├── GUI_Tools.py ├── GUI_Tools_wxpython_gui.py ├── JAR_Management.fbp ├── README.md ├── img ├── 2.0.png └── demo.png ├── requirements.txt └── setting.py /GUI_Tools.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | import wx 3 | import GUI_Tools_wxpython_gui 4 | import subprocess 5 | from setting import java8_path 6 | from setting import java9_path 7 | 8 | class MianWindow(GUI_Tools_wxpython_gui.jar_management_gui): 9 | 10 | #webshell管理工具 11 | def godzilla_click(self, event): 12 | subprocess.Popen("cd gui_webshell/Godzilla && " + java8_path + ' -jar ' + 'Godzilla.jar', shell=True) 13 | 14 | def behinder_click(self, event): 15 | subprocess.Popen("cd gui_webshell/Behinder && " + java8_path + ' -jar ' + 'Behinder.jar', shell=True) 16 | 17 | #渗透工具 18 | def burp_suite_click(self, event): 19 | subprocess.Popen("cd gui_other/BurpSuite_Pro && " + java9_path + ' -javaagent:BurpLoaderKeygen.jar -noverify -jar burpsuite_pro_v2021.10.3.jar', shell=True) 20 | 21 | def cs_click(self, event): 22 | subprocess.Popen("cd gui_other/CobaltStrike/CSAgent && " + java8_path + ' -XX:ParallelGCThreads=4 -XX:+AggressiveHeap -XX:+UseParallelGC -javaagent:CSAgent.jar=5e98194a01c6b48fa582a6a9fcbb92d6 -Duser.language=en -jar cobaltstrike.jar', shell=True) 23 | 24 | #信息收集 25 | def dirscan_click(self, event): 26 | subprocess.Popen("cd gui_shouji/dirscan_3.0 && " + java9_path + ' -jar ' + 'scandir-3.0.jar', shell=True) 27 | def webfinder_click(self, event): 28 | subprocess.Popen("cd gui_shouji && " + java8_path + ' -jar ' + 'webfinder-3.2.jar', shell=True) 29 | def fofa_click(self, event): 30 | subprocess.Popen("cd gui_shouji/fofaviewer_1.0.7_ && " + java8_path + ' -jar ' + 'fofaviewer.jar', shell=True) 31 | def yj_click(self, event): 32 | subprocess.Popen('cd gui_shouji/yjdirscanv1.1 && 御剑目录扫描专业版v1.1.exe', shell=True) 33 | 34 | 35 | #漏洞扫描 36 | def tdoa_click(self, event): 37 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'TODA.jar', shell=True) 38 | 39 | def gr33k_click(self, event): 40 | subprocess.Popen('python3 gui_scan/Gr33k/Gr33k.py', shell=True) 41 | 42 | def cas_click(self, event): 43 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'CAS_cc2_Exploit-1.0-SNAPSHOTv1.1-all.jar', shell=True) 44 | 45 | def sj_click(self, event): 46 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'SJ-V1.9.jar', shell=True) 47 | 48 | def thinkphp_click(self, event): 49 | subprocess.Popen("cd gui_scan/thinkphp && " + java8_path + ' -jar ' + 'ThinkPHP.V2.0.by.jar', shell=True) 50 | 51 | def thinkphp_log_click(self, event): 52 | subprocess.Popen('cd gui_scan/thinkphp && ThinkPHP.v1.2_Beta.exe', shell=True) 53 | 54 | def thinkphp1_click(self, event): 55 | subprocess.Popen("cd gui_scan/thinkphp && " + java8_path + ' -jar ' + 'ThinkphpGUI-1.2-SNAPSHOT.jar', shell=True) 56 | 57 | def thinkphp2_click(self, event): 58 | subprocess.Popen("cd gui_scan/thinkphp && " + java8_path + ' -jar ' + 'thinkphp命令执行检测工具.jar', shell=True) 59 | 60 | def