-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathUnbeatablePentestTool.py
154 lines (131 loc) · 6.2 KB
/
UnbeatablePentestTool.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
####################################
# unbeatable-pentest-tool
# Author: 1cYinfinity
# License: MIT License
####################################
import os
import subprocess
import shlex
import base64
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
def scan_target(target_ip):
print(f"Scanning target: {target_ip}")
subprocess.run(["nmap", "-Pn", target_ip])
def exploit_target(target_ip, vulnerability):
print(f"Exploiting {target_ip} using {vulnerability}")
# Add your advanced exploit code here
def sniff_traffic(interface, pcap_filename):
print(f"Sniffing traffic on {interface} and saving to {pcap_filename}")
subprocess.run(["tcpdump", "-i", interface, "-w", pcap_filename])
def crack_passwords(hash_file, wordlist):
print(f"Cracking passwords using {hash_file} and {wordlist}")
subprocess.run(["john", "--wordlist", wordlist, "--format", "raw-md5", hash_file])
def run_metasploit_module(module_name, options):
print(f"Running Metasploit module: {module_name}")
metasploit_command = f"msfconsole -q -x 'use {module_name}; set {options}; exploit'"
subprocess.run(shlex.split(metasploit_command), shell=True)
def run_hydra_attack(target_ip, protocol, username_file, password_file, service):
print(f"Running Hydra attack on {target_ip} using {protocol} protocol")
subprocess.run(["hydra", f"-L {username_file} -P {password_file} -e ns -t 4 {protocol}://{target_ip}/{service}"])
def run_sqlmap(target_url):
print(f"Running SQLMap on {target_url}")
subprocess.run(["sqlmap", f"-u {target_url} --batch --random-agent"])
def run_dirb_scan(target_url, wordlist):
print(f"Running Dirb scan on {target_url}")
subprocess.run(["dirb", target_url, f"-w - {wordlist} -r -z 10"])
def run_mitm_attack(target_ip, gateway_ip):
print(f"Running MITM attack on {target_ip}")
subprocess.run(["arpspoof", "-i", "eth0", "-t", target_ip, gateway_ip])
def run_burp_suite():
print("Launching Burp Suite")
subprocess.run(["burpsuite"])
def run_nikto_scan(target_url):
print(f"Running Nikto scan on {target_url}")
subprocess.run(["nikto", "-h", target_url])
def run_subdomain_scan(target_url):
print(f"Running Subdomain scan on {target_url}")
subprocess.run(["subfinder", "-d", target_url, "--silent"])
def run_wpscan(target_url):
print(f"Running WPScan on {target_url}")
subprocess.run(["wpscan", "--url", target_url, "--enumerate", "u"])
def run_sslscan(target_url):
print(f"Running SSLScan on {target_url}")
subprocess.run(["sslscan", target_url])
def run_hashcat_attack(hash_file, wordlist):
print(f"Running Hashcat attack using {hash_file} and {wordlist}")
subprocess.run(["hashcat", f"-a 0 -m 0 {hash_file} {wordlist}"])
def main():
print("Unbeatable Pentesting Tool - Challenge accepted!")
target_ip = input("Enter the target IP address: ")
print("\nSelect a category:")
print("1. Reconnaissance Tools")
print("2. Exploitation Tools")
print("3. Network Sniffing Tools")
print("4. Password Cracking Tools")
print("5. Web Application Tools")
print("6. Man-in-the-Middle (MITM) Tools")
print("7. Security Scanner Tools")
print("8. Cryptanalysis Tools")
print("9. Exit")
category_choice = input("Choose a category (1-9): ")
if category_choice == "1":
scan_target(target_ip)
elif category_choice == "2":
vulnerability = input("Enter the vulnerability to exploit: ")
exploit_target(target_ip, vulnerability)
elif category_choice == "3":
interface = input("Enter the network interface: ")
pcap_filename = input("Enter the name of the pcap file to save: ")
sniff_traffic(interface, pcap_filename)
elif category_choice == "4":
hash_file = input("Enter the path to the hash file: ")
wordlist = input("Enter the path to the wordlist: ")
crack_passwords(hash_file, wordlist)
elif category_choice == "5":
web_category_choice = input("Choose a tool (1-4):\n1. Nikto Scan\n2. Subdomain Scan\n3. WPScan\n4. SSLScan\n")
if web_category_choice == "1":
target_url = input("Enter the target URL: ")
run_nikto_scan(target_url)
elif web_category_choice == "2":
target_url = input("Enter the target URL: ")
run_subdomain_scan(target_url)
elif web_category_choice == "3":
target_url = input("Enter the target URL: ")
run_wpscan(target_url)
elif web_category_choice == "4":
target_url = input("Enter the target URL: ")
run_sslscan(target_url)
else:
print("Invalid choice. Exiting.")
elif category_choice == "6":
gateway_ip = input("Enter the gateway IP address: ")
run_mitm_attack(target_ip, gateway_ip)
elif category_choice == "7":
security_category_choice = input("Choose a tool (1-3):\n1. Burp Suite\n2. Metasploit Module\n3. Hydra Attack\n")
if security_category_choice == "1":
run_burp_suite()
elif security_category_choice == "2":
module_name = input("Enter the Metasploit module name: ")
options = input("Enter the module options (e.g., RHOSTS=192.168.1.1): ")
run_metasploit_module(module_name, options)
elif security_category_choice == "3":
protocol = input("Enter the protocol (http/ftp): ")
username_file = input("Enter the path to the username file: ")
password_file = input("Enter the path to the password file: ")
service = input("Enter the service (http-get/ftp): ")
run_hydra_attack(target_ip, protocol, username_file, password_file, service)
else:
print("Invalid choice. Exiting.")
elif category_choice == "8":
cryptanalysis_category_choice = input("Choose a tool (1-1):\n1. Hashcat Attack\n")
if cryptanalysis_category_choice == "1":
hash_file = input("Enter the path to the hash file: ")
wordlist = input("Enter the path to the wordlist: ")
run_hashcat_attack(hash_file, wordlist)
else:
print("Invalid choice. Exiting.")
elif category_choice == "9":
print("Exiting. Challenge accomplished!")
if __name__ == "__main__":
main()