1 Star 4 Fork 2

xiaohui / Lockdoor-Framework

加入 Gitee
与超过 600 万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README.rst

https://up.sofianehamlaoui.me/lockdoor/logos/logo205x250.gif
Lockdoor Pentesting Framework

[~] Tested on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows [~]

!NEWS!

[~] Lockdoor isn't on his best shape, so I'll make it better as soon as I get free time for that. [~] Version 2.2.3 IS OUT !! | 13/03/2020 00:43PM GMT+2 |

Badges 📌 :

forthebadge made-with-python built-with-love

code-quality Pypi GitHub release Tested-on Last commit License Twitter

Support me 💰 :

Versions :closed_lock_with_key: :

03/2020 : 2.2.3

  • Information Gathring Tools (21)
  • Web Hacking Tools(15)
  • Reverse Engineering Tools (15)
  • Exploitation Tools (6)
  • Pentesting & Security Assessment Findings Report Templates (6)
  • Password Attack Tools (4)
  • Shell Tools + Blackarch's Webshells Collection (4)
  • Walk Throughs & Pentest Processing Helpers (3)
  • Encryption/Decryption Tools (2)
  • Social Engineering tools (1)
  • All you need as Privilege Escalation scripts and exploits
  • Working on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)
https://img.youtube.com/vi/_agvb29FQrs/maxresdefault.jpg

09/2019 : 0.6

  • Information Gathring tools (13)
  • Web Hacking Tools (9)
  • Working on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)
  • Some bugs That I'm fixing with time so don't worry about that.
https://up.sofianehamlaoui.me/lockdoor/gifs/kali.gif

Blogs & Articles 📰 :

Overview 📙 :

LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Features 📙 :

Added value : (what makes it different from other frameworks).

Pentesting Tools Selection 📙 :

  • Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
  • what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali,Parrot Os and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
  • Easy customization: Easily add/remove tools. (Added value)
  • Installation: You can install the tool automatically using the installer.sh , Manually or on Docker [COMING SOON]

Resources and cheatsheets 📙 : (Added value)

  • Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates (Added value) , Pentesting walkthrough examples and tempales (Added value) and more.
  • Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Screenshots 💻 :

First Step Verbose mode R00T menu Information Gathering Web Hacking Exploitation Reverse Engineering Enc/Dec Password Attacks Shells PrivEsc Social Engineering PSAFRT Walkthroughs Update Lockdoor About
1st lockup root infogath web expl Revers Enc passwd shells Privesc SE psafrt help update about

Demos 💻 :

Kali Linux Ubuntu Arch Linux Fedora Opensuse Windows (Cygwin)
Kali Ubuntu Arch Linux Fedora Opensuse Windows1

Installation 🛠️ :

The recommended way to use Lockdoor is by pulling the Docker Image so you will not have to worry about dependencies issues.

A Docker image is available on Docker Hub and automatically re-built at each update: https://hub.docker.com/r/sofianehamlaoui/lockdoor. It is initially based on the official debian docker image (debian).

  • Docker Installation

    • Installing requirments

      sudo apt install docker < Debian-based distributions
      sudo dnf install docker < RPM-based distributions
      sudo pacman -S docker < Arch-based distributions
      sudo zypper install docker < OS-based distributions
      sudo yum install docker < RH-based distributions
      
    • Using lockdoor's docker version

      1. Pull lockdoor Docker Image:

        sudo docker pull sofianehamlaoui/lockdoor
        
      2. Run fresh Docker container:

        sudo docker run -it --name lockdoor-container -w /Lockdoor-Framework --net=host sofianehamlaoui/lockdoor
        
      3. Run Lockdoor Framework

        lockdoor
        
      4. To re-run a stopped container:

        sudo docker start -i sofianehamlaoui/lockdoor
        
      5. To open multiple shells inside the container:

        sudo docker exec -it lockdoor-container bash
        
  • Automatically

    1) Automatically(x2) installation :
    
       bash <(wget -qO- https://lockdoor.sofianehamlaoui.me/lock.html)
    
    2) Automatically(x1) installation :
    
       git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework
       chmod +x ./install.sh
       ./install.sh
    
  • Manually

    • Installing requirments

      python python-pip python-requests python2 python2-pip gcc ruby php git wget bc curl netcat subversion jre-openjdk make automake gcc linux-headers gzip
      
    • Installing Go

      wget https://dl.google.com/go/go1.13.linux-amd64.tar.gz
      tar -xvf go1.13.linux-amd64.tar.gz
      mv go /usr/local
      export GOROOT=/usr/local/go
      export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
      rm go1.13.linux-amd64.tar.gz
      
    • Installing Lockdoor

      # Clonnig
      git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework
      # Create the config file
      # INSTALLDIR = where you want to install Lockdoor (Ex : /opt/sofiane/pentest)
      echo "Location:"$installdir > $HOME"/.config/lockdoor/lockdoor.conf"
      # Moving the resources folder
      mv ToolsResources/* INSTALLDIR
      # Installing Lockdoor from PyPi
      pip3 install lockdoor
      

Lockdoor Tools contents 🛠️ :

Information Gathering :mag_right: :