weblogic_click(self, event): 61 | subprocess.Popen("cd gui_scan/weblogic/weblogic-framework-0.2.3 && " + java8_path + ' -jar ' + 'weblogic-framework-0.2.3-all-jar-with-dependencies.jar', shell=True) 62 | 63 | def weblogic1_click(self, event): 64 | subprocess.Popen("cd gui_scan/weblogic && " + java8_path + ' -jar ' + 'weblogic_exploit-1.0-SNAPSHOT-all.jar', shell=True) 65 | 66 | def edr_click(self, event): 67 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + '深X服edr任意用户登陆检测工具.jar', shell=True) 68 | 69 | def shiro_attack_click(self, event): 70 | subprocess.Popen("cd gui_scan/shiro/shiro_attack_2.2 && " + java8_path + ' -jar ' + 'shiro_attack-2.2.jar', shell=True) 71 | 72 | def shiroexp_click(self, event): 73 | subprocess.Popen("cd gui_scan/shiro && " + java8_path + ' -jar ' + 'ShiroExp.jar', shell=True) 74 | 75 | def shiroexploit_click(self, event): 76 | subprocess.Popen("cd gui_scan/shiro && " + java8_path + ' -jar ' + 'ShiroExploit-v2.3.jar', shell=True) 77 | 78 | def shiroexploit1_cilck(self, event): 79 | subprocess.Popen("cd gui_scan/shiro && " + java8_path + ' -jar ' + 'ShiroExploit.jar', shell=True) 80 | 81 | def shiroscan_click(self, event): 82 | subprocess.Popen("cd gui_scan/shiro && " + java8_path + ' -jar ' + 'ShiroScan-1.1.jar', shell=True) 83 | 84 | def shiro1_click(self, event): 85 | subprocess.Popen("cd gui_scan/shiro/ShiroExploit.V2.51 && " + java8_path + ' -jar ' + 'ShiroExploit.jar', shell=True) 86 | 87 | def oracleshell_click(self, event): 88 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'oracleShell.jar', shell=True) 89 | 90 | def framescan_click(self, event): 91 | subprocess.Popen("cd gui_scan/FrameScan-GUI && FrameScan-GUI.exe", shell=True) 92 | 93 | def tomcat_password_click(self, event): 94 | subprocess.Popen("cd gui_scan/tomcat && " + java8_path + ' -jar ' + 'tomcat.jar', shell=True) 95 | 96 | def fastjson_cilck(self, event): 97 | subprocess.Popen("cd gui_scan/json && json反序列化检查工具.exe", shell=True) 98 | 99 | def cve_2020_10199_click(self, event): 100 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'cve-2020-10199-10204.jar', shell=True) 101 | 102 | def cve_2019_7238_click(self, event): 103 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'cve-2019-7238.jar', shell=True) 104 | 105 | def aliyun_accesskey_click(self, event): 106 | subprocess.Popen('cd gui_scan && Aliyun-.AK.Tools-V1.2.exe', shell=True) 107 | 108 | def aliyunakyools_click(self, event): 109 | subprocess.Popen('cd gui_scan/AliyunAkTools && AliyunAkTools.exe', shell=True) 110 | 111 | def jdgui_click(self, event): 112 | subprocess.Popen("cd gui_scan && " + java8_path + ' -jar ' + 'jd-gui-1.6.6.jar', shell=True) 113 | 114 | def mdut_click(self, event): 115 | subprocess.Popen("cd gui_scan/Multiple.Database.Utilization.Tools.-.v2.0.6 && " + java8_path + ' -jar ' + 'MDUT.jar', shell=True) 116 | 117 | if __name__ == '__main__': 118 | app = wx.App() 119 | frame = MianWindow(None) 120 | frame.Show() 121 | app.MainLoop() 122 | 123 | -------------------------------------------------------------------------------- /GUI_Tools_wxpython_gui.