OWASP Mth3l3m3nt Framework Project

[Fi8sVrs]

 

OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots, say no to runaway web shells and yes to centrally managed herds in large penetration testing engagements.

 

Description
The purpose of this project is to provide a platform to enable more flexible testing especially in aspects regarding to web security and the OWASP top 10 threats to web applications. This will enable free and opensource collaboration, being a web based tool, it is intended to make offensive security on the web easier and more efficient as it leverages on existing technologies with few dependencies. It is built on purely opensource components. It is intended to build up to a fully fledged web penetration testing framework with extensibility for zero day exploits in minutes to users. Currently the features it offers:

 

• Multi-Database Support (JIG,SQLite,MySQL,MongoDB,PostgreSQL,MSSQL)
• LFI/RFI exploitation Module
• Web Shell Generator (ASP,PHP,JSP,JSPX,CFM)
• Payload Encoder and Decoder
• Custom Web Requester (GET/HEAD/TRACE/OPTIONS/POST)
• Web Herd (HTTP Bot tool to manage web shells)
• Client Side Obfuscator
• String Tools
• Whois

 

Quick Download
The home of the OWASP Mth3l3m3nt Framework is on GitHub. You are encouraged to fork, edit and push your changes back to the project through git or edit the project directly on github.

However, if you like you may also download the master repository from the following links:

 

• .zip file.
• .tgz file.

 

Source