  • Tools:
    • dirsearch : A Web path scanner
    • brut3k1t : security-oriented bruteforce framework
    • gobuster : DNS and VHost busting tool written in Go
    • Enyx : an SNMP IPv6 Enumeration Tool
    • Goohak : Launchs Google Hacking Queries Against A Target Domain
    • Nasnum : The NAS Enumerator
    • Sublist3r : Fast subdomains enumeration tool for penetration testers
    • wafw00f : identify and fingerprint Web Application Firewall
    • Photon : ncredibly fast crawler designed for OSINT.
    • Raccoon : offensive security tool for reconnaissance and vulnerability scanning
    • DnsRecon : DNS Enumeration Script
    • Nmap : The famous security Scanner, Port Scanner, & Network Exploration Tool
    • sherlock : Find usernames across social networks
    • snmpwn : An SNMPv3 User Enumerator and Attack tool
    • Striker : an offensive information and vulnerability scanner.
    • theHarvester : E-mails, subdomains and names Harvester
    • URLextractor : Information gathering & website reconnaissance
    • denumerator.py : Enumerates list of subdomains
    • other : other Information gathering,recon and Enumeration scripts I collected somewhere.
  • Frameworks:
    • ReconDog : Reconnaissance Swiss Army Knife
    • RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling
    • Dracnmap : Info Gathering Framework

Web Hacking 🌐 :

  • Tools:
    • Spaghetti : Spaghetti - Web Application Security Scanner
    • CMSmap : CMS scanner
    • BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
    • J-dorker : Website List grabber from Bing
    • droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
    • Optiva : Web Application Scanne
    • V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
    • AtScan : Advanced dork Search & Mass Exploit Scanner
    • WPSeku : Wordpress Security Scanner
    • Wpscan : A simple Wordpress scanner written in python
    • XSStrike : Most advanced XSS scanner.
    • Sqlmap : automatic SQL injection and database takeover tool
    • WhatWeb : the Next generation web scanner
    • joomscan : Joomla Vulnerability Scanner Project
  • Frameworks:
    • Dzjecter : Server checking Tool

Privilege Escalation ⚠️ :

  • Tools:
    • Linux 🐧 :
      • Scripts :
        • linux_checksec.sh
        • linux_enum.sh
        • linux_gather_files.sh
        • linux_kernel_exploiter.pl
        • linux_privesc.py
        • linux_privesc.sh
        • linux_security_test
      • Linux_exploits folder
    • Windows Windows :
      • windows-privesc-check.py
      • windows-privesc-check.exe
    • MySql :
      • raptor_udf.c
      • raptor_udf2.c

Reverse Engineering ⚡:

  • Radare2 : unix-like reverse engineering framework
  • VirtusTotal : VirusTotal tools
  • Miasm : Reverse engineering framework
  • Mirror : reverses the bytes of a file
  • DnSpy : .NET debugger and assembly
  • AngrIo : A python framework for analyzing binaries ( Suggested by @Hamz-a )
  • DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
  • Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
  • yara : a tool aimed at helping malware researchers toidentify and classify malware samples
  • Spike : a protocol fuzzer creation kit + audits
  • other : other scripts collected somewhere

Exploitation ❗:

  • Findsploit : Find exploits in local and online databases instantly
  • Pompem : Exploit and Vulnerability Finder
  • rfix : Python tool that helps RFI exploitation.
  • InUrlBr : Advanced search in search engines
  • Burpsuite : Burp Suite for security testing & scanning.
  • linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
  • other : other scripts I collected somewhere.

Shells 🐚:

  • WebShells : BlackArch's Webshells Collection
  • ShellSum : A defense tool - detect web shells in local directories
  • Weevely : Weaponized web shell
  • python-pty-shells : Python PTY backdoors

Password Attacks ✳️:

  • crunch : a wordlist generator
  • CeWL : a Custom Word List Generator
  • patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

Encryption - Decryption 🛡️:

  • Codetective : a tool to determine the crypto/encoding algorithm used
  • findmyhash : Python script to crack hashes using online services

Social Engineering 🎭:

  • scythe : an accounts enumerator

Lockdoor Resources contents 📚 :

Information Gathering :mag_right: :

Crypto 🛡️:

Exploitation ❗:

Networking 🖧 :

Password Attacks ✳️:

Post Exploitation ❗❗:

Privilege Escalation ⚠️:

Pentesting & Security Assessment Findings Report Templates 📝 :

Reverse Engineering ⚡ :

Social Engineering 🎭:

Walk Throughs 🚶 :

Web Hacking 🌐 :

Other 📚 :

Contributing ℹ️ :

  1. Fork it ( https://github.com/SofianeHamlaoui/Lockdoor-Framework/fork )
  2. Create your feature branch
  3. Commit your changes
  4. Push to the branch
  5. Create a new Pull Request

仓库评论 ( 0 )

你可以在登录后,发表评论

简介

一套自带大量网络安全资源的渗透测试框架 展开 收起
Python
GPL-3.0
取消

发行版

暂无发行版

贡献者

全部

近期动态

加载更多
不能加载更多了
Python
1
https://gitee.com/ysfx-xiaohui/Lockdoor-Framework.git
git@gitee.com:ysfx-xiaohui/Lockdoor-Framework.git
ysfx-xiaohui
Lockdoor-Framework
Lockdoor-Framework
master

搜索帮助