UniDarkstars
419187e52d
|
7 months ago | |
---|---|---|
shellcode-loader | 7 months ago | |
.gitignore | 7 months ago | |
README.md | 7 months ago |
README.md
Python Penetration Testing Toolset
This is a Python based penetration testing toolset that provides the following features:
Simulation of ping tools based on icmp and tcp, web directory scanning, simple ssh blasting, super simple ddos attack, code obfuscation to generate exe, more features please look forward to the maintenance, if you have any comments on the project can contact us!
Getting Started
Installation
Before running this toolset, make sure the following dependencies are installed:
- Python 3.x
- requests
- fire
- yaml
- pyinstaller
The following commands can be used to install the required dependencies:
pip install fire
pip install requests
pip install yaml
pip install pyinstaller
Usage
To use this shortcut command in the terminal, follow these steps:
- In the terminal, make sure you have installed Python and the necessary dependent libraries. If not, install it depending on your operating system and Python version.
- In the terminal, go to the directory where you saved the script file.
- Don't change the relative location of this directory, we used a relative path written to death, not an absolute path
The following are sample commands that use different features:
-
ICMP Ping:
python penetration_toolset.py PingTool -u 127.0.0.1 -t icmp
This will perform an ICMP-based Ping command, setting the destination URL to
127.0.0.1
. -
TCP Ping:
python penetration_toolset.py PingTool -u 127.0.0.1 -t tcp -p 80
This will execute a TCP-based Ping command, setting the destination URL to
127.0.0.1
and the port to80
. -
Directory Scan:
python penetration_toolset.py searchpath -u www.baidu.com
This will execute the directory scan command, setting the destination URL to
example.com
, selecting status codes of200
and404
, using the dictionary file asdict.txt
and the report file asreport.txt
. -
Simple - Code Obfuscation
python penetration_toolset.py encryption --payload='aaaapayload123'
This code is free of obfuscation and generates an exe file.
-
Ssh-BruteForce
python penetration_toolset.py SSHBruteForce -U 127.0.0.1 -P 22 --u ./user_name.txt -p ./password.txt
Blast the target machine's ssh account and password through your customized account and password dictionary
-
Simple-DDOS
python penetration_toolset.py DDOSAttack -u http://127.0.0.1 -n 3 -p "192.168.1.1,192.168.1.2,192.168.1.3"
Simple ddos attack
-
para_test
python para_test.py -u http://www.baidu.com -d ./param.txt
Using Dictionaries to Detect Website Parameters
-
exploit
python penetration_toolset.py exploit -p /test.yml -u 192.168.6.4
Used for directed exploitation of vulnerabilities , get shell and other operations , with scalable , support yaml configuration file to write poc for directed attack test .
Please modify the parameter values in the command according to the actual situation and requirements.
Caution
- Please ensure that you have installed the required dependency libraries before using the toolset.
- For the directory scanning feature, please use it with caution, comply with laws, regulations and ethical guidelines, and use it only for legitimate purposes and authorized testing.
- Please pay attention to the legality and permissions of the target URL and avoid scanning or attacking addresses that you are not authorized to access.
- Please note that we provide the Software to users for their personal or organizational use to the extent that it is lawful for them to do so. Users are responsible for determining the legality of their use of the Software in accordance with local laws and regulations and for assuming the corresponding legal responsibilities.