Linux

ghba

ghba is a PTR record (reverse DNS) scanner. It is a Golang rewrite of ghba.c that runs much faster than the original ghba.c. It can scan an entire private class C network in under a minute if 32 threads are available.

Currently being updated/maintained both here and at https://git.hardenedbsd.org/SoldierX/ghba

Author(s): 
Blake
Version: 
1.00
Date: 
04-01-2024
Filename: 
Size: 
3.30KB
Requirements: 

go

Status: 
Inactive
Future Plans: 
None

Network Multitool

Hey all. This is my first project for SX. This is also my first full blown project coding in python. The goal of this project is to create an all in one tool that can be run from the command line (or somewhere down the line a front end) and be able to conduct all your networking, and website surveillance. This is an open beta and will have more iterations to come. You can see all the updates that come in for the tool here: https://www.soldierx.com/bbs/201704/Ongoing-SX-Networking-Project.

Tool is easy to run just download the tool, cd into the root of the folder, and run python tool.py. Currently working modules are The port Scanner, Hex to Dec converter, DNS lookup, Sub Domain Scanner, and the website link crawler.

Notes
For the sub domain scanner you enter the sub domains you want to scan for into the wordlist.txt file. Example: "login dev code".

GitHub:
https://github.com/Od01/Network-Multitool

Author(s): 
Od0_
Version: 
1.00 Alpha
Date: 
07-27-2017
Size: 
8.11KB
Status: 
Active
Future Plans: 
URL Fuzzer
GUI to replace command line interface

PassiveScanner

PassiveScanner is a script that uses free online services to passively enumerate and scan a domain's parameter, without actually touching the target network. The tool uses DNSDumpster to enumerate DNS information for a given domain and then checks the IPs against Zoomeye (Chinese shodan). Future versions of the tool will also incorporate Scans.io/Censys.io data as well as pull ip addresses from ASN information to also 'scan'.

Usage:
PassiveScanner -d targetdomain.com

Author(s): 
Ogma
Version: 
0.1-alpha
Date: 
01-01-2009
Filename: 
Size: 
4.00KB
Requirements: 

Python 2.7

pip install dnsdumpster

Status: 
Active
Future Plans: 
Expanding functionality to include Censys and enumeration of other hosts

RAPTORRDP

This is a series of software that will allow you to connect to your computers from anywhere in the world, without using an untrusted middleman or closed source commerical software that may have an intentional backdoor.

You can transfer files between client and host computers, and control host computers almost as if you were in front of it.

I also have one thing that most of the commercial vendors I looked at do not appear to have: a native HTML5 web interface for both the remote control client AND the file manager.

The software on windows works in the UAC enviroment thanks to the help of a C++ and java native interface (JNI) code i found on github..

The software with the exception of the Java UAC interface is written in python-2.7

Windows Apple El Capitan, and Linux are currently tested and working. BSD and Solaris should work.

Major changes have been made In version 8.5:

- Now supports Left click, right click, full mouse drag AND double click.
- The python native Remote control client "RAPTORV" has been rewritten.
- Some performance and speed changes have been made.
- DPI Issues with Microsoft Windows have been resolved (your screen will be displayed properly)
- Easy configure and build scripts are now included! (this program is a pain in the ass to build without these scripts)
- A list of requirements is shipped with the software.

IMPORTANT:

Due to size constraints i am unable to supply the entire library source i used for building the java "winsysi" (windows system interact) tool.

I have supplied my pre-built jars and the source code to winsysi.

the winrobot library can be found at: https://github.com/caoym/WinRobot

also, microsoft security essentals flags parts of the java library as a trojan, Malwarebytes and other vendors i use do not flag the software at all.

Author(s): 
r3q13m
Version: 
8.5
Date: 
6/25/2017
Filename: 
Size: 
1490.00KB
Requirements: 

Python-2.7

pywin32-220 (windows only)

twisted 15.0

autobahn 0.13.1

pygame-1.9.1

pillow-2.9.0

psutil-4.3.0

Tkinter

cxfreeze 4.3.2 (Windows)

cffi-1.6.0

cryptography-1.3.4

pyOpenSSL-16

Latest Java JRE (windows)

homebrew (Apple)

brew python2.7.x (Apple)

Xcode (Apple)

PyAutoGUI 0.9.33 (ALL)

pyobjc-2.51 or above (Apple)

pyinstaller-3.2 (Apple, Linux, Unix)

Status: 
Active
Future Plans: 
Fix bugs based on user feedback
Audio support

VulnTrack

VulnTrack monitors the nist vulnerability feed and compares it against your config file. When patterns are match based on your configuration, VulnTrack alerts you by email and/or desktop notification. Vulntrack also checks exploit-db.com for the existence of exploits for a matched vulnerability and checks against exploits that don't have an associated CVE. Useful for being notified about vulnerabilities in network appliances and other things that might not fall into your normal patch management routine. Also useful for profiling a network on a pentest to be notified if vulnerabilities related to that network are publicized during the engagement.

