diff --git a/README.md b/README.md index 1efbfe1a..c4864d7d 100644 --- a/README.md +++ b/README.md @@ -22,151 +22,179 @@ # Hackingtool Menu 🧰 -- AnonSurf -- Information Gathering -- Password Attack -- Wireless Attack -- SQL Injection Tools -- Phishing Attack -- Web Attack Tool -- Post exploitation -- Forensic Tools -- Payload Creator -- Router Exploit -- Wifi Jamming -- XSS Attack Tool -- Reverse Engineering -- SocialMedia Finder -- DDos Attack Tools -- Steganography Tools -- IDN Homograph Attack -- Hash Cracking Tools -- SocialMedia Attack -- Android Hack -- RAT Tools -- Web Crawling -- Payload Injector -- Update System - -### AnonSurf -- Anonmously Surf -- Multitor -### Information Gathering -- Nmap -- Dracnmap -- Port Scanning -- Host To IP -- Xerosploit -- Infoga - Email OSINT -- ReconSpider -- RED HAWK (All In One Scanning) -- ReconDog -- Striker -- SecretFinder -- Port Scanner -- Breacher -### Password Attack -- Cupp -- WordlistCreator -- Goblin WordGenerator -- Credential reuse attacks -- Wordlist (Contain 1.4 Billion Pass) -### Wireless Attack -- WiFi-Pumpkin -- pixiewps -- Bluetooth Honeypot GUI Framework -- Fluxion -- Wifiphisher -- Wifite -- EvilTwin -### SQL Injection Tools -- sqlmap tool -- NoSqlMap -- Damn Small SQLi Scanner -- Explo -- Blisqy - Exploit Time-based blind-SQL injection -- Leviathan - Wide Range Mass Audit Toolkit -- SQLScan -### SocialMedia Attack -- Instagram Attack -- AllinOne SocialMedia Attack -- Facebook Attack -- Application Checker -### Android Attack -- Keydroid -- MySMS -- Lockphish (Grab target LOCK PIN) -- DroidCam (Capture Image) -- EvilApp (Hijack Session) -### Phishing Attack -- Setoolkit -- SocialFish -- HiddenEye -- Evilginx2 -- Shellphish -- BlackEye -- I-See-You(Get Location using phishing attack) -- SayCheese (Grab target's Webcam Shots) -- QR Code Jacking -### Web Attack -- SlowLoris +- [Anonymously Hiding Tools](#anonymously-hiding-tools) +- [Information gathering tools](#information-gathering-tools) +- [Wordlist Generator](#wordlist-generator) +- [Wireless attack tools](#wireless-attack-tools) +- [SQL Injection Tools](#sql-injection-tools) +- [Phishing attack tools](#phishing-attack-tools) +- [Web Attack tools](#web-attack-tools) +- [Post exploitation tools](#post-exploitation-tools) +- [Forensic tools](#forensic-tools) +- [Payload creation tools](#payload-creation-tools) +- [Exploit framework](#exploit-framework) +- [Reverse engineering tools](#reverse-engineering-tools) +- [DDOS Attack Tools](#ddos-attack-tools) +- [Remote Administrator Tools (RAT)](#remote-administrator-tools--rat-) +- [XSS Attack Tools](#xss-attack-tools) +- [Steganograhy tools](#steganograhy-tools) +- [Other tools](#other-tools) + - [SocialMedia Bruteforce](#socialmedia-bruteforce) + - [Android Hacking tools](#android-hacking-tools) + - [IDN Homograph Attack](#idn-homograph-attack) + - [Email Verify tools](#email-verify-tools) + - [Hash cracking tools](#hash-cracking-tools) + - [Wifi Deauthenticate](#wifi-deauthenticate) + - [SocialMedia Finder](#socialmedia-finder) + - [Payload Injector](#payload-injector) + - [Web crawling](#web-crawling) + - [Mix tools](#mix-tools) + + +### Anonymously Hiding Tools +- [Anonmously Surf](/~https://github.com/Und3rf10w/kali-anonsurf) +- [Multitor](/~https://github.com/trimstray/multitor) +### Information gathering tools +- [Network Map (nmap)](/~https://github.com/nmap/nmap) +- [Dracnmap](/~https://github.com/Screetsec/Dracnmap) +- Port scanning +- Host to IP +- [Xerosploit](/~https://github.com/LionSec/xerosploit) +- [RED HAWK (All In One Scanning)](/~https://github.com/Tuhinshubhra/RED_HAWK) +- [ReconSpider(For All Scaning)](/~https://github.com/bhavsec/reconspider) +- IsItDown (Check Website Down/Up) +- [Infoga - Email OSINT](/~https://github.com/m4ll0k/Infoga) +- [ReconDog](/~https://github.com/s0md3v/ReconDog) +- [Striker](/~https://github.com/s0md3v/Striker) +- [SecretFinder (like API & etc)](/~https://github.com/m4ll0k/SecretFinder) +- [Find Info Using Shodan](/~https://github.com/m4ll0k/Shodanfy.py) +- [Port Scanner - rang3r](/~https://github.com/floriankunushevci/rang3r) +- [Breacher](/~https://github.com/s0md3v/Breacher) +### Wordlist Generator +- [Cupp](/~https://github.com/Mebus/cupp.git) +- [WordlistCreator](/~https://github.com/Z4nzu/wlcreator) +- [Goblin WordGenerator](/~https://github.com/UndeadSec/GoblinWordGenerator.git) +- [Password list (1.4 Billion Clear Text Password)](/~https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got) +### Wireless attack tools +- [WiFi-Pumpkin](/~https://github.com/P0cL4bs/wifipumpkin3) +- [pixiewps](/~https://github.com/wiire/pixiewps) +- [Bluetooth Honeypot GUI Framework](/~https://github.com/andrewmichaelsmith/bluepot) +- [Fluxion](/~https://github.com/thehackingsage/Fluxion) +- [Wifiphisher](/~https://github.com/wifiphisher/wifiphisher) +- [Wifite](/~https://github.com/derv82/wifite2) +- [EvilTwin](/~https://github.com/Z4nzu/fakeap) +- [Fastssh](/~https://github.com/Z4nzu/fastssh) +- Howmanypeople +### SQL Injection Tools +- [Sqlmap tool](/~https://github.com/sqlmapproject/sqlmap) +- [NoSqlMap](/~https://github.com/codingo/NoSQLMap) +- [Damn Small SQLi Scanner](/~https://github.com/stamparm/DSSS) +- [Explo](/~https://github.com/dtag-dev-sec/explo) +- [Blisqy - Exploit Time-based blind-SQL injection](/~https://github.com/JohnTroony/Blisqy) +- [Leviathan - Wide Range Mass Audit Toolkit](/~https://github.com/leviathan-framework/leviathan) +- [SQLScan](/~https://github.com/Cvar1984/sqlscan) +### Phishing attack tools +- [Setoolkit](/~https://github.com/trustedsec/social-engineer-toolkit) +- [SocialFish](/~https://github.com/UndeadSec/SocialFish) +- [HiddenEye](/~https://github.com/DarkSecDevelopers/HiddenEye) +- [Evilginx2](/~https://github.com/kgretzky/evilginx2) +- [I-See_You(Get Location using phishing attack)](/~https://github.com/Viralmaniar/I-See-You) +- [SayCheese (Grab target's Webcam Shots)](/~https://github.com/hangetzzu/saycheese) +- [QR Code Jacking](/~https://github.com/cryptedwolf/ohmyqr) +- [ShellPhish](/~https://github.com/An0nUD4Y/shellphish) +- [BlackPhish](/~https://github.com/iinc0gnit0/BlackPhish) +### Web Attack tools +- [Web2Attack](/~https://github.com/santatic/web2attack) - Skipfish -- SubDomain Finder -- CheckURL -- Blazy -- Sub-Domain TakeOver -### Post Explotation -- Vegile - Ghost In The Shell -- Chrome Keylogger -### Forensic Tool -- Bulk_extractor -- Disk Clone and ISO Image Aquire -- AutoSpy -- Toolsley +- [SubDomain Finder](/~https://github.com/aboul3la/Sublist3r) +- [CheckURL](/~https://github.com/UndeadSec/checkURL) +- [Blazy(Also Find ClickJacking)](/~https://github.com/UltimateHackers/Blazy) +- [Sub-Domain TakeOver](/~https://github.com/m4ll0k/takeover) +- [Dirb](https://gitlab.com/kalilinux/packages/dirb) +### Post exploitation tools +- [Vegile - Ghost In The Shell](/~https://github.com/Screetsec/Vegile) +- [Chrome Keylogger](/~https://github.com/UndeadSec/HeraKeylogger) +### Forensic tools +- Autopsy - Wireshark -### Payload Generator -- The FatRat* -- Brutal -- Stitch -- MSFvenom Payload Creator -- Venom Shellcode Generator -- Spycam -- Mob-Droid -### Exploit Framework -- RouterSploit -- WebSploit -- Commix -- Web2Attack -- Fastssh -### SocialMedia Finder -- Find SocialMedia By Facial Recognation System -- Find SocialMedia By UserName -- Sherlock -- SocialScan -### Steganography +- [Bulk extractor](/~https://github.com/simsong/bulk_extractor) +- [Disk Clone and ISO Image Aquire](https://guymager.sourceforge.io/) +- [Toolsley](https://www.toolsley.com/) +### Payload creation tools +- [The FatRat](/~https://github.com/Screetsec/TheFatRat) +- [Brutal](/~https://github.com/Screetsec/Brutal) +- [Stitch](https://nathanlopez.github.io/Stitch) +- [MSFvenom Payload Creator](/~https://github.com/g0tmi1k/msfpc) +- [Venom Shellcode Generator](/~https://github.com/r00t-3xp10it/venom) +- [Spycam](/~https://github.com/thelinuxchoice/spycam) +- [Mob-Droid](/~https://github.com/kinghacker0/Mob-Droid) +- [Enigma](/~https://github.com/UndeadSec/Enigma) +### Exploit framework +- [RouterSploit](/~https://github.com/threat9/routersploit) +- [WebSploit](/~https://github.com/The404Hacking/websploit ) +- [Commix](/~https://github.com/commixproject/commix) +- [Web2Attack](/~https://github.com/santatic/web2attack) +### Reverse engineering tools +- [Androguard](/~https://github.com/androguard/androguard ) +- [Apk2Gold](/~https://github.com/lxdvs/apk2gold ) +- [JadX](/~https://github.com/skylot/jadx) +### DDOS Attack Tools +- SlowLoris +- [Asyncrone | Multifunction SYN Flood DDoS Weapon](/~https://github.com/fatihsnsy/aSYNcrone) +- [UFOnet](/~https://github.com/epsylon/ufonet) +- [GoldenEye](/~https://github.com/jseidl/GoldenEye) +### Remote Administrator Tools (RAT) +- [Stitch](/~https://github.com/nathanlopez/Stitch) +- [Pyshell](/~https://github.com/knassar702/pyshell) +### XSS Attack Tools +- [DalFox(Finder of XSS)](/~https://github.com/hahwul/dalfox) +- [XSS Payload Generator](/~https://github.com/capture0x/XSS-LOADER.git) +- [Extended XSS Searcher and Finder](/~https://github.com/Damian89/extended-xss-search) +- [XSS-Freak](/~https://github.com/PR0PH3CY33/XSS-Freak) +- [XSpear](/~https://github.com/hahwul/XSpear) +- [XSSCon](/~https://github.com/menkrep1337/XSSCon) +- [XanXSS](/~https://github.com/Ekultek/XanXSS) +- [Advanced XSS Detection Suite](/~https://github.com/UltimateHackers/XSStrike) +- [RVuln](/~https://github.com/iinc0gnit0/RVuln) +### Steganograhy tools - SteganoHide - StegnoCracker -- Whitespace -### Ddos Attack tool -- SlowLoris -- SYN Flood DDoS Weapon -- UFOnet -- GoldenEye -### XSS Attack tool -- DalFox(Finder of XSS) -- XSS Payload Generator -- Advanced XSS Detection Suite -- Extended XSS Searcher and Finder -- XSS-Freak -- XSpear -- XSSCon -- XanXSS -### IDN Homograph -- EvilURL -### Email Verifier -- KnockMail -### Hash Cracking Tool -- Hash Buster +- [Whitespace](/~https://github.com/beardog108/snow10) +### Other tools +#### SocialMedia Bruteforce +- [Instagram Attack](/~https://github.com/chinoogawa/instaBrute) +- [AllinOne SocialMedia Attack](/~https://github.com/Matrix07ksa/Brute_Force) +- [Facebook Attack](/~https://github.com/Matrix07ksa/Brute_Force) +- [Application Checker](/~https://github.com/jakuta-tech/underhanded) +#### Android Hacking tools +- [Keydroid](/~https://github.com/F4dl0/keydroid) +- [MySMS](/~https://github.com/papusingh2sms/mysms) +- [Lockphish (Grab target LOCK PIN)](/~https://github.com/JasonJerry/lockphish) +- [DroidCam (Capture Image)](/~https://github.com/kinghacker0/WishFish) +- [EvilApp (Hijack Session)](/~https://github.com/crypticterminal/EvilApp) +- [HatCloud(Bypass CloudFlare for IP)](/~https://github.com/HatBashBR/HatCloud) +#### IDN Homograph Attack +- [EvilURL](/~https://github.com/UndeadSec/EvilURL) +#### Email Verify tools +- [Knockmail](/~https://github.com/4w4k3/KnockMail) +#### Hash cracking tools +- [Hash Buster](/~https://github.com/s0md3v/Hash-Buster) +#### Wifi Deauthenticate +- [WifiJammer-NG](/~https://github.com/MisterBianco/wifijammer-ng) +- [KawaiiDeauther](/~https://github.com/aryanrtm/KawaiiDeauther) +#### SocialMedia Finder +- [Find SocialMedia By Facial Recognation System](/~https://github.com/Greenwolf/social_mapper) +- [Find SocialMedia By UserName](/~https://github.com/xHak9x/finduser) +- [Sherlock](/~https://github.com/sherlock-project/sherlock) +- [SocialScan | Username or Email](/~https://github.com/iojw/socialscan) +#### Payload Injector +- [Debinject](/~https://github.com/UndeadSec/Debinject) +- [Pixload](/~https://github.com/chinarulezzz/pixload) +#### Web crawling +- [Gospider](/~https://github.com/jaeles-project/gospider) +#### Mix tools +- Terminal Multiplexer + ![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A00.png) ![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A0.png) diff --git a/README_template.md b/README_template.md new file mode 100644 index 00000000..ffe02ef4 --- /dev/null +++ b/README_template.md @@ -0,0 +1,72 @@ +### All in One Hacking tool For HackersπŸ₯‡ +![](https://img.shields.io/github/license/Z4nzu/hackingtool) +![](https://img.shields.io/github/issues/Z4nzu/hackingtool) +![](https://img.shields.io/github/issues-closed/Z4nzu/hackingtool) +![](https://img.shields.io/badge/Python-3-blue) +![](https://img.shields.io/github/forks/Z4nzu/hackingtool) +![](https://img.shields.io/github/stars/Z4nzu/hackingtool) +![](https://img.shields.io/github/last-commit/Z4nzu/hackingtool) +[![HitCount](http://hits.dwyl.com/Z4nzu/hackingtool.svg)](http://hits.dwyl.com/Z4nzu/hackingtool) +![](https://img.shields.io/badge/platform-Linux%20%7C%20KaliLinux%20%7C%20ParrotOs-blue) + +#### Install Kali Linux in WIndows10 Without VirtualBox [YOUTUBE](https://youtu.be/BsFhpIDcd9I) + +## Update Available V1.1.0 πŸš€ +- [x] Added New Tools + - [x] Reverse Engineering + - [x] RAT Tools + - [x] Web Crawling + - [x] Payload Injector +- [x] Multitor Tools update +- [X] Added Tool in wifijamming + + +# Hackingtool Menu 🧰 +{{toc}} + +{{tools}} + +![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A00.png) +![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A0.png) +![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A1.png) +![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A2.png) +![](/~https://github.com/Z4nzu/hackingtool/blob/master/images/A4.png) + +## Installation For Linux linux

+ +#### This Tool Must Run As ROOT !!! + + git clone /~https://github.com/Z4nzu/hackingtool.git + + chmod -R 755 hackingtool + + cd hackingtool + + sudo pip3 install -r requirement.txt + + bash install.sh + + sudo hackingtool + + After Following All Steps Just Type In Terminal **root@kaliLinux:~** **hackingtool** + +#### Thanks to original Author of the tools used in hackingtool + + +

Please Don't Use for illegal Activity

+ +### To do +- [ ] Release Tool +- [ ] Add Tools for CTF +- [ ] Want to do automatic + +## Social Media :mailbox_with_no_mail: +[![Twitter](https://img.shields.io/twitter/url?color=%231DA1F2&label=follow&logo=twitter&logoColor=%231DA1F2&style=flat-square&url=https%3A%2F%2Fwww.reddit.com%2Fuser%2FFatChicken277)](https://twitter.com/_Zinzu07) +[![GitHub](https://img.shields.io/badge/-GitHub-181717?style=flat-square&logo=github&link=/~https://github.com/Z4nzu/)](/~https://github.com/Z4nzu/) +##### Your Favourite Tool is not in hackingtool or Suggestions Please [CLICK HERE](https://forms.gle/b235JoCKyUq5iM3t8) +![Z4nzu's github stats](https://github-readme-stats.vercel.app/api?username=Z4nzu&show_icons=true&title_color=fff&icon_color=79ff97&text_color=9f9f9f&bg_color=151515) + +Buy Me A Coffee + +#### Don't Forgot to share with Your Friends +#### Thank you..!! diff --git a/core.py b/core.py new file mode 100644 index 00000000..e59ef3c2 --- /dev/null +++ b/core.py @@ -0,0 +1,185 @@ +# coding=utf-8 +import os +import sys +import webbrowser +from platform import system +from traceback import print_exc +from typing import Any +from typing import Callable +from typing import List +from typing import Tuple + + +def clear_screen(): + if system() == "Linux": + os.system("clear") + if system() == "Windows": + os.system("cls") + + +def validate_input(ip, val_range): + try: + ip = int(ip) + if ip in val_range: + return ip + else: + return None + except: + return None + + +class HackingTool(object): + # About the HackingTool + TITLE: str = "" # used to show info in the menu + DESCRIPTION: str = "" + + INSTALL_COMMANDS: List[str] = [] + INSTALLATION_DIR: str = "" + + UNINSTALL_COMMANDS: List[str] = [] + + RUN_COMMANDS: List[str] = [] + + OPTIONS: List[Tuple[str, Callable]] = [] + + PROJECT_URL: str = "" + + def __init__(self, options = None, installable: bool = True, + runnable: bool = True): + if options is None: + options = [] + if isinstance(options, list): + self.OPTIONS = [] + if installable: + self.OPTIONS.append(('Install', self.install)) + if runnable: + self.OPTIONS.append(('Run', self.run)) + self.OPTIONS.extend(options) + else: + raise Exception( + "options must be a list of (option_name, option_fn) tuples") + + def show_info(self): + desc = self.DESCRIPTION + if self.PROJECT_URL: + desc += '\n\t[*] ' + desc += self.PROJECT_URL + os.system(f'echo "{desc}"|boxes -d boy | lolcat') + # print(desc) + + def show_options(self, parent = None): + clear_screen() + self.show_info() + for index, option in enumerate(self.OPTIONS): + print("[{:2}] {}".format(index + 1, option[0])) + if self.PROJECT_URL: + print("[{:2}] {}".format(98, "Open project page")) + print("[{:2}] {}".format( + 99, ("Back to " + parent.TITLE) if parent is not None else "Exit")) + option_index = input("Select an option : ") + try: + option_index = int(option_index) + if option_index - 1 in range(len(self.OPTIONS)): + ret_code = self.OPTIONS[option_index - 1][1]() + if ret_code != 99: + input("\n\nPress ENTER to continue:") + elif option_index == 98: + self.show_project_page() + elif option_index == 99: + if parent is None: + sys.exit() + return 99 + except (TypeError, ValueError): + print("Please enter a valid option") + input("\n\nPress ENTER to continue:") + except Exception: + print_exc() + input("\n\nPress ENTER to continue:") + return self.show_options(parent = parent) + + def before_install(self): + pass + + def install(self): + self.before_install() + if isinstance(self.INSTALL_COMMANDS, (list, tuple)): + for INSTALL_COMMAND in self.INSTALL_COMMANDS: + os.system(INSTALL_COMMAND) + self.after_install() + + def after_install(self): + print("Successfully installed!") + + def before_uninstall(self) -> bool: + """ Ask for confirmation from the user and return """ + return True + + def uninstall(self): + if self.before_uninstall(): + if isinstance(self.UNINSTALL_COMMANDS, (list, tuple)): + for UNINSTALL_COMMAND in self.UNINSTALL_COMMANDS: + os.system(UNINSTALL_COMMAND) + self.after_uninstall() + + def after_uninstall(self): + pass + + def before_run(self): + pass + + def run(self): + self.before_run() + if isinstance(self.RUN_COMMANDS, (list, tuple)): + for RUN_COMMAND in self.RUN_COMMANDS: + os.system(RUN_COMMAND) + self.after_run() + + def after_run(self): + pass + + def is_installed(self, dir_to_check = None): + print("Unimplemented: DO NOT USE") + return "?" + + def show_project_page(self): + webbrowser.open_new_tab(self.PROJECT_URL) + + +class HackingToolsCollection(object): + TITLE: str = "" # used to show info in the menu + DESCRIPTION: str = "" + TOOLS = [] # type: List[Any[HackingTool, HackingToolsCollection]] + + def __init__(self): + pass + + def show_info(self): + os.system("figlet -f standard -c {} | lolcat".format(self.TITLE)) + # os.system(f'echo "{self.DESCRIPTION}"|boxes -d boy | lolcat') + # print(self.DESCRIPTION) + + def show_options(self, parent = None): + clear_screen() + self.show_info() + for index, tool in enumerate(self.TOOLS): + print("[{:2}] {}".format(index, tool.TITLE)) + print("[{:2}] {}".format( + 99, ("Back to " + parent.TITLE) if parent is not None else "Exit")) + tool_index = input("Choose a tool to proceed: ") + try: + tool_index = int(tool_index) + if tool_index in range(len(self.TOOLS)): + ret_code = self.TOOLS[tool_index].show_options(parent = self) + if ret_code != 99: + input("\n\nPress ENTER to continue:") + elif tool_index == 99: + if parent is None: + sys.exit() + return 99 + except (TypeError, ValueError): + print("Please enter a valid option") + input("\n\nPress ENTER to continue:") + except Exception as e: + print_exc() + input("\n\nPress ENTER to continue:") + return self.show_options(parent = parent) diff --git a/generate_readme.py b/generate_readme.py new file mode 100644 index 00000000..5990fd24 --- /dev/null +++ b/generate_readme.py @@ -0,0 +1,52 @@ +# coding=utf-8 +import re + +from core import HackingTool +from core import HackingToolsCollection +from main import all_tools + + +def sanitize_anchor(s): + return re.sub(r"\W", "-", s.lower()) + + +def get_toc(tools, indentation = ""): + md = "" + for tool in tools: + if isinstance(tool, HackingToolsCollection): + md += (indentation + "- [{}](#{})\n".format( + tool.TITLE, sanitize_anchor(tool.TITLE))) + md += get_toc(tool.TOOLS, indentation = indentation + ' ') + return md + + +def get_tools_toc(tools, indentation = "##"): + md = "" + for tool in tools: + if isinstance(tool, HackingToolsCollection): + md += (indentation + "# {}\n".format(tool.TITLE)) + md += get_tools_toc(tool.TOOLS, indentation = indentation + '#') + elif isinstance(tool, HackingTool): + if tool.PROJECT_URL: + md += ("- [{}]({})\n".format(tool.TITLE, tool.PROJECT_URL)) + else: + md += ("- {}\n".format(tool.TITLE)) + return md + + +def generate_readme(): + toc = get_toc(all_tools[:-1]) + tools_desc = get_tools_toc(all_tools[:-1]) + + with open("README_template.md") as fh: + readme_template = fh.read() + + readme_template = readme_template.replace("{{toc}}", toc) + readme_template = readme_template.replace("{{tools}}", tools_desc) + + with open("README.md", "w") as fh: + fh.write(readme_template) + + +if __name__ == '__main__': + generate_readme() diff --git a/hackingtool.py b/hackingtool.py index 284874bf..0ef91a3e 100644 --- a/hackingtool.py +++ b/hackingtool.py @@ -2,3087 +2,122 @@ # -*- coding: UTF-8 -*- # Version 1.1.0 import os -import subprocess -import sys import webbrowser -import socket -from time import sleep -from platform import system - -logo = """\033[33m - β–„β–ˆ β–ˆβ–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–„β–ˆ β–„β–ˆβ–„ β–„β–ˆ β–ˆβ–ˆβ–ˆβ–„β–„β–„β–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–„β–ˆ - β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–€β–€β–€β–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ - β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–β–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–€β–€β–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ - β–„β–ˆβ–ˆβ–ˆβ–„β–„β–„β–„β–ˆβ–ˆβ–ˆβ–„β–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ -β–€β–€β–ˆβ–ˆβ–ˆβ–€β–€β–€β–€β–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–€β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ - β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–„ β–ˆβ–ˆβ–ˆβ–β–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ - β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–Œ β–„ - β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–€ β–ˆβ–€ β–€β–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„β–„β–ˆβ–ˆ - β–€ β–€ - \033[34m[βœ”] /~https://github.com/Z4nzu/hackingtool [βœ”] - \033[34m[βœ”] Version 1.1.0 [βœ”] - \033[91m[X] Please Don't Use For illegal Activity [X] -\033[97m """ - -class Main: - def __init__(self): - self.logo = logo - - def check_input(self, word, function, keys): - if word == "": - self.clear_scr() - function() - - if not word in keys: - print('\033[91m Unknown Value..') - sleep(1) - self.clear_scr() - function() - - def menu(self): - self.clear_scr() - print(self.logo + """\033[0m - \033[97m - [00] AnonSurf - [01] Information Gathering - [02] Wordlist Generator - [03] Wireless Attack - [04] SQL Injection Tools - [05] Phishing Attack - [06] Web Attack Tool - [07] Post exploitation - [08] Forensic Tools - [09] Payload Creator - [10] Exploit Frameworks - [11] Reverse Engineering - [12] Ddos Attack Tools - [13] Remote Administartor Tools - [14] XSS Attack Tools - [15] Steganography - [16] More Tools - [17] Update or Uninstall | Hackingtool - [99] Exit - """) - - functions_menu = { - '00':self.anonsurf, - '01':self.info, - '02':self.passwd, - '03':self.wire, - '04':self.sqltool, - '05':self.phishattack, - '06':self.webAttack, - '07':self.postexp, - '08':self.forensic, - '09':self.payloads, - '10':self.routexp, - '11':self.reversetool, - '12':self.ddos, - '13':self.rattools, - '14':self.xsstools, - '15':self.steganography, - '16':self.others, - '17':self.update, - '99':self.exit_app - } - - choice = input("Z4nzu =>> ") - - if len(choice) == 1: - choice = '0' + choice - - self.check_input(choice, self.menu, functions_menu.keys()) - - functions_menu[choice]() - - def clear_scr(self): - if system() == 'Linux': - os.system('clear') - if system() == 'Windows': - os.system('cls') - - def exit_app(self): - print("Happy Hacking...") - sleep(1) - self.clear_scr() - sys.exit() - -###########OPTION[0]############ - def anonsurf(self): - self.clear_scr() - os.system("figlet -f standard -c Anonmously Hiding Tool | lolcat") - - print(""" - [1] Anonmously Surf - [2] Multitor - [99] Back - """) - - functions_anonsurf = { - '1':self.ansurf, - '2':self.multitor, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.anonsurf, functions_anonsurf.keys()) - - functions_anonsurf[choice]() - - def ansurf(self): - self.clear_scr() - os.system("echo \"It automatically overwrites the RAM when\nthe system is shutting down AnD AlSo change Ip. \" |boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [3]Stop [99]Main Menu >> ") - - self.check_input(choice, self.ansurf, ['1', '2', '3', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Und3rf10w/kali-anonsurf.git") - os.system("cd kali-anonsurf && sudo ./installer.sh && cd .. && sudo rm -r kali-anonsurf") - self.ansurf() - - if choice == '2': - os.system("sudo anonsurf start") - self.ansurf() - - if choice == '3': - os.system("sudo anonsurf stop") - self.ansurf() - - if choice == "99": - self.menu() - - def multitor(self): - self.clear_scr() - os.system("echo \"How to stay in multi places at the same time\n [!]