PenBox v2.2 – A Penetration Testing Framework

PenBox – A Penetration Testing Framework, (the hacker’s repo) is the last version of script that a hacker needs.

 

Information Gathering:

  • nmap
  • Setoolkit
  • Port Scanning
  • Host To IP
  • wordpress user enumeration
  • CMS scanner
  • XSStracer – checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection
  • Doork – Google Dorks Passive Vulnerability Auditor
  • Scan A server’s Users

 

Password Attacks:

  • Cupp
  • Ncrack

 

Wireless Testing:

  • reaver
  • pixiewps
  • Bluetooth Honeypot GUI Framework

 

Exploitation Tools:

  • Venom
  • sqlmap
  • Shellnoob
  • commix
  • FTP Auto Bypass
  • jboss-autopwn
  • Blind SQL Automatic Injection And Exploit
  • Bruteforce the Android Passcode given the hash and salt
  • Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection Scanner

 

Sniffing & Spoofing:

  • Setoolkit
  • SSLtrip
  • pyPISHER
  • SMTP Mailer

 

Web Hacking:

  • Drupal Hacking
  • Inurlbr
  • Wordpress & Joomla Scanner
  • Gravity Form Scanner
  • File Upload Checker
  • Wordpress Exploit Scanner
  • Wordpress Plugins Scanner
  • Shell and Directory Finder
  • Joomla! 1.5 – 3.4.5 remote code execution
  • Vbulletin 5.X remote code execution
  • BruteX – Automatically brute force all services running on a target
  • Arachni – Web Application Security Scanner Framework

 

Private Tools:

  • Get all websites
  • Get joomla websites
  • Get wordpress websites
  • Find control panel
  • Find zip files
  • Find upload files
  • Get server users
  • Scan from SQL injection
  • Scan ports (range of ports)
  • Scan ports (common ports)
  • Get server banner
  • Bypass Cloudflare

 

Post Exploitation

  • Shell Checker
  • POET
  • Weeman – Phishing Framework

Recon

  • Sniper

Installation

git clone https://github.com/x3omdax/PenBox.git

 

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience