting_text(link, selector, indexvalue): 63 | print("Please Wait....\r", end="") 64 | URL = link 65 | try: 66 | r = requests.get(URL) 67 | soup = BeautifulSoup(r.content, 'html.parser') 68 | paras = soup.select(selector) 69 | # check index value from test file 70 | return paras[indexvalue].text 71 | except: 72 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 73 | 74 | def tcpdump(): 75 | os.system("clear") 76 | github = github_getting_text( 77 | "https://opensource.com/article/18/10/introduction-tcpdump", 'p', 5) 78 | template.template("tcpdump", "tcpdump -h", github.strip()+'\r\n - '.join(github.strip().split('\n')), {"TCPDump": "https://www.qnx.com/developers/docs/7.0.0/index.html#com.qnx.doc.neutrino.utilities/topic/t/tcpdump.html", "Deep Packet Analysis": 79 | "https://thwack.solarwinds.com/resources/b/geek-speak/posts/deep-packet-analysis---practical-applications-with-tcpdump", "TCPDump F5": "https://support.f5.com/csp/article/K2289", "TCPDump FreeBSD": "https://www.freebsd.org/cgi/man.cgi?tcpdump"}) 80 | 81 | 82 | def dsniff(): 83 | os.system("clear") 84 | github = "dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI." 85 | template.template("dsniff", "dsniff -h", github.strip(), {"Dsniff Repo": "https://github.com/tecknicaltom/dsniff", 86 | "Manpages Dsniff": "https://www.unix.com/man-page/debian/8/dsniff/", "Introduction": "http://www.ouah.org/dsniffintr.htm"}) 87 | 88 | def scapy(): 89 | os.system("clear") 90 | github = "Scapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks." 91 | template.template("scapy", "chmod +x run_scapy && ./run_scapy", github.strip(), {"what is Scapy": "https://www.freecodecamp.org/news/how-to-use-scapy-python-networking/", "Scapy Introduction": "https://scapy.readthedocs.io/en/latest/introduction.html", "Scapy Usage": "https://python.astrotech.io/network/transport/scapy.html", "Scapy Tutorial": "https://youtu.be/LvaII2PEwcQ", 92 | "https://datascientest.com/en/scapy-everything-you-need-to-know-about-the-python-based-network-packaging-tool": "https://datascientest.com/en/scapy-everything-you-need-to-know-about-the-python-based-network-packaging-tool"}, method="github", github_install="git clone https://github.com/secdev/scapy.git", github_check="scapy") 93 | 94 | def netsniff_ng(): 95 | os.system("clear") 96 | github_text_0 = github_getting_text( 97 | "http://netsniff-ng.org/", 'p', 0) 98 | github_text_1 = github_getting_text( 99 | "http://netsniff-ng.org/", 'p', 1) 100 | github_text_2 = github_getting_text( 101 | "http://netsniff-ng.org/", 'p', 2) 102 | github = github_text_0.strip().replace("\n", "").replace("\t", "") + github_text_1.strip().replace("\n", "").replace("\t", "") + github_text_2.strip().replace("\n", "").replace("\t", "") 103 | template.template("netsniff-ng", "netsniff-ng -h", github.strip(), {"Netsniff-ng Website": "http://netsniff-ng.org/", "Sniffing Network Traffic": "https://medium.com/purple-team/sniffing-network-traffic-with-netsniff-ng-55b8f5d436c2", 104 | "Manual": "https://linux.die.net/man/8/netsniff-ng", "Video Resources": "https://www.irongeek.com/i.php?page=videos/hack3rcon4/09-netsniff-ng-jon-schipp"}) 105 | 106 | def macchanger(): 107 | os.system("clear") 108 | github_fetch = github_getting_text( 109 | "https://www.kali.org/tools/macchanger/", 'p', 0) 110 | github = github_fetch.strip().replace("\n", "").replace("\t", "") 111 | template.template("macchanger", "macchanger --help", github.strip(), {"How to Change Mac Address": "https://linuxconfig.org/how-to-change-mac-address-using-macchanger-on-kali-linux/", 112 | "Macchanger on Kali Linux": "https://kennyvn.com/change-mac-address-macchanger-kali-linux/", "Permanently Change Mac Address": "https://www.linuxuprising.com/2018/05/how-to-permanently-change-mac-address.html"}) 113 | 114 | def responder(): 115 | os.system("clear") 116 | github_text_0 = github_getting_text( 117 | "https://www.kali.org/tools/responder/", 'p', 1) 118 | github_text_1 = github_getting_text( 119 | "https://www.kali.org/tools/responder/", 'p', 2) 120 | github = github_text_0.strip().replace("\n", "").replace("\t", "") + github_text_1.strip().replace("\n", "").replace("\t", "") 121 | template.template("responder", "responder -h", github, {"Responder-Guide": "https://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/guide/", "How-To-Use-Responder-to-Capture-NETNTLM-and-Grab-a-Shell": 122 | "https://www.a2secure.com/blog-en/how-to-use-responder-to-capture-netntlm-and-grab-a-shell/", "infinitelogins.com-Responder": "https://infinitelogins.com/tag/responder/", "Capture-Window-10-NTLM-Hashes-Responder": "https://secnhack.in/capture-window-10-ntlm-hashes-responder"}) 123 | 124 | def airgeddon(): 125 | os.system("clear") 126 | github = "Airgeddon is a wireless security auditing tool that is used to assess the security of wireless networks. It can be used to perform various types of attacks, such as cracking WPA/WPA2 passwords, capturing WPA/WPA2 handshakes, and identifying vulnerable wireless access points. The tool is open-source and runs on Linux systems. Airgeddon is not intended for illegal use, and should only be used on networks that you have permission to test." 127 | template.template("airgeddon", "airgeddon", github.strip(), {"How to Use Airgeddon in Kali Linux": "https://www.systranbox.com/how-to-use-airgeddon-in-kali-linux/", "Airgeddon Wifi Crack in Kali Linux": "https://www.kalilinux.in/2021/03/airgeddon-wifi-crack-kalilinux.html", 128 | "Airgeddon Multi-Use Bash Script to Audit Wireless Networks": "https://xploitlab.com/airgeddon-multi-use-bash-script-to-audit-wireless-networks/", "Airgeddon Tool Installation and Fix All Errors": "https://www.hacknos.com/airgeddon-tool-installation-and-fix-all-errors/"}) 129 | 130 | def wifipumpkin3(): 131 | os.system("clear") 132 | github = github_getting_text( 133 | "https://wifipumpkin3.github.io/", 'p', 1) 134 | template.template("wifipumpkin3", "wifipumpkin3", github.strip(), { 135 | "Wireless Penetration Testing": "https://www.hackingarticles.in/wireless-penetration-testing-wifipumpkin3/", "WiFiPumpkin3 : Powerful Framework For Rogue Access Point Attack": "https://kalilinuxtutorials.com/wifipumpkin3/"}) 136 | 137 | def mitmproxy(): 138 | os.system("clear") 139 | github = "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.mitmweb is a web-based interface for mitmproxy." 140 | template.template("mitmproxy", "mitmproxy", github.strip(), { 141 | "An Introduction to mitmproxy": "https://medium.com/ciandt-techblog/an-introduction-to-mitmproxy-f3654e6bd53b", "mitmproxy docs": "https://docs.mitmproxy.org/stable/", }) 142 | 143 | def zaproxy(): 144 | os.system("clear") 145 | github = github_getting_text( 146 | "https://github.com/zaproxy/zaproxy", 'p[dir=auto]', 2) 147 | template.template("zaproxy", "zaproxy", github.strip(), { 148 | "Overview ZAP": "https://www.zaproxy.org/getting-started/", }) 149 | 150 | def bettercap(): 151 | os.system("clear") 152 | github = github_getting_text( 153 | "https://www.bettercap.org/intro/", 'p', 0) 154 | template.template("bettercap", "bettercap", github.strip(), {"Man in the Middle": "https://www.cybervie.com/blog/easy-and-better-man-in-the-middle-using-bettercap/", "MITM Labs Write-up": 155 | "https://charlesreid1.com/wiki/MITM_Labs/Bettercap_Over_Wifi", "NTLM Capturing": "https://blog.xpnsec.com/bettercap-capturing-ntlm/", "DNS Spoofing": "https://psychovik.medium.com/dns-spoofing-using-bettercap-24a8435f7a03"}) 156 | 157 | 158 | if __name__ == '__main__': 159 | main() 160 | -------------------------------------------------------------------------------- /main/tools/Vulnerability_Analysis.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import os 3 | import requests 4 | from main.tools import banner, colors, template, information_gathering, WEB_Application_Analysis 5 | from bs4 import BeautifulSoup 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Vulnerability Analysis") 13 | list_attacks = ["Wpscan\t\t(Recommended)", "Wireshark\t\t(Recommended)", 14 | "Wapiti", "Nmap\t\t(Recommended)", "Legion", "Nikto", "Wfuzz", "go back"] 15 | for i in range(len(list_attacks)): 16 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 17 | try: 18 | option = input( 19 | f"\n {colors.select}Select An Option ->{colors.reset} ") 20 | except KeyboardInterrupt: 21 | return 22 | if option == "1": 23 | print("\n[+] Wpscan") 24 | wpscan() 25 | elif option == "2": 26 | print("\n[+] Wireshark") 27 | wireshark() 28 | elif option == "3": 29 | print("\n[+] Wapiti") 30 | WEB_Application_Analysis.wapiti() 31 | elif option == "4": 32 | print("\n[+] Nmap") 33 | information_gathering.nmap() 34 | elif option == "5": 35 | print("\n[+] legion") 36 | legion() 37 | elif option == "6": 38 | print("\n[+] Nikto") 39 | nikto() 40 | elif option == "7": 41 | print("\n[+] Wfuzz") 42 | wfuzz() 43 | else: 44 | return 45 | 46 | 47 | def github_getting_text(link, selector, indexvalue): 48 | print("Please Wait....