/~https://github.com/trimstray/multitor \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.multitor, ['1', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/trimstray/multitor") - os.system("cd multitor;sudo bash setup.sh install") - self.multitor() - - if choice == "99": - self.anonsurf() - -##################OPTION[1]######################## - def info(self): - self.clear_scr() - os.system("figlet -f standard -c Information Gathering Tools | lolcat") - - print(""" - [1] Nmap - [2] Dracnmap - [3] Port Scanning - [4] Host To IP - [5] Xerosploit - [6] RED HAWK (All In One Scanning) - [7] ReconSpider(For All Scaning) - [8] IsItDown (Check Website Down/Up) - [9] Infoga - Email OSINT - [10] ReconDog - [11] Striker - [12] SecretFinder (like API & etc) - [13] Find Info Using Shodan - [14] Port Scanner - [15] Breacher - [99] Back To Main Menu - """) - - functions_info = { - '1':self.nmap, - '2':self.dracnmap, - '3':self.ports, - '4':self.h2ip, - '5':self.xerosploit, - '6':self.redhawk, - '7':self.reconspider, - '8':self.isitdown, - '9':self.infogaemail, - '10':self.recondog, - '11':self.striker, - '12':self.secretfinder, - '13':self.shodantool, - '14':self.portscanner, - '15':self.breacher, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.info, functions_info.keys()) - - functions_info[choice]() - - def nmap(self): - self.clear_scr() - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.nmap, ['1', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/nmap/nmap.git") - os.system("sudo chmod -R 755 nmap && cd nmap && sudo ./configure && make && sudo make install") - self.nmap() - - if choice == "99": - self.info() - - def dracnmap(self): - self.clear_scr() - os.system("echo \"Dracnmap is an open source program which is using to \nexploit the network and gathering information with nmap help \n [!]/~https://github.com/Screetsec/Dracnmap \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.dracnmap, ['1', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Screetsec/Dracnmap.git ") - os.system("cd Dracnmap && chmod +x Dracnmap.sh") - self.dracnmap() - - if choice == "99": - self.info() - - def ports(self): - self.clear_scr() - target = input('Select a Target IP: ') - subprocess.run(["sudo", "nmap", "-O", "-Pn", f"{target}"]) - input('\nPress Enter to back...') - self.info() - - def h2ip(self): - self.clear_scr() - host = input("Enter host name (www.google.com):- ") - ips = socket.gethostbyname(host) - print(ips) - input('\nPress Enter to back...') - self.info() - - def xerosploit(self): - self.clear_scr() - os.system("echo \"Xerosploit is a penetration testing toolkit whose goal is to perform \n man-in-th-middle attacks for testing purposes\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xerosploit, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/LionSec/xerosploit") - os.system("cd xerosploit && sudo python install.py") - self.xerosploit() - - if choice == "2": - os.system("sudo xerosploit") - self.xerosploit() - - if choice == "99": - self.info() - - def redhawk(self): - self.clear_scr() - os.system("echo \"All in one tool for Information Gathering and Vulnerability Scanning. \n [!]/~https://github.com/Tuhinshubhra/RED_HAWK \n\n [!]Please Use command [FIX] After Running Tool first time \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.redhawk, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/Tuhinshubhra/RED_HAWK") - self.redhawk() - - if choice == "2": - os.system("cd RED_HAWK;php rhawk.php") - self.redhawk() - - if choice == "99": - self.info() - - def reconspider(self): - self.clear_scr() - os.system("echo \" ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, \nWebsites, Organizations and find out information from different sources.\n:~python3 reconspider.py \n\t [!]/~https://github.com/bhavsec/reconspider \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.reconspider, ['1', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/bhavsec/reconspider.git") - os.system("sudo apt install python3 python3-pip && cd reconspider && sudo python3 setup.py install") - self.reconspider() - - # elif choice == "2": - # os.system("cd reconspider && python3 reconspider.py") - - if choice == "99": - self.info() - - def isitdown(self): - self.clear_scr() - os.system("echo \"Check Website Is Online or Not \"|boxes -d boy | lolcat") - choice = input("[1]Open [99]Back >> ") - - self.check_input(choice, self.isitdown, ['1', '99']) - - if choice == "1": - webbrowser.open_new_tab("https://www.isitdownrightnow.com/") - self.isitdown() - - if choice == "99": - self.info() - - def infogaemail(self): - self.clear_scr() - os.system("echo \"Infoga is a tool gathering email accounts informations\n(ip, hostname, country,...) from different public source \n[!]/~https://github.com/m4ll0k/Infoga \"| boxes -d boy |lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.infogaemail, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/m4ll0k/Infoga.git") - os.system("cd infoga;sudo python setup.py install") - self.infogaemail() - - if choice == "2": - os.system("cd infoga;python infoga.py") - self.infogaemail() - - if choice == "99": - self.info() - - def recondog(self): - self.clear_scr() - os.system("echo \"ReconDog Information Gathering Suite \n[!]/~https://github.com/s0md3v/ReconDog \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.recondog, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/s0md3v/ReconDog.git ") - self.recondog() - - if choice == "2": - os.system("cd ReconDog;sudo python dog") - self.recondog() - - if choice == "99": - self.info() - - def striker(self): - self.clear_scr() - os.system("echo \"Recon & Vulnerability Scanning Suite [!]/~https://github.com/s0md3v/Striker \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.striker, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/s0md3v/Striker.git") - os.system("cd Striker && pip3 install -r requirements.txt") - self.striker() - - if choice == "2": - site = input("Enter Site Name (example.com) >> ") - os.system(f"cd Striker") - subprocess.run(["sudo", "python3", "striker.py", f"{site}"]) - self.striker() - - if choice == "99": - self.info() - - def secretfinder(self): - self.clear_scr() - os.system("echo \"SecretFinder - A python script for find sensitive data \nlike apikeys, accesstoken, authorizations, jwt,..etc \n and search anything on javascript files.\n\n Usage: python SecretFinder.py -h \n\t [*]/~https://github.com/m4ll0k/SecretFinder \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.secretfinder, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/m4ll0k/SecretFinder.git secretfinder") - os.system("cd secretfinder; sudo pip3 install -r requirements.txt") - self.secretfinder() - - if choice == "99": - self.info() - - def shodantool(self): - self.clear_scr() - os.system("echo \"Get ports,vulnerabilities,informations,banners,..etc \n for any IP with Shodan (no apikey! no rate limit!)\n[X]Don't use this tool because your ip will be blocked by Shodan![X] \n\t [!]/~https://github.com/m4ll0k/Shodanfy.py \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.shodantool, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/m4ll0k/Shodanfy.py.git") - self.shodantool() - - if choice == "99": - self.info() - - def portscanner(self): - self.clear_scr() - os.system("echo \"rang3r is a python script which scans in multi thread\n all alive hosts within your range that you specify.\n\t [!]/~https://github.com/floriankunushevci/rang3r \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.portscanner, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/floriankunushevci/rang3r;sudo pip install termcolor") - self.portscanner() - - if choice == "2": - ip = input("Enter Ip >> ") - subprocess.run(["sudo", "python", "./rang3r/rang3r.py", "--ip", f"{ip}"]) - self.portscanner() - - if choice == "99": - self.info() - - def breacher(self): - self.clear_scr() - os.system("echo \"An advanced multithreaded admin panel finder written in python.\n Usage: python breacher -u example.com \n\t [!]/~https://github.com/s0md3v/Breacher \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.breacher, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/s0md3v/Breacher.git") - self.breacher() - - if choice == "99": - self.info() - -## == Wordlist Functions == - def passwd(self): - self.clear_scr() - os.system("figlet -f standard -c Wordlist Generator | lolcat") - - print(""" - [1] Cupp - [2] WordlistCreator - [3] Goblin WordGenerator - [4] Password list((1.4 Billion Clear Text Password)) - [5] - [99] Back To Main Menu - """) - - functions_passwd = { - '1':self.cupp, - '2':self.wlcreator, - '3':self.goblinword, - # '4':self.credentialattack, - '4':self.showme, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.passwd, functions_passwd.keys()) - - functions_passwd[choice]() - - def cupp(self): - self.clear_scr() - os.system("echo \"Common User Password Generator..!!\"| boxes -d boy | lolcat ") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.cupp, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/Mebus/cupp.git") - self.cupp() - - # if choice == "2": - # os.system("cd cupp && ./cupp.py -h") - - if choice == "99": - self.passwd() - - def wlcreator(self): - self.clear_scr() - os.system("echo \" WlCreator is a C program that can create all possibilities of passwords,\n and you can choose Lenght, Lowercase, Capital, Numbers and Special Chars\" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.wlcreator, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Z4nzu/wlcreator") - self.wlcreator() - - if choice == "2": - os.system("cd wlcreator && sudo gcc -o wlcreator wlcreator.c && ./wlcreator 5") - self.wlcreator() - - if choice == "99": - self.passwd() - - def goblinword(self): - self.clear_scr() - os.system("echo \" GoblinWordGenerator \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.goblinword, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/GoblinWordGenerator.git") - self.goblinword() - - if choice == "2": - os.system("cd GoblinWordGenerator && python3 goblin.py") - self.goblinword() - - if choice == "99": - self.passwd() - - def showme(self): - self.clear_scr() - print(""" - [*] This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. - It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation - leak This database makes finding passwords faster and easier than ever before. - """) - - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.showme, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git") - os.system("cd SMWYG-Show-Me-What-You-Got && pip3 install -r requirements.txt ") - self.showme() - - if choice == "2": - os.system("cd SMWYG-Show-Me-What-You-Got && python SMWYG.py") - self.showme() - - if choice == "99": - self.passwd() - - ## Wireless Attack ===== - def wire(self): - self.clear_scr() - os.system("figlet -f standard -c Wireless Attack Tools | lolcat") - - print(""" - [1] WiFi-Pumpkin - [2] pixiewps - [3] Bluetooth Honeypot GUI Framework - [4] Fluxion - [5] Wifiphisher - [6] Wifite - [7] EvilTwin - [8] Fastssh - [9] Howmanypeople - [99] Back To The Main Menu """) - - functions_wire = { - '1':self.wifipumkin, - '2':self.pixiewps, - '3':self.bluepot, - '4':self.fluxion, - '5':self.wifiphisher, - '6':self.wifite, - '7':self.eviltwin, - '9':self.howmanypeople, - '8':self.fastssh, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.wire, functions_wire.keys()) - - functions_wire[choice]() - - def fastssh(self): - self.clear_scr() - os.system("echo \"Fastssh is an Shell Script to perform multi-threaded scan \n and brute force attack against SSH protocol using the most commonly credentials. \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.fastssh, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Z4nzu/fastssh && cd fastssh && sudo chmod +x fastssh.sh") - os.system("sudo apt-get install -y sshpass netcat") - self.fastssh() - - if choice == "2": - os.system("cd fastssh && sudo bash fastssh.sh --scan") - self.fastssh() - - if choice == "99": - self.wire() - - - def wifipumkin(self): - self.clear_scr() - os.system("echo \"The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks\nall while forwarding legitimate traffic to and from the unsuspecting target.\"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.wifipumkin, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt install libssl-dev libffi-dev build-essential") - os.system("sudo git clone /~https://github.com/P0cL4bs/wifipumpkin3.git") - os.system("chmod -R 755 wifipumpkin3 && cd wifipumpkin3") - os.system("sudo apt install python3-pyqt5 ") - os.system("sudo python3 setup.py install") - self.wifipumkin() - - if choice == "2": - os.system("sudo wifipumpkin3") - self.wifipumkin() - - if choice == "99": - self.wire() - - def pixiewps(self): - self.clear_scr() - os.system("echo \"Pixiewps is a tool written in C used to bruteforce offline the WPS pin\n exploiting the low or non-existing entropy of some Access Points, the so-called pixie dust attack\"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.pixiewps, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/wiire/pixiewps.git && apt-get -y install build-essential") - os.system("cd pixiewps*/ && make ") - os.system("cd pixiewps*/ && sudo make install && wget https://pastebin.com/y9Dk1Wjh") - self.pixiewps() - - if choice == "2": - os.system("echo \"1.>Put your interface into monitor mode using 'airmon-ng start {wireless interface}\n2.>wash -i {monitor-interface like mon0}'\n3.>reaver -i {monitor interface} -b {BSSID of router} -c {router channel} -vvv -K 1 -f\"| boxes -d boy") - print("You Have To Run Manually By USing >>pixiewps -h ") - self.pixiewps() - - if choice == "99": - self.wire() - - def bluepot(self): - self.clear_scr() - os.system("echo \"you need to have at least 1 bluetooh receiver (if you have many it will work wiht those, too).\nYou must install/libbluetooth-dev on Ubuntu/bluez-libs-devel on Fedora/bluez-devel on openSUSE\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.bluepot, ['1', '2', '99']) - - if choice == "1": - os.system("wget /~https://github.com/andrewmichaelsmith/bluepot/raw/master/bin/bluepot-0.1.tar.gz && tar xfz bluepot-0.1.tar.gz && sudo java -jar bluepot/BluePot-0.1.jar") - self.bluepot() - - if choice == "2": - os.system("cd bluepot-0.1 && sudo java -jar bluepot/BluePot-0.1.jar") - self.bluepot() - - if choice == "99": - self.wire() - - def fluxion(self): - self.clear_scr() - os.system("echo \"Fluxion is a wifi key cracker using evil twin attack..\nyou need a wireless adaptor for this tool\"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.fluxion, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/thehackingsage/Fluxion.git") - os.system("cd Fluxion && cd install && sudo chmod +x install.sh && sudo bash install.sh") - os.system("cd .. ; sudo chmod +x fluxion.sh") - self.fluxion() - - if choice == "2": - os.system("cd Fluxion;sudo bash fluxion.sh") - self.fluxion() - - if choice == "99": - self.wire() - - def wifiphisher(self): - self.clear_scr() - print(""" - Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. - Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing - targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the - connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the - victim stations with malware..\n - For More Details Visit >> /~https://github.com/wifiphisher/wifiphisher - """) - - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.wifiphisher, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/wifiphisher/wifiphisher.git") - os.system("cd wifiphisher;sudo python3 setup.py install") - self.wifiphisher() - - if choice == "2": - os.system("cd wifiphisher;sudo wifiphisher") - - if choice == "99": - self.wire() - - def wifite(self): - self.clear_scr() - os.system("echo \"[!]/~https://github.com/derv82/wifite2 \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.wifite, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/derv82/wifite2.git") - os.system("cd wifite2 && sudo python3 setup.py install ; sudo pip3 install -r requirements.txt") - self.wifite() - - if choice == "2": - os.system("cd wifite2; sudo wifite") - self.wifite() - if choice == "99": - self.wire() - - def eviltwin(self): - self.clear_scr() - os.system("echo \"Fakeap is a script to perform Evil Twin Attack, by getting credentials using a Fake page and Fake Access Point \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.eviltwin, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Z4nzu/fakeap") - self.eviltwin() - - if choice == "2": - os.system("cd fakeap && sudo bash fakeap.sh") - self.eviltwin() - - if choice == "99": - self.wire() - - def howmanypeople(self): - self.clear_scr() - os.system("echo \"Count the number of people around you by monitoring wifi signals.\n[@]WIFI ADAPTER REQUIRED* \n[*]It may be illegal to monitor networks for MAC addresses, \nespecially on networks that you do not own. Please check your country's laws\n\t [!]/~https://github.com/An0nUD4Y/howmanypeoplearearound \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.howmanypeople, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt-get install tshark;sudo pip install howmanypeoplearearound") - self.howmanypeople() - - if choice == "2": - os.system("sudo howmanypeoplearearound") - self.howmanypeople() - - if choice == "99": - self.wire() - ## PHISHING ATTACK START ### - def phishattack(self): - self.clear_scr() - os.system("figlet -f standard -c Phishing Attack Tools | lolcat") - - print(""" - [1] Setoolkit - [2] SocialFish - [3] HiddenEye - [4] Evilginx2 - [5] I-See_You(Get Location using phishing attack) - [6] SayCheese (Grab target's Webcam Shots) - [7] QR Code Jacking - [8] ShellPhish - [9] BlackPhish - [99] Back To Main Menu - """) - - functions_phishattack = { - '1':self.setoolkit, - '2':self.socialfish, - '3':self.hiddeneye, - '4':self.evilginx, - '5':self.iseeyou, - '6':self.saycheese, - '7':self.qrjacking, - '8':self.shellphish, - '9':self.blackphish, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.phishattack, functions_phishattack.keys()) - - functions_phishattack[choice]() - - def blackphish(self): - self.clear_scr() - os.system("echo \"BlackPhish [!]/~https://github.com/iinc0gnit0/BlackPhish \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [3]Update [99]Back >> ") - - self.check_input(choice, self.blackphish, ['1', '2','3', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/iinc0gnit0/BlackPhish ") - os.system("cd BlackPhish;sudo bash install.sh") - self.blackphish() - - if choice == "2": - os.system("cd BlackPhish;sudo python3 blackphish.py") - if choice == "3": - os.system("cd BlackPhish;sudo bash update.sh") - if choice == "99": - self.phishattack() - - def setoolkit(self): - self.clear_scr() - os.system("echo \"The Social-Engineer Toolkit is an open-source penetration\ntesting framework designed for social engineering\"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.setoolkit, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/trustedsec/social-engineer-toolkit.git") - os.system("sudo python social-engineer-toolkit/setup.py") - self.setoolkit() - - if choice == "2": - self.clear_scr() - os.system("sudo setoolkit") - self.setoolkit() - - if choice == "99": - self.phishattack() - - def socialfish(self): - self.clear_scr() - os.system("echo \"Automated Phishing Tool & Information Collector \n\t[!]/~https://github.com/UndeadSec/SocialFish \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.socialfish, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y") - os.system("cd SocialFish && sudo python3 -m pip install -r requirements.txt") - self.socialfish() - - if choice == "2": - os.system("cd SocialFish && sudo python3 SocialFish.py root pass") - self.socialfish() - - if choice == "99": - self.phishattack() - - def hiddeneye(self): - self.clear_scr() - os.system("echo \"Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services \n\t [!]/~https://github.com/DarkSecDevelopers/HiddenEye \"|boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.hiddeneye, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/DarkSecDevelopers/HiddenEye.git ;sudo chmod 777 HiddenEye") - os.system("cd HiddenEye;sudo pip3 install -r requirements.txt;sudo pip3 install requests;pip3 install pyngrok") - self.hiddeneye() - - if choice == "2": - os.system("cd HiddenEye;sudo python3 HiddenEye.py") - self.hiddeneye() - - if choice == "99": - self.phishattack() - - def evilginx(self): - self.clear_scr() - os.system("echo \"evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies,\nwhich in turn allows to bypass 2-factor authentication protection.\n\n\t [+]Make sure you have installed GO of version at least 1.14.0 \n[+]After installation, add this to your ~/.profile, assuming that you installed GO in /usr/local/go\n\t [+]export GOPATH=$HOME/go \n [+]export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin \n[+]Then load it with source ~/.profiles.\n [*]/~https://github.com/An0nUD4Y/evilginx2 \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.evilginx, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt-get install git make;go get -u github.com/kgretzky/evilginx2") - os.system("cd $GOPATH/src/github.com/kgretzky/evilginx2;make") - os.system("sudo make install;sudo evilginx") - self.evilginx() - - if choice == "2": - os.system("sudo evilginx") - self.evilginx() - - if choice == "99": - self.phishattack() - - def iseeyou(self): - self.clear_scr() - os.system("echo \"[!] ISeeYou is a tool to find Exact Location of Victom By User SocialEngineering or Phishing Engagment..\n[!]Users can expose their local servers to the Internet and decode the location coordinates by looking at the log file\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.iseeyou, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Viralmaniar/I-See-You.git") - os.system("cd I-See-You && sudo chmod u+x ISeeYou.sh") - self.iseeyou() - - if choice == "2": - os.system("cd I-See-You && sudo bash ISeeYou.sh") - self.iseeyou() - - if choice == "99": - self.phishattack() - - def saycheese(self): - self.clear_scr() - os.system("echo \"Take webcam shots from target just sending a malicious link\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.saycheese, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/hangetzzu/saycheese") - self.saycheese() - - if choice == "2": - os.system("cd saycheese && sudo bash saycheese.sh") - self.saycheese() - - if choice == "99": - self.phishattack() - - def qrjacking(self): - self.clear_scr() - os.system("echo \"QR Code Jacking (Any Website) \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.qrjacking, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/cryptedwolf/ohmyqr && sudo apt-get install scrot") - self.qrjacking() - - if choice == "2": - os.system("cd ohmyqr && sudo bash ohmyqr.sh") - self.qrjacking() - - if choice == "99": - self.phishattack() - - def shellphish(self): - self.clear_scr() - os.system("echo \"Phishing Tool for 18 social media \n\t[!]/~https://github.com/An0nUD4Y/shellphish \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.shellphish, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/An0nUD4Y/shellphish") - self.shellphish() - - if choice == "2": - os.system("cd shellphish;sudo bash shellphish.sh") - self.shellphish() - - if choice == "99": - self.phishattack() - - ### Forensic Tools #### - def forensic(self): - self.clear_scr() - os.system("figlet -f standard Forensic Tools | lolcat ") - - print(""" - [1] Autopsy - [2] Wireshark - [3] Bulk_extractor - [4] Disk Clone and ISO Image Aquire - [5] Toolsley - [99] Back to Menu - """) - - functions_forensic = { - '1':self.autopsy, - '2':self.wireshark, - '3':self.bulkextractor, - '4':self.guymager, - '5':self.toolsley, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.forensic, functions_forensic.keys()) - - functions_forensic[choice]() - - def autopsy(self): - self.clear_scr() - os.system("echo \"Autopsy is a platform that is used by Cyber Investigators.\n[!] Works in any Os\n[!]Recover Deleted Files from any OS & MEdia \n[!]Extract Image Metadata \"|boxes -d boy | lolcat") - choice = input("[1]Run [99]Back >> ") - - self.check_input(choice, self.autopsy, ['1', '99']) - - if choice == "1": - os.system("sudo autopsy") - self.autopsy() - - if choice =="99": - self.forensic() - - def wireshark(self): - self.clear_scr() - os.system("echo \" Wireshark is a network capture and analyzer \ntool to see what’s happening in your network.\n And also investigate Network related incident \" | boxes -d boy | lolcat") - choice = input("[1]Run [99]Back >> ") - - self.check_input(choice, self.wireshark, ['1', '99']) - - if choice == "1": - os.system("sudo wireshark") - self.wireshark() - - if choice == "99": - self.forensic() - - def bulkextractor(self): - self.clear_scr() - print(""" - [1] GUI Mode (Download required) - [2] CLI Mode - [99] Back - """) - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.bulkextractor, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/simsong/bulk_extractor.git") - os.system("ls src/ && cd .. && cd java_gui && ./BEViewer") - print("If you getting error after clone go to /java_gui/src/ And Compile .Jar file && run ./BEViewer") - print("Please Visit For More Details About Installation >> /~https://github.com/simsong/bulk_extractor ") - self.bulkextractor() - - if choice == "2": - os.system("sudo apt-get install bulk_extractor") - print("bulk_extractor and options") - os.system("bulk_extractor") - os.system("echo \"bulk_extractor [options] imagefile\" | boxes -d headline | lolcat") - self.bulkextractor() - - if choice == "99": - self.forensic() - - def guymager(self): - self.clear_scr() - os.system("echo \"Guymager is a free forensic imager for media acquisition.\n [!]https://guymager.sourceforge.io/ \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.guymager, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt install guymager") - self.guymager() - - if choice == "2": - os.system("sudo guymager") - self.guymager() - - if choice == "99": - self.forensic() - - def toolsley(self): - self.clear_scr() - os.system("echo \" Toolsley got more than ten useful tools for investigation.\n[+]File signature verifier\n[+]File identifier \n[+]Hash & Validate \n[+]Binary inspector \n [+]Encode text \n[+]Data URI generator \n[+]Password generator \" | boxes -d boy | lolcat") - choice = input("[1]Open [99]Back >> ") - - self.check_input(choice, self.toolsley, ['1', '99']) - - if choice == "1": - webbrowser.open_new_tab('https://www.toolsley.com/') - self.toolsley() - - if choice == "99": - self.forensic() - - def postexp(self): - self.clear_scr() - os.system("figlet -f standard post explotations | lolcat") - - print(""" - [1] Vegile - Ghost In The Shell - [2] Chrome Keylogger - [99] Back - """) - - functions_postexp = { - '1':self.vegile, - '2':self.chromekeylogger, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.postexp, functions_postexp.keys()) - - self.clear_scr() - functions_postexp[choice]() - - def vegile(self): - self.clear_scr() - os.system("echo \"[!]This tool will set up your backdoor/rootkits when backdoor is already setup it will be \nhidden your specific process,unlimited your session in metasploit and transparent.\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.vegile, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Screetsec/Vegile.git") - os.system("cd Vegile && sudo chmod +x Vegile") - self.vegile() - - if choice == "2": - os.system("echo \"You can Use Command: \n[!]Vegile -i / --inject [backdoor/rootkit] \n[!]Vegile -u / --unlimited [backdoor/rootkit] \n[!]Vegile -h / --help\"|boxes -d parchment") - os.system("cd Vegile && sudo bash Vegile ") - self.vegile() - - if choice == "99": - self.postexp() - - def chromekeylogger(self): - self.clear_scr() - os.system("echo \" Hera Chrome Keylogger \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.chromekeylogger, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/HeraKeylogger.git") - os.system("cd HeraKeylogger && sudo apt-get install python3-pip -y && sudo pip3 install -r requirements.txt ") - self.chromekeylogger() - - if choice == "2": - os.system("cd HeraKeylogger && sudo python3 hera.py ") - self.chromekeylogger() - - if choice == "99": - self.postexp() - #### FrameWORKS - def routexp(self): - self.clear_scr() - os.system("figlet -f standard Exploit Framework | lolcat ") - - print(""" - [1] RouterSploit - [2] WebSploit - [3] Commix - [4] Web2Attack - [99] Back to menu - """) - - functions_routexp = { - '1':self.routersploit, - '2':self.websploit, - '3':self.commix, - '4':self.web2attack, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.routexp, functions_routexp.keys()) - - functions_routexp[choice]() - - def routersploit(self): - self.clear_scr() - os.system("echo \"The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.routersploit, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone https://www.github.com/threat9/routersploit") - os.system("cd routersploit && sudo python3 -m pip install -r requirements.txt") - self.routersploit() - - if choice == "2": - os.system("cd routersploit && sudo python3 rsf.py") - self.routersploit() - - if choice == "99": - self.routexp() - - def websploit(self): - self.clear_scr() - os.system("echo \"Websploit is an advanced MITM framework.\n\t [!]/~https://github.com/The404Hacking/websploit \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.websploit, ['1', '2', '99']) - - if choice == "1": - os.system("/~https://github.com/The404Hacking/websploit.git") - self.websploit() - - if choice == "2": - os.system("cd websploit;python3 websploit.py") - self.websploit() - - if choice == "99": - self.routexp() - - def commix(self): - self.clear_scr() - os.system("echo \"Automated All-in-One OS command injection and exploitation tool.\nCommix can be used from web developers, penetration testers or even security researchers\n in order to test web-based applications with the view to find bugs,\n errors or vulnerabilities related to command injection attacks.\n Usage: python commix.py [option(s)] \n\n\t[!]/~https://github.com/commixproject/commix \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.commix, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/commixproject/commix.git commix") - self.commix() - - if choice == "99": - self.routexp() - - ### Web Attack Function - def webAttack(self): - self.clear_scr() - os.system("figlet 'Web Attack Tools' -f standard -c | lolcat") - - print(""" - [1] Web2Attack - [2] Skipfish - [3] SubDomain Finder - [4] CheckURL - [5] Blazy(Also Find ClickJacking) - [6] Sub-Domain TakeOver - [7] Dirb - [99] Back To Menu - """) - - functions_webAttack = { - '1':self.web2attack, - '2':self.skipfish, - '3':self.subdomain, - '4':self.checkurl, - '5':self.blazy, - '6':self.subdomaintakeover, - '7':self.dirb, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.webAttack, functions_webAttack.keys()) - - functions_webAttack[choice]() - - def dirb(self): - self.clear_scr() - os.system("echo \"DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects.\nIt basically works by launching a dictionary based attack against \n a web server and analizing the response.\n\t [!]https://gitlab.com/kalilinux/packages/dirb \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.dirb, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone https://gitlab.com/kalilinux/packages/dirb.git") - os.system("cd dirb;sudo ./configure;make") - self.dirb() - - if choice == "2": - uinput = input("Enter Url >> ") - os.system("sudo dirb {0}".format(uinput)) - - if choice == "99": - self.webAttack() - - def web2attack(self): - self.clear_scr() - os.system("echo \"Web hacking framework with tools, exploits by python \n[!]/~https://github.com/santatic/web2attack \"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.web2attack, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/santatic/web2attack.git") - self.web2attack() - - if choice == "2": - os.system("cd web2attack && sudo bash w2aconsole") - self.web2attack() - - if choice == "99": - self.webAttack() - - def skipfish(self): - self.clear_scr() - os.system("echo \"Skipfish – Fully automated, active web application security reconnaissance tool \n Usage: skipfish -o [FolderName] targetip/site \n[!]https://tools.kali.org/web-applications/skipfish \"|boxes -d headline | lolcat") - choice = input("[1]Run [99]Back >> ") - - self.check_input(choice, self.skipfish, ['1', '99']) - - if choice == "1": - os.system("sudo skipfish -h") - os.system("echo \"skipfish -o [FolderName] targetip/site\"|boxes -d headline | lolcat") - self.skipfish() - - if choice == "99": - self.webAttack() - - def subdomain(self): - self.clear_scr() - os.system("echo \"Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT \n Usage:\n\t[1]python sublist3r.py -d example.com \n[2]python sublist3r.py -d example.com -p 80,443\"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.subdomain, ['1', '2', '99']) - - if choice == "1": - os.system("sudo pip install requests argparse dnspython") - os.system("sudo git clone /~https://github.com/aboul3la/Sublist3r.git ") - os.system("cd Sublist3r && sudo pip install -r requirements.txt") - self.subdomain() - - if choice == "2": - os.system("cd Sublist3r && python sublist3r.py -h") - self.subdomain() - - if choice == "99": - self.webAttack() - - def checkurl(self): - self.clear_scr() - os.system("echo \" Detect evil urls that uses IDN Homograph Attack.\n\t[!]python3 checkURL.py --url google.com \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.checkurl, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/checkURL.git") - self.checkurl() - - if choice == "2": - os.system("cd checkURL && python3 checkURL.py --help") - self.checkurl() - - if choice == "99": - self.webAttack() - - def blazy(self): - self.clear_scr() - os.system("echo \"Blazy is a modern login page bruteforcer \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.blazy, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UltimateHackers/Blazy") - os.system("cd Blazy && sudo pip install -r requirements.txt") - self.blazy() - - if choice == "2": - os.system("cd Blazy && sudo python blazy.py") - self.blazy() - - if choice == "99": - self.webAttack() - - def subdomaintakeover(self): - self.clear_scr() - os.system("echo \"Sub-domain takeover vulnerability occur when a sub-domain \n (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..)\nthat has been removed or deleted.\nUsage:python3 takeover.py -d www.domain.com -v \n\t[!]/~https://github.com/m4ll0k/takeover \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.subdomaintakeover, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/m4ll0k/takeover.git") - os.system("cd takeover;sudo python3 setup.py install") - self.subdomaintakeover() - - if choice == "99": - self.webAttack() - - def payloads(self): - self.clear_scr() - os.system("figlet -f standard -c Payloads | lolcat") - - print(""" - [1] The FatRat - [2] Brutal - [3] Stitch - [4] MSFvenom Payload Creator - [5] Venom Shellcode Generator - [6] Spycam - [7] Mob-Droid - [8] Enigma - [99] Back - """) - - functions_payloads = { - '1':self.thefatrat, - '2':self.brutal, - '3':self.stitch, - '4':self.msf_venom, - '5':self.venom, - '6':self.spycam, - '7':self.mobdroid, - '8':self.enigma, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.payloads, functions_payloads.keys()) - - functions_payloads[choice]() - - def thefatrat(self): - self.clear_scr() - os.system("echo \"TheFatRat Provides An Easy way to create Backdoors and \nPayload which can bypass most anti-virus\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [3]Update [4]TroubleShoot (if not run) [99]Back >> ") - - self.check_input(choice, self.thefatrat, ['1', '2', '3', '4', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Screetsec/TheFatRat.git") - os.system("cd TheFatRat && sudo chmod +x setup.sh") - self.thefatrat() - - if choice == "2": - os.system("cd TheFatRat && sudo bash setup.sh") - self.thefatrat() - - if choice == "3": - os.system("cd TheFatRat && bash update && chmod +x setup.sh && bash setup.sh") - self.thefatrat() - - if choice == "4": - os.system("cd TheFatRat && sudo chmod +x chk_tools && ./chk_tools") - self.thefatrat() - - if choice == "99": - self.payloads() - - def brutal(self): - self.clear_scr() - os.system("echo \"Brutal is a toolkit to quickly create various payload,powershell attack,\nvirus attack and launch listener for a Human Interface Device\"|boxes -d boy | lolcat") - - print(""" - [!]Requirement - >>Arduino Software (I used v1.6.7) - >>TeensyDuino - >>Linux udev rules - >>Copy and paste the PaensyLib folder inside your Arduino\libraries - - [!]Kindly Visit below link for Installation for Arduino - >> /~https://github.com/Screetsec/Brutal/wiki/Install-Requirements - """) - - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.brutal, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Screetsec/Brutal.git") - os.system("cd Brutal && sudo chmod +x Brutal.sh ") - self.brutal() - - if choice == "2": - os.system("cd Brutal && sudo bash Brutal.sh") - self.brutal() - - if choice == "99": - self.payloads() - - def stitch(self): - self.clear_scr() - os.system("echo \"Stitch is Cross Platform Python Remote Administrator Tool\n\t[!]Refer Below Link For Wins & MAc Os\n\t(!)https://nathanlopez.github.io/Stitch \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> " ) - - self.check_input(choice, self.stitch, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/nathanlopez/Stitch.git") - os.system("cd Stitch && sudo pip install -r lnx_requirements.txt") - self.stitch() - - if choice == "2": - os.system("cd Stitch && sudo python main.py") - self.stitch() - - if choice == "99": - self.payloads() - - def msf_venom(self): - self.clear_scr() - os.system("echo \"MSFvenom Payload Creator (MSFPC) is a wrapper to generate \nmultiple types of payloads, based on users choice.\nThe idea is to be as simple as possible (only requiring one input) \nto produce their payload. [!]/~https://github.com/g0tmi1k/msfpc \" |boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.msf_venom, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/g0tmi1k/msfpc.git") - os.system("cd msfpc;sudo chmod +x msfpc.sh") - self.msf_venom() - - if choice == "2": - os.system("cd msfpc;sudo bash msfpc.sh -h -v") - self.msf_venom() - - if choice == "99": - self.payloads() - - def venom(self): - self.clear_scr() - os.system("echo \"venom 1.0.11 (malicious_server) was build to take advantage of \n apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html\"| boxes -d boy| lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.venom, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/r00t-3xp10it/venom.git") - os.system("sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh") - os.system("sudo ./venom.sh -u") - self.venom() - - if choice == "2": - os.system("cd venom && sudo ./venom.sh") - self.venom() - - if choice == "99": - self.payloads() - - def spycam(self): - self.clear_scr() - os.system("echo \"Script to generate a Win32 payload that takes the webcam image every 1 minute and send it to the attacker\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.spycam, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/thelinuxchoice/spycam ") - os.system("cd spycam && bash install.sh && chmod +x spycam") - self.spycam() - - if choice == "2": - os.system("cd spycam && ./spycam") - self.spycam() - - if choice == "99": - self.payloads() - - def mobdroid(self): - self.clear_scr() - os.system("echo \"Mob-Droid helps you to generate metasploit payloads in easy way\n without typing long commands and save your \n[!]/~https://github.com/kinghacker0/Mob-Droid \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.mobdroid, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/kinghacker0/mob-droid") - self.spycam() - - if choice == "2": - os.system("cd Mob-Droid;sudo python mob-droid.py") - self.mobdroid() - - if choice == "99": - self.payloads() - - def enigma(self): - self.clear_scr() - os.system("echo \"Enigma is a Multiplatform payload dropper \n\t [!]/~https://github.com/UndeadSec/Enigma \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.enigma, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/Enigma.git ") - self.enigma() - - if choice == "2": - os.system("cd Enigma;sudo python3 enigma3.py") - - if choice == "99": - self.payloads() - - def fud(self): - self.clear_scr() - os.system("echo \"FUD Tool Use To Bypass Window 10 Defender Firewall & Bypass UAC \n\t [!]/~https://github.com/Ignitetch/FUD \"| boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - self.check_input(choice, self.fud, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Ignitetch/FUD.git") - - if choice == "2": - os.system("cd FUD;bash FUD.sh") - - if choice == "99": - self.payloads - - #### Steganography Tools - def steganography(self): - self.clear_scr() - os.system("figlet -f standard -c SteganoGraphy | lolcat") - - print(""" - [1] SteganoHide - [2] StegnoCracker - [3] WhiteSpace - [99] Back - """) - - functions_steganography = { - '1':self.steganohide, - '2':self.stegnocracker, - '3':self.whitespace, - '99':self.menu - } - - choice = input("Z4nz =>> ") - self.check_input(choice, self.steganography, functions_steganography.keys()) - - functions_steganography[choice]() - - def steganohide(self): - self.clear_scr() - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.steganohide, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt-get install steghide -y ") - self.steganohide() - - if choice == "2": - choice_run = input("[1]Hide [2]Extract >> ") - - self.check_input(choice_run, self.self.steganohide, ['1', '2', '99']) - - if choice_run == "1": - file_hide = input("Enter Filename you want to Embed (1.txt) >> ") - file_to_be_hide = input("Enter Cover Filename(test.jpeg) >> ") - subprocess.run(["steghide", "embed", "-cf", f"{file_to_be_hide}", "-ef", f"{file_hide}"]) - self.steganohide() - - if choice_run == "2": - from_file = input("Enter Filename From Extract Data >> ") - subprocess.run(["steghide", "extract", "-sf", f"{from_file}"]) - self.steganohide() - - if choice_run == '99': - self.steganohide() - - if choice == "99": - self.steganography() - - def stegnocracker(self): - self.clear_scr() - os.system("echo \"SteganoCracker is a tool that uncover hidden data inside files\n using brute-force utility \"|boxes -d boy| lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.stegnocracker, ['1', '2', '99']) - - if choice == "1": - os.system("pip3 install stegcracker && pip3 install stegcracker -U --force-reinstall") - self.stegnocracker() - - if choice == "2": - filename = input("Enter Filename:- ") - passfile = input("Enter Wordlist Filename:- ") - subprocess.run(["stegcracker", f"{filename}", f"{passfile}"]) - self.stegnocracker() - - if choice == "99": - self.steganography() - - def whitespace(self): - self.clear_scr() - os.system("echo \"Use whitespace and unicode chars for steganography \n\t [!]