CodeTest信息收集和漏洞利用工具

Related tags

Security related resourcesCodeTest
Overview

Welcome to CodeTest

👉 关于本项目

本项目的主要目的:针对日常收集的Python POC\EXP测试脚本,使用可视化界面统一执行入口,方便运行。

本项目适合人群:有Python基础的渗透测试人员(工具自带简易编辑器,可修改脚本内参数,重新加载后可灵活使用脚本进行测试)

可视化界面开发库:Tkinter

💡 POC\EXP 参考链接

https://github.com/Ascotbe/Medusa
https://github.com/zhzyker/vulmap

📖 使用说明

# 下载文件
git clone https://github.com/xkx518/CodeTest.git
cd CodeTest
# 安装依赖
pip3 install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
注意: Python\Python36\Lib\site-packages,找到这个路径,下面有一个文件夹叫做crypto,将小写c改成大写C
# 使用工具
双击 CodeTest.pyw
pythonw3 CodeTest.pyw

###如果GitHub图片显示不出来,修改hosts

C:\Windows\System32\drivers\etc\hosts

在文件末尾添加
# GitHub Start 
192.30.253.112    Build software better, together 
192.30.253.119    gist.github.com
151.101.184.133    assets-cdn.github.com
151.101.184.133    raw.githubusercontent.com
151.101.184.133    gist.githubusercontent.com
151.101.184.133    cloud.githubusercontent.com
151.101.184.133    camo.githubusercontent.com
151.101.184.133    avatars0.githubusercontent.com
151.101.184.133    avatars1.githubusercontent.com
151.101.184.133    avatars2.githubusercontent.com
151.101.184.133    avatars3.githubusercontent.com
151.101.184.133    avatars4.githubusercontent.com
151.101.184.133    avatars5.githubusercontent.com
151.101.184.133    avatars6.githubusercontent.com
151.101.184.133    avatars7.githubusercontent.com
151.101.184.133    avatars8.githubusercontent.com

 # GitHub End

🏁 模板

POC

def check(**kwargs):
	url = kwargs['url']#/*str*/
	port = kwargs['port']#/*str*/
	print('输出结果')
	print(url)
	print(port)
	if True:
		return 1
	else:
		return

EXP

import CodeTest
from ClassCongregation import _urlparse
#VULN = None => 漏洞测试
#VULN = True => 命令执行
CodeTest.VULN = None

def check(**kwargs):
    if CodeTest.VULN == None:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),"echo VuLnEcHoPoCSuCCeSS")
    else:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),kwargs['cmd'])
    if kwargs['pocname'] == "cve_2016_4437":
        ExpApacheShiro.cve_2016_4437()
    else:
        ExpApacheShiro.cve_2016_4437()

📋 界面介绍

漏洞扫描界面

漏洞扫描界面

漏洞利用界面

漏洞利用界面

📂 使用示例

1:FOFA收集链接

FOFA脚本主要是根据"FOFA语法"收集链接 FOFA

非登录情况下,只能收集一页数据,通过获取登录后的session字段,即可获取五页数据 FOFA

修改请求session FOFA

获取更多结果 FOFA

2:JSFind+URLSEO

JSFind旨在从JS文件中找到网站相关链接 FOFA

此处可批量测试多个地址(支持文件导入和复制粘贴) FOFA

勾选URLSEO,批量返回目标地址的状态码和Title FOFA

3:shiro漏洞检测和命令执行

命令执行一般是在此界面进行配置,配置好目的地址和测试的模块即可开始测试,下述图片显示目标存在shiro漏洞 FOFA

修改上一步获取到的key和gadget,特别注意:通过修改VULN的值为True或None,来选择模块的功能是测试还是用于执行命令 FOFA

保存,重新载入后输入需要执行的命令,即可输出命令执行的结果 FOFA

当然,你也可以选择测试所有模块 FOFA

Owner
GitHub Repository
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

使用方法&免责声明 该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。 使用方法:Python CVE-2020-17519.py urls.txt urls.txt 中每个url为一行,漏洞地址输出在vul.txt中 影响版本: Apache Flink 1

45 Sep 21, 2022
This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re

ASL IT Security 168 Nov 09, 2022
Tool-X is a kali linux hacking Tool installer.

Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other Linux based systems. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based di

Rajkumar Dusad 4.2k May 29, 2022
RDP Stealer

RDP Stealer RDP Stealer by lamp Require Python How To Use Download This Source Extract The Zip File Change webhook url Convert to exe send to target I

Lamp 14 Nov 26, 2022
Malware arcane - Scripts and notes on my malware analysis journey

Malware Arcane Repository of notes and scripts I use when doing malware analysis

9 Jun 01, 2022
script that pulls cve collections from NVD.NIST.GOV.

# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards

Aaron W 1 Dec 18, 2021
IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

Carry 1 Nov 25, 2021
SARA - Simple Android Ransomware Attack

SARA - Simple Android Ransomware Attack Disclaimer The author is not responsible for any issues or damage caused by this program. Features User can cu

Termux Hackers 99 Jan 04, 2023
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

21 Dec 09, 2022
The ultimate Metasploit apk binder with legit apk written in python3

Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .

27 Dec 25, 2022
Simple yara rule manager

Yara Manager A simple program to manage your yara ruleset in a (sqlite) database. Todos Search rules and descriptions Cluster rules in rulesets Enforc

Nils Kuhnert 65 Nov 17, 2022
Obfuscate ip address using different encodings

ipobfuscator How it works? Single ip address can be written in multiple ways. The most popular way is to represent ip as 4 octets separated with dots.

Piotr Warmke 1 Nov 02, 2021
2022-bridge - Example code belonging to the Bridge pattern video

Let's Take The Bridge Pattern To The Next Level This video covers how the bridge

11 Jun 14, 2022
This is a simple PoC for the newly found Polkit error names PwnKit

A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz

Kim Schulz 16 Sep 06, 2022
Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet

-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is

Ronnie Atuhaire 2 Feb 14, 2022
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。

Sec-Tools 项目介绍 系统简介 本项目命名为Sec-Tools,是一款基于 Python-Django 的在线多功能 Web 应用渗透测试系统,包含漏洞检测、目录识别、端口扫描、指纹识别、域名探测、旁站探测、信息泄露检测等功能。本系统通过旁站探测和域名探测功能对待检测网站进行资产收集,通过端

简简 300 Jan 07, 2023
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

HellSec 59 Dec 01, 2022
BETA: Layla - recon tool for bug bounty

WELCOME TO LAYLA Layla is a python script that automatically performs recon on a

Matheus Faria 68 Jan 04, 2023
NS-Defacer: a auto html injecter, In other words It's a auto defacer to deface a lot of websites in less time

Overview NS-Defacer is a auto html injecter, In other words It's a auto defacer

NightSec 10 Nov 19, 2022