\r", end="") 49 | URL = link 50 | try: 51 | r = requests.get(URL) 52 | soup = BeautifulSoup(r.content, 'html.parser') 53 | paras = soup.select(selector) 54 | # check index value from test file 55 | return paras[indexvalue].text 56 | except: 57 | return f"{colors.red}NotLloaded Because No Internet Connection{colors.reset}" 58 | 59 | 60 | def tool_writeups(): 61 | print(f"{colors.options}1) TOOL(About,Installation)") 62 | print(f"2) Write Ups") 63 | print(f"3) Go Back..") 64 | try: 65 | ask = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 66 | except KeyboardInterrupt: 67 | return 68 | return ask 69 | 70 | def wfuzz(): 71 | os.system("clear") 72 | github = "Wfuzz is a web application brute force tool used to identify web application vulnerabilities by scanning web content, such as directories and files, for hidden or non-linked content. Wfuzz can be used to test input validation, error handling, and access control mechanisms. It is a command-line tool and allows users to customize requests to send payloads, which makes it very flexible and powerful for web application penetration testing. Wfuzz is written in Python and can be used on Linux, Windows, and macOS. It is open-source and free to use." 73 | template.template( 74 | "wfuzz", "wfuzz --help", github.strip(), {"How to use Wfuzz to find web application vulnerabilities": 75 | "https://www.techtarget.com/searchsecurity/feature/How-to-use-Wfuzz-to-find-web-application-vulnerabilities", } 76 | ) 77 | 78 | 79 | def wireshark(): 80 | os.system("clear") 81 | github = "Wireshark is a network traffic analyzer, or sniffer, for Linux, macOS, BSD and other Unix and Unixlike operating systems and for Windows. It uses Qt, a graphical user interface library, and libpcap and npcap as packet capture and filtering libraries." 82 | template.template("wireshark", "wireshark", github.strip(), {'How To Install & Use Wireshark On Kali Linux': 'https://infosecscout.com/wireshark-on-kali-linux/', 'Wireshark Tool Documentation': 'https://www.kali.org/tools/wireshark/', 'Wireshark Training': 'https://www.wireshark.org/docs/', 'Wireshark – Resources': 'https://blog.inf.ed.ac.uk/atate/2023/01/14/wireshark-resources/', 83 | 'Kerberos Wireshark Captures: A Windows Login Example': 'https://medium.com/@robert.broeckelmann/kerberos-wireshark-captures-a-windows-login-example-151fabf3375a', 'Wireshark – Packet Capturing and Analyzing': 'https://www.geeksforgeeks.org/wireshark-packet-capturing-and-analyzing/', 'Wireshark Tutorial: Decrypting HTTPS Traffic': 'https://unit42.paloaltonetworks.com/wireshark-tutorial-decrypting-https-traffic/'}) 84 | def legion(): 85 | os.system("clear") 86 | github = github_getting_text( 87 | "https://github.com/GoVanguard/legion", 'p[class="f4 my-3"]', 0) 88 | template.template("legion", "legion", github.strip(), {"Legion: The best all in one network mapping tool": "https://techyrick.com/legion-kali-linux/", "An Overview Of Network Penetration Testing Using Legion Framework": "https://www.c-sharpcorner.com/article/an-overview-of-network-penetration-testing-using-legion-framework/#:~:text=What%20is%20Legion%3F,the%20attacks%20against%20targeted%20devices.", 89 | 'Legion Tool in Kali Linux': 'https://www.geeksforgeeks.org/legion-tool-in-kali-linux', 'Legion -- Test Web Application Vulnerability Automatically': 'https://www.kalilinux.in/2020/09/legion-kali-linux.html', 'How to use Legion application in Kali Linux Video Tutorial': 'https://www.youtube.com/watch?v=0v2_UFhq6zQ'}) 90 | 91 | 92 | def nikto(): 93 | os.system("clear") 94 | github = github_getting_text( 95 | "https://en.wikipedia.org/wiki/Nikto_(vulnerability_scanner)", 'p', 1) 96 | template.template("nikto", "nikto -h", github.strip(), {'What is Nikto and it’s usages ?': 'https://www.geeksforgeeks.org/what-is-nikto-and-its-usages/', 97 | 'Nikto: A Practical Website Vulnerability Scanner': 'https://securitytrails.com/blog/nikto-website-vulnerability-scanner', 'Nikto Official Docs': 'https://github.com/sullo/nikto/wiki'}) 98 | 99 | 100 | def wpscan(): 101 | os.system("clear") 102 | github = "WPScan is a security scanner designed for testing the security of websites built using WordPress. WPScan was developed using the Ruby programming language and then released in the first version in 2019. The WPScan security scanner is primarily intended to be used by WordPress administrators and security teams to assess the security status of their WordPress installations. It is used to scan WordPress websites for known vulnerabilities both in WordPress and commonly used WordPress plugins and themes. The code base for WPScan is licensed under GPLv3" 103 | template.template("wpscan", "wpscan -h", github.strip(), {'WPScan Intro: How to Scan for WordPress Vulnerabilities': 'https://blog.sucuri.net/2021/05/wpscan-how-to-scan-for-wordpress-vulnerabilities.html/', 'WPScan:WordPress Pentesting Framework': 'https://www.hackingarticles.in/wpscanwordpress-pentesting-framework/', 'How To Use WPScan to Test for Vulnerable Plugins and Themes in Wordpress': 104 | "https://www.digitalocean.com/community/tutorials/how-to-use-wpscan-to-test-for-vulnerable-plugins-and-themes-in-wordpress", "How to Use wpscan tool in Kali Linux": "https://www.geeksforgeeks.org/how-to-use-wpscan-tool-in-kali-linux/", "WPScan Usage Example [Enumeration + Exploit]": "https://www.cyberpunk.rs/wpscan-usage-example"}) 105 | 106 | 107 | if __name__ == '__main__': 108 | main() 109 | -------------------------------------------------------------------------------- /main/tools/WEB_Application_Analysis.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template, waiting, writeup, Configuration_Management 2 | import os 3 | import requests 4 | import requests 5 | import re 6 | from bs4 import BeautifulSoup 7 | 8 | 9 | def main(): 10 | while True: 11 | os.system("clear") 12 | banner.main() 13 | banner.attack("WEB Application Analysis") 14 | list_attacks = [" Burp Suite\t\t(Recommended)", " Dirsearch", " Owasp ZAP", " Dirbuster\t\t(Recommended)", 15 | " Nikto", " Wapiti", " Nessus\t\t(Recommended)", " dirb", " Nuclei", "ffuf", "go back"] 16 | for i in range(len(list_attacks)): 17 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 18 | try: 19 | option = input( 20 | f"\n {colors.select}Select An Option ->{colors.reset} ") 21 | except KeyboardInterrupt: 22 | return 23 | if option == "1": 24 | print(f"\n[+] Burp Suite") 25 | burp_suite() 26 | elif option == "2": 27 | print(f"\n[+] Dirsearch") 28 | dirsearch() 29 | elif option == "3": 30 | print(f"\n[+] Owasp ZAP") 31 | owasp_zap() 32 | elif option == "4": 33 | Configuration_Management.dirbuster() 34 | elif option == "5": 35 | print("\n[+] Nikto") 36 | nikto() 37 | elif option == "6": 38 | print("\n[+] Wapiti") 39 | wapiti() 40 | elif option == "7": 41 | print(f"\n[+] Nessus") 42 | nessus() 43 | elif option == "8": 44 | print(f"\n[+] dirb") 45 | dirb() 46 | elif option == "9": 47 | print(f"\n[+] Nuclei") 48 | nuclei() 49 | elif option == "10": 50 | print("\n[+] ffuf") 51 | ffuf() 52 | else: 53 | return 54 | 55 | 56 | def github_getting_text(link, selector, indexvalue): 57 | print(f"Please Wait....\r", end="") 58 | URL = link 59 | try: 60 | r = requests.get(URL) 61 | soup = BeautifulSoup(r.content, 'html.parser') 62 | paras = soup.select(selector) 63 | # check index value from test file 64 | return paras[indexvalue].text 65 | except: 66 | return "{colors.red}NotLloaded Because No Internet Connection{colors.reset}" 67 | 68 | 69 | def nikto(): 70 | os.system("clear") 71 | github = github_getting_text( 72 | "https://en.wikipedia.org/wiki/Nikto_(vulnerability_scanner)", 'p', 1) 73 | template.template("nikto", "nikto ", github.strip(), {'What is Nikto and it’s usages ?': 'https://www.geeksforgeeks.org/what-is-nikto-and-its-usages/', 74 | 'Nikto: A Practical Website Vulnerability Scanner': 'https://securitytrails.com/blog/nikto-website-vulnerability-scanner', 'Nikto Official Docs': 'https://github.com/sullo/nikto/wiki'}) 75 | 76 | 77 | def nuclei(): 78 | os.system("clear") 79 | github = "Nuclei is a fast vulnerability scanner designed to probe modern applications, infrastructure, cloud platforms, and networks, aiding in the identification and mitigation of exploitable vulnerabilities.At its core, Nuclei uses templates—expressed as straightforward YAML files, that delineate methods for detecting, ranking, and addressing specific security flaws." 80 | template.template("nuclei", "nuclei", github.strip(), {"Nuclei - Automated Vulnerability Scanning Tool": "https://allabouttesting.org/nuclei-automated-vulnerability-scanning-tool/", "Nuclei – Fast and Customizable Vulnerability Scanner": "https://www.geeksforgeeks.org/nuclei-fast-and-customizable-vulnerability-scanner/", 81 | "Gauing+Nuclei for Instant Bounties": "https://infosecwriteups.com/gauing-nuclei-for-instant-bounties-7a8a07979fff ", "DevSecOps 101 Part 3: Scanning Live Web Applications with Nuclei": "https://escape.tech/blog/devsecops-part-iii-scanning-live-web-applications"}) 82 | 83 | def ffuf(): 84 | os.system("clear") 85 | github = "ffuf - Fuzz Faster U Fool.The usage examples below show just the simplest tasks you can accomplish using ffuf." 86 | template.template("ffuf", "ffuf", github.strip(), {"How to Fuzz Web Applications using FFuf – Web Security Tutorial": "https://www.freecodecamp.org/news/web-security-fuzz-web-applications-using-ffuf/", 87 | "github fuff": "https://github.com/ffuf/ffuf/blob/master/README.md", }) 88 | 89 | 90 | 91 | def burp_suite(): 92 | while True: 93 | os.system("clear") 94 | banner.main() 95 | banner.attack("Burp Suite") 96 | banner.description("Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initialmapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.") 