/~https://github.com/beardog108/snow10 \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.whitespace, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/beardog108/snow10.git ") - os.system("sudo chmod -R 755 snow10") - self.whitespace() - - if choice == "2": - os.system("cd snow10 && firefox index.html") - self.whitespace() - - if choice == "99": - self.steganography() - - def sqltool(self): - self.clear_scr() - os.system("figlet -f standard -c Sql Tools | lolcat") - - print(""" - [1] Sqlmap tool - [2] NoSqlMap - [3] Damn Small SQLi Scanner - [4] Explo - [5] Blisqy - Exploit Time-based blind-SQL injection - [6] Leviathan - Wide Range Mass Audit Toolkit - [7] SQLScan - [99] Back - """) - - functions_sqltool = { - '1':self.sqlmap, - '2':self.nosqlmap, - '3':self.sqliscanner, - '4':self.explo, - '5':self.blisqy, - '6':self.leviathan, - '7':self.sqlscan, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.sqltool, functions_sqltool.keys()) - - functions_sqltool[choice]() - - def sqlmap(self): - self.clear_scr() - os.system("echo \"sqlmap is an open source penetration testing tool that automates the process of \ndetecting and exploiting SQL injection flaws and taking over of database servers \n [!]python sqlmap.py -u [] --batch --banner \n More Usage [!]/~https://github.com/sqlmapproject/sqlmap/wiki/Usage \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.sqlmap, ['1', '99']) - - if choice == "1": - os.system("sudo git clone --depth 1 /~https://github.com/sqlmapproject/sqlmap.git sqlmap-dev") - print("Downloaded Successfully..!!") - self.sqlmap() - - if choice == "99": - self.sqltool() - - def nosqlmap(self): - self.clear_scr() - os.system("echo \"NoSQLMap is an open source Python tool designed to \n audit for as well as automate injection attacks and exploit.\n \033[91m [*]Please Install MongoDB \n More Info[!]/~https://github.com/codingo/NoSQLMap \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.nosqlmap, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/codingo/NoSQLMap.git") - os.system("sudo chmod -R 755 NoSQLMap;cd NoSQLMap;python setup.py install ") - self.nosqlmap() - - if choice == "2": - os.system("python NoSQLMap") - self.nosqlmap() - - if choice == "99": - self.sqltool() - - def sqliscanner(self): - self.clear_scr() - os.system("echo \"Damn Small SQLi Scanner (DSSS) is a fully functional SQL injection\nvulnerability scanner also supporting GET and POST parameters.\n[*]python3 dsss.py -h[help] | -u[URL] \n\tMore Info [!]/~https://github.com/stamparm/DSSS \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.sqliscanner, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/stamparm/DSSS.git") - self.sqliscanner() - - if choice == "99": - self.sqltool() - - def explo(self): - self.clear_scr() - os.system("echo \"Explo is a simple tool to describe web security issues in a human and machine readable format.\n Usage:- \n [1]explo [--verbose|-v] testcase.yaml \n [2]explo [--verbose|-v] examples/*.yaml \n[*]/~https://github.com/dtag-dev-sec/explo \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.explo, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/dtag-dev-sec/explo ") - os.system("cd explo ;sudo python setup.py install") - self.explo() - - if choice == "99": - self.sqltool() - - def blisqy(self): - self.clear_scr() - os.system("echo \"Blisqy is a tool to aid Web Security researchers to find Time-based Blind SQL injection \n on HTTP Headers and also exploitation of the same vulnerability.\n For Usage >> [!]/~https://github.com/JohnTroony/Blisqy \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.blisqy, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/JohnTroony/Blisqy.git ") - self.blisqy() - - if choice == "99": - self.sqltool() - - def leviathan(self): - self.clear_scr() - os.system("echo \"Leviathan is a mass audit toolkit which has wide range service discovery,\nbrute force, SQL injection detection and running custom exploit capabilities. \n [*]It Requires API Keys \n More Usage [!]/~https://github.com/utkusen/leviathan/wiki \"|boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.leviathan, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/leviathan-framework/leviathan.git") - os.system("cd leviathan;sudo pip install -r requirements.txt") - self.leviathan() - - if choice == "2": - os.system("cd leviathan;python leviathan.py") - - if choice == "99": - self.sqltool() - - def sqlscan(self): - self.clear_scr() - os.system("echo \"sqlscan is quick web scanner for find an sql inject point. not for educational, this is for hacking. \n [!]/~https://github.com/Cvar1984/sqlscan \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.sqlscan, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt install php php-bz2 php-curl php-mbstring curl") - os.system("sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan") - os.system("chmod +x /usr/local/bin/sqlscan") - self.sqlscan() - - if choice == "2": - os.system("sudo sqlscan") - self.sqlscan() - - if choice == "99": - self.sqltool() - - def others(self): - self.clear_scr() - print(self.logo + """ - [1] SocialMedia Brutforce - [2] Android Attack - [3] HatCloud(Bypass CloudFlare for IP) - [4] IDN Homograph Attack - [5] Email Verifier - [6] Hash Cracking Tools - [7] Wifi Jamming - [8] SocialMedia Finder - [9] Payload Injector - [10] Web Crawling - [11] Mix Tools - [99] Main Menu - """) - - functions_others = { - '1':self.social_attack, - '2':self.androidhack, - '3':self.hatcloud, - '4':self.homograph, - '5':self.emailverify, - '6':self.hashcracktool, - '7':self.wifijamming, - '8':self.socialfinder, - '9':self.pyinject, - '10':self.webcrawling, - '11':self.mixtools, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.others, functions_others.keys()) - - functions_others[choice]() - ###### SOCIALMEDIA ATTACK TOOLS - def social_attack(self): - self.clear_scr() - os.system("figlet -f standard SocialMedia Attack | lolcat") - - print(""" - [1] Instagram Attack - [2] AllinOne SocialMedia Attack - [3] Facebook Attack - [4] Application Checker - [99] Back - """) - - functions_social_attack = { - '1':self.instabrute, - '2':self.bruteforce, - '3':self.faceshell, - '4':self.appcheck, - '99':self.others - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.social_attack, functions_social_attack.keys()) - - functions_social_attack[choice]() - - def instabrute(self): - self.clear_scr() - os.system("echo \"Brute force attack against Instagram \n\t [!]/~https://github.com/chinoogawa/instaBrute \"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.bruteforce, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/chinoogawa/instaBrute.git ") - os.system("cd instaBrute;sudo pip install -r requirements.txt") - self.instabrute() - - if choice == "2": - name = input("Enter Username >> ") - wordlist = input("Enter wordword list >> ") - os.system(f"cd instaBrute") - subprocess.run(["sudo", "python", "instaBrute.py", "-u", f"{name}", "-d", f"{wordlist}"]) - self.instabrute() - - if choice == "99": - self.social_attack() - - def bruteforce(self): - self.clear_scr() - os.system("echo \"Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix \n[!]python3 Brute_Force.py -g -l \n\t[!]/~https://github.com/Matrix07ksa/Brute_Force \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.bruteforce, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Matrix07ksa/Brute_Force.git") - os.system("cd Brute_Force ;sudo pip3 install proxylist;pip3 install mechanize") - self.bruteforce() - - if choice == "2": - os.system("cd Brute_Force;python3 Brute_Force.py -h") - self.bruteforce() - - if choice == "99": - self.social_attack() - - def faceshell(self): - self.clear_scr() - os.system("echo \" Facebook BruteForcer[!]/~https://github.com/Matrix07ksa/Brute_Force \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.faceshell, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/Matrix07ksa/Brute_Force.git") - os.system("cd Brute_Force ;sudo pip3 install proxylist;pip3 install mechanize") - self.faceshell() - - if choice == "2": - name = input("Enter Username >> ") - wordlist = input("Enter Wordlist >> ") - os.system("cd Brute_Force") - subprocess.run("python3", "Brute_Force.py", "-f", f"{name}", "-l", f"{wordlist}") - self.faceshell() - - if choice == "99": - self.social_attack() - - def appcheck(self): - self.clear_scr() - os.system("echo \"Tool to check if an app is installed on the target device through a link.\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.appcheck, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/jakuta-tech/underhanded") - os.system("cd underhanded && sudo chmod +x underhanded.sh") - self.appcheck() - - if choice == "2": - os.system("cd underhanded ; sudo bash underhanded.sh") - self.appcheck() - - if choice == "99": - self.social_attack() - - def androidhack(self): - self.clear_scr() - os.system("figlet -f standard -c Android Hacking Tools | lolcat") - - print(""" - [1] Keydroid - [2] MySMS - [3] Lockphish (Grab target LOCK PIN) - [4] DroidCam (Capture Image) - [5] EvilApp (Hijack Session) - [99] Back - """) - - functions_androidhack = { - '1':self.keydroid, - '2':self.mysms, - '3':self.lock, - '4':self.droidcam, - '5':self.evilapp, - '99':self.others - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.androidhack, functions_androidhack.keys()) - - functions_androidhack[choice]() - - def keydroid(self): - self.clear_scr() - os.system("echo \"Android Keylogger + Reverse Shell\n[!]You have to install Some Manually Refer Below Link:\n [+]/~https://github.com/F4dl0/keydroid \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.keydroid, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/F4dl0/keydroid") - self.keydroid() - - if choice == "2": - os.system("cd keydroid && bash keydroid.sh") - self.keydroid() - - if choice == "99": - self.androidhack() - - def mysms(self): - self.clear_scr() - os.system("echo \" Script that generates an Android App to hack SMS through WAN \n[!]You have to install Some Manually Refer Below Link:\n\t [+]/~https://github.com/papusingh2sms/mysms \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.mysms, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/papusingh2sms/mysms") - self.mysms() - - if choice == "2": - os.system("cd mysms && bash mysms.sh") - self.mysms() - - if choice == "99": - self.androidhack() - - def lock(self): - self.clear_scr() - os.system("echo \"Lockphish it's the first tool for phishing attacks on the lock screen, designed to\n Grab Windows credentials,Android PIN and iPhone Passcode using a https link. \"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.lock, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone git clone /~https://github.com/JasonJerry/lockphish") - self.lock() - - if choice == "2": - os.system("cd lockphish && bash lockphish.sh") - self.lock() - - if choice == "99": - self.androidhack() - - def droidcam(self): - self.clear_scr() - os.system("echo \"Powerful Tool For Grab Front Camera Snap Using A Link \n[+]/~https://github.com/kinghacker0/WishFish \"| boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.droidcam, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/kinghacker0/WishFish; sudo apt install php wget openssh") - self.droidcam() - - if choice == "2": - os.system("cd wishfish && sudo bash wishfish.sh") - self.droidcam() - - if choice == "99": - self.androidhack() - - def evilapp(self): - self.clear_scr() - os.system("echo \"EvilApp is a script to generate Android App that can hijack authenticated sessions in cookies.\n [!]/~https://github.com/crypticterminal/EvilApp \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.evilapp, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/crypticterminal/EvilApp") - self.evilapp() - - if choice == "2": - os.system("cd evilapp && bash evilapp.sh") - self.evilapp() - - if choice == "99": - self.androidhack() - - def hatcloud(self): - self.clear_scr() - os.system("echo \"HatCloud build in Ruby. It makes bypass in CloudFlare for discover real IP.\n\b [!]/~https://github.com/HatBashBR/HatCloud \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.hatcloud, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/HatBashBR/HatCloud.git") - self.hatcloud() - - if choice == "2": - site = input("Enter Site >> ") - os.system("cd HatCloud;sudo ruby hatcloud.rb -b {site}") - self.hatcloud() - - if choice == "99": - self.others() - #### HOMOGRAPH TOOLS - def homograph(self): - self.clear_scr() - os.system("figlet -f standard -c IDN Homograph Attack tools | lolcat") - - print(""" - [1] EvilURL - [99] Back - """) - - choice = input("Z4nzu =>> ") - functions_homograph = { - '1':self.evilurl, - '99':self.others - } - self.check_input(choice, self.homograph, functions_homograph.keys()) - - functions_homograph[choice]() - - def evilurl(self): - self.clear_scr() - os.system("echo \"Generate unicode evil domains for IDN Homograph Attack and detect them. \n [!]/~https://github.com/UndeadSec/EvilURL \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.evilurl, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/UndeadSec/EvilURL.git") - self.evilurl() - - if choice == "2": - os.system("cd EvilURL;python3 evilurl.py") - self.evilurl() - - if choice == "99": - self.homograph() - #### EMAIL VERIFY TOOLS - def emailverify(self): - self.clear_scr() - os.system("figlet -f standard -c Email Verify tools | lolcat") - - print(""" - [1] KnockMail - [99] Back - """) - - choice = input("Z4nzu =>> ") - - self.check_input(choice, self.emailverify, ['1', '99']) - - if choice == "1": - self.knockmail() - - if choice == "99": - self.others() - - def knockmail(self): - self.clear_scr() - os.system("echo \"KnockMail Tool Verify If Email Exists [!]/~https://github.com/4w4k3/KnockMail \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.knockmail, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/4w4k3/KnockMail.git") - os.system("cd KnockMail;sudo pip install -r requeriments.txt") - self.knockmail() - - if choice == "2": - os.system("cd KnockMail;python knock.py") - - if choice == "99": - self.emailverify() - - def hashcracktool(self): - self.clear_scr() - os.system("figlet -f standard -c Hash Cracking Tools | lolcat") - - print(""" - [1] Hash Buster - [99] Back - """) - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.hashcracktool, ['1', '99']) - - if choice == "1": - self.hashbuster() - - if choice == "99": - self.others() - - def hashbuster(self): - self.clear_scr() - os.system("echo \"Features: \n Automatic hash type identification \n Supports MD5, SHA1, SHA256, SHA384, SHA512 \n [!]/~https://github.com/s0md3v/Hash-Buster \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.hashbuster, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/s0md3v/Hash-Buster.git") - os.system("cd Hash-Buster;make install") - self.hashbuster() - - if choice == "2": - os.system("buster -h") - self.hashbuster() - - if choice == "99": - self.hashcracktool() - - #### WIFI JAMMING TOOLS - def wifijamming(self): - self.clear_scr() - os.system("figlet -f standard -c Wifi Deautheticate | lolcat") - - print(""" - [1] WifiJammer-NG - [2] KawaiiDeauther - [99] Back - """) - - functions_wifijamming = { - '1':self.wifijammingng, - '2':self.kawaiideauther, - '99':self.others - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.wifijamming, functions_wifijamming.keys()) - - functions_wifijamming[choice]() - - def wifijammingng(self): - self.clear_scr() - os.system("echo \"Continuously jam all wifi clients and access points within range.\n\t [!]/~https://github.com/MisterBianco/wifijammer-ng \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.wifijammingng, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/MisterBianco/wifijammer-ng.git") - os.system("cd wifijammer-ng;sudo pip3 install -r requirements.txt") - self.wifijammingng() - - if choice == "2": - os.system("echo \"python wifijammer.py [-a AP MAC] [-c CHANNEL] [-d] [-i INTERFACE] [-m MAXIMUM] [-k] [-p PACKETS] [-s SKIP] [-t TIME INTERVAL] [-D]\"| boxes | lolcat") - os.system("cd wifijammer-ng;sudo python3 wifijammer.py") - self.wifijammingng() - - if choice == "99": - self.wifijamming() - - def kawaiideauther(self): - self.clear_scr() - os.system("echo \"Kawaii Deauther is a pentest toolkit whose goal is to perform \n jam on WiFi clients/routers and spam many fake AP for testing purposes. \n\t [!]/~https://github.com/aryanrtm/KawaiiDeauther \" | boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.kawaiideauther, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/aryanrtm/KawaiiDeauther") - os.system("cd KawaiiDeauther;sudo bash install.sh") - self.kawaiideauther() - - if choice == "2": - os.system("cd KawaiiDeauther;sudo KawaiiDeauther.sh") - - if choice == "99": - self.wifijamming() - - ### SOCIALFINDER TOOLS - def socialfinder(self): - self.clear_scr() - os.system("figlet -f standard SocialMedia Finder | lolcat") - - print(""" - [1] Find SocialMedia By Facial Recognation System - [2] Find SocialMedia By UserName - [3] Sherlock - [4] SocialScan | Username or Email - [99] Back To Main Menu - """) - - functions_socialfinder = { - '1':self.facialfind, - '2':self.finduser, - '3':self.sherlock, - '4':self.socialscan, - '99':self.others - } - choice = input("Z4nzu =>> ") - self.check_input(choice, self.socialfinder, functions_socialfinder.keys()) - - functions_socialfinder[choice]() - - def facialfind(self): - self.clear_scr() - os.system("echo \"A Social Media Mapping Tool that correlates profiles\n via facial recognition across different sites. \n\t[!]/~https://github.com/Greenwolf/social_mapper \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.facialfind, ['1', '2', '99']) - - if choice == "1": - os.system("sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade") - os.system("sudo git clone /~https://github.com/Greenwolf/social_mapper.git") - os.system("cd social_mapper/setup") - os.system("sudo python3 -m pip install --no-cache-dir -r requirements.txt") - os.system("echo \"[!]Now You have To do some Manually\n[!]Install the Geckodriver for your operating system\n[!]Copy & Paste Link And Download File As System Configuration\n[#]/~https://github.com/mozilla/geckodriver/releases\n[!!]On Linux you can place it in /usr/bin \"| boxes | lolcat") - self.facialfind() - - if choice == "2": - os.system("cd social_mapper/setup") - os.system("sudo python social_mapper.py -h") - - print("""\033[95m - You have to set Username and password of your AC Or Any Fack Account - [#]Type in Terminal nano social_mapper.py - """) - - os.system("echo \"python social_mapper.py -f [] -i [] -m fast [] -fb -tw\"| boxes | lolcat") - self.facialfind() - - if choice == "99": - self.socialfinder() - - def finduser(self): - self.clear_scr() - os.system("echo \"Find usernames across over 75 social networks \n [!]/~https://github.com/xHak9x/finduser \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.finduser, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/xHak9x/finduser.git") - os.system("cd finduser && sudo chmod +x finduser.sh") - self.finduser() - - if choice == "2": - os.system("cd finduser && sudo bash finduser.sh") - self.finduser() - - if choice == "99": - self.socialfinder() - - def sherlock(self): - self.clear_scr() - os.system("echo \"Hunt down social media accounts by username across social networks \n For More Usege \n\t >>python3 sherlock --help \n [!]/~https://github.com/sherlock-project/sherlock \"|boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.sherlock, ['1', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/sherlock-project/sherlock.git") - os.system("cd sherlock ;sudo python3 -m pip install -r requirements.txt") - self.sherlock() - - if choice == "2": - name = input("Enter Username >> ") - os.system("cd sherlock") - subprocess.run(["sudo", "python3", "sherlock", f"{name}"]) - self.sherlock() - - if choice == "99": - self.socialfinder() - - def socialscan(self): - self.clear_scr() - os.system("echo \"Check email address and username availability on online platforms with 100% accuracy \n\t[*]/~https://github.com/iojw/socialscan \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.socialscan, ['1', '2', '99']) - - if choice == "1": - os.system("sudo pip install socialscan") - self.socialscan() - - if choice == "2": - name = input("Enter Username or Emailid (if both then please space between email & username) >> ") - subprocess.run(["sudo", "socialscan", f"{name}"]) - self.socialscan() - - if choice == "99": - self.socialfinder() - - ########### PYTHON INJECTOR TOOLS - def pyinject(self): - self.clear_scr() - os.system("figlet -f standard -c Payload Injector | lolcat ") - print(""" - [1] Debinject - [2] Pixload - [99] Back - """) - functions_pyinject ={ - '1':self.debinject, - '2':self.pixload, - '99':self.others - } - choice = input(" Z4nzu >> ") - self.check_input(choice, self.pyinject, functions_pyinject.keys()) - - self.clear_scr() - functions_pyinject[choice]() - - def debinject(self): - self.clear_scr() - os.system("echo \"Debinject is a tool that inject malicious code into *.debs \n\t [!]/~https://github.com/UndeadSec/Debinject \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - self.check_input(choice, self.debinject, ['1', '2', '99']) - if choice == "1": - os.system("sudo git clone /~https://github.com/UndeadSec/Debinject.git ") - self.debinject() - if choice == "2": - os.system("cd Debinject;python debinject.py") - if choice == "99": - self.pyinject() - - def pixload(self): - os.system("echo \"Pixload -- Image Payload Creating tools \n Pixload is Set of tools for creating/injecting payload into images.\n\t [!]/~https://github.com/chinarulezzz/pixload \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]How To Use [99]Back >> ") - self.check_input(choice, self.pixload, ['1', '99']) - if choice == "1": - print("Installing Packeges...") - time.sleep(2) - os.system("sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl") - print("Downloading Repository ...") - time.sleep(1) - os.system("sudo git clone /~https://github.com/chinarulezzz/pixload.git ") - self.pixload() - if choice == "2": - print("Trying to open Webbrowser ...") - time.sleep(2) - webbrowser.open_new_tab("/~https://github.com/chinarulezzz/pixload") - if choice == "99": - self.pyinject() - - def webcrawling(self): - self.clear_scr() - os.system("figlet -f standard Web Crawling | lolcat ") - print(""" - [1] Gospider - [99] Back - """) - functions_webcrawling = { - '1':self.gospider, - '99':self.others - } - choice = input(" Z4nzu >> ") - self.check_input(choice, self.webcrawling, functions_webcrawling.keys()) - - self.clear_scr() - functions_webcrawling[choice]() - - def gospider(self): - os.system("echo \"Gospider - Fast web spider written in Go \n\t [!]/~https://github.com/jaeles-project/gospider \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]How to Use [99]Back >> ") - - self.check_input(choice, self.gospider, ['1', '2', '99']) - - if choice == "1": - os.system("sudo go get -u github.com/jaeles-project/gospider") - self.gospider() - - if choice == "2": - print("Opening Webbrowser..") - time.sleep(2) - webbrowser.open_new_tab("/~https://github.com/jaeles-project/gospider") - - if choice == "99": - self.webcrawling() - ######### MIX TOOLS - def mixtools(self): - self.clear_scr() - os.system("figlet -f standard -l Mix Tools | lolcat") - print(""" - [1] Terminal Multiplexer - [99] Back - """) - functions_mixtools ={ - '1':self.terminaltool, - '99':self.others - } - choice = input(" Z4nzu >> ") - self.check_input(choice, self.mixtools, functions_mixtools.keys()) - - self.clear_scr() - functions_mixtools[choice]() - - def terminaltool(self): - self.clear_scr() - os.system("echo \"Terminal Multiplexer is a tiling terminal emulator that allows us to open \n several terminal sessions inside one single window. \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.terminaltool, ['1', '99']) - - if choice == "1": - os.system("sudo apt-get install tilix") - time.sleep(2) - self.others() - - if choice == "99": - self.mixtools() - - ###### OPTION REVERSE ### - def reversetool(self): - self.clear_scr() - os.system("figlet -f standard -l Reverse Engineering Tools | lolcat") - print(""" - [1] Androguard - [2] Apk2Gold - [3] JadX - [99] Menu - """) - functions_reversetool = { - '1':self.androguard, - '2':self.apk2gold, - '3':self.jadx, - '99':self.menu - } - choice = input(" Z4nzu >> ") - self.check_input(choice, self.reversetool, functions_reversetool.keys()) - - self.clear_scr() - functions_reversetool[choice]() - - def androguard(self): - self.clear_scr() - os.system("echo \"Androguard is a Reverse engineering, Malware and goodware analysis of Android applications and more \n\t[!]/~https://github.com/androguard/androguard \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.androguard, ['1', '99']) - - if choice == "1": - os.system("sudo pip install -U androguard") - self.androguard() - - if choice == "99": - self.reversetool() - - def apk2gold(self): - self.clear_scr() - os.system("echo \"Apk2Gold is a CLI tool for decompiling Android apps to Java [!]/~https://github.com/lxdvs/apk2gold \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.apk2gold, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/lxdvs/apk2gold.git") - os.system("cd apk2gold;sudo bash make.sh") - self.apk2gold() - - if choice == "2": - uinput = input("Enter (.apk) File >> ") - subprocess.run(["sudo", "apk2gold", "{0}".format(uinput)]) - - if choice == "99": - self.reversetool() - - def jadx(self): - self.clear_scr() - os.system("echo \"Jadx is Dex to Java decompiler.\n[*]decompile Dalvik bytecode to java classes from APK, dex, aar and zip files\n[*]decode AndroidManifest.xml and other resources from resources.arsc\n\t [+]/~https://github.com/skylot/jadx \" | boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.jadx, ['1', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/skylot/jadx.git") - os.system("cd jadx;./gradlew dist") - self.jadx() - - if choice == "99": - self.reversetool() - -###### OPTION[11] ### - def ddos(self): - self.clear_scr() - os.system("figlet -f standard -c DDOS Attack Tools | lolcat") - - print(""" - [1] SlowLoris - [2] Asyncrone | Multifunction SYN Flood DDoS Weapon - [3] UFOnet - [4] GoldenEye - [99] Back - """) - - functions_ddos = { - '1':self.slowloris, - '2':self.asyncrone, - '3':self.ufonet, - '4':self.goldeneye, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.ddos, functions_ddos.keys()) - - functions_ddos[choice]() - - def slowloris(self): - self.clear_scr() - os.system("echo \"Slowloris is basically an HTTP Denial of Service attack.It send lots of HTTP Request\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.slowloris, ['1', '2', '99']) - - if choice == "1": - os.system("sudo pip install slowloris") - self.slowloris() - - if choice == "2": - target_site = input("Enter Target Site:- ") - subprocess.run(["slowloris", f"{target_site}"]) - self.slowloris() - - if choice == "99": - self.ddos() - - def asyncrone(self): - self.clear_scr() - os.system("echo \"aSYNcrone is a C language based, mulltifunction SYN Flood DDoS Weapon.\nDisable the destination system by sending a SYN packet intensively to the destination.\n\b [!] /~https://github.com/fatihsnsy/aSYNcrone \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.asyncrone, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/fatih4842/aSYNcrone.git") - os.system("cd aSYNcrone;sudo gcc aSYNcrone.c -o aSYNcrone -lpthread") - self.asyncrone() - - if choice == "2": - source_port = input("Enter Source Port >> ") - target_ip = input("Enter Target IP >> ") - target_port = input("Enter Target port >> ") - os.system(f"cd aSYNcrone") - subprocess.run(["sudo", "./aSYNcrone", f"{source_port}", f"{target_ip}", f"{target_port}", "1000"]) - self.asyncrone() - - if choice == "99": - self.ddos() - - def ufonet(self): - self.clear_scr() - os.system("echo \"UFONet - is a free software, P2P and cryptographic -disruptive \n toolkit- that allows to perform DoS and DDoS attacks\n\b More Usage Visit [!]/~https://github.com/epsylon/ufonet \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.ufonet, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/epsylon/ufonet.git") - os.system("cd ufonet;sudo python setup.py install") - self.ufonet() - - if choice == "2": - os.system("sudo ./ufonet --gui") - self.ufonet() - - if choice == "99": - self.ddos() - - def goldeneye(self): - self.clear_scr() - os.system("echo \"GoldenEye is an python3 app for SECURITY TESTING PURPOSES ONLY!\nGoldenEye is a HTTP DoS Test Tool. \n\t [!]/~https://github.com/jseidl/GoldenEye \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.goldeneye, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/jseidl/GoldenEye.git;chmod -R 755 GoldenEye") - self.goldeneye() - - if choice == "2": - os.system("cd GoldenEye ;sudo ./goldeneye.py") - print("\033[96m Go to Directory \n [*] USAGE: ./goldeneye.py [OPTIONS] ") - self.goldeneye() - - if choice == "99": - self.ddos() - - ########### RAT TOOLS ##### - def rattools(self): - self.clear_scr() - os.system("figlet -f standard -c RAT Tools | lolcat ") - print(""" - [1] Stitch - [2] Pyshell - [99] Back - """) - functions_rattools = { - '1':self.stitch, - '2':self.pyshell, - '99':self.menu - } - choice = input(" Z4nzu >> ") - self.check_input(choice, self.rattools, functions_rattools.keys()) - - functions_rattools[choice]() - - def stitch(self): - self.clear_scr() - os.system("echo \"Stitch is a cross platform python framework.\nwhich allows you to build custom payloads\nFor Windows, Mac and Linux. \n\t [!]/~https://github.com/nathanlopez/Stitch \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.stitch, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/nathanlopez/Stitch.git") - os.system("cd Stitch;sudo pip install -r lnx_requirements.txt") - self.stitch() - - if choice == "2": - os.system("cd Stitch;python main.py") - - if choice == "99": - self.rattools() - - def pyshell(self): - self.clear_scr() - os.system("echo \"Pyshell is a Rat Tool that can be able to download & upload files,\n Execute OS Command and more.. \n\t [!]/~https://github.com/knassar702/pyshell \"| boxes -d boy | lolcat ") - choice = input("[1]Install [2]Run [99]Back >> ") - self.check_input(choice,self.pyshell, ['1', '2', '99']) - - if choice == "1" : - os.system("sudo git clone /~https://github.com/khalednassar702/Pyshell;sudo pip install pyscreenshot python-nmap requests") - self.pyshell() - - if choice == "2": - os.system("cd Pyshell;./Pyshell") - self.pyshell() - if choice == "99": - self.rattools() - - - ########### XSS Attack Tools ## - def xsstools(self): - self.clear_scr() - os.system("figlet -f standard -c XSS Attack Tools | lolcat") - - print(""" - [1] DalFox(Finder of XSS) - [2] XSS Payload Generator - [3] Extended XSS Searcher and Finder - [4] XSS-Freak - [5] XSpear - [6] XSSCon - [7] XanXSS - [8] Advanced XSS Detection Suite - [9] RVuln - [99] Back - """) - - functions_xsstools = { - '1':self.dalfox, - '2':self.xsspayload, - '3':self.xssfinder, - '4':self.xssfreak, - '5':self.xspear, - '6':self.xsscon, - '7':self.xanxss, - '8':self.xss_strike, - '9':self.rvuln, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.xsstools, functions_xsstools.keys()) - - functions_xsstools[choice]() - def rvuln(self): - os.system("echo \"RVuln is multi-threaded and Automated Web Vulnerability Scanner written in Rust\n\t [!]/~https://github.com/iinc0gnit0/RVuln \" | boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.rvuln, ['1', '2', '99']) - - if choice == "1": - os.system("sudo git clone /~https://github.com/iinc0gnit0/RVuln;curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;source $HOME/.cargo/env") - os.system("sudo apt install openssl-dev;sudo cp -r RVuln/ /usr/bin") - self.rvuln() - - if choice == "2": - os.system("RVuln") - - if choice == "99": - self.xsstools() - - def dalfox(self): - self.clear_scr() - os.system("echo \"XSS Scanning and Parameter Analysis tool.\"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.dalfox, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt-get install golang") - os.system("sudo git clone /~https://github.com/hahwul/dalfox ") - os.system("cd dalfox;go install") - self.dalfox() - - if choice == "2": - os.system("~/go/bin/dalfox") - print("\033[96m You Need To Run manually by using [!]~/go/bin/dalfox [options] ") - self.dalfox() - - if choice == "99": - self.xsstools() - - def xsspayload(self): - self.clear_scr() - os.system("echo \" XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xsspayload, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/capture0x/XSS-LOADER.git") - os.system("cd XSS-LOADER;sudo pip3 install -r requirements.txt") - self.xsspayload() - - if choice == "2": - os.system("cd XSS-LOADER;sudo python3 payloader.py") - self.xsspayload() - - if choice == "99": - self.xsstools() - - def xssfinder(self): - self.clear_scr() - os.system("echo \"Extended XSS Searcher and Finder \n\b [*]/~https://github.com/Damian89/extended-xss-search \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xssfinder, ['1', '2', '99']) - - if choice == "1": - os.system("git glone /~https://github.com/Damian89/extended-xss-search.git") - print("""\033[96m - Follow This Steps After Installation:- - \033[31m [*]Go To extended-xss-search directory, - and Rename the example.app-settings.conf to app-settings.conf - """) - input('\nPress Enter to back...') - self.xssfinder() - - if choice == "2": - print("""\033[96m - You have To Add Links to scan - \033[31m[!]Go to extended-xss-search - [*]config/urls-to-test.txt - [!]python3 extended-xss-search.py - """) - input('\nPress Enter to back...') - self.xssfinder() - - if choice == "99": - self.xsstools() - - def xssfreak(self): - self.clear_scr() - os.system("echo \" XSS-Freak is an XSS scanner fully written in python3 from scratch\n\b [!]/~https://github.com/PR0PH3CY33/XSS-Freak \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xssfreak), ['1', '2', '99'] - - if choice == "1": - os.system("git clone /~https://github.com/PR0PH3CY33/XSS-Freak.git") - os.system("cd XSS-Freak;sudo pip3 install -r requirements.txt") - self.xssfreak() - - if choice == "2": - os.system("cd XSS-Freak;sudo python3 XSS-Freak.py") - self.xssfreak() - - if choice == "99": - self.xsstools() - - def xspear(self): - self.clear_scr() - os.system("echo \" XSpear is XSS Scanner on ruby gems\n\b [!]/~https://github.com/hahwul/XSpear \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xspear, ['1', '2', '99']) - - if choice == "1": - os.system("gem install XSpear") - self.xspear() - - if choice == "2": - os.system("XSpear -h") - self.xspear() - - if choice == "99": - self.xsstools() - - def xsscon(self): - self.clear_scr() - os.system("echo \" [!]/~https://github.com/menkrep1337/XSSCon \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xsscon, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/menkrep1337/XSSCon") - os.system("sudo chmod 755 -R XSSCon") - self.xsscon() - - if choice == "2": - website = input("Enter Website >> ") - os.system("cd XSSCon") - subprocess.run(["python3", "xsscon.py", "-u", f"{website}"]) - self.xsscon() - - if choice == "99": - self.xsstools() - - def xanxss(self): - self.clear_scr() - os.system("echo \" XanXSS is a reflected XSS searching tool\n that creates payloads based from templates\n\b [!]/~https://github.com/Ekultek/XanXSS \"|boxes -d boy | lolcat") - choice = input("[1]Install [2]Run [99]Back >> ") - - self.check_input(choice, self.xanxss, ['1', '2', '99']) - - if choice == "1": - os.system("git clone /~https://github.com/Ekultek/XanXSS.git ") - self.xanxss - - if choice == "2": - os.system("cd XanXSS ;python xanxss.py -h") - print("\033[96m You Have to run it manually By Using \n [!]python xanxss.py [Options] ") - self.xanxss() - - if choice == "99": - self.xsstools() - - def xss_strike(self): - self.clear_scr() - os.system("echo \"XSStrike is a python script designed to detect and exploit XSS vulnerabilites. \"| boxes -d boy | lolcat") - choice = input("[1]Install [99]Back >> ") - - self.check_input(choice, self.xss_strike, ['1', '99']) - - if choice == "1": - os.system("sudo rm -rf XSStrike") - os.system("git clone /~https://github.com/UltimateHackers/XSStrike.git && cd XSStrike && pip install -r requirements.txt") - self.xss_strike() - - if choice == "99": - self.xsstools() - - def update(self): - self.clear_scr() - print(self.logo +""" - [1] Update Tool or System - [2] Uninstall HackingTool - [99] Back - """) - - functions_update = { - '1':self.updatesys, - '2':self.uninstall, - '99':self.menu - } - - choice = input("Z4nzu =>> ") - self.check_input(choice, self.update, functions_update.keys()) - - functions_update[choice]() - - def updatesys(self): - self.clear_scr() - choice = input("[1]Update System [2]Update Hackingtool [99]Back >> ") - - self.check_input(choice, self.updatesys, ['1', '2', '99']) - - if choice == "1": - os.system("sudo apt update && sudo apt full-upgrade -y") - os.system("sudo apt-get install tor openssl curl && sudo apt-get update tor openssl curl ") - os.system("sudo apt-get install python3-pip") - self.updatesys() - - if choice == "2": - os.system("sudo chmod +x /etc/;sudo chmod +x /usr/share/doc;sudo rm -rf /usr/share/doc/hackingtool/;cd /etc/;sudo rm -rf /etc/hackingtool/;mkdir hackingtool;cd hackingtool;git clone /~https://github.com/Z4nzu/hackingtool.git;cd hackingtool;sudo chmod +x install.sh;./install.sh") - self.updatesys() - - if choice == "99": - self.menu() +from platform import system +from time import sleep - def uninstall(self): - self.clear_scr() - choice = input("[1]Uninstall [99]Back >> ") +from core import HackingToolsCollection +from tools.anonsurf import AnonSurfTools +from tools.ddos import DDOSTools +from tools.exploit_frameworks import ExploitFrameworkTools +from tools.forensic_tools import ForensicTools +from tools.information_gathering_tools import InformationGatheringTools +from tools.other_tools import OtherTools +from tools.payload_creator import PayloadCreatorTools +from tools.phising_attack import PhishingAttackTools +from tools.post_exploitation import PostExploitationTools +from tools.remote_administration import RemoteAdministrationTools +from tools.reverse_engineering import ReverseEngineeringTools +from tools.sql_tools import SqlInjectionTools +from tools.steganography import SteganographyTools +from tools.tool_manager import ToolManager +from tools.webattack import WebAttackTools +from tools.wireless_attack_tools import WirelessAttackTools +from tools.wordlist_generator import WordlistGeneratorTools +from tools.xss_attack import XSSAttackTools - self.check_input(choice, self.uninstall, ['1', '99']) +logo = """\033[33m + β–„β–ˆ β–ˆβ–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–„β–ˆ β–„β–ˆβ–„ β–„β–ˆ β–ˆβ–ˆβ–ˆβ–„β–„β–„β–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–„β–ˆ + β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–€β–€β–€β–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ + β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–β–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–€β–€β–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ + β–„β–ˆβ–ˆβ–ˆβ–„β–„β–„β–„β–ˆβ–ˆβ–ˆβ–„β–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–„β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ +β–€β–€β–ˆβ–ˆβ–ˆβ–€β–€β–€β–€β–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆβ–Œ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–€β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ + β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–„ β–ˆβ–ˆβ–ˆβ–β–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ + β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–ˆβ–ˆβ–„ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–Œ β–„ + β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆ β–€β–ˆβ–€ β–ˆβ–€ β–€β–ˆ β–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–„β–ˆβ–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–€β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–€ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–„β–„β–ˆβ–ˆ + β–€ β–€ + \033[34m[βœ”] /~https://github.com/Z4nzu/hackingtool [βœ”] + \033[34m[βœ”] Version 1.1.0 [βœ”] + \033[91m[X] Please Don't Use For illegal Activity [X] +\033[97m """ - if choice == "1": - print("hackingtool started to uninstall..\n") - sleep(1) - os.system("sudo chmod +x /etc/;sudo chmod +x /usr/share/doc;sudo rm -rf /usr/share/doc/hackingtool/;cd /etc/;sudo rm -rf /etc/hackingtool/;") - print("\nHackingtool Successfully Uninstall..") - print("Happy Hacking..!!") - sleep(1) - self.uninstall() +all_tools = [ + AnonSurfTools(), + InformationGatheringTools(), + WordlistGeneratorTools(), + WirelessAttackTools(), + SqlInjectionTools(), + PhishingAttackTools(), + WebAttackTools(), + PostExploitationTools(), + ForensicTools(), + PayloadCreatorTools(), + ExploitFrameworkTools(), + ReverseEngineeringTools(), + DDOSTools(), + RemoteAdministrationTools(), + XSSAttackTools(), + SteganographyTools(), + OtherTools(), + ToolManager() +] + + +class AllTools(HackingToolsCollection): + TITLE = "All tools" + TOOLS = all_tools + + def show_info(self): + print(logo + '\033[0m \033[97m') - if choice == "99": - self.update() if __name__ == "__main__": - run = Main() try: if system() == 'Linux': fpath = "/home/hackingtoolpath.txt" - try: - with open(fpath, 'r') as f: - archive = f.readline() - - try: - os.chdir(archive) - run.menu() - - # If the directory does not exist - except FileNotFoundError: - os.mkdir(archive) - os.chdir(archive) - run.menu() - - except FileNotFoundError: + if not os.path.exists(fpath): os.system('clear') - run.menu() - + # run.menu() print(""" [@] Set Path (All your tools will be install in that directory) [1] Manual [2] Default """) - choice = input("Z4nzu =>> ") if choice == "1": inpath = input("Enter Path (with Directory Name) >> ") with open(fpath, "w") as f: f.write(inpath) - print("Successfully Path Set...!!") - - if choice == "2": + elif choice == "2": autopath = "/home/hackingtool/" with open(fpath, "w") as f: f.write(autopath) - print(f"Your Default Path Is:- {autopath}") sleep(3) - else: print("Try Again..!!") + exit(0) + + with open(fpath) as f: + archive = f.readline() + if not os.path.exists(archive): + os.mkdir(archive) + os.chdir(archive) + all_tools = AllTools() + all_tools.show_options() # If not Linux and probably Windows elif system() == "Windows": - print("\033[91m Please Run This Tool In Debian System For Best Result " "\e[00m") - time.sleep(2) + print( + "\033[91m Please Run This Tool In Debian System For Best Result " "\e[00m") + sleep(2) webbrowser.open_new_tab("https://tinyurl.com/y522modc") - else : + else: print("Please Check Your Sytem or Open new issue ...") - except KeyboardInterrupt: + except KeyboardInterrupt: print("\nExiting ..!!!") sleep(2) diff --git a/tools/anonsurf.py b/tools/anonsurf.py new file mode 100644 index 00000000..0544fad1 --- /dev/null +++ b/tools/anonsurf.py @@ -0,0 +1,45 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class AnonymouslySurf(HackingTool): + TITLE = "Anonmously Surf" + DESCRIPTION = "It automatically overwrites the RAM when\n" \ + "the system is shutting down and also change Ip." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Und3rf10w/kali-anonsurf.git", + "cd kali-anonsurf && sudo ./installer.sh && cd .. && sudo rm -r kali-anonsurf" + ] + RUN_COMMANDS = ["sudo anonsurf start"] + PROJECT_URL = "/~https://github.com/Und3rf10w/kali-anonsurf" + + def __init__(self): + super(AnonymouslySurf, self).__init__([('Stop', self.stop)]) + + def stop(self): + os.system("sudo anonsurf stop") + + +class Multitor(HackingTool): + TITLE = "Multitor" + DESCRIPTION = "How to stay in multi places at the same time" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/trimstray/multitor.git", + "cd multitor;sudo bash setup.sh install" + ] + PROJECT_URL = "/~https://github.com/trimstray/multitor" + + def __init__(self): + super(Multitor, self).__init__(runnable = False) + + +class AnonSurfTools(HackingToolsCollection): + TITLE = "Anonymously Hiding Tools" + DESCRIPTION = "" + TOOLS = [ + AnonymouslySurf(), + Multitor() + ] diff --git a/tools/ddos.py b/tools/ddos.py new file mode 100644 index 00000000..be19d5f3 --- /dev/null +++ b/tools/ddos.py @@ -0,0 +1,77 @@ +# coding=utf-8 +import os +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class SlowLoris(HackingTool): + TITLE = "SlowLoris" + DESCRIPTION = "Slowloris is basically an HTTP Denial of Service attack." \ + "It send lots of HTTP Request" + INSTALL_COMMANDS = ["sudo pip install slowloris"] + + def run(self): + target_site = input("Enter Target Site:- ") + subprocess.run(["slowloris", target_site]) + + +class Asyncrone(HackingTool): + TITLE = "Asyncrone | Multifunction SYN Flood DDoS Weapon" + DESCRIPTION = "aSYNcrone is a C language based, mulltifunction SYN Flood " \ + "DDoS Weapon.