A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter.
Web Pentest / Information Gathering:
- Banner Grab
- Whois
- Traceroute
- DNS Record
- Reverse DNS Lookup
- Zone Transfer Lookup
- Port Scan
- Admin Panel Scan
- Subdomain Scan
- CMS Identify
- Reverse IP Lookup
- Subnet Lookup
- Extract Page Links
- Directory Fuzz (NEW)
- File Fuzz (NEW)
- Shodan Search (NEW)
- Shodan Host Lookup (NEW)
Web Application Attack: (NEW) :
- WordPress
- WPScan
- WPScan Bruteforce
- WordPress Plugin Vulnerability Checker Features: // I will add more soon.
- WordPress Woocommerce – Directory Craversal
- WordPress Plugin Booking Calendar 3.0.0 – SQL Injection / Cross-Site Scripting
- WordPress Plugin WP with Spritz 1.0 – Remote File Inclusion
- WordPress Plugin Events Calendar – ‘event_id’ SQL Injection - Auto SQL Injection
Features:
- Union Based
- (Error Output = False) Detection
- Tested on 100+ Websites
Generator:
- Deface Page
- Password Generator // NEW
- Text To Hash //NEW
- $ git clone https://github.com/cr4shcod3/pureblood
- $ cd pureblood
- $ pip install -r requirements.txt
DEMO
Web Application Attack
Build With
- Colorama
- Requests
- Python-whois
- Dnspython
- BeautifulSoup
- Shodan