97 | ask = template.tool_writeups("burp", " ", " ") 98 | if ask == "1": 99 | try: 100 | professional = input( 101 | f"{colors.blue}[+] Do You Want It's Professional Version?(Y/N){colors.reset}") 102 | except KeyboardInterrupt: 103 | return 104 | if professional == "y" or professional == "Y" or professional == "Yes" or professional == "yes": 105 | # clone repo 106 | path = 'Burp-Suite' 107 | isExist = os.path.exists(path) 108 | if isExist: 109 | print(f"{colors.green}[+] It Is Installed{colors.reset}") 110 | try: 111 | professional = input( 112 | f"{colors.blue}[+] Do You Want Run It?(Y/N){colors.reset}") 113 | except KeyboardInterrupt: 114 | return 115 | if professional == "y" or professional == "Y" or professional == "Yes" or professional == "yes": 116 | print( 117 | f"{colors.yellow}[+] Please Wait....{colors.reset}") 118 | os.system( 119 | "cd Burp-Suite && bash installed.sh > /dev/null 2>&1") 120 | else: 121 | os.system( 122 | "git clone https://github.com/hardikhacker/Burp-Suite") 123 | try: 124 | professional = input( 125 | f"{colors.blue}[+] Do You Want Run It?(Y/N){colors.reset}") 126 | except: 127 | template.exit_program() 128 | if professional == "y" or professional == "Y" or professional == "Yes" or professional == "yes": 129 | print( 130 | f"{colors.yellow}[+] Please Wait....{colors.reset}") 131 | os.system( 132 | "cd Burp-Suite && chmod +x * && ./Kali_Linux_Setup.sh > /dev/null 2>&1") 133 | else: 134 | print( 135 | f"{colors.blue}[+] CHECKING OF COMMUNITY VERSION IS INSTALLED OR NOT{colors.reset}") 136 | # check for installation 137 | template.check_installed("burpsuite", "burpsuite") 138 | waiting.waiting() 139 | elif ask == "2": 140 | # first argument for dictionary(key=title,value=url) second argument for banner 141 | writeup.writeup({"Setting up Burpsuite Professional": "https://github.com/THECH13F/Burp-Suite/blob/main/Readme.md","Top 10 tips for burpsuite": "https://medium.com/r3d-buck3t/top-10-tips-for-burp-suite-72212d22328f", "Setting up burbsuite": "https://thexssrat.medium.com/setting-up-burp-suite-b0a6767d3408", "Burp Suite: Do I need the professional edition?": 142 | "https://thexssrat.medium.com/burp-suite-do-i-need-the-professional-edition-bf8c87ce236e", "Burp Suite Extensions to help you Pentest": "https://medium.com/codex/burp-suite-extensions-to-help-you-pentest-97f22a7d7d4d", "FIND MORE resources here": "https://medium.com/search?q=burpsuite"}, "Brup Suit writeup.writeup") 143 | elif ask == "3": 144 | template.uninstall_tool("","burp") 145 | else: 146 | break 147 | 148 | 149 | def owasp_zap(): 150 | os.system("clear") 151 | github = "The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. https://www.owasp.org/index.php/ZAP" 152 | template.template('zaproxy', 'zaproxy', github.strip(), {"How to setup OWASP ZAP to scan your web application for security vulnerabilities": "https://www.linkedin.com/pulse/how-setup-owasp-zap-scan-your-web-application-security-botla/", "Authenticated Scan using OWASP-ZAP in Windows.": "https://medium.com/@secureica/authenticated-scan-using-owasp-zap-f0a71dafe41", 153 | "OWASP ZAP: 6 Key Capabilities and a Quick Tutorial": "https://www.hackerone.com/knowledge-center/owasp-zap-6-key-capabilities-and-quick-tutorial", "Initial Setup": "https://infosecgirls.gitbook.io/infosecgirls-training/v/appsec/initial-setup-with-owasp-zap/untitled", "Setup OWASP ZAP": "https://infosecgirls.gitbook.io/infosecgirls-training/v/appsec/initial-setup-with-owasp-zap/setup-owasp-zap"}) 154 | 155 | 156 | def nessus(): 157 | os.system("clear") 158 | version_grab = github_getting_text("https://www.tenable.com/downloads/nessus?loginAttempted=true", 159 | 'div[class="multi-select__single-value css-1uccc91-singleValue"]', 0).strip() 160 | version = version_grab.strip().replace(" ", "") 161 | github = "Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources.Originally launched as an open source tool in 1998, its enterprise edition became a commercial product in 2005. Nessus now encompasses several products that automate point-in-time vulnerability assessments of a network's attack surface, with the goal of enabling enterprise IT teams to stay ahead of cyber attackers by proactively identifying and fixing vulnerabilities as the tool discovers them, rather than after attackers exploit them.Nessus identifies software flaws, missing patches, malware, denial-of-service vulnerabilities, default passwords and misconfiguration errors, among other potential flaws. When Nessus discovers vulnerabilities, it issues an alert that IT teams can then investigate and determine what -- if any -- further action is required." 162 | template.template("nessus", "nessus", github.strip(), {"How To: Run Your First Vulnerability Scan with Nessus": "https://www.tenable.com/blog/how-to-run-your-first-vulnerability-scan-with-nessus", "A brief introduction to the Nessus vulnerability scanner": "https://resources.infosecinstitute.com/topic/a-brief-introduction-to-the-nessus-vulnerability-scanner/", 163 | "Beginner’s Guide to Nessus": "https://www.hackingarticles.in/beginners-guide-to-nessus/", "Nessus Ubuntu Installation and Tutorial": "https://linuxhint.com/nessus-ubuntu-installation-tutorial/"}, link=f"https://www.tenable.com/downloads/api/v2/pages/nessus/files/{version}-debian10_amd64.deb", method="deb") 164 | 165 | 166 | 167 | def dirb(): 168 | os.system("clear") 169 | github = "DIRB IS a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary basesd attack against a web server and analizing the response" 170 | template.template("dirb", "dirb", github.strip(), {"Dirb — A web content scanner": "https://medium.com/tech-zoom/dirb-a-web-content-scanner-bc9cba624c86", "Footprinting and Reconnaissance with DIRB Tool (For Security Researcher and Bug Bounty Hunters": 171 | "https://www.openbugbounty.org/blog/mas00712/footprinting-and-reconnaissance-with-dirb-tool-for-security-researcher-and-bug-bounty-hunters/", "Comprehensive Guide on Dirb Tool": "https://www.hackingarticles.in/comprehensive-guide-on-dirb-tool/"}) 172 | 173 | 174 | def dirsearch(): 175 | os.system("clear") 176 | github = "As a feature-rich tool, dirsearch gives users the opportunity to perform a complex web content discovering, with many vectors for the wordlist, high accuracy, impressive performance, advanced connection/request settings, modern brute-force techniques and nice output." 177 | template.template("dirsearch", "dirsearch --help ", github.strip(), {"Dirserach helpfile": "https://www.kali.org/tools/dirsearch/", 178 | "Find Hidden Web Directories with Dirsearch ": "https://null-byte.wonderhowto.com/how-to/find-hidden-web-directories-with-dirsearch-0201615/", }) 179 | 180 | 181 | def wapiti(): 182 | os.system("clear") 183 | github = github_getting_text("https://wapiti-scanner.github.io/", 'p', 6) 184 | github = re.sub(r'\s+', ' ', github).strip() 185 | template.template("wapiti", "wapiti", github.strip(), {"wapiti free web application vulnerability scanner": "https://pentestit.medium.com/wapiti-free-web-application-vulnerability-scanner-ce7712adf644", "Official docs": "https://github.com/wapiti-scanner/wapiti", "wapiti tutorial": 186 | "https://www.kalilinux.in/2021/01/wapiti-tutorial.html", "complete guide to using wapiti web vulnerability scanner to keep your web applications websites secure": "https://linuxsecurity.com/features/complete-guide-to-using-wapiti-web-vulnerability-scanner-to-keep-your-web-applications-websites-secure"}) 187 | 188 | 189 | if __name__ == "__main__": 190 | main() 191 | -------------------------------------------------------------------------------- /main/tools/Wireless_Hacking.py: -------------------------------------------------------------------------------- 1 | from bs4 import BeautifulSoup 2 | from main.tools import banner, colors, template 3 | import os 4 | import requests 5 | from bs4 import BeautifulSoup 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Wireless Hacking") 13 | list_attacks = ["Kismet\t\t(Recommended)", "Wifite", "Fern Wifi Cracker", 14 | "Aircrack-ng\t\t(Recommended)", "Fluxion", "Wifiphisher\t\t(Recommended)", "go back"] 15 | for i in range(len(list_attacks)): 16 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 17 | try: 18 | option = input( 19 | f"\n {colors.select}Select An Option ->{colors.reset} ") 20 | except KeyboardInterrupt: 21 | return 22 | if option == "1": 23 | print("\n[+] Kismet") 24 | kismet() 25 | elif option == "2": 26 | print("\n[+] Wifite") 27 | wifite() 28 | elif option == "3": 29 | print("\n[+] Fern Wifi Cracker") 30 | fernwificracker() 31 | elif option == "4": 32 | print("\n[+] Aircrack-ng") 33 | aircrack_ng() 34 | elif option == "5": 35 | print("\n[+] Fluxion") 36 | fluxion() 37 | elif option == "6": 38 | print("\n[+] Wifiphisher") 39 | wifiphisher() 40 | else: 41 | return 42 | 43 | 44 | def github_getting_text(link, selector, indexvalue): 45 | print("Please Wait....\r", end="") 46 | URL = link 47 | try: 48 | r = requests.get(URL) 49 | soup = BeautifulSoup(r.content, 'html.parser') 50 | paras = soup.select(selector) 51 | # check index value from test file 52 | return paras[indexvalue].text 53 | except: 54 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 55 | 56 | def kismet(): 57 | github = github_getting_text( 58 | "https://www.kismetwireless.net/docs/readme/intro/kismet/", 'p', 1) 59 | template.template("kismet", "kismet", github.strip(), {"Kismet -- WiFi Sniffer": "https://www.kalilinux.in/2019/02/kismet-wifi-sniffer.html", "Use Kismet to Watch Wi-Fi User Activity": "https://null-byte.wonderhowto.com/how-to/use-kismet-watch-wi-fi-user-activity-through-walls-0182214/", 60 | "HACKING WIFI USING KISMET": "https://www.bookofnetwork.com/hacking-tutorials/Kismet-Wireless", "How To Use Kismet Kali Linux?": "https://www.systranbox.com/how-to-use-kismet-kali-linux/"}) 61 | 62 | def wifite(): 63 | github = github_getting_text( 64 | "https://www.kali.org/tools/wifite/", 'p', 1) 65 | template.template("wifite", "wifite -h", github.strip(), {"Wifite walkthrough Part-1": "https://resources.infosecinstitute.com/topic/wifite-walkthrough-part-1/", "Wifite walkthrough Part-2": "https://resources.infosecinstitute.com/topic/wifite-walkthrough-part-2/", 66 | "Wireless pentesting with Wifite": "https://www.hackingarticles.in/wireless-penetration-testing-wifite/", "Wifite - Automated Wifi hacking tool": "https://kalitut.com/wifite-automated-wi-fi-hacking-tool/"}) 67 | 68 | def fernwificracker(): 69 | github = "Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library. The program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks." 70 | template.template("fern-wifi-cracker", "fern-wifi-cracker", github.strip(), {"What is Fern Wifi Cracker": "https://www.kalilinux.in/2020/09/fern-wifi-cracker.html", "Hacking Wifi networks using Fern Wifi Cracker": "https://www.studocu.com/en-au/document/western-sydney-university/it-product-support-and-services/fern-wifi-cracker-hacking-wifi-networks-using-fern-wifi-cracker-easily/10772514", 71 | "Wireless penetration testing - Fern ": "https://www.hackingarticles.in/wireless-penetration-testing-fern/", "Cracking wifi passwords using Fern": "https://hacking84.rssing.com/chan-13108703/article238.html"}) 72 | 73 | def aircrack_ng(): 74 | github = github_getting_text( 75 | "https://www.kali.org/tools/aircrack-ng/", 'p', 32) 76 | template.template("aircrack-ng", "aircrack-ng", github.strip(), {"How to use Aircrack-ng": "https://linuxhint.com/how_to_aircrack_ng/", "Aircrack-ng Practical Demonstration Tutorial": "https://techofide.com/blogs/how-to-use-aircrack-ng-aircrack-ng-tutorial-practical-demonstration/", 77 | "Hacking the wireless network in 5 simple steps": "https://www.hackingloops.com/how-to-use-aircrack-kali/", "Crack WPA/WPA2 WiFi Passwords using Aircrack-ng & Kali Linux": "https://nooblinux.com/crack-wpa-wpa2-wifi-passwords-using-aircrack-ng-kali-linux/"}) 78 | 79 | def fluxion(): 80 | github = github_getting_text( 81 | "https://fluxionnetwork.github.io/fluxion/", 'p', 1) 82 | template.template("fluxion", "./fluxion.sh", github.strip(), {"Fluxion kali linux tutorial": "https://linuxhint.com/fluxion-kali-linux-tutorial/", "Fluxion - Wifi security auditing tool": "https://www.hackingloops.com/fluxion/", "Fluxion -- Crack WiFi Passwords in Minutes": "https://www.kalilinux.in/2020/07/fluxion-kali-linux-crack-wifi.html", 83 | "Cracking WPA/WPA2 Passwords in Minutes with Fluxion": "https://gbhackers.com/cracking-wpawpa2-passwords-fluxion/amp/", "Wireless Penetration Testing: Fluxion": "https://www.hackingarticles.in/wireless-penetration-testing-fluxion/", "Fluxion in Kali Linux usage": "https://www.cyberpratibha.com/blog/fluxion-wpa-wpa2-hacking/"},method="github", github_install="git clone https://github.com/FluxionNetwork/fluxion.git && cd fluxion", github_check="fluxion") 84 | 85 | def wifiphisher(): 86 | github = github_getting_text("https://wifiphisher.org/", 'p', 0) 87 | template.template("wifiphisher", "wifiphisher -h", github.strip(), {"WiFi Exploitation with WifiPhisher": "https://www.hackingarticles.in/wifi-exploitation-wifiphisher/", "wifiphisher Description": "https://en.kali.tools/?p=90", "Read Team engagement on Wifi with Wifiphisher": "https://whitehatinstitute.com/conduct-red-team-engagements-on-wifi-with-wifiphisher/", 88 | "Wireless Hacking with WifiPhisher": "https://cntemngwa.medium.com/wireless-hacking-with-wifiphisher-d4b857414146", "WifiPhisher – WiFi Crack and Phishing Framework": "https://latesthackingnews.com/2018/10/02/wifiphisher-wifi-crack-and-phishing-framework/", "Wifiphisher Evil Twin Attack": "https://kalitut.com/wifiphisher-evil-twin-attack/"}) 89 | 90 | 91 | if __name__ == '__main__': 92 | main() 93 | -------------------------------------------------------------------------------- /main/tools/__init__.py: -------------------------------------------------------------------------------- 1 | __all__=["template","forensic","Configuration_Management","Framework","Anonymity","Secure_Transmission","colors","banner","waiting","Exploitation_Tools","information_gathering","Password_Hacking","Pentesting_Bug_Bounty","PostExploitationAttacks","run_on_browser","Vulnerability_Analysis","WEB_Application_Analysis","Wireless_Hacking","Sniffing_and_Spoofing"] 2 | -------------------------------------------------------------------------------- /main/tools/banner.py: -------------------------------------------------------------------------------- 1 | from main.tools import colors 2 | import random 3 | def main(): 4 | print(selected_banner) 5 | # print(''' 6 | # \u001b[31m 7 | # ██████ ██ ██ ██████ ███████ ██████ ██████ ███ ██ ██ ██ ██ 8 | # ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██ ██ 9 | # ██ ████ ██████ █████ ██████ ██ ██ ██ ██ ██ ██ ███ 10 | # ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ 11 | # ██████ ██ ██████ ███████ ██ ██ ██████ ██ ████ ██ ██ ██ 12 | # v3.0 13 | # \033[38;5;81mBy Team Defronix 14 | 15 | # ''') 16 | # print("\u001b[37m--------------------------------------------------------------------------------") 17 | print("\t\t\033[38;5;226mA Complete Resource Hub For Cyber Security Community") 18 | print("\u001b[37m--------------------------------------------------------------------------------") 19 | def attack(name): 20 | print(f"\u001b[32m\t\t\t\t{name}") 21 | print("\u001b[37m--------------------------------------------------------------------------------") 22 | def wrap_text(text, width=80): 23 | wrapped_text = [] 24 | lines = text.split(" ") 25 | line = "" 26 | for word in lines: 27 | if len(line) + len(word) <= width: 28 | line += word + " " 29 | else: 30 | wrapped_text.append(line) 31 | line = word + " " 32 | wrapped_text.append(line) 33 | return "\n".join(wrapped_text) 34 | def description(Description): 35 | print(f"\033[1m\u001b[37mDescription:{colors.reset}\033[38;5;226m") 36 | print(wrap_text(Description)) 37 | print("\u001b[37m--------------------------------------------------------------------------------") 38 | 39 | # For the cybronix devs improvise the code accordingly 40 | def pick_banner(): 41 | colors = ['\033[91m','\033[92m','\033[93m','\033[94m','\033[95m','\033[96m' ] 42 | RESET = '\033[0m' 43 | banner = [ 44 | 45 | """ 46 | e88~-_ 888 ,e, 47 | d888 \ Y88b / 888-~88e e88~~8e 888-~\ e88~-_ 888-~88e " Y88b / 48 | 8888 Y888/ 888 888b d888 88b 888 d888 i 888 888 888 Y88b/ 49 | 8888 Y8/ 888 8888 8888__888 888 8888 | 888 888 888 Y88b 50 | Y888 / Y 888 888P Y888 , 888 Y888 ' 888 888 888 /Y88b 51 | "88_-~ / 888-_88" "88___/ 888 "88_-~ 888 888 888 / Y88b 52 | _/ v3.0 53 | \033[38;5;81mBy Team Defronix 54 | """, 55 | 56 | 57 | 58 | """ 59 | 60 | █████████ █████ ███ 61 | ███░░░░░███ ░░███ ░░░ 62 | ███ ░░░ █████ ████ ░███████ ██████ ████████ ██████ ████████ ████ █████ █████ 63 | ░███ ░░███ ░███ ░███░░███ ███░░███░░███░░███ ███░░███░░███░░███ ░░███ ░░███ ░░███ 64 | ░███ ░███ ░███ ░███ ░███░███████ ░███ ░░░ ░███ ░███ ░███ ░███ ░███ ░░░█████░ 65 | ░░███ ███ ░███ ░███ ░███ ░███░███░░░ ░███ ░███ ░███ ░███ ░███ ░███ ███░░░███ 66 | ░░█████████ ░░███████ ████████ ░░██████ █████ ░░██████ ████ █████ █████ █████ █████ 67 | ░░░░░░░░░ ░░░░░███ ░░░░░░░░ ░░░░░░ ░░░░░ ░░░░░░ ░░░░ ░░░░░ ░░░░░ ░░░░░ ░░░░░ 68 | ███ ░███ v3.0 69 | ░░██████ \033[38;5;81mBy Team Defronix 70 | ░░░░░░ 71 | """ 72 | , 73 | """ 74 | _____ _____ 75 | ( ___ )----------------------------------------------------------------( ___ ) 76 | | | | | 77 | | | ____ _ _ | | 78 | | | / ___| _ _ | |__ ___ _ __ ___ _ __ (_) __ __ | | 79 | | | | | | | | | | '_ \ / _ \ | '__| / _ \ | '_ \ | | \ \/ / | | 80 | | | | |___ | |_| | | |_) | | __/ | | | (_) | | | | | | | > < | | 81 | | | \____| \__, | |_.