mirror of
https://github.com/Z4nzu/hackingtool
synced 2024-11-15 04:05:29 +00:00
114 lines
4.0 KiB
Python
114 lines
4.0 KiB
Python
|
# coding=utf-8
|
|||
|
import subprocess
|
|||
|
|
|||
|
from core import HackingTool
|
|||
|
from core import HackingToolsCollection
|
|||
|
|
|||
|
|
|||
|
class Web2Attack(HackingTool):
|
|||
|
TITLE = "Web2Attack"
|
|||
|
DESCRIPTION = "Web hacking framework with tools, exploits by python"
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"sudo git clone https://github.com/santatic/web2attack.git"]
|
|||
|
RUN_COMMANDS = ["cd web2attack && sudo bash w2aconsole"]
|
|||
|
PROJECT_URL = "https://github.com/santatic/web2attack"
|
|||
|
|
|||
|
|
|||
|
class Skipfish(HackingTool):
|
|||
|
TITLE = "Skipfish"
|
|||
|
DESCRIPTION = "Skipfish – Fully automated, active web application " \
|
|||
|
"security reconnaissance tool \n " \
|
|||
|
"Usage: skipfish -o [FolderName] targetip/site"
|
|||
|
RUN_COMMANDS = [
|
|||
|
"sudo skipfish -h",
|
|||
|
'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat'
|
|||
|
]
|
|||
|
|
|||
|
def __init__(self):
|
|||
|
super(Skipfish, self).__init__(installable = False)
|
|||
|
|
|||
|
|
|||
|
class SubDomainFinder(HackingTool):
|
|||
|
TITLE = "SubDomain Finder"
|
|||
|
DESCRIPTION = "Sublist3r is a python tool designed to enumerate " \
|
|||
|
"subdomains of websites using OSINT \n " \
|
|||
|
"Usage:\n\t" \
|
|||
|
"[1] python sublist3r.py -d example.com \n" \
|
|||
|
"[2] python sublist3r.py -d example.com -p 80,443"
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"sudo pip install requests argparse dnspython",
|
|||
|
"sudo git clone https://github.com/aboul3la/Sublist3r.git",
|
|||
|
"cd Sublist3r && sudo pip install -r requirements.txt"
|
|||
|
]
|
|||
|
RUN_COMMANDS = ["cd Sublist3r && python sublist3r.py -h"]
|
|||
|
PROJECT_URL = "https://github.com/aboul3la/Sublist3r"
|
|||
|
|
|||
|
|
|||
|
class CheckURL(HackingTool):
|
|||
|
TITLE = "CheckURL"
|
|||
|
DESCRIPTION = "Detect evil urls that uses IDN Homograph Attack.\n\t" \
|
|||
|
"[!] python3 checkURL.py --url google.com"
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"sudo git clone https://github.com/UndeadSec/checkURL.git"]
|
|||
|
RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"]
|
|||
|
PROJECT_URL = "https://github.com/UndeadSec/checkURL"
|
|||
|
|
|||
|
|
|||
|
class Blazy(HackingTool):
|
|||
|
TITLE = "Blazy(Also Find ClickJacking)"
|
|||
|
DESCRIPTION = "Blazy is a modern login page bruteforcer"
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"sudo git clone https://github.com/UltimateHackers/Blazy.git",
|
|||
|
"cd Blazy && sudo pip install -r requirements.txt"
|
|||
|
]
|
|||
|
RUN_COMMANDS = ["cd Blazy && sudo python blazy.py"]
|
|||
|
PROJECT_URL = "https://github.com/UltimateHackers/Blazy"
|
|||
|
|
|||
|
|
|||
|
class SubDomainTakeOver(HackingTool):
|
|||
|
TITLE = "Sub-Domain TakeOver"
|
|||
|
DESCRIPTION = "Sub-domain takeover vulnerability occur when a sub-domain " \
|
|||
|
"\n (subdomain.example.com) is pointing to a service " \
|
|||
|
"(e.g: GitHub, AWS/S3,..)\n" \
|
|||
|
"that has been removed or deleted.\n" \
|
|||
|
"Usage:python3 takeover.py -d www.domain.com -v"
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"git clone https://github.com/m4ll0k/takeover.git",
|
|||
|
"cd takeover;sudo python3 setup.py install"
|
|||
|
]
|
|||
|
PROJECT_URL = "https://github.com/m4ll0k/takeover"
|
|||
|
|
|||
|
def __init__(self):
|
|||
|
super(SubDomainTakeOver, self).__init__(runnable = False)
|
|||
|
|
|||
|
|
|||
|
class Dirb(HackingTool):
|
|||
|
TITLE = "Dirb"
|
|||
|
DESCRIPTION = "DIRB is a Web Content Scanner. It looks for existing " \
|
|||
|
"(and/or hidden) Web Objects.\n" \
|
|||
|
"It basically works by launching a dictionary based " \
|
|||
|
"attack against \n a web server and analizing the response."
|
|||
|
INSTALL_COMMANDS = [
|
|||
|
"sudo git clone https://gitlab.com/kalilinux/packages/dirb.git",
|
|||
|
"cd dirb;sudo ./configure;make"
|
|||
|
]
|
|||
|
PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb"
|
|||
|
|
|||
|
def run(self):
|
|||
|
uinput = input("Enter Url >> ")
|
|||
|
subprocess.run(["sudo", "dirb", uinput])
|
|||
|
|
|||
|
|
|||
|
class WebAttackTools(HackingToolsCollection):
|
|||
|
TITLE = "Web Attack tools"
|
|||
|
DESCRIPTION = ""
|
|||
|
TOOLS = [
|
|||
|
Web2Attack(),
|
|||
|
Skipfish(),
|
|||
|
SubDomainFinder(),
|
|||
|
CheckURL(),
|
|||
|
Blazy(),
|
|||
|
SubDomainTakeOver(),
|
|||
|
Dirb()
|
|||
|
]
|