\nDisable the destination system by sending a " \ + "SYN packet intensively to the destination." + INSTALL_COMMANDS = [ + "git clone /~https://github.com/fatih4842/aSYNcrone.git", + "cd aSYNcrone;sudo gcc aSYNcrone.c -o aSYNcrone -lpthread" + ] + PROJECT_URL = "/~https://github.com/fatihsnsy/aSYNcrone" + + def run(self): + source_port = input("Enter Source Port >> ") + target_ip = input("Enter Target IP >> ") + target_port = input("Enter Target port >> ") + os.system("cd aSYNcrone;") + subprocess.run([ + "sudo", "./aSYNcrone", source_port, target_ip, target_port, 1000]) + + +class UFONet(HackingTool): + TITLE = "UFOnet" + DESCRIPTION = "UFONet - is a free software, P2P and cryptographic " \ + "-disruptive \n toolkit- that allows to perform DoS and " \ + "DDoS attacks\n\b " \ + "More Usage Visit" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/epsylon/ufonet.git", + "cd ufonet;sudo python setup.py install" + ] + RUN_COMMANDS = ["sudo ./ufonet --gui"] + PROJECT_URL = "/~https://github.com/epsylon/ufonet" + + +class GoldenEye(HackingTool): + TITLE = "GoldenEye" + DESCRIPTION = "GoldenEye is an python3 app for SECURITY TESTING PURPOSES ONLY!\n" \ + "GoldenEye is a HTTP DoS Test Tool." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/jseidl/GoldenEye.git;" + "chmod -R 755 GoldenEye" + ] + PROJECT_URL = "/~https://github.com/jseidl/GoldenEye" + + def run(self): + os.system("cd GoldenEye ;sudo ./goldeneye.py") + print("\033[96m Go to Directory \n " + "[*] USAGE: ./goldeneye.py [OPTIONS]") + + +class DDOSTools(HackingToolsCollection): + TITLE = "DDOS Attack Tools" + TOOLS = [ + SlowLoris(), + Asyncrone(), + UFONet(), + GoldenEye() + ] diff --git a/tools/exploit_frameworks.py b/tools/exploit_frameworks.py new file mode 100644 index 00000000..b2850957 --- /dev/null +++ b/tools/exploit_frameworks.py @@ -0,0 +1,50 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection +from tools.webattack import Web2Attack + + +class RouterSploit(HackingTool): + TITLE = "RouterSploit" + DESCRIPTION = "The RouterSploit Framework is an open-source exploitation " \ + "framework dedicated to embedded devices" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/threat9/routersploit.git", + "cd routersploit && sudo python3 -m pip install -r requirements.txt" + ] + RUN_COMMANDS = ["cd routersploit && sudo python3 rsf.py"] + PROJECT_URL = "/~https://github.com/threat9/routersploit" + + +class WebSploit(HackingTool): + TITLE = "WebSploit" + DESCRIPTION = "Websploit is an advanced MITM framework." + INSTALL_COMMANDS = ["/~https://github.com/The404Hacking/websploit.git"] + RUN_COMMANDS = ["cd websploit;python3 websploit.py"] + PROJECT_URL = "/~https://github.com/The404Hacking/websploit " + + +class Commix(HackingTool): + TITLE = "Commix" + DESCRIPTION = "Automated All-in-One OS command injection and exploitation " \ + "tool.\nCommix can be used from web developers, penetration " \ + "testers or even security researchers\n in order to test " \ + "web-based applications with the view to find bugs,\n " \ + "errors or vulnerabilities related to command injection " \ + "attacks.\n Usage: python commix.py [option(s)]" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/commixproject/commix.git commix"] + PROJECT_URL = "/~https://github.com/commixproject/commix" + + def __init__(self): + super(Commix, self).__init__(runnable = False) + + +class ExploitFrameworkTools(HackingToolsCollection): + TITLE = "Exploit framework" + TOOLS = [ + RouterSploit(), + WebSploit(), + Commix(), + Web2Attack() + ] diff --git a/tools/forensic_tools.py b/tools/forensic_tools.py new file mode 100644 index 00000000..d2b2bc06 --- /dev/null +++ b/tools/forensic_tools.py @@ -0,0 +1,91 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class Autopsy(HackingTool): + TITLE = "Autopsy" + DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \ + "[!] Works in any Os\n" \ + "[!] Recover Deleted Files from any OS & MEdia \n" \ + "[!] Extract Image Metadata" + RUN_COMMANDS = "sudo autopsy" + + def __init__(self): + super(Autopsy, self).__init__(installable = False) + + +class Wireshark(HackingTool): + TITLE = "Wireshark" + DESCRIPTION = "Wireshark is a network capture and analyzer \n" \ + "tool to see what’s happening in your network.\n " \ + "And also investigate Network related incident" + RUN_COMMANDS = ["sudo wireshark"] + + def __init__(self): + super(Wireshark, self).__init__(installable = False) + + +class BulkExtractor(HackingTool): + TITLE = "Bulk extractor" + DESCRIPTION = "" + PROJECT_URL = "/~https://github.com/simsong/bulk_extractor" + + def __init__(self): + super(BulkExtractor, self).__init__([ + ('GUI Mode (Download required)', self.gui_mode), + ('CLI Mode', self.cli_mode) + ], installable = False, runnable = False) + + def gui_mode(self): + os.system( + "sudo git clone /~https://github.com/simsong/bulk_extractor.git") + os.system("ls src/ && cd .. && cd java_gui && ./BEViewer") + print( + "If you getting error after clone go to /java_gui/src/ And Compile .Jar file && run ./BEViewer") + print( + "Please Visit For More Details About Installation >> /~https://github.com/simsong/bulk_extractor") + + def cli_mode(self): + os.system("sudo apt-get install bulk_extractor") + print("bulk_extractor and options") + os.system("bulk_extractor") + os.system( + 'echo "bulk_extractor [options] imagefile" | boxes -d headline | lolcat') + + +class Guymager(HackingTool): + TITLE = "Disk Clone and ISO Image Aquire" + DESCRIPTION = "Guymager is a free forensic imager for media acquisition." + INSTALL_COMMANDS = ["sudo apt install guymager"] + RUN_COMMANDS = ["sudo guymager"] + PROJECT_URL = "https://guymager.sourceforge.io/" + + +class Toolsley(HackingTool): + TITLE = "Toolsley" + DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \ + "[+]File signature verifier\n" \ + "[+]File identifier \n" \ + "[+]Hash & Validate \n" \ + "[+]Binary inspector \n " \ + "[+]Encode text \n" \ + "[+]Data URI generator \n" \ + "[+]Password generator" + PROJECT_URL = "https://www.toolsley.com/" + + def __init__(self): + super(Toolsley, self).__init__(installable = False, runnable = False) + + +class ForensicTools(HackingToolsCollection): + TITLE = "Forensic tools" + TOOLS = [ + Autopsy(), + Wireshark(), + BulkExtractor(), + Guymager(), + Toolsley() + ] diff --git a/tools/information_gathering_tools.py b/tools/information_gathering_tools.py new file mode 100644 index 00000000..7d424c75 --- /dev/null +++ b/tools/information_gathering_tools.py @@ -0,0 +1,219 @@ +# coding=utf-8 +import os +import socket +import subprocess +import webbrowser + +from core import HackingTool +from core import HackingToolsCollection +from core import clear_screen + + +class NMAP(HackingTool): + TITLE = "Network Map (nmap)" + DESCRIPTION = "Free and open source utility for network discovery and security auditing" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/nmap/nmap.git", + "sudo chmod -R 755 nmap && cd nmap && sudo ./configure && make && sudo make install" + ] + PROJECT_URL = "/~https://github.com/nmap/nmap" + + def __init__(self): + super(NMAP, self).__init__(runnable = False) + + +class Dracnmap(HackingTool): + TITLE = "Dracnmap" + DESCRIPTION = "Dracnmap is an open source program which is using to \n" \ + "exploit the network and gathering information with nmap help." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Screetsec/Dracnmap.git", + "cd Dracnmap && chmod +x Dracnmap.sh" + ] + PROJECT_URL = "/~https://github.com/Screetsec/Dracnmap" + + def __init__(self): + super(Dracnmap, self).__init__(runnable = False) + + +class PortScan(HackingTool): + TITLE = "Port scanning" + + def __init__(self): + super(PortScan, self).__init__(installable = False) + + def run(self): + clear_screen() + target = input('Select a Target IP: ') + subprocess.run(["sudo", "nmap", "-O", "-Pn", target]) + + +class Host2IP(HackingTool): + TITLE = "Host to IP " + + def __init__(self): + super(Host2IP, self).__init__(installable = False) + + def run(self): + clear_screen() + host = input("Enter host name (e.g. www.google.com):- ") + ips = socket.gethostbyname(host) + print(ips) + + +class XeroSploit(HackingTool): + TITLE = "Xerosploit" + DESCRIPTION = "Xerosploit is a penetration testing toolkit whose goal is to perform\n" \ + "man-in-the-middle attacks for testing purposes" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/LionSec/xerosploit.git", + "cd xerosploit && sudo python install.py" + ] + RUN_COMMANDS = ["sudo xerosploit"] + PROJECT_URL = "/~https://github.com/LionSec/xerosploit" + + +class RedHawk(HackingTool): + TITLE = "RED HAWK (All In One Scanning)" + DESCRIPTION = "All in one tool for Information Gathering and Vulnerability Scanning." + INSTALL_COMMANDS = [ + "git clone /~https://github.com/Tuhinshubhra/RED_HAWK.git"] + RUN_COMMANDS = ["cd RED_HAWK;php rhawk.php"] + PROJECT_URL = "/~https://github.com/Tuhinshubhra/RED_HAWK" + + +class ReconSpider(HackingTool): + TITLE = "ReconSpider(For All Scaning)" + DESCRIPTION = "ReconSpider is most Advanced Open Source Intelligence (OSINT)" \ + " Framework for scanning IP Address, Emails, \n" \ + "Websites, Organizations and find out information from" \ + " different sources.\n" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/bhavsec/reconspider.git", + "sudo apt install python3 python3-pip && cd reconspider && sudo python3 setup.py install" + ] + PROJECT_URL = "/~https://github.com/bhavsec/reconspider" + + def __init__(self): + super(ReconSpider, self).__init__(runnable = False) + + +class IsItDown(HackingTool): + TITLE = "IsItDown (Check Website Down/Up)" + DESCRIPTION = "Check Website Is Online or Not" + + def __init__(self): + super(IsItDown, self).__init__( + [('Open', self.open)], installable = False, runnable = False) + + def open(self): + webbrowser.open_new_tab("https://www.isitdownrightnow.com/") + + +class Infoga(HackingTool): + TITLE = "Infoga - Email OSINT" + DESCRIPTION = "Infoga is a tool gathering email accounts informations\n" \ + "(ip, hostname, country,...) from different public source" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/m4ll0k/Infoga.git", + "cd infoga;sudo python setup.py install" + ] + RUN_COMMANDS = ["cd infoga;python infoga.py"] + PROJECT_URL = "/~https://github.com/m4ll0k/Infoga" + + +class ReconDog(HackingTool): + TITLE = "ReconDog" + DESCRIPTION = "ReconDog Information Gathering Suite" + INSTALL_COMMANDS = ["git clone /~https://github.com/s0md3v/ReconDog.git"] + RUN_COMMANDS = ["cd ReconDog;sudo python dog"] + PROJECT_URL = "/~https://github.com/s0md3v/ReconDog" + + +class Striker(HackingTool): + TITLE = "Striker" + DESCRIPTION = "Recon & Vulnerability Scanning Suite" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/s0md3v/Striker.git", + "cd Striker && pip3 install -r requirements.txt" + ] + PROJECT_URL = "/~https://github.com/s0md3v/Striker" + + def run(self): + site = input("Enter Site Name (example.com) >> ") + os.system("cd Striker;") + subprocess.run(["sudo", "python3", "striker.py", site]) + + +class SecretFinder(HackingTool): + TITLE = "SecretFinder (like API & etc)" + DESCRIPTION = "SecretFinder - A python script for find sensitive data \n" \ + "like apikeys, accesstoken, authorizations, jwt,..etc \n " \ + "and search anything on javascript files.\n\n " \ + "Usage: python SecretFinder.py -h" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/m4ll0k/SecretFinder.git secretfinder", + "cd secretfinder; sudo pip3 install -r requirements.txt" + ] + PROJECT_URL = "/~https://github.com/m4ll0k/SecretFinder" + + def __init__(self): + super(SecretFinder, self).__init__(runnable = False) + + +class Shodan(HackingTool): + TITLE = "Find Info Using Shodan" + DESCRIPTION = "Get ports, vulnerabilities, informations, banners,..etc \n " \ + "for any IP with Shodan (no apikey! no rate limit!)\n" \ + "[X] Don't use this tool because your ip will be blocked by Shodan!" + INSTALL_COMMANDS = ["git clone /~https://github.com/m4ll0k/Shodanfy.py.git"] + PROJECT_URL = "/~https://github.com/m4ll0k/Shodanfy.py" + + def __init__(self): + super(Shodan, self).__init__(runnable = False) + + +class PortScannerRanger(HackingTool): + TITLE = "Port Scanner - rang3r" + DESCRIPTION = "rang3r is a python script which scans in multi thread\n " \ + "all alive hosts within your range that you specify." + INSTALL_COMMANDS = [ + "git clone /~https://github.com/floriankunushevci/rang3r.git;" + "sudo pip install termcolor"] + PROJECT_URL = "/~https://github.com/floriankunushevci/rang3r" + + def run(self): + ip = input("Enter Ip >> ") + os.system("cd rang3r;") + subprocess.run(["sudo", "python", "rang3r.py", "--ip", ip]) + + +class Breacher(HackingTool): + TITLE = "Breacher" + DESCRIPTION = "An advanced multithreaded admin panel finder written in python." + INSTALL_COMMANDS = ["git clone /~https://github.com/s0md3v/Breacher.git"] + PROJECT_URL = "/~https://github.com/s0md3v/Breacher" + + def __init__(self): + super(Breacher, self).__init__(runnable = False) + + +class InformationGatheringTools(HackingToolsCollection): + TITLE = "Information gathering tools" + TOOLS = [ + NMAP(), + Dracnmap(), + PortScan(), + Host2IP(), + XeroSploit(), + RedHawk(), + ReconSpider(), + IsItDown(), + Infoga(), + ReconDog(), + Striker(), + SecretFinder(), + Shodan(), + PortScannerRanger(), + Breacher() + ] diff --git a/tools/other_tools.py b/tools/other_tools.py new file mode 100644 index 00000000..b7c89100 --- /dev/null +++ b/tools/other_tools.py @@ -0,0 +1,46 @@ +# coding=utf-8 +import os +import subprocess + +from core import HackingTool +from core import HackingToolsCollection +from tools.others.android_attack import AndroidAttackTools +from tools.others.email_verifier import EmailVerifyTools +from tools.others.hash_crack import HashCrackingTools +from tools.others.homograph_attacks import IDNHomographAttackTools +from tools.others.mix_tools import MixTools +from tools.others.payload_injection import PayloadInjectorTools +from tools.others.socialmedia import SocialMediaBruteforceTools +from tools.others.socialmedia_finder import SocialMediaFinderTools +from tools.others.web_crawling import WebCrawlingTools +from tools.others.wifi_jamming import WifiJammingTools + + +class HatCloud(HackingTool): + TITLE = "HatCloud(Bypass CloudFlare for IP)" + DESCRIPTION = "HatCloud build in Ruby. It makes bypass in CloudFlare for " \ + "discover real IP." + INSTALL_COMMANDS = ["git clone /~https://github.com/HatBashBR/HatCloud.git"] + PROJECT_URL = "/~https://github.com/HatBashBR/HatCloud" + + def run(self): + site = input("Enter Site >> ") + os.system("cd HatCloud;") + subprocess.run(["sudo", "ruby", "hatcloud.rb", "-b", site]) + + +class OtherTools(HackingToolsCollection): + TITLE = "Other tools" + TOOLS = [ + SocialMediaBruteforceTools(), + AndroidAttackTools(), + HatCloud(), + IDNHomographAttackTools(), + EmailVerifyTools(), + HashCrackingTools(), + WifiJammingTools(), + SocialMediaFinderTools(), + PayloadInjectorTools(), + WebCrawlingTools(), + MixTools() + ] diff --git a/tools/others/android_attack.py b/tools/others/android_attack.py new file mode 100644 index 00000000..65bdb21f --- /dev/null +++ b/tools/others/android_attack.py @@ -0,0 +1,67 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class Keydroid(HackingTool): + TITLE = "Keydroid" + DESCRIPTION = "Android Keylogger + Reverse Shell\n" \ + "[!] You have to install Some Manually Refer Below Link:\n " \ + "[+] /~https://github.com/F4dl0/keydroid" + INSTALL_COMMANDS = ["sudo git clone /~https://github.com/F4dl0/keydroid.git"] + RUN_COMMANDS = ["cd keydroid && bash keydroid.sh"] + PROJECT_URL = "/~https://github.com/F4dl0/keydroid" + + +class MySMS(HackingTool): + TITLE = "MySMS" + DESCRIPTION = "Script that generates an Android App to hack SMS through WAN \n" \ + "[!] You have to install Some Manually Refer Below Link:\n\t " \ + "[+] /~https://github.com/papusingh2sms/mysms" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/papusingh2sms/mysms.git"] + RUN_COMMANDS = ["cd mysms && bash mysms.sh"] + PROJECT_URL = "/~https://github.com/papusingh2sms/mysms" + + +class LockPhish(HackingTool): + TITLE = "Lockphish (Grab target LOCK PIN)" + DESCRIPTION = "Lockphish it's the first tool for phishing attacks on the " \ + "lock screen, designed to\n Grab Windows credentials,Android" \ + " PIN and iPhone Passcode using a https link." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/JasonJerry/lockphish.git"] + RUN_COMMANDS = ["cd lockphish && bash lockphish.sh"] + PROJECT_URL = "/~https://github.com/JasonJerry/lockphish" + + +class Droidcam(HackingTool): + TITLE = "DroidCam (Capture Image)" + DESCRIPTION = "Powerful Tool For Grab Front Camera Snap Using A Link" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/kinghacker0/WishFish.git;" + "sudo apt install php wget openssh" + ] + RUN_COMMANDS = ["cd wishfish && sudo bash wishfish.sh"] + PROJECT_URL = "/~https://github.com/kinghacker0/WishFish" + + +class EvilApp(HackingTool): + TITLE = "EvilApp (Hijack Session)" + DESCRIPTION = "EvilApp is a script to generate Android App that can " \ + "hijack authenticated sessions in cookies." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/crypticterminal/EvilApp.git"] + RUN_COMMANDS = ["cd evilapp && bash evilapp.sh"] + PROJECT_URL = "/~https://github.com/crypticterminal/EvilApp" + + +class AndroidAttackTools(HackingToolsCollection): + TITLE = "Android Hacking tools" + TOOLS = [ + Keydroid(), + MySMS(), + LockPhish(), + Droidcam(), + EvilApp() + ] diff --git a/tools/others/email_verifier.py b/tools/others/email_verifier.py new file mode 100644 index 00000000..d25fc59d --- /dev/null +++ b/tools/others/email_verifier.py @@ -0,0 +1,19 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class KnockMail(HackingTool): + TITLE = "Knockmail" + DESCRIPTION = "KnockMail Tool Verify If Email Exists" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/4w4k3/KnockMail.git", + "cd KnockMail;sudo pip install -r requeriments.txt" + ] + RUN_COMMANDS = ["cd KnockMail;python knock.py"] + PROJECT_URL = "/~https://github.com/4w4k3/KnockMail" + + +class EmailVerifyTools(HackingToolsCollection): + TITLE = "Email Verify tools" + TOOLS = [KnockMail()] diff --git a/tools/others/hash_crack.py b/tools/others/hash_crack.py new file mode 100644 index 00000000..60a7289f --- /dev/null +++ b/tools/others/hash_crack.py @@ -0,0 +1,21 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class HashBuster(HackingTool): + TITLE = "Hash Buster" + DESCRIPTION = "Features: \n " \ + "Automatic hash type identification \n " \ + "Supports MD5, SHA1, SHA256, SHA384, SHA512" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/s0md3v/Hash-Buster.git", + "cd Hash-Buster;make install" + ] + RUN_COMMANDS = ["buster -h"] + PROJECT_URL = "/~https://github.com/s0md3v/Hash-Buster" + + +class HashCrackingTools(HackingToolsCollection): + TITLE = "Hash cracking tools" + TOOLS = [HashBuster()] diff --git a/tools/others/homograph_attacks.py b/tools/others/homograph_attacks.py new file mode 100644 index 00000000..1ff22077 --- /dev/null +++ b/tools/others/homograph_attacks.py @@ -0,0 +1,17 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class EvilURL(HackingTool): + TITLE = "EvilURL" + DESCRIPTION = "Generate unicode evil domains for IDN Homograph Attack " \ + "and detect them." + INSTALL_COMMANDS = ["git clone /~https://github.com/UndeadSec/EvilURL.git"] + RUN_COMMANDS = ["cd EvilURL;python3 evilurl.py"] + PROJECT_URL = "/~https://github.com/UndeadSec/EvilURL" + + +class IDNHomographAttackTools(HackingToolsCollection): + TITLE = "IDN Homograph Attack" + TOOLS = [EvilURL()] diff --git a/tools/others/mix_tools.py b/tools/others/mix_tools.py new file mode 100644 index 00000000..574eb875 --- /dev/null +++ b/tools/others/mix_tools.py @@ -0,0 +1,19 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class TerminalMultiplexer(HackingTool): + TITLE = "Terminal Multiplexer" + DESCRIPTION = "Terminal Multiplexer is a tiling terminal emulator that " \ + "allows us to open \n several terminal sessions inside one " \ + "single window." + INSTALL_COMMANDS = ["sudo apt-get install tilix"] + + def __init__(self): + super(TerminalMultiplexer, self).__init__(runnable = False) + + +class MixTools(HackingToolsCollection): + TITLE = "Mix tools" + TOOLS = [TerminalMultiplexer()] diff --git a/tools/others/payload_injection.py b/tools/others/payload_injection.py new file mode 100644 index 00000000..92ab1467 --- /dev/null +++ b/tools/others/payload_injection.py @@ -0,0 +1,37 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class DebInject(HackingTool): + TITLE = "Debinject" + DESCRIPTION = "Debinject is a tool that inject malicious code into *.debs" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/Debinject.git"] + RUN_COMMANDS = ["cd Debinject;python debinject.py"] + PROJECT_URL = "/~https://github.com/UndeadSec/Debinject" + + +class Pixload(HackingTool): + TITLE = "Pixload" + DESCRIPTION = "Pixload -- Image Payload Creating tools \n " \ + "Pixload is Set of tools for creating/injecting payload into images." + INSTALL_COMMANDS = [ + "sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl", + "sudo git clone /~https://github.com/chinarulezzz/pixload.git" + ] + PROJECT_URL = "/~https://github.com/chinarulezzz/pixload" + + def __init__(self): + # super(Pixload, self).__init__([ + # ('How To Use', self.show_project_page) + # ], runnable = False) + super(Pixload, self).