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | ########################################################################### 4 | ## Python code generated with wxFormBuilder (version Oct 26 2018) 5 | ## http://www.wxformbuilder.org/ 6 | ## 7 | ## PLEASE DO *NOT* EDIT THIS FILE! 8 | ########################################################################### 9 | 10 | import wx 11 | import wx.xrc 12 | 13 | ########################################################################### 14 | ## Class jar_management_gui 15 | ########################################################################### 16 | 17 | class jar_management_gui ( wx.Frame ): 18 | 19 | def __init__( self, parent ): 20 | wx.Frame.__init__ ( self, parent, id = wx.ID_ANY, title = u"图形化渗透武器库管理合集_V1.1", pos = wx.DefaultPosition, size = wx.Size( 1000,600 ), style = wx.DEFAULT_FRAME_STYLE|wx.TAB_TRAVERSAL ) 21 | 22 | self.SetSizeHints( wx.DefaultSize, wx.DefaultSize ) 23 | 24 | gui_all = wx.BoxSizer( wx.VERTICAL ) 25 | 26 | gui_webshell = wx.StaticBoxSizer( wx.StaticBox( self, wx.ID_ANY, u"Webshell管理工具" ), wx.VERTICAL ) 27 | 28 | webshell = wx.WrapSizer( wx.HORIZONTAL, wx.WRAPSIZER_DEFAULT_FLAGS ) 29 | 30 | self.godzilla = wx.Button( gui_webshell.GetStaticBox(), wx.ID_ANY, u"Godzilla_v3.03", wx.DefaultPosition, wx.DefaultSize, 0 ) 31 | webshell.Add( self.godzilla, 0, wx.ALL, 5 ) 32 | 33 | self.behinder = wx.Button( gui_webshell.GetStaticBox(), wx.ID_ANY, u"Behinder_v3.0 Beta 11", wx.DefaultPosition, wx.DefaultSize, 0 ) 34 | webshell.Add( self.behinder, 0, wx.ALL, 5 ) 35 | 36 | 37 | gui_webshell.Add( webshell, 1, wx.EXPAND, 5 ) 38 | 39 | 40 | gui_all.Add( gui_webshell, 0, wx.EXPAND|wx.ALL, 5 ) 41 | 42 | gui_other = wx.StaticBoxSizer( wx.StaticBox( self, wx.ID_ANY, u"渗透工具" ), wx.VERTICAL ) 43 | 44 | other = wx.WrapSizer( wx.HORIZONTAL, wx.WRAPSIZER_DEFAULT_FLAGS ) 45 | 46 | self.burp_suite = wx.Button( gui_other.GetStaticBox(), wx.ID_ANY, u"BurpSuite_Pro_v2021.10.3", wx.DefaultPosition, wx.DefaultSize, 0 ) 47 | other.Add( self.burp_suite, 0, wx.ALL, 5 ) 48 | 49 | self.cs = wx.Button( gui_other.GetStaticBox(), wx.ID_ANY, u"Cobalt_Strike_v4.4", wx.DefaultPosition, wx.DefaultSize, 0 ) 50 | other.Add( self.cs, 0, wx.ALL, 5 ) 51 | 52 | 53 | gui_other.Add( other, 1, wx.EXPAND, 5 ) 54 | 55 | 56 | gui_all.Add( gui_other, 0, wx.EXPAND|wx.ALL, 5 ) 57 | 58 | gui_shouji = wx.StaticBoxSizer( wx.StaticBox( self, wx.ID_ANY, u"信息收集" ), wx.VERTICAL ) 59 | 60 | shouji = wx.WrapSizer( wx.HORIZONTAL, wx.WRAPSIZER_DEFAULT_FLAGS ) 61 | 62 | self.dirscan = wx.Button( gui_shouji.GetStaticBox(), wx.ID_ANY, u"Dirscan_v3.0", wx.DefaultPosition, wx.DefaultSize, 0 ) 63 | shouji.Add( self.dirscan, 0, wx.ALL, 5 ) 64 | 65 | self.webfinder = wx.Button( gui_shouji.GetStaticBox(), wx.ID_ANY, u"Webfinder_v3.2", wx.DefaultPosition, wx.DefaultSize, 0 ) 66 | shouji.Add( self.webfinder, 