pf4eg2w9n
/
fire_penetration
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '419187e52d'
${ noResults }
fire_penetration/README.md

115 lines
3.9 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# Python Penetration Testing Toolset
This is a Python based penetration testing toolset that provides the following features:
Simulation of ping tools based on icmp and tcp, web directory scanning, simple ssh blasting, super simple ddos attack, code obfuscation to generate exe, more features please look forward to the maintenance, if you have any comments on the project can contact us!
## Getting Started
### Installation
Before running this toolset, make sure the following dependencies are installed:
- Python 3.x
- requests
- fire
- yaml
- pyinstaller
The following commands can be used to install the required dependencies:
```shell
pip install fire
pip install requests
pip install yaml
pip install pyinstaller
```
## **Usage**
To use this shortcut command in the terminal, follow these steps:
1. In the terminal, make sure you have installed Python and the necessary dependent libraries. If not, install it depending on your operating system and Python version.
2. In the terminal, go to the directory where you saved the script file.
3. Don't change the relative location of this directory, we used a relative path written to death, not an absolute path
The following are sample commands that use different features:
- ### ICMP Ping
```shell
python penetration_toolset.py PingTool -u 127.0.0.1 -t icmp
```
This will perform an ICMP-based Ping command, setting the destination URL to `127.0.0.1`.
- ### TCP Ping
```shell
python penetration_toolset.py PingTool -u 127.0.0.1 -t tcp -p 80
```
This will execute a TCP-based Ping command, setting the destination URL to `127.0.0.1` and the port to `80`.
- ### Directory Scan
```shell
python penetration_toolset.py searchpath -u www.baidu.com
```
This will execute the directory scan command, setting the destination URL to `example.com`, selecting status codes of `200` and `404`, using the dictionary file as `dict.txt` and the report file as `report.txt`.
- ### Simple - Code Obfuscation
```sh
python penetration_toolset.py encryption --payload='aaaapayload123'
```
This code is free of obfuscation and generates an exe file.
- ### Ssh-BruteForce
```sh
python penetration_toolset.py SSHBruteForce -U 127.0.0.1 -P 22 --u ./user_name.txt -p ./password.txt
```
Blast the target machine's ssh account and password through your customized account and password dictionary
- ### Simple-DDOS
```
python penetration_toolset.py DDOSAttack -u http://127.0.0.1 -n 3 -p "192.168.1.1,192.168.1.2,192.168.1.3"
```
Simple ddos attack
- ## **para_test**
```
python para_test.py -u http://www.baidu.com -d ./param.txt
```
Using Dictionaries to Detect Website Parameters
- ## **exploit**
```
python penetration_toolset.py exploit -p /test.yml -u 192.168.6.4
```
Used for directed exploitation of vulnerabilities , get shell and other operations , with scalable , support yaml configuration file to write poc for directed attack test .
**Please modify the parameter values in the command according to the actual situation and requirements.**
## **Caution**
- Please ensure that you have installed the required dependency libraries before using the toolset.
- For the directory scanning feature, please use it with caution, comply with laws, regulations and ethical guidelines, and use it only for legitimate purposes and authorized testing.
- Please pay attention to the legality and permissions of the target URL and avoid scanning or attacking addresses that you are not authorized to access.
- **Please** note that we provide the Software to users for their personal or organizational use to the extent that it is lawful for them to do so. Users are responsible for determining the legality of their use of the Software in accordance with local laws and regulations and for assuming the corresponding legal responsibilities.
Reference in new issue View Git Blame Copy Permalink