Jump to content
ImiDucCuMandrieSteagul

PenBox – A Penetration Testing Framework

Recommended Posts

A Penetration Testing Framework , The Hacker’s Repo our hope is in the last version we will have evry script that a hacker needs #Information Gathering :

  • nmap
  • Setoolkit
  • Port Scanning
  • Host To IP
  • wordpress user enumeration
  • CMS scanner
  • XSStracer - checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection
  • Doork - Google Dorks Passive Vulnerability Auditor
  • Scan A server's Users

Password Attacks :

  • Cupp
  • Ncrack
  • AutoBrowser Screenshot

Wireless Testing :

  • reaver
  • pixiewps
  • Bluetooth Honeypot GUI Framework

Exploitation Tools :

  • Venom
  • sqlmap
  • Shellnoob
  • commix
  • FTP Auto Bypass
  • jboss-autopwn
  • Blind SQL Automatic Injection And Exploit
  • Bruteforce the Android Passcode given the hash and salt
  • Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection Scanner
  • cms Few
  • BLACKBOx
  • Liffy

Sniffing & Spoofing :

  • Setoolkit
  • SSLtrip
  • pyPISHER
  • SMTP Mailer

Web Hacking :

  • Drupal Hacking
  • Inurlbr
  • Wordpress & Joomla Scanner
  • Gravity Form Scanner
  • File Upload Checker
  • Wordpress Exploit Scanner
  • Wordpress Plugins Scanner
  • Shell and Directory Finder
  • Joomla! 1.5 - 3.4.5 remote code execution
  • Vbulletin 5.X remote code execution
  • BruteX - Automatically brute force all services running on a target
  • Arachni - Web Application Security Scanner Framework
  • Sub-domain Scanning
  • Wordpress Scanning
  • Wordpress Username Enumeration
  • Wordpress Backup Grabbing
  • Sensitive File Detection
  • Same-Site Scripting Scanning
  • Click Jacking Detection
  • Powerful XSS vulnerability scanning
  • SQL Injection vulnerability scanning

#Private Tools

  • Get all websites
  • Get joomla websites
  • Get wordpress websites
  • Find control panel
  • Find zip files
  • Find upload files
  • Get server users
  • Scan from SQL injection
  • Scan ports (range of ports)
  • Scan ports (common ports)
  • Get server banner
  • Bypass Cloudflare

#Post Exploitation

  • Shell Checker
  • POET
  • Weeman - Phishing Framework
  • Insecure Web Interface
  • Insufficient Authentication/Authorization
  • Insecure Network Services
  • Lack of Transport Encryption
  • Privacy Concerns
  • Insecure Cloud Interface
  • Insecure Mobile Interface
  • Insufficient Security Configurability
  • Insecure Software/Firmware
  • Poor Physical Security
  • Radium-Keylogger - Python keylogger with multiple features

#Recon

  • Sniper

#Smartphones Penetration

  • Attach Framework to a Deployed Agent/Create Agent
  • Send Commands to an Agent
  • View Information Gathered
  • Attach Framework to a Mobile Modem
  • Run a remote attack
  • Run a social engineering or client side attack
  • Compile code to run on mobile devices
  • Install Stuff
  • Use Drozer
  • Setup API
  • Bruteforce the Android Passcode given the hash and salt

 

 

Download:

 

git clone https://github.com/x3omdax/PenBox.git

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...