PenBox – A Penetration Testing Framework
A Penetration Testing Framework , The Hacker’s Repo our hope is in the last version we will have every script that a hacker needs
Also check : Ethical hacking Process – Phase by Phase
Information Gathering :
- Nmap
- Setoolkit
- Port Scanning
- Host To IP
- wordpress user enumeration
- CMS scanner
- XSStracer – checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection
- Doork – Google Dorks Passive Vulnerability Auditor
- Scan A server’s Users
Password Attacks :
- Cupp
- Ncrack
Wireless Testing :
- reaver
- pixiewps
- Bluetooth Honeypot GUI Framework
Exploitation Tools :
- Venom
- sqlmap
- Shellnoob
- commix
- FTP Auto Bypass
- jboss-autopwn
- Blind SQL Automatic Injection And Exploit
- Bruteforce the Android Passcode given the hash and salt
- Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection Scanner
Sniffing & Spoofing :
- Setoolkit
- SSLtrip
- pyPISHER
- SMTP Mailer
Web Hacking :
- Drupal Hacking
- Inurlbr
- WordPress & Joomla Scanner
- Gravity Form Scanner
- File Upload Checker
- WordPress Exploit Scanner
- WordPress Plugins Scanner
- Shell and Directory Finder
- Joomla! 1.5 – 3.4.5 remote code execution
- Vbulletin 5.X remote code execution
- BruteX – Automatically brute force all services running on a target
- Arachni – Web Application Security Scanner Framework
- Sub-domain Scanning
- WordPress Scanning
- WordPress Username Enumeration
- WordPress Backup Grabbing
- Sensitive File Detection
- Same-Site Scripting Scanning
- Click Jacking Detection
- Powerful XSS vulnerability scanning
- SQL Injection vulnerability scanning
Private Tools
- Get all websites
- Get joomla websites
- Get wordpress websites
- Find control panel
- Find zip files
- Find upload files
- Get server users
- Scan from SQL injection
- Scan ports (range of ports)
- Scan ports (common ports)
- Get server banner
- Bypass Cloudflare
Post Exploitation
- Shell Checker
- POET
- Weeman – Phishing Framework
- Insecure Web Interface
- Insufficient Authentication/Authorization
- Insecure Network Services
- Lack of Transport Encryption
- Privacy Concerns
- Insecure Cloud Interface
- Insecure Mobile Interface
- Insufficient Security Configurability
- Insecure Software/Firmware
- Poor Physical Security
Recon
- Sniper
Installation
git clone https://github.com/x3omdax/PenBox.git
Fedy Wesleti , 17 years old from Tunisia .He does penetration testing as a hobby , python is one of the programming languages that he mastered.
Comment here