0, wx.ALL, 5 ) 67 | 68 | self.fofa = wx.Button( gui_shouji.GetStaticBox(), wx.ID_ANY, u"Fofa_Viewer_v1.0.8", wx.DefaultPosition, wx.DefaultSize, 0 ) 69 | shouji.Add( self.fofa, 0, wx.ALL, 5 ) 70 | 71 | self.yjdirscan = wx.Button( gui_shouji.GetStaticBox(), wx.ID_ANY, u"御剑dirscan_v1.1", wx.DefaultPosition, wx.DefaultSize, 0 ) 72 | shouji.Add( self.yjdirscan, 0, wx.ALL, 5 ) 73 | 74 | 75 | gui_shouji.Add( shouji, 1, wx.EXPAND, 5 ) 76 | 77 | 78 | gui_all.Add( gui_shouji, 0, wx.EXPAND|wx.ALL, 5 ) 79 | 80 | gui_scan = wx.StaticBoxSizer( wx.StaticBox( self, wx.ID_ANY, u"漏洞扫描" ), wx.VERTICAL ) 81 | 82 | scan = wx.WrapSizer( wx.HORIZONTAL, wx.WRAPSIZER_DEFAULT_FLAGS ) 83 | 84 | self.tdoa = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"通达OA综合利用工具_v1.0", wx.DefaultPosition, wx.DefaultSize, 0 ) 85 | scan.Add( self.tdoa, 0, wx.ALL, 5 ) 86 | 87 | self.Gr33k = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"Gr33k漏洞利用工具集_py", wx.DefaultPosition, wx.DefaultSize, 0 ) 88 | scan.Add( self.Gr33k, 0, wx.ALL, 5 ) 89 | 90 | self.Cas = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"Cas反序列化漏洞利用工具_v1.1", wx.DefaultPosition, wx.DefaultSize, 0 ) 91 | scan.Add( self.Cas, 0, wx.ALL, 5 ) 92 | 93 | self.sj = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"神机_V.19", wx.DefaultPosition, wx.DefaultSize, 0 ) 94 | scan.Add( self.sj, 0, wx.ALL, 5 ) 95 | 96 | self.thinkphp = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ThinkPHP综合利用工具_V2.0", wx.DefaultPosition, wx.DefaultSize, 0 ) 97 | scan.Add( self.thinkphp, 0, wx.ALL, 5 ) 98 | 99 | self.thinkphp_log = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ThinkPHP日志分析_v1.2_Beta_win", wx.DefaultPosition, wx.DefaultSize, 0 ) 100 | scan.Add( self.thinkphp_log, 0, wx.ALL, 5 ) 101 | 102 | self.thinkphp1 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"Thinkphp漏洞利用工具_v1.2", wx.DefaultPosition, wx.DefaultSize, 0 ) 103 | scan.Add( self.thinkphp1, 0, wx.ALL, 5 ) 104 | 105 | self.thinkphp2 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"thinkphp命令执行检测工具", wx.DefaultPosition, wx.DefaultSize, 0 ) 106 | scan.Add( self.thinkphp2, 0, wx.ALL, 5 ) 107 | 108 | self.weblogic_framework = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"weblogic-framework", wx.DefaultPosition, wx.DefaultSize, 0 ) 109 | scan.Add( self.weblogic_framework, 0, wx.ALL, 5 ) 110 | 111 | self.weblogic1 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"weblogic漏洞利用工具", wx.DefaultPosition, wx.DefaultSize, 0 ) 112 | scan.Add( self.weblogic1, 0, wx.ALL, 5 ) 113 | 114 | self.edr = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"深X服edr任意用户登陆检测工具", wx.DefaultPosition, wx.DefaultSize, 0 ) 115 | scan.Add( self.edr, 0, wx.ALL, 5 ) 116 | 117 | self.shiro_attack = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"shiro_attack_2.2", wx.DefaultPosition, wx.DefaultSize, 0 ) 118 | scan.Add( self.shiro_attack, 0, wx.ALL, 5 ) 119 | 120 | self.ShiroExp = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ShiroExp_v1.0", wx.DefaultPosition, wx.DefaultSize, 0 ) 121 | scan.Add( self.ShiroExp, 0, wx.ALL, 5 ) 122 | 123 | self.ShiroExploit = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ShiroExploit_v2.3", wx.DefaultPosition, wx.DefaultSize, 0 ) 124 | scan.Add( self.ShiroExploit, 0, wx.ALL, 5 ) 125 | 126 | self.ShiroExploit1 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ShiroExploit", wx.DefaultPosition, wx.DefaultSize, 0 ) 127 | scan.Add( self.ShiroExploit1, 0, wx.ALL, 5 ) 128 | 129 | self.ShiroScan = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ShiroScan_v1.1", wx.DefaultPosition, wx.DefaultSize, 0 ) 130 | scan.Add( self.ShiroScan, 0, wx.ALL, 5 ) 131 | 132 | self.ShiroExploit2 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"ShiroExploit_V2.51", wx.DefaultPosition, wx.DefaultSize, 0 ) 133 | scan.Add( self.ShiroExploit2, 0, wx.ALL, 5 ) 134 | 135 | self.oracleShell = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"oracleShell_v0.1", wx.DefaultPosition, wx.DefaultSize, 0 ) 136 | scan.Add( self.oracleShell, 0, wx.ALL, 5 ) 137 | 138 | self.FrameScan = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"FrameScan_GUI_win", wx.DefaultPosition, wx.DefaultSize, 0 ) 139 | scan.Add( self.FrameScan, 0, wx.ALL, 5 ) 140 | 141 | self.tomcat_password = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"tomcat_password", wx.DefaultPosition, wx.DefaultSize, 0 ) 142 | scan.Add( self.tomcat_password, 0, wx.ALL, 5 ) 143 | 144 | self.fastjson = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"fastjson检测工具_win", wx.DefaultPosition, wx.DefaultSize, 0 ) 145 | scan.Add( self.fastjson, 0, wx.ALL, 5 ) 146 | 147 | self.CVE_2020_10199 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"CVE-2020-10199", wx.DefaultPosition, wx.DefaultSize, 0 ) 148 | scan.Add( self.CVE_2020_10199, 0, wx.ALL, 5 ) 149 | 150 | self.CVE_2019_7238 = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"CVE-2019-7238", wx.DefaultPosition, wx.DefaultSize, 0 ) 151 | scan.Add( self.CVE_2019_7238, 0, wx.ALL, 5 ) 152 | 153 | self.aliyun_accesskey = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"阿里云accesskey利用工具_V1.2_win", wx.DefaultPosition, wx.DefaultSize, 0 ) 154 | scan.Add( self.aliyun_accesskey, 0, wx.ALL, 5 ) 155 | 156 | self.AliyunAkTools = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"AliyunAkTools_win", wx.DefaultPosition, wx.DefaultSize, 0 ) 157 | scan.Add( self.AliyunAkTools, 0, wx.ALL, 5 ) 158 | 159 | self.mdut = wx.Button( gui_scan.GetStaticBox(), wx.ID_ANY, u"MDUT_v2.0.6", wx.DefaultPosition, wx.DefaultSize, 0 ) 160 | scan.Add( self.mdut, 0, wx.ALL, 5 ) 161 | 162 | 163 | gui_scan.Add( scan, 1, wx.EXPAND, 5 ) 164 | 165 | 166 | gui_all.Add( gui_scan, 0, wx.EXPAND|wx.ALL, 5 ) 167 | 168 | 169 | self.SetSizer( gui_all ) 170 | self.Layout() 171 | 172 | self.Centre( wx.BOTH ) 173 | 174 | # Connect Events 175 | self.godzilla.Bind( wx.EVT_BUTTON, self.godzilla_click ) 176 | self.behinder.Bind( wx.EVT_BUTTON, self.behinder_click ) 177 | self.burp_suite.Bind( wx.EVT_BUTTON, self.burp_suite_click ) 178 | self.cs.Bind( wx.EVT_BUTTON, self.cs_click ) 179 | self.dirscan.Bind( wx.EVT_BUTTON, self.dirscan_click ) 180 | self.webfinder.Bind( wx.EVT_BUTTON, self.webfinder_click ) 181 | self.fofa.Bind( wx.EVT_BUTTON, self.fofa_click ) 182 | self.yjdirscan.Bind( wx.EVT_BUTTON, self.yj_click ) 183 | self.tdoa.Bind( wx.EVT_BUTTON, self.tdoa_click ) 184 | self.Gr33k.Bind( wx.EVT_BUTTON, self.gr33k_click ) 185 | self.Cas.Bind( wx.EVT_BUTTON, self.cas_click ) 186 | self.sj.Bind( wx.EVT_BUTTON, self.sj_click ) 187 | self.thinkphp.Bind( wx.EVT_BUTTON, self.thinkphp_click ) 188 | self.thinkphp_log.Bind( wx.EVT_BUTTON, self.thinkphp_log_click ) 189 | self.thinkphp1.Bind( wx.EVT_BUTTON, self.thinkphp1_click ) 190 | self.thinkphp2.Bind( wx.EVT_BUTTON, self.thinkphp2_click ) 191 | self.weblogic_framework.Bind( wx.EVT_BUTTON, self.weblogic_click ) 192 | self.weblogic1.Bind( wx.EVT_BUTTON, self.weblogic1_click ) 193 | self.edr.Bind( wx.EVT_BUTTON, self.edr_click ) 194 | self.shiro_attack.Bind( wx.EVT_BUTTON, self.shiro_attack_click ) 195 | self.ShiroExp.Bind( wx.EVT_BUTTON, self.shiroexp_click ) 196 | self.ShiroExploit.Bind( wx.EVT_BUTTON, self.shiroexploit_click ) 197 | self.ShiroExploit1.Bind( wx.EVT_BUTTON, self.shiroexploit1_cilck ) 198 | self.ShiroScan.Bind( wx.EVT_BUTTON, self.shiroscan_click ) 199 | self.ShiroExploit2.Bind( wx.EVT_BUTTON, self.shiro1_click ) 200 | self.oracleShell.Bind( wx.EVT_BUTTON, self.oracleshell_click ) 201 | self.FrameScan.Bind( wx.EVT_BUTTON, self.framescan_click ) 202 | self.tomcat_password.Bind( wx.EVT_BUTTON, self.tomcat_password_click ) 203 | self.fastjson.Bind( wx.EVT_BUTTON, self.fastjson_cilck ) 204 | self.CVE_2020_10199.Bind( wx.EVT_BUTTON, self.cve_2020_10199_click ) 205 | self.CVE_2019_7238.Bind( wx.EVT_BUTTON, self.cve_2019_7238_click ) 206 | self.aliyun_accesskey.Bind( wx.EVT_BUTTON, self.aliyun_accesskey_click ) 207 | self.AliyunAkTools.Bind( wx.EVT_BUTTON, self.aliyunakyools_click ) 208 | self.mdut.Bind( wx.EVT_BUTTON, self.mdut_click ) 209 | 210 | def __del__( self ): 211 | pass 212 | 213 | 214 | # Virtual event handlers, overide them in your derived class 215 | def godzilla_click( self, event ): 216 | event.Skip() 217 | 218 | def behinder_click( self, event ): 219 | event.Skip() 220 | 221 | def burp_suite_click( self, event ): 222 | event.Skip() 223 | 224 | def cs_click( self, event ): 225 | event.Skip() 226 | 227 | def dirscan_click( self, event ): 228 | event.Skip() 229 | 230 | def webfinder_click( self, event ): 231 | event.Skip() 232 | 233 | def fofa_click( self, event ): 234 | event.Skip() 235 | 236 | def yj_click( self, event ): 237 | event.Skip() 238 | 239 | def tdoa_click( self, event ): 240 | event.Skip() 241 | 242 | def gr33k_click( self, event ): 243 | event.Skip() 244 | 245 | def cas_click( self, event ): 246 | event.Skip() 247 | 248 | def sj_click( self, event ): 249 | event.Skip() 250 | 