Refactored the whole project

List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2025-06-20 06:15:54 +02:00 · 2020-08-14 16:41:59 +05:30
parent de461ee13e
commit eaa920a7e3
33 changed files with 2595 additions and 3171 deletions
--- a/tools/webattack.py
+++ b/tools/webattack.py
@ -0,0 +1,113 @@
+# coding=utf-8
+import subprocess
+
+from core import HackingTool
+from core import HackingToolsCollection
+
+
+class Web2Attack(HackingTool):
+    TITLE = "Web2Attack"
+    DESCRIPTION = "Web hacking framework with tools, exploits by python"
+    INSTALL_COMMANDS = [
+        "sudo git clone https://github.com/santatic/web2attack.git"]
+    RUN_COMMANDS = ["cd web2attack && sudo bash w2aconsole"]
+    PROJECT_URL = "https://github.com/santatic/web2attack"
+
+
+class Skipfish(HackingTool):
+    TITLE = "Skipfish"
+    DESCRIPTION = "Skipfish – Fully automated, active web application " \
+                  "security reconnaissance tool \n " \
+                  "Usage: skipfish -o [FolderName] targetip/site"
+    RUN_COMMANDS = [
+        "sudo skipfish -h",
+        'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat'
+    ]
+
+    def __init__(self):
+        super(Skipfish, self).__init__(installable = False)
+
+
+class SubDomainFinder(HackingTool):
+    TITLE = "SubDomain Finder"
+    DESCRIPTION = "Sublist3r is a python tool designed to enumerate " \
+                  "subdomains of websites using OSINT \n " \
+                  "Usage:\n\t" \
+                  "[1] python sublist3r.py -d example.com \n" \
+                  "[2] python sublist3r.py -d example.com -p 80,443"
+    INSTALL_COMMANDS = [
+        "sudo pip install requests argparse dnspython",
+        "sudo git clone https://github.com/aboul3la/Sublist3r.git",
+        "cd Sublist3r && sudo pip install -r requirements.txt"
+    ]
+    RUN_COMMANDS = ["cd Sublist3r && python sublist3r.py -h"]
+    PROJECT_URL = "https://github.com/aboul3la/Sublist3r"
+
+
+class CheckURL(HackingTool):
+    TITLE = "CheckURL"
+    DESCRIPTION = "Detect evil urls that uses IDN Homograph Attack.\n\t" \
+                  "[!] python3 checkURL.py --url google.com"
+    INSTALL_COMMANDS = [
+        "sudo git clone https://github.com/UndeadSec/checkURL.git"]
+    RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"]
+    PROJECT_URL = "https://github.com/UndeadSec/checkURL"
+
+
+class Blazy(HackingTool):
+    TITLE = "Blazy(Also Find ClickJacking)"
+    DESCRIPTION = "Blazy is a modern login page bruteforcer"
+    INSTALL_COMMANDS = [
+        "sudo git clone https://github.com/UltimateHackers/Blazy.git",
+        "cd Blazy && sudo pip install -r requirements.txt"
+    ]
+    RUN_COMMANDS = ["cd Blazy && sudo python blazy.py"]
+    PROJECT_URL = "https://github.com/UltimateHackers/Blazy"
+
+
+class SubDomainTakeOver(HackingTool):
+    TITLE = "Sub-Domain TakeOver"
+    DESCRIPTION = "Sub-domain takeover vulnerability occur when a sub-domain " \
+                  "\n (subdomain.example.com) is pointing to a service " \
+                  "(e.g: GitHub, AWS/S3,..)\n" \
+                  "that has been removed or deleted.\n" \
+                  "Usage:python3 takeover.py -d www.domain.com -v"
+    INSTALL_COMMANDS = [
+        "git clone https://github.com/m4ll0k/takeover.git",
+        "cd takeover;sudo python3 setup.py install"
+    ]
+    PROJECT_URL = "https://github.com/m4ll0k/takeover"
+
+    def __init__(self):
+        super(SubDomainTakeOver, self).__init__(runnable = False)
+
+
+class Dirb(HackingTool):
+    TITLE = "Dirb"
+    DESCRIPTION = "DIRB is a Web Content Scanner. It looks for existing " \
+                  "(and/or hidden) Web Objects.\n" \
+                  "It basically works by launching a dictionary based " \
+                  "attack against \n a web server and analizing the response."
+    INSTALL_COMMANDS = [
+        "sudo git clone https://gitlab.com/kalilinux/packages/dirb.git",
+        "cd dirb;sudo ./configure;make"
+    ]
+    PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb"
+
+    def run(self):
+        uinput = input("Enter Url >> ")
+        subprocess.run(["sudo", "dirb", uinput])
+
+
+class WebAttackTools(HackingToolsCollection):
+    TITLE = "Web Attack tools"
+    DESCRIPTION = ""
+    TOOLS = [
+        Web2Attack(),
+        Skipfish(),
+        SubDomainFinder(),
+        CheckURL(),
+        Blazy(),
+        SubDomainTakeOver(),
+        Dirb()
+    ]