__/ \___| |_| \___/ |_| |_| |_| /_/\_\ | | 82 | | | |___/ | | 83 | |___| |___| 84 | (_____)----------------------------------------------------------------(_____) 85 | \033[38;5;81mBy Team Defronix v3.0 86 | 87 | """, 88 | 89 | ''' 90 | \u001b[31m 91 | ██████ ██ ██ ██████ ███████ ██████ ██████ ███ ██ ██ ██ ██ 92 | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██ ██ 93 | ██ ████ ██████ █████ ██████ ██ ██ ██ ██ ██ ██ ███ 94 | ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ 95 | ██████ ██ ██████ ███████ ██ ██ ██████ ██ ████ ██ ██ ██ 96 | v3.0 97 | \033[38;5;81mBy Team Defronix 98 | 99 | ''' 100 | ] 101 | 102 | def color_style_text(color, text): 103 | return (color + text + RESET) 104 | 105 | banner_s = color_style_text(random.choice(colors),random.choice(banner)) 106 | return banner_s 107 | 108 | selected_banner = pick_banner() 109 | -------------------------------------------------------------------------------- /main/tools/colors.py: -------------------------------------------------------------------------------- 1 | options="\033[38;5;82m" 2 | reset="\033[38;0;0m" 3 | select="\033[38;5;87m" 4 | blue="\033[38;5;27m" 5 | red="\033[38;5;196m" 6 | light_blue="\033[38;5;39m" 7 | yellow="\033[38;5;226m" 8 | green="\033[38;5;40m" 9 | purple="\033[38;5;165m" 10 | -------------------------------------------------------------------------------- /main/tools/dos.py: -------------------------------------------------------------------------------- 1 | from bs4 import BeautifulSoup 2 | from main.tools import banner, colors, template 3 | import os 4 | import requests 5 | from bs4 import BeautifulSoup 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("Deniel of Service Attack") 13 | list_attacks = [ 14 | "GoldenEye", 15 | "SlowHTTPTest", 16 | "THC-SSL-DOS", 17 | "Slowloris", 18 | "go back", 19 | ] 20 | for i in range(len(list_attacks)): 21 | print(colors.options, f"{i+1}) {list_attacks[i]}".title(), colors.reset) 22 | try: 23 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 24 | except KeyboardInterrupt: 25 | return 26 | if option == "1": 27 | print("\n[+] GoldenEye") 28 | goldeneye() 29 | # method=kali 30 | elif option == "2": 31 | print("\n[+] Slowhttptest") 32 | slowhttptest() 33 | # method is kali 34 | elif option == "3": 35 | print("\n[+] THC-SSL-DOS") 36 | thc_ssl_dos() 37 | # method is kali 38 | elif option == "4": 39 | print("\n[+] SlowLoris") 40 | slowloris() 41 | 42 | else: 43 | return 44 | 45 | 46 | def github_getting_text(link, selector, indexvalue): 47 | print("Please Wait....\r", end="") 48 | URL = link 49 | try: 50 | r = requests.get(URL) 51 | soup = BeautifulSoup(r.content, "html.parser") 52 | paras = soup.select(selector) 53 | # check index value from test file 54 | return paras[indexvalue].text 55 | except: 56 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 57 | 58 | def slowloris(): 59 | github = "Slowloris is a Low bandwidth HTTP Denial of Service attack that affects threaded servers" 60 | template.template( 61 | "slowloris", 62 | "slowloris.py -h", 63 | github.strip(), 64 | { 65 | "Slowloris DDOS Attack Tool in Kali Linux": "https://www.geeksforgeeks.org/slowloris-ddos-attack-tool-in-kali-linux/", 66 | "What is Slowloris?": "https://www.imperva.com/learn/ddos/slowloris/", 67 | "Performing a genuine slowloris attack": "https://ourcodeworld.com/articles/read/962/performing-a-genuine-slowloris-attack-slowhttp-of-indefinite-length-in-kali-linux", 68 | },) 69 | def thc_ssl_dos(): 70 | github_p1 = github_getting_text( 71 | "https://www.kali.org/tools/thc-ssl-dos/", "p", 1 72 | ) 73 | github_p2= github_getting_text("https://www.kali.org/tools/thc-ssl-dos/", "p", 2) 74 | github_p3= github_getting_text("https://www.kali.org/tools/thc-ssl-dos/", "p", 3) 75 | github = github_p1.strip().replace("\n", "").replace("\t", "")+github_p2.strip().replace("\n", "").replace("\t", "")+github_p3.strip().replace("\n", "").replace("\t", "") 76 | template.template( 77 | "thc-ssl-dos", 78 | "thc-ssl-dos -h", 79 | github.strip(), 80 | { 81 | "THC-SSL DoS": "https://www.radware.com/security/ddos-knowledge-center/ddospedia/thc-ssl-dos/", 82 | "thc-ssl-dos Usage Example": "https://www.kali.org/tools/thc-ssl-dos/", 83 | "THC-SSL-DOS – DoS Tool Against Secure Web-Servers and for Testing SSL-Renegotiation": "https://kalilinuxtutorials.com/thc-ssl-dos/", 84 | "The THC SSL DoS Threat": "https://resources.infosecinstitute.com/topic/thc-ssl-dos-threat/", 85 | }, 86 | ) 87 | def slowhttptest(): 88 | github_p1 = github_getting_text( 89 | "https://www.kali.org/tools/slowhttptest/", "p", 1 90 | ) 91 | github = github_p1.strip().replace("\n", "").replace("\t", "") 92 | template.template( 93 | "slowhttptest", 94 | "slowhttptest -h", 95 | github.strip(), 96 | { 97 | 'How to perform a DoS attack "Slow HTTP" with SlowHTTPTest': "https://ourcodeworld.com/articles/read/949/how-to-perform-a-dos-attack-slow-http-with-slowhttptest-test-your-server-slowloris-protection-in-kali-linux", 98 | "slowhttptest Usage Example": "https://www.kali.org/tools/slowhttptest/", 99 | "DoS website using slowhttptest in Kali Linux ": "https://www.blackmoreops.com/2015/06/07/attack-website-using-slowhttptest-in-kali-linux/", 100 | "Kali Linux - Stressing Tools": "https://www.tutorialspoint.com/kali_linux/kali_linux_stressing_tools.htm", 101 | "How to perform SlowHTTPtest DOS attack ": "https://support.tetcos.com/support/solutions/articles/14000130254-how-to-perform-slowhttptest-dos-attack-through-netsim-emulator-", 102 | }, 103 | ) 104 | def goldeneye(): 105 | github_p1 = github_getting_text( 106 | "https://www.kali.org/tools/goldeneye/", "p", 0 107 | 108 | 109 | ) 110 | github = github_p1.strip().replace("\n", "").replace("\t", "") 111 | template.template( 112 | "goldeneye", 113 | "goldeneye -h", 114 | github.strip(), 115 | { 116 | "Goldeneye DDos Tool in Kali Linux": "https://www.geeksforgeeks.org/goldeneye-ddos-tool-in-kali-linux/", 117 | "Golden Eye DDoS Tool: Installation and Tool usage with examples": "https://allabouttesting.org/golden-eye-ddos-tool-installation-and-tool-usage-with-examples/", 118 | "DoS website in Kali Linux using GoldenEye": "https://en.iguru.gr/odigos-epitheseon-ddos-goldeneye/", 119 | "DoS website with GoldenEye - Layer 7 DoS tool": "https://www.darkmoreops.com/2014/11/22/dos-website-with-goldeneye/", 120 | }, 121 | ) 122 | if __name__ == "__main__": 123 | main() 124 | -------------------------------------------------------------------------------- /main/tools/forensic.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, colors, template 2 | import os 3 | import requests 4 | from bs4 import BeautifulSoup 5 | 6 | 7 | def main(): 8 | while True: 9 | os.system("clear") 10 | banner.main() 11 | banner.attack("Digital Forensic Tools") 12 | list_attacks=["Autopsy","Binwalk","Hashdeep","Bulk Extractor","Go Back"] 13 | for i in range(len(list_attacks)): 14 | print(colors.options,f"{i+1}) {list_attacks[i]}".title(),colors.reset) 15 | try: 16 | option = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 17 | except KeyboardInterrupt: 18 | template.exit_program() 19 | if option == "1": 20 | print("\n[+] Autopsy") 21 | autopsy() 22 | elif option == "2": 23 | print("\n[+] Binwalk") 24 | binwalk() 25 | elif option == "3": 26 | print("\n[+] Hashdeep") 27 | hashdeep() 28 | elif option == "4": 29 | print("\n[+] Bulk Extractor") 30 | bulk_extractor() 31 | else: 32 | return 33 | 34 | def autopsy(): 35 | os.system("clear") 36 | github = "The Autopsy Forensic Browser is a graphical interface to the command line digital forensic analysis tools in The Sleuth Kit. Together, The Sleuth Kit and Autopsy provide many of the same features as commercial digital forensics tools for the analysis of Windows and UNIX file systems (NTFS, FAT, FFS, EXT2FS, and EXT3FS)." 37 | template.template( 38 | "autopsy", 39 | "autopsy", 40 | github.strip(), 41 | {"Forensic Autopsy":"https://www.ncbi.nlm.nih.gov/books/NBK539901/", 42 | "Autopsy – Cyber Forensic Browser in Kali Linux": "https://www.geeksforgeeks.org/autopsy-cyber-forensic-browser-in-kali-linux/", 43 | "TryHackMe Autopsy Write-Up":"https://medium.com/@laupeiip/tryhackme-autopsy-write-up-98fad3e98e8b", 44 | }, 45 | ) 46 | def bulk_extractor(): 47 | os.system("clear") 48 | github = """bulk_extractor is a C++ program that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. The results are stored in feature files that can be easily inspected, parsed, or processed with automated tools. bulk_extractor also creates histograms of features that it finds, as features that are more common tend to be more important.""" 