mirror of
https://github.com/Z4nzu/hackingtool
synced 2024-11-15 04:05:29 +00:00
eaa920a7e3
List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
114 lines
4.0 KiB
Python
114 lines
4.0 KiB
Python
# coding=utf-8
|
||
import subprocess
|
||
|
||
from core import HackingTool
|
||
from core import HackingToolsCollection
|
||
|
||
|
||
class Web2Attack(HackingTool):
|
||
TITLE = "Web2Attack"
|
||
DESCRIPTION = "Web hacking framework with tools, exploits by python"
|
||
INSTALL_COMMANDS = [
|
||
"sudo git clone https://github.com/santatic/web2attack.git"]
|
||
RUN_COMMANDS = ["cd web2attack && sudo bash w2aconsole"]
|
||
PROJECT_URL = "https://github.com/santatic/web2attack"
|
||
|
||
|
||
class Skipfish(HackingTool):
|
||
TITLE = "Skipfish"
|
||
DESCRIPTION = "Skipfish – Fully automated, active web application " \
|
||
"security reconnaissance tool \n " \
|
||
"Usage: skipfish -o [FolderName] targetip/site"
|
||
RUN_COMMANDS = [
|
||
"sudo skipfish -h",
|
||
'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat'
|
||
]
|
||
|
||
def __init__(self):
|
||
super(Skipfish, self).__init__(installable = False)
|
||
|
||
|
||
class SubDomainFinder(HackingTool):
|
||
TITLE = "SubDomain Finder"
|
||
DESCRIPTION = "Sublist3r is a python tool designed to enumerate " \
|
||
"subdomains of websites using OSINT \n " \
|
||
"Usage:\n\t" \
|
||
"[1] python sublist3r.py -d example.com \n" \
|
||
"[2] python sublist3r.py -d example.com -p 80,443"
|
||
INSTALL_COMMANDS = [
|
||
"sudo pip install requests argparse dnspython",
|
||
"sudo git clone https://github.com/aboul3la/Sublist3r.git",
|
||
"cd Sublist3r && sudo pip install -r requirements.txt"
|
||
]
|
||
RUN_COMMANDS = ["cd Sublist3r && python sublist3r.py -h"]
|
||
PROJECT_URL = "https://github.com/aboul3la/Sublist3r"
|
||
|
||
|
||
class CheckURL(HackingTool):
|
||
TITLE = "CheckURL"
|
||
DESCRIPTION = "Detect evil urls that uses IDN Homograph Attack.\n\t" \
|
||
"[!] python3 checkURL.py --url google.com"
|
||
INSTALL_COMMANDS = [
|
||
"sudo git clone https://github.com/UndeadSec/checkURL.git"]
|
||
RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"]
|
||
PROJECT_URL = "https://github.com/UndeadSec/checkURL"
|
||
|
||
|
||
class Blazy(HackingTool):
|
||
TITLE = "Blazy(Also Find ClickJacking)"
|
||
DESCRIPTION = "Blazy is a modern login page bruteforcer"
|
||
INSTALL_COMMANDS = [
|
||
"sudo git clone https://github.com/UltimateHackers/Blazy.git",
|
||
"cd Blazy && sudo pip install -r requirements.txt"
|
||
]
|
||
RUN_COMMANDS = ["cd Blazy && sudo python blazy.py"]
|
||
PROJECT_URL = "https://github.com/UltimateHackers/Blazy"
|
||
|
||
|
||
class SubDomainTakeOver(HackingTool):
|
||
TITLE = "Sub-Domain TakeOver"
|
||
DESCRIPTION = "Sub-domain takeover vulnerability occur when a sub-domain " \
|
||
"\n (subdomain.example.com) is pointing to a service " \
|
||
"(e.g: GitHub, AWS/S3,..)\n" \
|
||
"that has been removed or deleted.\n" \
|
||
"Usage:python3 takeover.py -d www.domain.com -v"
|
||
INSTALL_COMMANDS = [
|
||
"git clone https://github.com/m4ll0k/takeover.git",
|
||
"cd takeover;sudo python3 setup.py install"
|
||
]
|
||
PROJECT_URL = "https://github.com/m4ll0k/takeover"
|
||
|
||
def __init__(self):
|
||
super(SubDomainTakeOver, self).__init__(runnable = False)
|
||
|
||
|
||
class Dirb(HackingTool):
|
||
TITLE = "Dirb"
|
||
DESCRIPTION = "DIRB is a Web Content Scanner. It looks for existing " \
|
||
"(and/or hidden) Web Objects.\n" \
|
||
"It basically works by launching a dictionary based " \
|
||
"attack against \n a web server and analizing the response."
|
||
INSTALL_COMMANDS = [
|
||
"sudo git clone https://gitlab.com/kalilinux/packages/dirb.git",
|
||
"cd dirb;sudo ./configure;make"
|
||
]
|
||
PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb"
|
||
|
||
def run(self):
|
||
uinput = input("Enter Url >> ")
|
||
subprocess.run(["sudo", "dirb", uinput])
|
||
|
||
|
||
class WebAttackTools(HackingToolsCollection):
|
||
TITLE = "Web Attack tools"
|
||
DESCRIPTION = ""
|
||
TOOLS = [
|
||
Web2Attack(),
|
||
Skipfish(),
|
||
SubDomainFinder(),
|
||
CheckURL(),
|
||
Blazy(),
|
||
SubDomainTakeOver(),
|
||
Dirb()
|
||
]
|