This Python-based penetration testing tool suite provides a comprehensive range of security tools designed for various aspects of ethical hacking. It includes malware for testing and understanding security vulnerabilities, reconnaissance tools for gathering information about targets, Man-in-the-Middle (MITM) tools for intercepting and analyzing network traffic, and brute-forcers for testing password strength and authentication mechanisms. Each component is crafted to assist security professionals in identifying and exploiting weaknesses within systems and networks, helping to strengthen overall cybersecurity defenses.
Downloader.Lasagne is a trojan malware designed to download, execute, and report the results of another malicious payload, specifically targeting the "lasagne.exe" malware. The malware operates by establishing a connection with a remote Command and Control (C2) server to retrieve the lasagne.exe executable, run it stealthily on the infected system, and send back execution logs and data to the attacker.
The program initiates a reverse shell by leveraging Netcat. Upon execution on the target system, it establishes a connection back to the host's specified IP address and port. Once connected, it opens a fully interactive shell, allowing the attacker (host) to execute commands remotely on the target machine. This technique is commonly used for remote access during penetration testing. The connection remains open, granting full control of the target system as long as the session is maintained.
A Python-based backdoor that is a lightweight, stealthy program designed to provide remote access to a target system. Once executed, the backdoor establishes a hidden connection between the compromised machine and the attacker's server, often via reverse shell or socket communication. The attacker can then execute commands, manipulate files, or control the system remotely. Python backdoors are flexible, often utilizing libraries like socket for communication and subprocess to execute system commands, making them adaptable for various platforms and purposes in post-exploitation. Read the Instructions provided in the directory for further understanding.
This Python script is designed to brute-force passwords to extract hidden data from images encoded with steghide. By automating the password guessing process, the script iterates through a list of potential passwords and uses the subprocess module to repeatedly invoke steghide, a popular steganography tool. For each password attempt, the script tries to decode the embedded information within the image. Once the correct password is found, the hidden data is successfully extracted and the brute-force process terminates. This technique aids in recovering concealed information from protected steganographic files.
This Python script is designed to brute-force web login pages by automating credential attempts. Using libraries like requests or selenium, the script sends multiple HTTP POST requests to the target login form, iterating through a list of possible usernames and passwords. It monitors the response from the server to detect successful login attempts, typically by analyzing status codes or specific page content (e.g., login error messages or redirects).
This Python program extracts all embedded links from a web page by utilizing libraries such as requests and BeautifulSoup from bs4. The program sends an HTTP GET request to the target URL, retrieves the page's HTML content, and parses it using BeautifulSoup. It then scans for <a> tags, which typically contain hyperlinks, and extracts the href attribute from each tag. The result is a list of all URLs found on the page, which can include internal links, external links, and file downloads. This tool is useful for web scraping, link analysis, or testing purposes.
This Python-based Nmap clone replicates the core functionality of the popular network scanning tool, Nmap. Utilizing libraries like socket and scapy, the program can perform tasks such as port scanning, service detection, and host discovery. It sends crafted TCP, UDP, or ICMP packets to specified targets and analyzes the responses to identify open ports, running services, and operating system details. The program mimics Nmap's behavior by supporting different scan types, such as SYN or full connection scans, and provides detailed reports of the target network's security posture. It's ideal for network reconnaissance and vulnerability assessments.
This Python tool is designed to discover and return all available hosts on a network. Using libraries like socket and scapy, it sends ICMP ping requests or ARP packets to a specified IP range or subnet, checking for active responses from devices on the network. Hosts that respond are considered available, and their IP addresses are collected and displayed. This tool is ideal for network mapping, identifying active devices, and troubleshooting connectivity issues, making it useful in both security assessments and network administration.
This Python tool identifies and returns the IP and MAC addresses of available hosts on a local network. Using libraries like scapy, the tool sends ARP (Address Resolution Protocol) requests to discover active devices within the specified IP range. It listens for ARP replies to capture the IP and MAC addresses of each responsive host. The results are compiled into a list or table format, providing a clear view of all devices connected to the network. This tool is useful for network inventory, management, and security assessments.
This Python program utilizes the Scapy library to sniff HTTP traffic on a specified network interface. It captures and processes packets to extract and display URLs accessed by clients. Additionally, the program examines the raw payload of the packets for potential username and password combinations, highlighting any sensitive information found. By filtering and analyzing HTTP requests, the program provides insights into the web activity and possible credential leakage on the network.
This Python-based ARP spoofer initiates a Man-in-the-Middle (MITM) attack by sending falsified ARP (Address Resolution Protocol) replies to a network. It tricks devices into associating the attacker’s MAC address with the IP addresses of legitimate network hosts, causing traffic intended for those IP addresses to be rerouted through the attacker’s machine. This allows the attacker to intercept, modify, or inject data into the network traffic between devices, enabling various types of attacks, such as session hijacking or data eavesdropping. The tool is often used for network security testing and ethical hacking purposes.
This Python-based MAC spoofer allows users to conceal their true MAC address by temporarily changing it to a different value. Utilizing system commands and libraries like subprocess, the tool modifies the MAC address of a network interface, effectively masking the device's original identity on the network. This process involves disabling the network interface, applying the new MAC address, and then re-enabling the interface. The spoofer is useful for enhancing privacy and anonymity on a network by preventing tracking based on the MAC address.