49 | template.template( 50 | "bulk-extractor", 51 | "bulk_extractor", 52 | github.strip(), 53 | {"cheat sheet": "https://www.kalilinux.in/2020/01/bulk-extractor-kali-linux-forensics.html", 54 | "Extracting Forensic Data from a Device Using Bulk Extractor":"https://www.researchgate.net/publication/350502325_Extracting_Forensic_Data_from_a_Device_Using_Bulk_Extractor", 55 | "USER MANUAL":"https://digitalcorpora.s3.amazonaws.com/downloads/bulk_extractor/BEUsersManual.pdf", 56 | "Using Bulk_extractor":"https://www.oreilly.com/library/view/digital-forensics-with/9781788625005/576053c4-24b9-42d5-a822-d44dbe05647c.xhtml", 57 | }, 58 | ) 59 | 60 | 61 | def binwalk(): 62 | os.system("clear") 63 | github = "Binwalk is a popular open-source tool used in digital forensics and cybersecurity for analyzing, extracting, and identifying various file types embedded within firmware images and binary files. It is particularly useful for examining firmware images such as those found in embedded devices like routers, IoT devices, and other hardware." 64 | template.template( 65 | "binwalk", 66 | "binwalk", 67 | github.strip(), 68 | {"cheat sheet": "https://gbhackers.com/analyzing-embedded-files-and-executable-code-with-frimware-images-binwalk/", 69 | "Analysing and extracting firmware using Binwalk":"https://fr3ak-hacks.medium.com/analysing-and-extracting-firmware-using-binwalk-982012281ff6", 70 | "Reverse engineering my router's firmware with binwalk":"https://sergioprado.blog/reverse-engineering-router-firmware-with-binwalk/", 71 | 72 | }, 73 | ) 74 | 75 | def hashdeep(): 76 | os.system("clear") 77 | github = "hashdeep is a set of tools to compute MD5, SHA1, SHA256, tiger and whirlpool hashsums of arbitrary number of files recursively." 78 | template.template( 79 | "hashdeep", 80 | "hashdeep -h", 81 | github.strip(), 82 | {"cheat sheet":"https://www.codecnetworks.com/blog/hashdeep-chfi-forensics-tool/", 83 | "Hashdeep -File Integrity Checker ( CHFI Forensics tool )":"https://www.codecnetworks.com/blog/hashdeep-chfi-forensics-tool/", 84 | "Verify File Integrity with Hashdeep":"https://geekthis.net/post/file-integrity-with-hashdeep/", 85 | }, 86 | ) 87 | if __name__=='__main__': 88 | main() 89 | -------------------------------------------------------------------------------- /main/tools/html5.py: -------------------------------------------------------------------------------- 1 | from bs4 import BeautifulSoup 2 | from main.tools import banner, template, colors 3 | import os 4 | import requests 5 | from bs4 import BeautifulSoup 6 | 7 | 8 | def main(): 9 | while True: 10 | os.system("clear") 11 | banner.main() 12 | banner.attack("HTML5") 13 | list_vulns = [ 14 | "WEB Messaging", 15 | "WEB Storage SQL Injection", 16 | "CORS Implementation", 17 | "Go back", 18 | ] 19 | for i in range(len(list_vulns)): 20 | print(colors.options, f"{i+1}) {list_vulns[i]}".title(), colors.reset) 21 | try: 22 | vulns = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 23 | except KeyboardInterrupt: 24 | return 25 | if vulns == "1": 26 | github = "Web messaging is the ability to send realtime messages from the server to the client browser. It overrides the cross domain communication problem in different domains, protocols or ports" 27 | template.template( 28 | "WEB Messaging", 29 | "no-tools", 30 | github.strip(), 31 | { 32 | "HTML5 - Web messaging": "https://www.tutorialspoint.com/html5/html5_web_messaging.htm", 33 | "Testing Web Messaging": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging", 34 | "Web message manipulation": "https://portswigger.net/web-security/dom-based/web-message-manipulation", 35 | "HTML5 Security: Cross Domain Messaging": "https://resources.infosecinstitute.com/topic/html5-security-cross-domain-messaging/", 36 | "Testing for DOM XSS using web messages": "https://portswigger.net/burp/documentation/desktop/tools/dom-invader/web-messages", 37 | }, 38 | ) 39 | 40 | elif vulns == "2": 41 | github = "SQL injection testing checks if it is possible to inject data into the application so that it executes a user-controlled SQL query in the database. Testers find a SQL injection vulnerability if the application uses user input to create SQL queries without proper input validation. " 42 | template.template( 43 | "WEB Storage SQL Injection", 44 | "no-tools", 45 | github.strip(), 46 | { 47 | "Testing Browser Storage": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/11-Client_Side_Testing/12-Testing_Browser_Storage", 48 | "Testing for SQL Injection": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05-Testing_for_SQL_Injection", 49 | "Client-side SQL injection": "https://portswigger.net/kb/issues/00200332_client-side-sql-injection-stored-dom-based", 50 | "Secure Implementation of HTML5's Web SQL Database": "https://code.google.com/archive/p/html5security/wikis/WebSQLDatabaseSecurity.wiki", 51 | }, 52 | ) 53 | 54 | elif vulns == "3": 55 | github = "Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served." 56 | template.template( 57 | "CORS implementation", 58 | "no-tools", 59 | github.strip(), 60 | { 61 | "What is Web CORS in HTML5 ?": "https://www.geeksforgeeks.org/what-is-web-cors-in-html5/", 62 | "Cross-origin resource sharing (CORS)": "https://portswigger.net/web-security/cors", 63 | "Testing Cross Origin Resource Sharing": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/07-Testing_Cross_Origin_Resource_Sharing", 64 | "CORS Misconfiguration": "https://systemweakness.com/first-bug-bounty-program-found-cors-cross-origin-resource-sharing-misconfiguration-52c1bd3ebfe0", 65 | "Advanced CORS Exploitation Techniques": "https://infosecwriteups.com/think-outside-the-scope-advanced-cors-exploitation-techniques-dad019c68397", 66 | "Exploiting CORS misconfigurations for Bitcoins and bounties": "https://portswigger.net/research/exploiting-cors-misconfigurations-for-bitcoins-and-bounties", 67 | "CORS - Misconfigurations & Bypass": "https://book.hacktricks.xyz/pentesting-web/cors-bypass", 68 | "CORS Misconfiguration": "https://0xn3va.gitbook.io/cheat-sheets/web-application/cors-misconfiguration", 69 | }, 70 | ) 71 | else: 72 | return 73 | 74 | 75 | def github_getting_text(link, selector, indexvalue): 76 | print("Please Wait....\r", end="") 77 | URL = link 78 | try: 79 | r = requests.get(URL) 80 | soup = BeautifulSoup(r.content, "html.parser") 81 | paras = soup.select(selector) 82 | # check index value from test file 83 | return paras[indexvalue].text 84 | except: 85 | return f"{colors.red}Not Loaded Because No Internet Connection{colors.reset}" 86 | 87 | 88 | if __name__ == "__main__": 89 | main() 90 | -------------------------------------------------------------------------------- /main/tools/run_on_browser.py: -------------------------------------------------------------------------------- 1 | import os 2 | def main(URL): 3 | # print("[+] Opening url") 4 | print("[+] Opening.....") 5 | user=os.getlogin() 6 | if "root" in user: 7 | os.system(f"firefox {URL} > /dev/null 2>&1" ) 8 | else: 9 | os.system(f"sudo chown root:root /run/user/{user}/gdm/Xauthority > /dev/null 2>&1") 10 | os.system(f"sudo chown root:root /home/{user}/.Xauthority > /dev/null 2>&1") 11 | os.system(f"firefox {URL} > /dev/null 2>&1") 12 | os.system(f"sudo chown {user}:{user} /run/user/{user}/gdm/Xauthority > /dev/null 2>&1") 13 | os.system(f"sudo chown {user}:{user} /home/{user}/.Xauthority > /dev/null 2>&1") -------------------------------------------------------------------------------- /main/tools/template.py: -------------------------------------------------------------------------------- 1 | from main.tools import banner, waiting, writeup, colors, run_on_browser, Recommended_Tool 2 | import os 3 | import subprocess 4 | import threading 5 | 6 | 7 | class template: 8 | def __init__( 9 | self, 10 | name, 11 | command, 12 | discription, 13 | writeups, 14 | link="", 15 | method="kali", 16 | github_install="", 17 | github_check="", 18 | ): 19 | self.name = name 20 | self.command = command 21 | self.method = method 22 | self.discription = discription 23 | self.writeup = writeups 24 | self.link = link 25 | self.github_install = github_install 26 | self.github_check = github_check 27 | 28 | while True: 29 | os.system("clear") 30 | banner.main() 31 | banner.attack(self.name) 32 | if command!="no-tools": 33 | banner.description(self.discription) 34 | else: 35 | writeup.writeup(self.writeup,self.name) 36 | break 37 | ask = tool_writeups(self.name,self.writeup, self.command) 38 | if ask == "1": 39 | if self.command == "no-tools": 40 | break 41 | else: 42 | if method == "kali": 43 | check_installed(self.name, self.command) 44 | waiting.waiting() 45 | elif method == "go": 46 | which_check(self.name, self.link, self.command) 47 | waiting.waiting() 48 | elif method == "pip": 49 | pip_install(self.name, self.command) 50 | waiting.waiting() 51 | 52 | elif method == "deb": 53 | deb_install(self.name, self.command, self.link) 54 | elif method == "browser": 55 | threading.Thread( 56 | target=run_on_browser.main, 57 | args=(self.command,) 58 | ).start() 59 | elif method == "github": 60 | if not os.path.isdir("Tools"): 61 | os.system("mkdir Tools") 62 | if os.path.exists(f"Tools/{self.github_check}"): 63 | print(f"{colors.green}[+] Installed") 64 | run = input( 65 | f"{colors.blue}[+] Do You Want To Run?