251 | def thinkphp_click( self, event ): 252 | event.Skip() 253 | 254 | def thinkphp_log_click( self, event ): 255 | event.Skip() 256 | 257 | def thinkphp1_click( self, event ): 258 | event.Skip() 259 | 260 | def thinkphp2_click( self, event ): 261 | event.Skip() 262 | 263 | def weblogic_click( self, event ): 264 | event.Skip() 265 | 266 | def weblogic1_click( self, event ): 267 | event.Skip() 268 | 269 | def edr_click( self, event ): 270 | event.Skip() 271 | 272 | def shiro_attack_click( self, event ): 273 | event.Skip() 274 | 275 | def shiroexp_click( self, event ): 276 | event.Skip() 277 | 278 | def shiroexploit_click( self, event ): 279 | event.Skip() 280 | 281 | def shiroexploit1_cilck( self, event ): 282 | event.Skip() 283 | 284 | def shiroscan_click( self, event ): 285 | event.Skip() 286 | 287 | def shiro1_click( self, event ): 288 | event.Skip() 289 | 290 | def oracleshell_click( self, event ): 291 | event.Skip() 292 | 293 | def framescan_click( self, event ): 294 | event.Skip() 295 | 296 | def tomcat_password_click( self, event ): 297 | event.Skip() 298 | 299 | def fastjson_cilck( self, event ): 300 | event.Skip() 301 | 302 | def cve_2020_10199_click( self, event ): 303 | event.Skip() 304 | 305 | def cve_2019_7238_click( self, event ): 306 | event.Skip() 307 | 308 | def aliyun_accesskey_click( self, event ): 309 | event.Skip() 310 | 311 | def aliyunakyools_click( self, event ): 312 | event.Skip() 313 | 314 | def mdut_click( self, event ): 315 | event.Skip() 316 | 317 | 318 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GUI_Tools 2 | 3 | ![](https://img.shields.io/github/stars/ghealer/GUI_Tools) ![](https://img.shields.io/github/forks/ghealer/GUI_Tools) ![](https://img.shields.io/github/issues/ghealer/GUI_Tools) 4 | > 一个由各种图形化渗透工具组成的工具集,环境已配置完成,自带Java1.8与Java9 5 | 6 | ### ✨ Demo 7 | ![](https://raw.githubusercontent.com/ghealer/GUI_Tools/main/img/demo.png) 8 | 9 | ### 🚀 快速使用 10 | - 下载程序源代码 11 | 12 | `git clone https://github.com/ghealer/GUI_Tools.git` 13 | 14 | `pip install -r requirements.txt` 15 | 16 | - 下载工具包 17 | 18 | `aHR0cHM6Ly9wYW4uYmFpZHUuY29tL3MvMXk1aGZRWV9Qa3JiSkE1RVl1dzJXNHcgICAgIGhnaTg=` 19 | 20 | 将工具包解压(密码:GUI_Tools)放在GUI_Tools根目录下 21 | 22 | - V1.1 更新(重大安全风险,强制更新) 23 | 24 | `git pull https://github.com/ghealer/GUI_Tools.git` 25 | 26 | `aHR0cHM6Ly9wYW4uYmFpZHUuY29tL3MvMWJBeUJfY3pjUVMyWXdOcU5uSTZzR1EgIDRmNG4=` 27 | 28 | 将下载的 gui_other 文件夹替换原 gui_other 文件夹(如已使用旧版 CobaltStrike4.3 ,请删除文件并进行全盘病毒查杀) 29 | 30 | - 目录结构 31 | ```markdown 32 | ├── GUI_Tools.py 33 | ├── GUI_Tools_wxpython_gui.py 34 | ├── JAR_Management.fbp 35 | ├── gui_other 36 | ├── gui_scan 37 | ├── gui_shouji 38 | ├── gui_webshell 39 | ├── Java_path 40 | └── setting.py 41 | ``` 42 | 43 | - 执行程序 44 | 45 | `python3 GUI_Tools.py` 46 | 47 | ### 🐾 更新日志 48 | 49 | - 2021年9月7日 V1.0 50 | - 添加 Windows 和 MacOS 的 java1.8 与 java9 环境,可直接打开 jar 程序 51 | - 添加 Behinder、Godzilla 等 webshell 管理工具 52 | - 添加 Burp Suite Pro、Cobalt Strike 等渗透工具 53 | - 