Vũ khí hủy diệt hàng loạt: WMD
Đây là một công cụ PYTHON sưu tập các phần mềm bảo mật CNTT.
Những chức năng của nó :
| CAT: | TYPE: | CALL: | NAME: | DESCRIPTION: |
|---|---|---|---|---|
| bruteforce | creds | changeme | Default creds scan | Scan IP’s for services and try logging in with default credentials (Arthur: ztgrace) |
| bruteforce | loginpath | adminfinder | Admin Finder | A Simple script to find admin-paths for webpages. (Arthur: Spaddex) |
| bruteforce | rar | bfrar | BF RAR | Bruteforce a RAR file |
| bruteforce | ssh | bfssh | Bruteforce SSH | Bruteforce SSH login |
| bruteforce | web | bfweb | Bruteforce weblogin form | Bruteforce a weblogin form with word- and passlist |
| bruteforce | zip | bfzip | BF ZIP | Bruteforce a ZIP file |
| cracking | aut | john | John the Ripper | As you know – kill the hash |
| cracking | hash | hashid | Identify hash | Identify a hash |
| cracking | wpa | crackwpa | Crack WPA 4-way handshake | Gather WPA 4-way handshake from accesspoint and crack it |
| exploit | browser | browserpwn | Browser Autopwn2 | This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com) |
| exploit | search | exploitdb | Exploitdb | Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu) |
| sin | mspoofcheck | Spoofcheck email domain | Check if a domain can be spoofed for e.g. emailing | |
| monitor | arp | arpmon | ARP monitor alert | Monitor ARP table and alert for changes |
| monitor | ip | ipmon | IP monitor alert | Monitor IP’s and alert for changes |
| other | settings | settings | Change settings | Change your environment settings, e.g. interface |
| pentesting | niptt | sparta | SPARTA | SPARTA is a python GUI application which simplifies network infrastructure penetration testing. |
| phishing | ap | etphis | Ewil Twin phishing | Create a Evil Twin and redirect user to fake password page. |
| phishing | webpage | webphis | Webpage phishing | Run a local flask server with phishing pages. |
| recon | dns | dig | Domain info groper | Using dig command you can query DNS name servers for your DNS lookup related tasks |
| recon | dns | dnsmap | dnsmap | DNS Network Mapper. Enumeration and bruteforcing. |
| recon | dns | dnsrecon | dnsrecon | Multiple DNS recon abilities. |
| router | framework | rsploit | Routersploit | Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security) |
| scan | sin | lanscan | Lan scan | Scan local net – recon |
| sniff | aut | apsniff | AP sniff | Create AP and sniff HTTPS and avoid HSTS + Beef |
| sniff | http | sniffhttp | Sniff HTTP | Sniff HTTP packages. Extract username and passwords from traffic. |
| sniff | sin | bettercap | Bettercap | Bettercap integration for sniffing packets and bypass HSTS and HTTPS |
| socialeng | instabot | Instagram bot | Instagram bot for performing various activities (Arthur: LevPasha) | |
| spoof | arp | arpspoof | ARP spoof | Spoofing ARP |
| sql | sqli | gdsqli | Gdork SQLi | Scrape net for urls and check if they are prone to SQL injection |
| sql | sqli | sqlmap | SQLmap | Just an activation of SQLmap. |
| system | mac | macc | Macchanger | Change your MAC address |
| tools | search | searchht | Search hacktools | Searchengine for hackingtools |
| wifi | accesspoint | createap | Create an Accesspoint | Create an Accesspoint |
| wifi | wifi | wifiutils | WiFi utils | Utilities for WiFi, e.g. deauth, WiFi’s, clients, probes, etc. |
Chạy
Trước khi chạy bạn, hãy điều chỉnh environmentsettings của bạn trong core/ config.ini
Bắt đầu giao diện điều khiển với:
python3 wmd.pyBắt đầu một mô-đun duy nhất:
python3 wmd.py -m [CALL]Bắt đầu máy chủ web:
python3 wmd.py -wBắt đầu mà không kiểm tra các yêu cầu:
python3 wmd.py -ncChúc anh em ăn Tết VUI VẺ !