(y/n):{colors.reset}" 66 | ) 67 | if run.lower() == "yes" or run.lower() == "y": 68 | 69 | #os.system(f"cd Tools/{self.github_check} && {self.command}") 70 | Recommended_Tool.recommended(name=name) 71 | 72 | else: 73 | print(f"{colors.red}[-] Not Installed{colors.reset}") 74 | installed = input( 75 | f"{colors.blue}Do You Want To Install The Tool?(y/n):{colors.reset}" 76 | ) 77 | if installed.lower() == "y" or installed.lower() == "yes": 78 | os.system(f"cd Tools && {self.github_install}") 79 | path = check_path(self.github_check) 80 | print(f"\nInstalled folder path : {path}") 81 | run = input( 82 | f"{colors.blue}[+] Do You Want To Run?(y/n):{colors.reset}" 83 | ) 84 | if run.lower() == "yes" or run.lower() == "y": 85 | #os.system(f"cd Tools/{self.github_check} && {self.command}") 86 | Recommended_Tool.recommended(name=name) 87 | 88 | waiting.waiting() 89 | elif ask == "2": 90 | if self.writeup == "no-writeups": 91 | pass 92 | else: 93 | writeup.writeup(self.writeup, self.name) 94 | elif ask == "3": 95 | if method == "github": 96 | uninstall_tool(method, self.github_check) 97 | else: 98 | uninstall_tool(method,name) 99 | else: 100 | break 101 | 102 | 103 | def check_path(name): 104 | def find_folder(folder_name, root_folder="/"): 105 | for folder, subfolders, files in os.walk(root_folder): 106 | if folder_name in subfolders: 107 | return os.path.join(folder, folder_name) 108 | return "Folder not found" 109 | #folder_name = input("Enter the name of the folder you want to find: ") 110 | folder_name = name 111 | folder_path = find_folder(folder_name) 112 | #print("Folder Path:", folder_path) 113 | return folder_path 114 | 115 | def uninstall_tool(method,name): 116 | if method == "kali": 117 | run = input(f"\033[1m{colors.red}[+] Do You Want To Uninstall the Tool?(y/n):{colors.reset}") 118 | if run.lower() == "y" or run.lower() == "yes": 119 | os.system(f"sudo apt remove {name}") 120 | elif method == "go" : 121 | run = input(f"\033[1m{colors.red}[+] Do You Want To Uninstall the Tool?(y/n):{colors.reset}") 122 | if run.lower() == "y" or run.lower() == "yes": 123 | os.system(f"rm -rf ~/go/bin/{name}") 124 | elif method == "pip": 125 | run = input(f"\033[1m{colors.red}[+] Do You Want To Uninstall the Tool?(y/n):{colors.reset}") 126 | if run.lower() == "y" or run.lower() == "yes": 127 | os.system(f"pip uninstall {name}") 128 | elif method == "deb": 129 | run = input(f"\033[1m{colors.red}[+] Do You Want To Uninstall the Tool?(y/n):{colors.reset}") 130 | if run.lower() == "y" or run.lower() == "yes": 131 | os.system(f"sudo dpkg --purge {name}") 132 | elif method == "github": 133 | run = input(f"\033[1m{colors.red}[+] Do You Want To Github Uninstall the Tool?(y/n):{colors.reset}") 134 | if run.lower() == "y" or run.lower() == "yes": 135 | 136 | print("Uninstallation...") 137 | folder_path = check_path(name) 138 | os.system(f'rm -rf {folder_path}') 139 | waiting.waiting() 140 | elif name == "burp": 141 | print(f"{colors.blue}[+]1. Do You Want Uninstall Professional Version?{colors.reset}") 142 | print(f"{colors.blue}[+]2. Do You Want Uninstall COMMUNITY VERSION?{colors.reset}") 143 | run = input(f"\033[1m{colors.red}[+] press 1 for Professional Version and 2 for COMMUNITY VERSION : {colors.reset}") 144 | if run == "1": 145 | print("Uninstallation...") 146 | folder_path = check_path("Burp-Suite") 147 | os.system(f'rm -rf {folder_path}') 148 | waiting.waiting() 149 | if run == "2": 150 | print("Uninstallation...") 151 | os.system("sudo apt remove burpsuite") 152 | waiting.waiting() 153 | 154 | def load_banner(name): 155 | os.system("clear") 156 | banner.main() 157 | banner.attack(name) 158 | def tool_writeups(name,check="no-writeups", tool_check="no-tools"): 159 | if tool_check != "no-tools": 160 | print(f"{colors.options}1) Launch") 161 | if check != "no-writeups": 162 | print(f"2) Write Ups") 163 | if check != "uninstall-tool": 164 | print(f"3) Uninstall ") 165 | print(f"4) Go Back..") 166 | try: 167 | ask = input(f"\n {colors.select}Select An Option ->{colors.reset} ") 168 | except KeyboardInterrupt: 169 | return 170 | return ask 171 | def exit_program(): 172 | os.system("clear") 173 | banner.main() 174 | print("\033[38;5;105m", "[+] Thanks visit again".title()) 175 | exit() 176 | 177 | def check_installed(name, run_arg): 178 | proc = subprocess.Popen( 179 | [f"dpkg -s {name} 2>> {os.path.dirname(__file__)}\\logs.txt "], stdout=subprocess.PIPE, shell=True 180 | ) 181 | (there, notthere) = proc.communicate() 182 | if "install ok installed" not in there.decode(): 183 | print(f"\n{colors.red}[+] Not Installed") 184 | try: 185 | install = input( 186 | f"{colors.blue}Do You Want To Install The Tool?(y/n):{colors.reset}" 187 | ) 188 | except KeyboardInterrupt: 189 | return 190 | if install.lower() == "yes" or install.lower() == "y": 191 | os.system(f"apt install {name} -y") 192 | path = check_path(name) 193 | print(f"\nInstalled folder path : {path}") 194 | try: 195 | download = input( 196 | f"{colors.blue}Do You Want To Run The Tool?(y/n):{colors.reset}" 197 | ) 198 | except KeyboardInterrupt: 199 | return 200 | if ( 201 | download == "y" 202 | or download == "Y" 203 | or download == "Yes" 204 | or download == "yes" 205 | ): 206 | if run_arg == "kismet": 207 | threading.Thread(target=thread_run, args=(run_arg,)).start() 208 | print( 209 | f"[+] {run_arg} is started at address: http://localhost:2501 (or the address of this system) for the Kismet UI" 210 | ) 211 | KURL = "http://localhost:2501" 212 | threading.Thread(target=run_on_browser.main, args=(KURL,)).start() 213 | elif run_arg == "fern-wifi-cracker": 214 | threading.Thread(target=thread_run, args=(run_arg,)).start() 215 | print("Fern-wifi-cracker Starting...") 216 | else: 217 | os.system(f"{run_arg}") 218 | Recommended_Tool.recommended(name=name) 219 | else: 220 | print(f"{colors.green}[+] Installed") 221 | try: 222 | download = input( 223 | f"{colors.blue}Do You Want To Run The Tool?(y/n):{colors.reset}" 224 | ) 225 | except KeyboardInterrupt: 226 | return 227 | if download == "y" or download == "Y" or download == "Yes" or download == "yes": 228 | # os.system(f"{run_arg}") 229 | if run_arg == "kismet": 230 | threading.Thread(target=thread_run, args=(run_arg,)).start() 231 | print( 232 | f"[+] {run_arg} is started at address: http://localhost:2501 (or the address of this system) for the Kismet UI" 233 | ) 234 | KURL = "http://localhost:2501" 235 | threading.Thread(target=run_on_browser.main, args=(KURL,)).start() 236 | elif run_arg == "fern-wifi-cracker": 237 | threading.Thread(target=thread_run, args=(run_arg,)).start() 238 | print("Fern-wifi-cracker Starting...") 239 | else: 240 | #os.system(f"{run_arg}") 241 | load_banner(name=name) 242 | Recommended_Tool.recommended(name=name) 243 | 244 | 245 | def thread_run(command): 246 | os.system(f"{command} >> {os.path.dirname(__file__)}\\logs.txt 2>&1") 247 | 248 | 249 | def pip_install(name, run_arg): 250 | proc = subprocess.Popen([f"which {name}"], stdout=subprocess.PIPE, shell=True) 251 | (there, nothere) = proc.communicate() 252 | if there: 253 | print(f"{colors.green}[+] Installed") 254 | try: 255 | download = input( 256 | f"{colors.blue}Do You Want To Run The Tool?(y/n): {colors.reset} " 257 | ) 258 | except KeyboardInterrupt: 259 | return 260 | if download.lower() == "y" or download.lower() == "yes": 261 | os.system(f"{run_arg}") 262 | Recommended_Tool.recommended(name=name) 263 | else: 264 | print(f"{colors.red}[+] Not Installed") 265 | try: 266 | download = input( 267 | f"{colors.blue}[+] Do You Want To Install It?(y/n):{colors.reset} " 268 | ) 269 | except KeyboardInterrupt: 270 | return 271 | if download.lower() == "y" or download.lower() == "yes": 272 | os.system(f"pip install {name}") 273 | path = check_path(name) 274 | print(f"\nInstalled folder path : {path}") 275 | # os.system("go install github.com/projectdiscovery/katana/cmd/katana@latest") 276 | # os.system(f'sudo cp ~/go/bin/{name} /usr/bin') 277 | try: 278 | download = input( 279 | f"{colors.blue}\nDo You Want To Run The Tool?(y/n): {colors.reset}" 280 | ) 281 | except KeyboardInterrupt: 282 | return 283 | if download.lower() == "y" or download.lower() == "yes": 284 | os.system(f"{run_arg}") 285 | Recommended_Tool.recommended(name=name) 286 | 287 | 288 | def which_check(name, link, run_arg): 289 | proc = subprocess.Popen([f"which {name}"], stdout=subprocess.PIPE, shell=True) 290 | (there, nothere) = proc.communicate() 291 | if there: 292 | print(f"{colors.green}[+] Installed") 293 | try: 294 | download = input( 295 | f"{colors.blue}Do You Want To Run The Tool?(y/n): {colors.reset} " 296 | ) 297 | except KeyboardInterrupt: 298 | return 299 | if download.lower() == "y" or download.lower() == "yes": 300 | os.system(f"{run_arg}") 301 | Recommended_Tool.recommended(name=name) 302 | else: 303 | print(f"{colors.red}[+] Not Installed") 304 | try: 305 | download = input( 306 | f"{colors.blue}[+] Do You Want To Install It?