添加 Dirscan、Webfinder、Fofa Viewer、御剑dirscan 等信息收集工具 54 | - 添加 shiro、thinkphp、weblogic 等漏洞利用工具 55 | 56 | - 2022年1月10日 V1.1(重大安全风险,强制更新) 57 | - 删除 CobaltStrike4.3 58 | - 删除 CobaltStrike4.3 插件,后续会以文库的形式更新插件包 59 | - 删除 Burp_Suite_Professional_v2021.8 60 | - 新增原版 CobaltStrike4.4 ,破解方式为[CSAgent](https://github.com/Twi1ight/CSAgent) 61 | - 新增原版 BurpSuite_Pro_v2021.10.3 ,破解方式为[BurpLoaderKeygen](https://github.com/h3110w0r1d-y/BurpLoaderKeygen) 62 | - 自行删除 MDUT 内 hta 文件,[详看](https://www.yuque.com/u21224612/nezuig/sxmhkz) 63 | 64 | - ~~近期发布 V2.0~~ 65 | - ~~重构框架,将工具进行分组分类~~ 66 | - ~~增加自定义添加工具功能~~ 67 | - ~~新增大量工具~~ 68 | - 暂不发布 69 | - ![](https://raw.githubusercontent.com/ghealer/GUI_Tools/main/img/2.0.png) 70 | 71 | ### 📝 免责声明 72 | 73 | 本工具仅面向合法授权的企业安全建设行为,在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。 74 | 75 | 如您在使用本工具的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任。 76 | 77 | 在使用本工具前,请您务必审慎阅读、充分理解各条款内容,限制、免责条款或者其他涉及您重大权益的条款可能会以加粗、加下划线等形式提示您重点注意。 除非您已充分阅读、完全理解并接受本协议所有条款,否则,请您不要使用本工具。 78 | 79 | 您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。 80 | 81 | ### 🙋 问题反馈 82 | 83 | - 反馈渠道 84 | - 如有问题请提交 Issues,我看到会及时解决。 85 | 86 | - 关于工具 87 | - 工具刚写出来,可能BUG比较多,还望各位大佬多多包涵。 88 | - 后面会定期更新添加工具,各位在使用的时候如果有什么比较好用的想要添加到工具里的也可以提交 Issues。 89 | - **所有工具的收集均来自互联网,请自行甄别是否存在后门等程序,建议在虚拟机里运行本程序下的工具。** 90 | - 在2.0出来之前,可以通过修改源码来自定义武器库。 91 | - 后面会出一个纯命令行的工具集,尽情期待。 92 | - **关于 CobaltStrike4.3 存在后门一事的情况说明** 93 | - **收到反馈工具包内 CobaltStrike4.3 存在后门情况,工具下载于某苁,下载完未进行后门审查,可能存在未知安全风险,建议所有已安装人员删除旧版本,并进行全盘查杀病毒。** 94 | - **修复办法:将工具包内 CobaltStrike4.3 删除,使用火绒或其他病毒查杀软件进行全盘病毒查杀,并监测系统进程与网络连接情况,发现异常进程及连接及时清理;下载 V1.1 更新包进行替换。再次建议在虚拟机里运行本程序下的工具** 95 | - [关于 MDUT 里面存在的"后门" hta 文件](https://www.yuque.com/u21224612/nezuig/sxmhkz) 96 | -------------------------------------------------------------------------------- /img/2.0.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghealer/GUI_Tools/387b793892360f42bc8901628fc8f019f54e6824/img/2.0.png -------------------------------------------------------------------------------- /img/demo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghealer/GUI_Tools/387b793892360f42bc8901628fc8f019f54e6824/img/demo.png -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | wxPython==4.1.1 2 | -------------------------------------------------------------------------------- /setting.py: -------------------------------------------------------------------------------- 1 | import os 2 | import platform 3 | #获取当前绝对路径 4 | tools_path = os.getcwd() 5 | 6 | 7 | if platform.system() == 'Windows' : 8 | java8_path = (tools_path + "\Java_path\jre_1.8_win\\bin\java").replace('\\','\\\\') 9 | java9_path = (tools_path + "\Java_path\java9_win\\bin\java").replace('\\','\\\\') 10 | 11 | else: 12 | #MacOS和Linux的java绝对路径 13 | java8_path = tools_path + "/Java_path/java_1.8/bin/java" 14 | java9_path = tools_path + "/Java_path/java9/bin/java" 15 | 16 | 17 | --------------------------------------------------------------------------------