__init__(runnable = False) + + +class PayloadInjectorTools(HackingToolsCollection): + TITLE = "Payload Injector" + TOOLS = [ + DebInject(), + Pixload() + ] diff --git a/tools/others/socialmedia.py b/tools/others/socialmedia.py new file mode 100644 index 00000000..c4be4393 --- /dev/null +++ b/tools/others/socialmedia.py @@ -0,0 +1,74 @@ +# coding=utf-8 +import os +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class InstaBrute(HackingTool): + TITLE = "Instagram Attack" + DESCRIPTION = "Brute force attack against Instagram" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/chinoogawa/instaBrute.git", + "cd instaBrute;sudo pip install -r requirements.txt" + ] + PROJECT_URL = "/~https://github.com/chinoogawa/instaBrute" + + def run(self): + name = input("Enter Username >> ") + wordlist = input("Enter wordword list >> ") + os.system("cd instaBrute;") + subprocess.run( + ["sudo", "python", "instaBrute.py", "-u", f"{name}", "-d", + f"{wordlist}"]) + + +class BruteForce(HackingTool): + TITLE = "AllinOne SocialMedia Attack" + DESCRIPTION = "Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix \n" \ + "[!] python3 Brute_Force.py -g -l " + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Matrix07ksa/Brute_Force.git", + "cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize" + ] + RUN_COMMANDS = ["cd Brute_Force;python3 Brute_Force.py -h"] + PROJECT_URL = "/~https://github.com/Matrix07ksa/Brute_Force" + + +class Faceshell(HackingTool): + TITLE = "Facebook Attack" + DESCRIPTION = "Facebook BruteForcer" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Matrix07ksa/Brute_Force.git", + "cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize" + ] + PROJECT_URL = "/~https://github.com/Matrix07ksa/Brute_Force" + + def run(self): + name = input("Enter Username >> ") + wordlist = input("Enter Wordlist >> ") + os.system("cd Brute_Force;") + subprocess.run( + ["python3", "Brute_Force.py", "-f", f"{name}", "-l", f"{wordlist}"]) + + +class AppCheck(HackingTool): + TITLE = "Application Checker" + DESCRIPTION = "Tool to check if an app is installed on the target device through a link." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/jakuta-tech/underhanded.git", + "cd underhanded && sudo chmod +x underhanded.sh" + ] + RUN_COMMANDS = ["cd underhanded;sudo bash underhanded.sh"] + PROJECT_URL = "/~https://github.com/jakuta-tech/underhanded" + + +class SocialMediaBruteforceTools(HackingToolsCollection): + TITLE = "SocialMedia Bruteforce" + TOOLS = [ + InstaBrute(), + BruteForce(), + Faceshell(), + AppCheck() + ] diff --git a/tools/others/socialmedia_finder.py b/tools/others/socialmedia_finder.py new file mode 100644 index 00000000..ba1d27d7 --- /dev/null +++ b/tools/others/socialmedia_finder.py @@ -0,0 +1,85 @@ +# coding=utf-8 +import os +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class FacialFind(HackingTool): + TITLE = "Find SocialMedia By Facial Recognation System" + DESCRIPTION = "A Social Media Mapping Tool that correlates profiles\n " \ + "via facial recognition across different sites." + INSTALL_COMMANDS = [ + "sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade", + "sudo git clone /~https://github.com/Greenwolf/social_mapper.git", + "cd social_mapper/setup", + "sudo python3 -m pip install --no-cache-dir -r requirements.txt", + 'echo "[!]Now You have To do some Manually\n' + '[!] Install the Geckodriver for your operating system\n' + '[!] Copy & Paste Link And Download File As System Configuration\n' + '[#] /~https://github.com/mozilla/geckodriver/releases\n' + '[!!] On Linux you can place it in /usr/bin "| boxes | lolcat' + ] + PROJECT_URL = "/~https://github.com/Greenwolf/social_mapper" + + def run(self): + os.system("cd social_mapper/setup") + os.system("sudo python social_mapper.py -h") + print("""\033[95m + You have to set Username and password of your AC Or Any Fack Account + [#] Type in Terminal nano social_mapper.py + """) + os.system( + 'echo "python social_mapper.py -f [] -i [] -m fast [] -fb -tw"| boxes | lolcat') + + +class FindUser(HackingTool): + TITLE = "Find SocialMedia By UserName" + DESCRIPTION = "Find usernames across over 75 social networks" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/xHak9x/finduser.git", + "cd finduser && sudo chmod +x finduser.sh" + ] + RUN_COMMANDS = ["cd finduser && sudo bash finduser.sh"] + PROJECT_URL = "/~https://github.com/xHak9x/finduser" + + +class Sherlock(HackingTool): + TITLE = "Sherlock" + DESCRIPTION = "Hunt down social media accounts by username across social networks \n " \ + "For More Usege \n" \ + "\t >>python3 sherlock --help" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/sherlock-project/sherlock.git", + "cd sherlock;sudo python3 -m pip install -r requirements.txt" + ] + PROJECT_URL = "/~https://github.com/sherlock-project/sherlock" + + def run(self): + name = input("Enter Username >> ") + os.system("cd sherlock;") + subprocess.run(["sudo", "python3", "sherlock", f"{name}"]) + + +class SocialScan(HackingTool): + TITLE = "SocialScan | Username or Email" + DESCRIPTION = "Check email address and username availability on online " \ + "platforms with 100% accuracy" + INSTALL_COMMANDS = ["sudo pip install socialscan"] + PROJECT_URL = "/~https://github.com/iojw/socialscan" + + def run(self): + name = input( + "Enter Username or Emailid (if both then please space between email & username) >> ") + subprocess.run(["sudo", "socialscan", f"{name}"]) + + +class SocialMediaFinderTools(HackingToolsCollection): + TITLE = "SocialMedia Finder" + TOOLS = [ + FacialFind(), + FindUser(), + Sherlock(), + SocialScan() + ] diff --git a/tools/others/web_crawling.py b/tools/others/web_crawling.py new file mode 100644 index 00000000..8d7989c6 --- /dev/null +++ b/tools/others/web_crawling.py @@ -0,0 +1,18 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class GoSpider(HackingTool): + TITLE = "Gospider" + DESCRIPTION = "Gospider - Fast web spider written in Go" + INSTALL_COMMANDS = ["sudo go get -u github.com/jaeles-project/gospider"] + PROJECT_URL = "/~https://github.com/jaeles-project/gospider" + + def __init__(self): + super(GoSpider, self).__init__(runnable = False) + + +class WebCrawlingTools(HackingToolsCollection): + TITLE = "Web crawling" + TOOLS = [GoSpider()] diff --git a/tools/others/wifi_jamming.py b/tools/others/wifi_jamming.py new file mode 100644 index 00000000..412e9155 --- /dev/null +++ b/tools/others/wifi_jamming.py @@ -0,0 +1,37 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class WifiJammerNG(HackingTool): + TITLE = "WifiJammer-NG" + DESCRIPTION = "Continuously jam all wifi clients and access points within range." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/MisterBianco/wifijammer-ng.git", + "cd wifijammer-ng;sudo pip3 install -r requirements.txt" + ] + RUN_COMMANDS = [ + 'echo "python wifijammer.py [-a AP MAC] [-c CHANNEL] [-d] [-i INTERFACE] [-m MAXIMUM] [-k] [-p PACKETS] [-s SKIP] [-t TIME INTERVAL] [-D]"| boxes | lolcat', + "cd wifijammer-ng;sudo python3 wifijammer.py" + ] + PROJECT_URL = "/~https://github.com/MisterBianco/wifijammer-ng" + + +class KawaiiDeauther(HackingTool): + TITLE = "KawaiiDeauther" + DESCRIPTION = "Kawaii Deauther is a pentest toolkit whose goal is to perform \n " \ + "jam on WiFi clients/routers and spam many fake AP for testing purposes." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/aryanrtm/KawaiiDeauther.git", + "cd KawaiiDeauther;sudo bash install.sh" + ] + RUN_COMMANDS = ["cd KawaiiDeauther;sudo KawaiiDeauther.sh"] + PROJECT_URL = "/~https://github.com/aryanrtm/KawaiiDeauther" + + +class WifiJammingTools(HackingToolsCollection): + TITLE = "Wifi Deauthenticate" + TOOLS = [ + WifiJammerNG(), + KawaiiDeauther() + ] diff --git a/tools/payload_creator.py b/tools/payload_creator.py new file mode 100644 index 00000000..22ae29ad --- /dev/null +++ b/tools/payload_creator.py @@ -0,0 +1,141 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class TheFatRat(HackingTool): + TITLE = "The FatRat" + DESCRIPTION = "TheFatRat Provides An Easy way to create Backdoors and \n" \ + "Payload which can bypass most anti-virus" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Screetsec/TheFatRat.git", + "cd TheFatRat && sudo chmod +x setup.sh" + ] + RUN_COMMANDS = ["cd TheFatRat && sudo bash setup.sh"] + PROJECT_URL = "/~https://github.com/Screetsec/TheFatRat" + + def __init__(self): + super(TheFatRat, self).__init__([ + ('Update', self.update), + ('Troubleshoot', self.troubleshoot) + ]) + + def update(self): + os.system( + "cd TheFatRat && bash update && chmod +x setup.sh && bash setup.sh") + + def troubleshoot(self): + os.system("cd TheFatRat && sudo chmod +x chk_tools && ./chk_tools") + + +class Brutal(HackingTool): + TITLE = "Brutal" + DESCRIPTION = "Brutal is a toolkit to quickly create various payload," \ + "powershell attack,\nvirus attack and launch listener for " \ + "a Human Interface Device" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Screetsec/Brutal.git", + "cd Brutal && sudo chmod +x Brutal.sh" + ] + RUN_COMMANDS = ["cd Brutal && sudo bash Brutal.sh"] + PROJECT_URL = "/~https://github.com/Screetsec/Brutal" + + def show_info(self): + super(Brutal, self).show_info() + print(""" + [!] Requirement + >> Arduino Software (I used v1.6.7) + >> TeensyDuino + >> Linux udev rules + >> Copy and paste the PaensyLib folder inside your Arduino\libraries + + [!] Kindly Visit below link for Installation for Arduino + >> /~https://github.com/Screetsec/Brutal/wiki/Install-Requirements + """) + + +class Stitch(HackingTool): + TITLE = "Stitch" + DESCRIPTION = "Stitch is Cross Platform Python Remote Administrator Tool\n\t" \ + "[!] Refer Below Link For Wins & MAc Os" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/nathanlopez/Stitch.git", + "cd Stitch && sudo pip install -r lnx_requirements.txt" + ] + RUN_COMMANDS = ["cd Stitch && sudo python main.py"] + PROJECT_URL = "https://nathanlopez.github.io/Stitch" + + +class MSFVenom(HackingTool): + TITLE = "MSFvenom Payload Creator" + DESCRIPTION = "MSFvenom Payload Creator (MSFPC) is a wrapper to generate \n" \ + "multiple types of payloads, based on users choice.\n" \ + "The idea is to be as simple as possible (only requiring " \ + "one input) \nto produce their payload." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/g0tmi1k/msfpc.git", + "cd msfpc;sudo chmod +x msfpc.sh" + ] + RUN_COMMANDS = ["cd msfpc;sudo bash msfpc.sh -h -v"] + PROJECT_URL = "/~https://github.com/g0tmi1k/msfpc" + + +class Venom(HackingTool): + TITLE = "Venom Shellcode Generator" + DESCRIPTION = "venom 1.0.11 (malicious_server) was build to take " \ + "advantage of \n apache2 webserver to deliver payloads " \ + "(LAN) using a fake webpage writen in html" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/r00t-3xp10it/venom.git", + "sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh", + "sudo ./venom.sh -u" + ] + RUN_COMMANDS = ["cd venom && sudo ./venom.sh"] + PROJECT_URL = "/~https://github.com/r00t-3xp10it/venom" + + +class Spycam(HackingTool): + TITLE = "Spycam" + DESCRIPTION = "Script to generate a Win32 payload that takes the webcam " \ + "image every 1 minute and send it to the attacker" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/thelinuxchoice/spycam.git", + "cd spycam && bash install.sh && chmod +x spycam" + ] + RUN_COMMANDS = ["cd spycam && ./spycam"] + PROJECT_URL = "/~https://github.com/thelinuxchoice/spycam" + + +class MobDroid(HackingTool): + TITLE = "Mob-Droid" + DESCRIPTION = "Mob-Droid helps you to generate metasploit payloads in " \ + "easy way\n without typing long commands and save your time" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/kinghacker0/mob-droid.git"] + RUN_COMMANDS = ["cd Mob-Droid;sudo python mob-droid.py"] + PROJECT_URL = "/~https://github.com/kinghacker0/Mob-Droid" + + +class Enigma(HackingTool): + TITLE = "Enigma" + DESCRIPTION = "Enigma is a Multiplatform payload dropper" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/Enigma.git"] + RUN_COMMANDS = ["cd Enigma;sudo python3 enigma3.py"] + PROJECT_URL = "/~https://github.com/UndeadSec/Enigma" + + +class PayloadCreatorTools(HackingToolsCollection): + TITLE = "Payload creation tools" + TOOLS = [ + TheFatRat(), + Brutal(), + Stitch(), + MSFVenom(), + Venom(), + Spycam(), + MobDroid(), + Enigma() + ] diff --git a/tools/phising_attack.py b/tools/phising_attack.py new file mode 100644 index 00000000..ae545a9b --- /dev/null +++ b/tools/phising_attack.py @@ -0,0 +1,130 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class Setoolkit(HackingTool): + TITLE = "Setoolkit" + DESCRIPTION = "The Social-Engineer Toolkit is an open-source penetration\n" \ + "testing framework designed for social engineering" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/trustedsec/social-engineer-toolkit.git", + "sudo python social-engineer-toolkit/setup.py" + ] + RUN_COMMANDS = ["sudo setoolkit"] + PROJECT_URL = "/~https://github.com/trustedsec/social-engineer-toolkit" + + +class SocialFish(HackingTool): + TITLE = "SocialFish" + DESCRIPTION = "Automated Phishing Tool & Information Collector" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y", + "cd SocialFish && sudo python3 -m pip install -r requirements.txt" + ] + RUN_COMMANDS = ["cd SocialFish && sudo python3 SocialFish.py root pass"] + PROJECT_URL = "/~https://github.com/UndeadSec/SocialFish" + + +class HiddenEye(HackingTool): + TITLE = "HiddenEye" + DESCRIPTION = "Modern Phishing Tool With Advanced Functionality And " \ + "Multiple Tunnelling Services \n" \ + "\t [!]/~https://github.com/DarkSecDevelopers/HiddenEye" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/DarkSecDevelopers/HiddenEye.git ;sudo chmod 777 HiddenEye", + "cd HiddenEye;sudo pip3 install -r requirements.txt;sudo pip3 install requests;pip3 install pyngrok" + ] + RUN_COMMANDS = ["cd HiddenEye;sudo python3 HiddenEye.py"] + PROJECT_URL = "/~https://github.com/DarkSecDevelopers/HiddenEye" + + +class Evilginx2(HackingTool): + TITLE = "Evilginx2" + DESCRIPTION = "evilginx2 is a man-in-the-middle attack framework used " \ + "for phishing login credentials along with session cookies,\n" \ + "which in turn allows to bypass 2-factor authentication protection.\n\n\t " \ + "[+]Make sure you have installed GO of version at least 1.14.0 \n" \ + "[+]After installation, add this to your ~/.profile, assuming that you installed GO in /usr/local/go\n\t " \ + "[+]export GOPATH=$HOME/go \n " \ + "[+]export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin \n" \ + "[+]Then load it with source ~/.profiles." + INSTALL_COMMANDS = [ + "sudo apt-get install git make;go get -u github.com/kgretzky/evilginx2", + "cd $GOPATH/src/github.com/kgretzky/evilginx2;make", + "sudo make install;sudo evilginx" + ] + RUN_COMMANDS = ["sudo evilginx"] + PROJECT_URL = "/~https://github.com/kgretzky/evilginx2" + + +class ISeeYou(HackingTool): + TITLE = "I-See_You(Get Location using phishing attack)" + DESCRIPTION = "[!] ISeeYou is a tool to find Exact Location of Victom By" \ + " User SocialEngineering or Phishing Engagment..\n" \ + "[!] Users can expose their local servers to the Internet " \ + "and decode the location coordinates by looking at the log file" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Viralmaniar/I-See-You.git", + "cd I-See-You && sudo chmod u+x ISeeYou.sh" + ] + RUN_COMMANDS = ["cd I-See-You && sudo bash ISeeYou.sh"] + PROJECT_URL = "/~https://github.com/Viralmaniar/I-See-You" + + +class SayCheese(HackingTool): + TITLE = "SayCheese (Grab target's Webcam Shots)" + DESCRIPTION = "Take webcam shots from target just sending a malicious link" + INSTALL_COMMANDS = ["sudo git clone /~https://github.com/hangetzzu/saycheese"] + RUN_COMMANDS = ["cd saycheese && sudo bash saycheese.sh"] + PROJECT_URL = "/~https://github.com/hangetzzu/saycheese" + + +class QRJacking(HackingTool): + TITLE = "QR Code Jacking" + DESCRIPTION = "QR Code Jacking (Any Website)" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/cryptedwolf/ohmyqr.git && sudo apt-get install scrot"] + RUN_COMMANDS = ["cd ohmyqr && sudo bash ohmyqr.sh"] + PROJECT_URL = "/~https://github.com/cryptedwolf/ohmyqr" + + +class ShellPhish(HackingTool): + TITLE = "ShellPhish" + DESCRIPTION = "Fhishing Tool for 18 social media" + INSTALL_COMMANDS = ["git clone /~https://github.com/An0nUD4Y/shellphish.git"] + RUN_COMMANDS = ["cd shellphish;sudo bash shellphish.sh"] + PROJECT_URL = "/~https://github.com/An0nUD4Y/shellphish" + + +class BlackPhish(HackingTool): + TITLE = "BlackPhish" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/iinc0gnit0/BlackPhish.git", + "cd BlackPhish;sudo bash install.sh" + ] + RUN_COMMANDS = ["cd BlackPhish;sudo python3 blackphish.py"] + PROJECT_URL = "/~https://github.com/iinc0gnit0/BlackPhish" + + def __init__(self): + super(BlackPhish, self).__init__([('Update', self.update)]) + + def update(self): + os.system("cd BlackPhish;sudo bash update.sh") + + +class PhishingAttackTools(HackingToolsCollection): + TITLE = "Phishing attack tools" + TOOLS = [ + Setoolkit(), + SocialFish(), + HiddenEye(), + Evilginx2(), + ISeeYou(), + SayCheese(), + QRJacking(), + ShellPhish(), + BlackPhish() + ] diff --git a/tools/post_exploitation.py b/tools/post_exploitation.py new file mode 100644 index 00000000..3d9791fc --- /dev/null +++ b/tools/post_exploitation.py @@ -0,0 +1,44 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class Vegile(HackingTool): + TITLE = "Vegile - Ghost In The Shell" + DESCRIPTION = "This tool will set up your backdoor/rootkits when " \ + "backdoor is already setup it will be \n" \ + "hidden your specific process,unlimited your session in " \ + "metasploit and transparent." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Screetsec/Vegile.git", + "cd Vegile && sudo chmod +x Vegile" + ] + RUN_COMMANDS = ["cd Vegile && sudo bash Vegile"] + PROJECT_URL = "/~https://github.com/Screetsec/Vegile" + + def before_run(self): + os.system('echo "You can Use Command: \n' + '[!] Vegile -i / --inject [backdoor/rootkit] \n' + '[!] Vegile -u / --unlimited [backdoor/rootkit] \n' + '[!] Vegile -h / --help"|boxes -d parchment') + + +class ChromeKeyLogger(HackingTool): + TITLE = "Chrome Keylogger" + DESCRIPTION = "Hera Chrome Keylogger" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/HeraKeylogger.git", + "cd HeraKeylogger && sudo apt-get install python3-pip -y && sudo pip3 install -r requirements.txt" + ] + RUN_COMMANDS = ["cd HeraKeylogger && sudo python3 hera.py"] + PROJECT_URL = "/~https://github.com/UndeadSec/HeraKeylogger" + + +class PostExploitationTools(HackingToolsCollection): + TITLE = "Post exploitation tools" + TOOLS = [ + Vegile(), + ChromeKeyLogger() + ] diff --git a/tools/remote_administration.py b/tools/remote_administration.py new file mode 100644 index 00000000..b5d7e0ea --- /dev/null +++ b/tools/remote_administration.py @@ -0,0 +1,36 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class Stitch(HackingTool): + TITLE = "Stitch" + DESCRIPTION = "Stitch is a cross platform python framework.\n" \ + "which allows you to build custom payloads\n" \ + "For Windows, Mac and Linux." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/nathanlopez/Stitch.git", + "cd Stitch;sudo pip install -r lnx_requirements.txt" + ] + RUN_COMMANDS = ["cd Stitch;python main.py"] + PROJECT_URL = "/~https://github.com/nathanlopez/Stitch" + + +class Pyshell(HackingTool): + TITLE = "Pyshell" + DESCRIPTION = "Pyshell is a Rat Tool that can be able to download & upload " \ + "files,\n Execute OS Command and more.." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/khalednassar702/Pyshell.git;" + "sudo pip install pyscreenshot python-nmap requests" + ] + RUN_COMMANDS = ["cd Pyshell;./Pyshell"] + PROJECT_URL = "/~https://github.com/knassar702/pyshell" + + +class RemoteAdministrationTools(HackingToolsCollection): + TITLE = "Remote Administrator Tools (RAT)" + TOOLS = [ + Stitch(), + Pyshell() + ] diff --git a/tools/reverse_engineering.py b/tools/reverse_engineering.py new file mode 100644 index 00000000..9972334c --- /dev/null +++ b/tools/reverse_engineering.py @@ -0,0 +1,56 @@ +# coding=utf-8 +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class AndroGuard(HackingTool): + TITLE = "Androguard" + DESCRIPTION = "Androguard is a Reverse engineering, Malware and goodware " \ + "analysis of Android applications and more" + INSTALL_COMMANDS = ["sudo pip install -U androguard"] + PROJECT_URL = "/~https://github.com/androguard/androguard " + + def __init__(self): + super(AndroGuard, self).__init__(runnable = False) + + +class Apk2Gold(HackingTool): + TITLE = "Apk2Gold" + DESCRIPTION = "Apk2Gold is a CLI tool for decompiling Android apps to Java" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/lxdvs/apk2gold.git", + "cd apk2gold;sudo bash make.sh" + ] + PROJECT_URL = "/~https://github.com/lxdvs/apk2gold " + + def run(self): + uinput = input("Enter (.apk) File >> ") + subprocess.run(["sudo", "apk2gold", uinput]) + + +class Jadx(HackingTool): + TITLE = "JadX" + DESCRIPTION = "Jadx is Dex to Java decompiler.\n" \ + "[*] decompile Dalvik bytecode to java classes from APK, dex," \ + " aar and zip files\n" \ + "[*] decode AndroidManifest.xml and other resources from " \ + "resources.arsc" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/skylot/jadx.git", + "cd jadx;./gradlew dist" + ] + PROJECT_URL = "/~https://github.com/skylot/jadx" + + def __init__(self): + super(Jadx, self).__init__(runnable = False) + + +class ReverseEngineeringTools(HackingToolsCollection): + TITLE = "Reverse engineering tools" + TOOLS = [ + AndroGuard(), + Apk2Gold(), + Jadx() + ] diff --git a/tools/sql_tools.py b/tools/sql_tools.py new file mode 100644 index 00000000..fb13ff4f --- /dev/null +++ b/tools/sql_tools.py @@ -0,0 +1,117 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class Sqlmap(HackingTool): + TITLE = "Sqlmap tool" + DESCRIPTION = "sqlmap is an open source penetration testing tool that " \ + "automates the process of \n" \ + "detecting and exploiting SQL injection flaws and taking " \ + "over of database servers \n " \ + "[!] python sqlmap.py -u [] --batch --banner \n " \ + "More Usage [!] /~https://github.com/sqlmapproject/sqlmap/wiki/Usage" + INSTALL_COMMANDS = [ + "sudo git clone --depth 1 /~https://github.com/sqlmapproject/sqlmap.git sqlmap-dev"] + PROJECT_URL = "/~https://github.com/sqlmapproject/sqlmap" + + def __init__(self): + super(Sqlmap, self).__init__(runnable = False) + + +class NoSqlMap(HackingTool): + TITLE = "NoSqlMap" + DESCRIPTION = "NoSQLMap is an open source Python tool designed to \n " \ + "audit for as well as automate injection attacks and exploit.\n " \ + "\033[91m " \ + "[*] Please Install MongoDB \n " + INSTALL_COMMANDS = [ + "git clone /~https://github.com/codingo/NoSQLMap.git", + "sudo chmod -R 755 NoSQLMap;cd NoSQLMap;python setup.py install" + ] + RUN_COMMANDS = ["python NoSQLMap"] + PROJECT_URL = "/~https://github.com/codingo/NoSQLMap" + + +class SQLiScanner(HackingTool): + TITLE = "Damn Small SQLi Scanner" + DESCRIPTION = "Damn Small SQLi Scanner (DSSS) is a fully functional SQL " \ + "injection\nvulnerability scanner also supporting GET and " \ + "POST parameters.\n" \ + "[*]python3 dsss.py -h[help] | -u[URL]" + INSTALL_COMMANDS = ["git clone /~https://github.com/stamparm/DSSS.git"] + PROJECT_URL = "/~https://github.com/stamparm/DSSS" + + def __init__(self): + super(SQLiScanner, self).