(y/n):{colors.reset} " 307 | ) 308 | except KeyboardInterrupt: 309 | return 310 | if download.lower() == "y" or download.lower() == "yes": 311 | os.system(f"go install {link}") 312 | path = check_path(name) 313 | print(f"\nInstalled folder path : {path}") 314 | # os.system("go install github.com/projectdiscovery/katana/cmd/katana@latest") 315 | os.system(f"sudo cp ~/go/bin/{name} /usr/bin") 316 | try: 317 | download = input( 318 | f"{colors.blue}\nDo You Want To Run The Tool?(y/n): {colors.reset}" 319 | ) 320 | except KeyboardInterrupt: 321 | return 322 | if download.lower() == "y" or download.lower() == "yes": 323 | os.system(f"{run_arg}") 324 | Recommended_Tool.recommended(name=name) 325 | 326 | 327 | def deb_install(name, command, link): 328 | proc = subprocess.Popen( 329 | [f"dpkg -s {command} 2>> {os.path.dirname(__file__)}\\logs.txt "], stdout=subprocess.PIPE, shell=True 330 | ) 331 | (there, notthere) = proc.communicate() 332 | if "install ok installed" not in there.decode(): 333 | print(f"{colors.red}[+] Not Installed") 334 | try: 335 | install = input( 336 | f"{colors.blue}Do You Want To Install The Tool?(y/n):{colors.reset}" 337 | ) 338 | except KeyboardInterrupt: 339 | return 340 | if install.lower() == "yes" or install.lower() == "y": 341 | if not os.path.exists(f"Tools/{link.split('/')[-1]}"): 342 | os.system(f"wget {link} -O Tools/{link.split('/')[-1]} ") 343 | os.system(f"dpkg -i Tools/{link.split('/')[-1]} ") 344 | path = check_path(name) 345 | print(f"\nInstalled folder path : {path}") 346 | try: 347 | install = input( 348 | f"{colors.blue}Do you want to run the tool?(y/n):{colors.reset}" 349 | ) 350 | except KeyboardInterrupt: 351 | return 352 | if install.lower() == "y" or install.lower == "yes": 353 | if command == "nessus": 354 | os.system("systemctl start nessusd.service") 355 | print(f"{colors.green}[+] Service Started....") 356 | print( 357 | f"{colors.blue}[+] YOU CAN CHECK IT'S WRITE UPS FOR MORE INFO{colors.reset}" 358 | ) 359 | try: 360 | use = input( 361 | f"{colors.blue}[+] Do You Want To Configure Nessus?(y/n):{colors.reset}" 362 | ) 363 | except KeyboardInterrupt: 364 | return 365 | if use == "y" or use == "Y" or use == "Yes" or use == "yes": 366 | run_on_browser.main("https://localhost:8834/") 367 | else: 368 | os.system(f"{command} 2>> {os.path.dirname(__file__)}\\logs.txt") 369 | Recommended_Tool.recommended(name=name) 370 | else: 371 | print(f"{colors.green}[+] Installed") 372 | try: 373 | download = input( 374 | f"{colors.blue}Do You Want To Run The Tool?(y/n):{colors.reset}" 375 | ) 376 | except KeyboardInterrupt: 377 | return 378 | if download.lower() == "y" or download.lower() == "yes": 379 | if command == "nessus": 380 | os.system("systemctl start nessusd.service") 381 | print(f"{colors.green}[+] Service Started....") 382 | print( 383 | f"{colors.blue}[+] YOU CAN CHECK IT'S WRITE UPS FOR MORE INFO{colors.reset}" 384 | ) 385 | try: 386 | use = input( 387 | f"{colors.blue}[+] Do You Want To Configure Nessus?(y/n):{colors.reset}" 388 | ) 389 | except KeyboardInterrupt: 390 | return 391 | if use == "y" or use == "Y" or use == "Yes" or use == "yes": 392 | run_on_browser.main("https://localhost:8834/") 393 | else: 394 | os.system(f"{command} 2>> {os.path.dirname(__file__)}\\logs.txt") 395 | Recommended_Tool.recommended(name=name) 396 | -------------------------------------------------------------------------------- /main/tools/waiting.py: -------------------------------------------------------------------------------- 1 | def waiting(): 2 | input("\n\u001b[31m[+]press ENTER to go back\u001b[0m") -------------------------------------------------------------------------------- /main/tools/writeup.py: -------------------------------------------------------------------------------- 1 | from main.tools import run_on_browser,colors,banner,template 2 | import os 3 | import threading 4 | def writeup(writeup_dist,name): 5 | while True: 6 | os.system("clear") 7 | banner.main() 8 | banner.attack(name.title()) 9 | #convert dict keys in list(type casting) 10 | key=list(writeup_dist.keys()) 11 | key.append("Go Back") 12 | for i in range(len(key)): 13 | 14 | print(colors.options,f"{i+1}) {key[i]}".title(),colors.reset) 15 | try: 16 | option =input(f"\n {colors.select}Select An Option -> {colors.reset} ") 17 | #option-=1 18 | except KeyboardInterrupt: 19 | return 20 | #1-9=int kdsjfhgkjds=int X to type cast safely 21 | try: 22 | threading.Thread(target=run_on_browser.main, args=(writeup_dist[key[(int(option))-1]],)).start() 23 | #a={"a":1,"b":2} 24 | # print(2) 25 | except: 26 | return 27 | -------------------------------------------------------------------------------- /main/toolslogs.txt: -------------------------------------------------------------------------------- 1 | dpkg-query: package 'slowhttptest' is not installed and no information is available 2 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 3 | dpkg-query: package 'nessus' is not installed and no information is available 4 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 5 | dpkg-query: package 'hping3' is not installed and no information is available 6 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 7 | dpkg-query: package 'feroxbuster' is not installed and no information is available 8 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 9 | dpkg-query: package 'dradis' is not installed and no information is available 10 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 11 | dpkg-query: package 'maltego' is not installed and no information is available 12 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 13 | dpkg-query: package 'maltego' is not installed and no information is available 14 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 15 | dpkg-query: package 'wifite' is not installed and no information is available 16 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 17 | dpkg-query: package 'wapiti' is not installed and no information is available 18 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 19 | dpkg-query: package 'wapiti' is not installed and no information is available 20 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 21 | dpkg-query: package 'nessus' is not installed and no information is available 22 | Use dpkg --info (= dpkg-deb --info) to examine archive files. 23 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | beautifulsoup4 2 | dnspython 3 | ipwhois 4 | requests 5 | selenium 6 | netifaces 7 | 8 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import os 3 | import subprocess 4 | from main.tools import banner,colors 5 | #import cyberonix 6 | 7 | def is_module_installed(module_name): 8 | try: 9 | pip_result = subprocess.run(['pip', 'show', module_name], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) 10 | if pip_result.returncode == 0 and pip_result.stdout: 11 | return True 12 | 13 | apt_result = subprocess.run(['apt', 'list', module_name], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) 14 | if apt_result.returncode == 0 and module_name in apt_result.stdout: 15 | return True 16 | else: 17 | os.system("pip install dnspython==2.3.0") 18 | except Exception as e: 19 | print(f"An error occurred: {e}") 20 | return False 21 | 22 | 23 | 24 | def exit_program(): 25 | os.system("clear") 26 | banner.main() 27 | print("\033[38;5;105m","[+] Thanks visit again".title()) 28 | exit() 29 | try: 30 | def main(): 31 | os.system("clear") 32 | banner.main() 33 | banner.attack("Setup") 34 | is_module_installed('dnspython') 35 | os.system("pip install -r requirements.txt") 36 | os.system("pip install selenium") 37 | os.system("sudo apt install golang -y") 38 | os.system("go env -w GO111MODULE=on") 39 | os.system("apt install php") 40 | os.system("mkdir output") 41 | create_symlink() 42 | def create_symlink(): 43 | proc = subprocess.Popen([f"pwd"], stdout=subprocess.PIPE, shell=True) 44 | #there keyfor success output and noththere for error output 45 | (there, notthere) = proc.communicate() 46 | there=there.decode() 47 | there=there.split() 48 | f = open("run.sh", "w") 49 | f.write("#!/bin/bash") 50 | f.write("\n") 51 | f.write(f'cd {there[0]} && python3 cyberonix.py "$@"') 52 | f.close() 53 | os.system("chmod +x *") 54 | os.system("sudo mv run.sh /usr/bin/cyberonix") 55 | os.system("sudo mv cyberonix.1 /usr/local/man/man1/") 56 | finish() 57 | def finish(): 58 | os.system("clear") 59 | banner.main() 60 | banner.attack("Setup Completed") 61 | os.system("python3 cyberonix.py") 62 | if __name__ == "__main__": 63 | main() 64 | except KeyboardInterrupt: 65 | exit_program() 66 | except Exception as err: 67 | os.system("clear") 68 | banner.main() 69 | banner.attack(f"{colors.red}ERROR{colors.reset}") 70 | banner.description(f"{colors.red}{err}{colors.reset}") 71 | 72 | 73 | 74 | --------------------------------------------------------------------------------