__init__(runnable = False) + + +class Explo(HackingTool): + TITLE = "Explo" + DESCRIPTION = "Explo is a simple tool to describe web security issues " \ + "in a human and machine readable format.\n " \ + "Usage:- \n " \ + "[1] explo [--verbose|-v] testcase.yaml \n " \ + "[2] explo [--verbose|-v] examples/*.yaml" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/dtag-dev-sec/explo.git", + "cd explo;sudo python setup.py install" + ] + PROJECT_URL = "/~https://github.com/dtag-dev-sec/explo" + + def __init__(self): + super(Explo, self).__init__(runnable = False) + + +class Blisqy(HackingTool): + TITLE = "Blisqy - Exploit Time-based blind-SQL injection" + DESCRIPTION = "Blisqy is a tool to aid Web Security researchers to find " \ + "Time-based Blind SQL injection \n on HTTP Headers and also " \ + "exploitation of the same vulnerability.\n " \ + "For Usage >> \n" + INSTALL_COMMANDS = ["git clone /~https://github.com/JohnTroony/Blisqy.git"] + PROJECT_URL = "/~https://github.com/JohnTroony/Blisqy" + + def __init__(self): + super(Blisqy, self).__init__(runnable = False) + + +class Leviathan(HackingTool): + TITLE = "Leviathan - Wide Range Mass Audit Toolkit" + DESCRIPTION = "Leviathan is a mass audit toolkit which has wide range " \ + "service discovery,\nbrute force, SQL injection detection " \ + "and running custom exploit capabilities. \n " \ + "[*] It Requires API Keys \n " \ + "More Usage [!] /~https://github.com/utkusen/leviathan/wiki" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/leviathan-framework/leviathan.git", + "cd leviathan;sudo pip install -r requirements.txt" + ] + RUN_COMMANDS = ["cd leviathan;python leviathan.py"] + PROJECT_URL = "/~https://github.com/leviathan-framework/leviathan" + + +class SQLScan(HackingTool): + TITLE = "SQLScan" + DESCRIPTION = "sqlscan is quick web scanner for find an sql inject point." \ + " not for educational, this is for hacking." + INSTALL_COMMANDS = [ + "sudo apt install php php-bz2 php-curl php-mbstring curl", + "sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan", + "chmod +x /usr/local/bin/sqlscan" + ] + RUN_COMMANDS = ["sudo sqlscan"] + PROJECT_URL = "/~https://github.com/Cvar1984/sqlscan" + + +class SqlInjectionTools(HackingToolsCollection): + TITLE = "SQL Injection Tools" + TOOLS = [ + Sqlmap(), + NoSqlMap(), + SQLiScanner(), + Explo(), + Blisqy(), + Leviathan(), + SQLScan() + ] diff --git a/tools/steganography.py b/tools/steganography.py new file mode 100644 index 00000000..1c7e0393 --- /dev/null +++ b/tools/steganography.py @@ -0,0 +1,68 @@ +# coding=utf-8 +import subprocess + +from core import HackingTool +from core import HackingToolsCollection +from core import validate_input + + +class SteganoHide(HackingTool): + TITLE = "SteganoHide" + INSTALL_COMMANDS = ["sudo apt-get install steghide -y"] + + def run(self): + choice_run = input( + "[1] Hide\n" + "[2] Extract\n" + "[99]Cancel\n" + ">> ") + choice_run = validate_input(choice_run, [1, 2, 99]) + if choice_run is None: + print("Please choose a valid input") + return self.run() + + if choice_run == 99: + return + + if choice_run == 1: + file_hide = input("Enter Filename you want to Embed (1.txt) >> ") + file_to_be_hide = input("Enter Cover Filename(test.jpeg) >> ") + subprocess.run( + ["steghide", "embed", "-cf", file_to_be_hide, "-ef", file_hide]) + + elif choice_run == "2": + from_file = input("Enter Filename From Extract Data >> ") + subprocess.run(["steghide", "extract", "-sf", from_file]) + + +class StegnoCracker(HackingTool): + TITLE = "StegnoCracker" + DESCRIPTION = "SteganoCracker is a tool that uncover hidden data inside " \ + "files\n using brute-force utility" + INSTALL_COMMANDS = [ + "pip3 install stegcracker && pip3 install stegcracker -U --force-reinstall"] + + def run(self): + filename = input("Enter Filename:- ") + passfile = input("Enter Wordlist Filename:- ") + subprocess.run(["stegcracker", filename, passfile]) + + +class Whitespace(HackingTool): + TITLE = "Whitespace" + DESCRIPTION = "Use whitespace and unicode chars for steganography" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/beardog108/snow10.git", + "sudo chmod -R 755 snow10" + ] + RUN_COMMANDS = ["cd snow10 && firefox index.html"] + PROJECT_URL = "/~https://github.com/beardog108/snow10" + + +class SteganographyTools(HackingToolsCollection): + TITLE = "Steganograhy tools" + TOOLS = [ + SteganoHide(), + StegnoCracker(), + Whitespace() + ] diff --git a/tools/tool_manager.py b/tools/tool_manager.py new file mode 100644 index 00000000..f0fa2aa3 --- /dev/null +++ b/tools/tool_manager.py @@ -0,0 +1,66 @@ +# coding=utf-8 +import os +from time import sleep + +from core import HackingTool +from core import HackingToolsCollection + + +class UpdateTool(HackingTool): + TITLE = "Update Tool or System" + DESCRIPTION = "Update Tool or System" + + def __init__(self): + super(UpdateTool, self).__init__([ + ("Update System", self.update_sys), + ("Update Hackingtool", self.update_ht) + ], installable = False, runnable = False) + + def update_sys(self): + os.system("sudo apt update && sudo apt full-upgrade -y") + os.system( + "sudo apt-get install tor openssl curl && sudo apt-get update tor openssl curl") + os.system("sudo apt-get install python3-pip") + + def update_ht(self): + os.system("sudo chmod +x /etc/;" + "sudo chmod +x /usr/share/doc;" + "sudo rm -rf /usr/share/doc/hackingtool/;" + "cd /etc/;" + "sudo rm -rf /etc/hackingtool/;" + "mkdir hackingtool;" + "cd hackingtool;" + "git clone /~https://github.com/Z4nzu/hackingtool.git;" + "cd hackingtool;" + "sudo chmod +x install.sh;" + "./install.sh") + + +class UninstallTool(HackingTool): + TITLE = "Uninstall HackingTool" + DESCRIPTION = "Uninstall HackingTool" + + def __init__(self): + super(UninstallTool, self).__init__([ + ('Uninstall', self.uninstall) + ], installable = False, runnable = False) + + def uninstall(self): + print("hackingtool started to uninstall..\n") + sleep(1) + os.system("sudo chmod +x /etc/;" + "sudo chmod +x /usr/share/doc;" + "sudo rm -rf /usr/share/doc/hackingtool/;" + "cd /etc/;" + "sudo rm -rf /etc/hackingtool/;") + print("\nHackingtool Successfully Uninstalled..") + print("Happy Hacking..!!") + sleep(1) + + +class ToolManager(HackingToolsCollection): + TITLE = "Update or Uninstall | Hackingtool" + TOOLS = [ + UpdateTool(), + UninstallTool() + ] diff --git a/tools/webattack.py b/tools/webattack.py new file mode 100644 index 00000000..b4e1b505 --- /dev/null +++ b/tools/webattack.py @@ -0,0 +1,113 @@ +# coding=utf-8 +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class Web2Attack(HackingTool): + TITLE = "Web2Attack" + DESCRIPTION = "Web hacking framework with tools, exploits by python" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/santatic/web2attack.git"] + RUN_COMMANDS = ["cd web2attack && sudo bash w2aconsole"] + PROJECT_URL = "/~https://github.com/santatic/web2attack" + + +class Skipfish(HackingTool): + TITLE = "Skipfish" + DESCRIPTION = "Skipfish – Fully automated, active web application " \ + "security reconnaissance tool \n " \ + "Usage: skipfish -o [FolderName] targetip/site" + RUN_COMMANDS = [ + "sudo skipfish -h", + 'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat' + ] + + def __init__(self): + super(Skipfish, self).__init__(installable = False) + + +class SubDomainFinder(HackingTool): + TITLE = "SubDomain Finder" + DESCRIPTION = "Sublist3r is a python tool designed to enumerate " \ + "subdomains of websites using OSINT \n " \ + "Usage:\n\t" \ + "[1] python sublist3r.py -d example.com \n" \ + "[2] python sublist3r.py -d example.com -p 80,443" + INSTALL_COMMANDS = [ + "sudo pip install requests argparse dnspython", + "sudo git clone /~https://github.com/aboul3la/Sublist3r.git", + "cd Sublist3r && sudo pip install -r requirements.txt" + ] + RUN_COMMANDS = ["cd Sublist3r && python sublist3r.py -h"] + PROJECT_URL = "/~https://github.com/aboul3la/Sublist3r" + + +class CheckURL(HackingTool): + TITLE = "CheckURL" + DESCRIPTION = "Detect evil urls that uses IDN Homograph Attack.\n\t" \ + "[!] python3 checkURL.py --url google.com" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/checkURL.git"] + RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"] + PROJECT_URL = "/~https://github.com/UndeadSec/checkURL" + + +class Blazy(HackingTool): + TITLE = "Blazy(Also Find ClickJacking)" + DESCRIPTION = "Blazy is a modern login page bruteforcer" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UltimateHackers/Blazy.git", + "cd Blazy && sudo pip install -r requirements.txt" + ] + RUN_COMMANDS = ["cd Blazy && sudo python blazy.py"] + PROJECT_URL = "/~https://github.com/UltimateHackers/Blazy" + + +class SubDomainTakeOver(HackingTool): + TITLE = "Sub-Domain TakeOver" + DESCRIPTION = "Sub-domain takeover vulnerability occur when a sub-domain " \ + "\n (subdomain.example.com) is pointing to a service " \ + "(e.g: GitHub, AWS/S3,..)\n" \ + "that has been removed or deleted.\n" \ + "Usage:python3 takeover.py -d www.domain.com -v" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/m4ll0k/takeover.git", + "cd takeover;sudo python3 setup.py install" + ] + PROJECT_URL = "/~https://github.com/m4ll0k/takeover" + + def __init__(self): + super(SubDomainTakeOver, self).__init__(runnable = False) + + +class Dirb(HackingTool): + TITLE = "Dirb" + DESCRIPTION = "DIRB is a Web Content Scanner. It looks for existing " \ + "(and/or hidden) Web Objects.\n" \ + "It basically works by launching a dictionary based " \ + "attack against \n a web server and analizing the response." + INSTALL_COMMANDS = [ + "sudo git clone https://gitlab.com/kalilinux/packages/dirb.git", + "cd dirb;sudo ./configure;make" + ] + PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb" + + def run(self): + uinput = input("Enter Url >> ") + subprocess.run(["sudo", "dirb", uinput]) + + +class WebAttackTools(HackingToolsCollection): + TITLE = "Web Attack tools" + DESCRIPTION = "" + TOOLS = [ + Web2Attack(), + Skipfish(), + SubDomainFinder(), + CheckURL(), + Blazy(), + SubDomainTakeOver(), + Dirb() + ] diff --git a/tools/wireless_attack_tools.py b/tools/wireless_attack_tools.py new file mode 100644 index 00000000..f508bddd --- /dev/null +++ b/tools/wireless_attack_tools.py @@ -0,0 +1,155 @@ +# coding=utf-8 +import os + +from core import HackingTool +from core import HackingToolsCollection + + +class WIFIPumpkin(HackingTool): + TITLE = "WiFi-Pumpkin" + DESCRIPTION = "The WiFi-Pumpkin is a rogue AP framework to easily create " \ + "these fake networks\n" \ + "all while forwarding legitimate traffic to and from the " \ + "unsuspecting target." + INSTALL_COMMANDS = [ + "sudo apt install libssl-dev libffi-dev build-essential", + "sudo git clone /~https://github.com/P0cL4bs/wifipumpkin3.git", + "chmod -R 755 wifipumpkin3 && cd wifipumpkin3", + "sudo apt install python3-pyqt5", + "sudo python3 setup.py install" + ] + RUN_COMMANDS = ["sudo wifipumpkin3"] + PROJECT_URL = "/~https://github.com/P0cL4bs/wifipumpkin3" + + +class pixiewps(HackingTool): + TITLE = "pixiewps" + DESCRIPTION = "Pixiewps is a tool written in C used to bruteforce offline " \ + "the WPS pin\n " \ + "exploiting the low or non-existing entropy of some Access " \ + "Points, the so-called pixie dust attack" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/wiire/pixiewps.git && apt-get -y install build-essential", + "cd pixiewps*/ && make", + "cd pixiewps*/ && sudo make install && wget https://pastebin.com/y9Dk1Wjh" + ] + PROJECT_URL = "/~https://github.com/wiire/pixiewps" + + def run(self): + os.system( + 'echo "' + '1.> Put your interface into monitor mode using ' + '\'airmon-ng start {wireless interface}\n' + '2.> wash -i {monitor-interface like mon0}\'\n' + '3.> reaver -i {monitor interface} -b {BSSID of router} -c {router channel} -vvv -K 1 -f"' + '| boxes -d boy') + print("You Have To Run Manually By USing >>pixiewps -h ") + + +class BluePot(HackingTool): + TITLE = "Bluetooth Honeypot GUI Framework" + DESCRIPTION = "You need to have at least 1 bluetooh receiver " \ + "(if you have many it will work with those, too).\n" \ + "You must install/libbluetooth-dev on " \ + "Ubuntu/bluez-libs-devel on Fedora/bluez-devel on openSUSE" + INSTALL_COMMANDS = [ + "wget /~https://github.com/andrewmichaelsmith/bluepot/raw/master/bin/bluepot-0.1.tar.gz " + "&& tar xfz bluepot-0.1.tar.gz && sudo java -jar bluepot/BluePot-0.1.jar" + ] + RUN_COMMANDS = ["cd bluepot-0.1 && sudo java -jar bluepot/BluePot-0.1.jar"] + PROJECT_URL = "/~https://github.com/andrewmichaelsmith/bluepot" + + +class Fluxion(HackingTool): + TITLE = "Fluxion" + DESCRIPTION = "Fluxion is a wifi key cracker using evil twin attack..\n" \ + "you need a wireless adaptor for this tool" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/thehackingsage/Fluxion.git", + "cd Fluxion && cd install && sudo chmod +x install.sh && sudo bash install.sh", + "cd .. ; sudo chmod +x fluxion.sh" + ] + RUN_COMMANDS = ["cd Fluxion;sudo bash fluxion.sh"] + PROJECT_URL = "/~https://github.com/thehackingsage/Fluxion" + + +class Wifiphisher(HackingTool): + TITLE = "Wifiphisher" + DESCRIPTION = """ + Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. + Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing + targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the + connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the + victim stations with malware..\n + For More Details Visit >> /~https://github.com/wifiphisher/wifiphisher + """ + INSTALL_COMMANDS = [ + "git clone /~https://github.com/wifiphisher/wifiphisher.git", + "cd wifiphisher;sudo python3 setup.py install" + ] + RUN_COMMANDS = ["cd wifiphisher;sudo wifiphisher"] + PROJECT_URL = "/~https://github.com/wifiphisher/wifiphisher" + + +class Wifite(HackingTool): + TITLE = "Wifite" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/derv82/wifite2.git", + "cd wifite2 && sudo python3 setup.py install" + ";sudo pip3 install -r requirements.txt" + ] + RUN_COMMANDS = ["cd wifite2; sudo wifite"] + PROJECT_URL = "/~https://github.com/derv82/wifite2" + + +class EvilTwin(HackingTool): + TITLE = "EvilTwin" + DESCRIPTION = "Fakeap is a script to perform Evil Twin Attack, by getting" \ + " credentials using a Fake page and Fake Access Point" + INSTALL_COMMANDS = ["sudo git clone /~https://github.com/Z4nzu/fakeap.git"] + RUN_COMMANDS = ["cd fakeap && sudo bash fakeap.sh"] + PROJECT_URL = "/~https://github.com/Z4nzu/fakeap" + + +class Fastssh(HackingTool): + TITLE = "Fastssh" + DESCRIPTION = "Fastssh is an Shell Script to perform multi-threaded scan" \ + " \n and brute force attack against SSH protocol using the " \ + "most commonly credentials." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Z4nzu/fastssh.git && cd fastssh && sudo chmod +x fastssh.sh", + "sudo apt-get install -y sshpass netcat" + ] + RUN_COMMANDS = ["cd fastssh && sudo bash fastssh.sh --scan"] + PROJECT_URL = "/~https://github.com/Z4nzu/fastssh" + + +class Howmanypeople(HackingTool): + TITLE = "Howmanypeople" + DESCRIPTION = "Count the number of people around you by monitoring wifi " \ + "signals.\n" \ + "[@] WIFI ADAPTER REQUIRED* \n[*]" \ + "It may be illegal to monitor networks for MAC addresses, \n" \ + "especially on networks that you do not own. " \ + "Please check your country's laws" + INSTALL_COMMANDS = [ + "sudo apt-get install tshark" + ";sudo pip install howmanypeoplearearound" + ] + RUN_COMMANDS = ["sudo howmanypeoplearearound"] + + +class WirelessAttackTools(HackingToolsCollection): + TITLE = "Wireless attack tools" + DESCRIPTION = "" + TOOLS = [ + WIFIPumpkin(), + pixiewps(), + BluePot(), + Fluxion(), + Wifiphisher(), + Wifite(), + EvilTwin(), + Fastssh(), + Howmanypeople() + ] diff --git a/tools/wordlist_generator.py b/tools/wordlist_generator.py new file mode 100644 index 00000000..6ea37604 --- /dev/null +++ b/tools/wordlist_generator.py @@ -0,0 +1,59 @@ +# coding=utf-8 +from core import HackingTool +from core import HackingToolsCollection + + +class Cupp(HackingTool): + TITLE = "Cupp" + DESCRIPTION = "WlCreator is a C program that can create all possibilities of passwords,\n " \ + "and you can choose Length, Lowercase, Capital, Numbers and Special Chars" + INSTALL_COMMANDS = ["git clone /~https://github.com/Mebus/cupp.git"] + PROJECT_URL = "/~https://github.com/Mebus/cupp.git" + + def __init__(self): + super(Cupp, self).__init__(runnable = False) + + +class WlCreator(HackingTool): + TITLE = "WordlistCreator" + DESCRIPTION = "WlCreator is a C program that can create all possibilities" \ + " of passwords,\n and you can choose Lenght, Lowercase, " \ + "Capital, Numbers and Special Chars" + INSTALL_COMMANDS = ["sudo git clone /~https://github.com/Z4nzu/wlcreator.git"] + RUN_COMMANDS = [ + "cd wlcreator && sudo gcc -o wlcreator wlcreator.c && ./wlcreator 5"] + PROJECT_URL = "/~https://github.com/Z4nzu/wlcreator" + + +class GoblinWordGenerator(HackingTool): + TITLE = "Goblin WordGenerator" + DESCRIPTION = "Goblin WordGenerator" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/UndeadSec/GoblinWordGenerator.git"] + RUN_COMMANDS = ["cd GoblinWordGenerator && python3 goblin.py"] + PROJECT_URL = "/~https://github.com/UndeadSec/GoblinWordGenerator.git" + + +class showme(HackingTool): + TITLE = "Password list (1.4 Billion Clear Text Password)" + DESCRIPTION = "This tool allows you to perform OSINT and reconnaissance on " \ + "an organisation or an individual. It allows one to search " \ + "1.4 Billion clear text credentials which was dumped as " \ + "part of BreachCompilation leak. This database makes " \ + "finding passwords faster and easier than ever before." + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git", + "cd SMWYG-Show-Me-What-You-Got && pip3 install -r requirements.txt" + ] + RUN_COMMANDS = ["cd SMWYG-Show-Me-What-You-Got && python SMWYG.py"] + PROJECT_URL = "/~https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got" + + +class WordlistGeneratorTools(HackingToolsCollection): + TITLE = "Wordlist Generator" + TOOLS = [ + Cupp(), + WlCreator(), + GoblinWordGenerator(), + showme() + ] diff --git a/tools/xss_attack.py b/tools/xss_attack.py new file mode 100644 index 00000000..17979231 --- /dev/null +++ b/tools/xss_attack.py @@ -0,0 +1,145 @@ +# coding=utf-8 +import os +import subprocess + +from core import HackingTool +from core import HackingToolsCollection + + +class Dalfox(HackingTool): + TITLE = "DalFox(Finder of XSS)" + DESCRIPTION = "XSS Scanning and Parameter Analysis tool." + INSTALL_COMMANDS = [ + "sudo apt-get install golang", + "sudo git clone /~https://github.com/hahwul/dalfox", + "cd dalfox;go install" + ] + RUN_COMMANDS = [ + "~/go/bin/dalfox", + 'echo "You Need To Run manually by using [!]~/go/bin/dalfox [options]"' + ] + PROJECT_URL = "/~https://github.com/hahwul/dalfox" + + +class XSSPayloadGenerator(HackingTool): + TITLE = "XSS Payload Generator" + DESCRIPTION = "XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/capture0x/XSS-LOADER.git", + "cd XSS-LOADER;sudo pip3 install -r requirements.txt" + ] + RUN_COMMANDS = ["cd XSS-LOADER;sudo python3 payloader.py"] + PROJECT_URL = "/~https://github.com/capture0x/XSS-LOADER.git" + + +class XSSFinder(HackingTool): + TITLE = "Extended XSS Searcher and Finder" + DESCRIPTION = "Extended XSS Searcher and Finder" + INSTALL_COMMANDS = [ + "git glone /~https://github.com/Damian89/extended-xss-search.git"] + PROJECT_URL = "/~https://github.com/Damian89/extended-xss-search" + + def after_install(self): + print("""\033[96m + Follow This Steps After Installation:- + \033[31m [*] Go To extended-xss-search directory, + and Rename the example.app-settings.conf to app-settings.conf + """) + input("Press ENTER to continue") + + def run(self): + print("""\033[96m + You have To Add Links to scan + \033[31m[!] Go to extended-xss-search + [*] config/urls-to-test.txt + [!] python3 extended-xss-search.py + """) + + +class XSSFreak(HackingTool): + TITLE = "XSS-Freak" + DESCRIPTION = "XSS-Freak is an XSS scanner fully written in python3 from scratch" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/PR0PH3CY33/XSS-Freak.git", + "cd XSS-Freak;sudo pip3 install -r requirements.txt" + ] + RUN_COMMANDS = ["cd XSS-Freak;sudo python3 XSS-Freak.py"] + PROJECT_URL = "/~https://github.com/PR0PH3CY33/XSS-Freak" + + +class XSpear(HackingTool): + TITLE = "XSpear" + DESCRIPTION = "XSpear is XSS Scanner on ruby gems" + INSTALL_COMMANDS = ["gem install XSpear"] + RUN_COMMANDS = ["XSpear -h"] + PROJECT_URL = "/~https://github.com/hahwul/XSpear" + + +class XSSCon(HackingTool): + TITLE = "XSSCon" + INSTALL_COMMANDS = [ + "git clone /~https://github.com/menkrep1337/XSSCon.git", + "sudo chmod 755 -R XSSCon" + ] + PROJECT_URL = "/~https://github.com/menkrep1337/XSSCon" + + def run(self): + website = input("Enter Website >> ") + os.system("cd XSSCon;") + subprocess.run(["python3", "xsscon.py", "-u", website]) + + +class XanXSS(HackingTool): + TITLE = "XanXSS" + DESCRIPTION = "XanXSS is a reflected XSS searching tool\n " \ + "that creates payloads based from templates" + INSTALL_COMMANDS = ["git clone /~https://github.com/Ekultek/XanXSS.git"] + PROJECT_URL = "/~https://github.com/Ekultek/XanXSS" + + def run(self): + os.system("cd XanXSS ;python xanxss.py -h") + print("\033[96m You Have to run it manually By Using\n" + " [!]python xanxss.py [Options]") + + +class XSSStrike(HackingTool): + TITLE = "Advanced XSS Detection Suite" + DESCRIPTION = "XSStrike is a python script designed to detect and exploit XSS vulnerabilites." + INSTALL_COMMANDS = [ + "sudo rm -rf XSStrike", + "git clone /~https://github.com/UltimateHackers/XSStrike.git " + "&& cd XSStrike && pip install -r requirements.txt" + ] + PROJECT_URL = "/~https://github.com/UltimateHackers/XSStrike" + + def __init__(self): + super(XSSStrike, self).__init__(runnable = False) + + +class RVuln(HackingTool): + TITLE = "RVuln" + DESCRIPTION = "RVuln is multi-threaded and Automated Web Vulnerability " \ + "Scanner written in Rust" + INSTALL_COMMANDS = [ + "sudo git clone /~https://github.com/iinc0gnit0/RVuln.git;" + "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;" + "source $HOME/.cargo/env", + "sudo apt install openssl-dev;sudo cp -r RVuln/ /usr/bin" + ] + RUN_COMMANDS = ["RVuln"] + PROJECT_URL = "/~https://github.com/iinc0gnit0/RVuln" + + +class XSSAttackTools(HackingToolsCollection): + TITLE = "XSS Attack Tools" + TOOLS = [ + Dalfox(), + XSSPayloadGenerator(), + XSSFinder(), + XSSFreak(), + XSpear(), + XSSCon(), + XanXSS(), + XSSStrike(), + RVuln() + ]