A few things to note:
* In version 1.1 VulnTrack-gtk has been replaced with vulntrack-cli, which is works on both Windows and Linux
* Still need to work out some issues with alerting.
* Acknowledge acknowledges you've seen the vulnerability and it won't show up anymore, however it still is in the database.
* Remove deletes the vulnerability from the database.
* Vulnerabilities with an exploit available are listed in red text
* The database comes pre populated with all exploits from 2017 to 4/24/19

Author(s): 
Ogma
Version: 
1.1
Date: 
4-25-19
Size: 
278.00KB
Requirements: 

python2.7

Status: 
Active
Future Plans: 
Add module to scan installed packages and build a config file automatically
Curses command line interface

Mirage Disk Image

This is a Python-2.7 version of "DD" i wrote maybe about 2 years ago and dug up recently. It can make a backup of both windows and linux machines and it can also do "Hot" imaging, meaning it can backup a system while running.

Author(s): 
r3q13m
Version: 
1.0
Date: 
06-26-2016
Filename: 
Size: 
0.86KB
Requirements: 

python == 2.7

pywin32 >= 220

Status: 
Inactive

RoboAmp

RoboAmp is a poor man's website monitoring software. It has two modes - ping and deep check. Ping check mode tests for basic network connectivity and deep check looks for a user specified error string to determine if the site is offline. RoboAmp outputs to the terminal, but can also output to a 16x2 LCD screen (via GPIO) when run on a Raspberry pi. RoboAmp also has the option to send SMS messages when a site goes down and comes back online via google voice. A google voice account is required for this functionality.

Usage:
RoboAmp -d/-p -u url [ -s str -p -l -g gmail -t timeout -v]
-d Deep check (check url content)
-p Ping check (check network connectivity)
-u URL of site to check
-s String to verify site is offline
-l Use 16x2 LCD (Raspberry PI)
-g Gmail address for gvoice SMS notification
-t Seconds to wait between checks
-v Turns on extra verbosity

Author(s): 
RaT
Version: 
1.0.3
Date: 
06-27-2017
Filename: 
Size: 
14.17KB
Status: 
Inactive

wdivulge

wdivulge is a tool designed to find and download hidden files from a webserver. This is most commonly pictures, but you can adjust the file definitions to bruteforce any type of file that you'd like. wdivulge technically falls under the definition of a web fusker. The latest version supports socks proxies (including TOR) and custom user agents for better anonymity.

Please see the README.txt file for instructions on how to use it. Special thanks to cisc0ninja for testing this application and writing the original README file.

Please post bugs or suggestions to this thread.

Author(s): 
Blake
Version: 
0.2.0
Date: 
06-17-2013
Filename: 
Size: 
27.00KB
Requirements: 

Perl

LWP::UserAgent

LWP::Protocol::socks

Status: 
Active
Future Plans: 
Directory bruteforcing

Simple Admin Page Finder (Module for Recon-ng Framework)

Simple Admin Page Finder is a module for Recon-ng Framework that is categorized as a discovery module. It checks the hosts for possible administrator pages and admin directories.

Instructions:
1. Clone the Recon-ng repository to your local system with git clone https://[email protected]/LaNMaSteR53/recon-ng.git. Change into the Recon-ng discovery module category by typing cd recon-ng/modules/discorevery/info_disclosure/http.
2. Download adminlogin_finder.py_.tar.gz: wget https://www.soldierx.com/system/files/sxlabs/projects/scryptz0/adminlogin_finder.py_.tar.gz
3. Extract the script: tar zxvf adminlogin_finder.py_.tar.gz.
4. Now go back to the recon-ng main directory and launch the framework: ./recon-ng.py.
5. Load the module: load discovery/info_disclosure/http/adminlogin_finder.
6. Select a target: set source target.com

Author(s): 
scryptz0
Version: 
1.00
Date: 
02-23-2013
Size: 
1.93KB
Requirements: 

Python and modules: dnspython, httplib2, python-oauth2.

Recon-ng Framework (bitbucket.org/LaNMaSteR53/recon-ng)

Status: 
Active

rotdex

rotdex is a ROT Decoder that determines what shift was used by the cipher by outputting all the possible rotations. It uses the echo and tr commands to decode and encode the cipher.

--------------
Basic Usage
--------------

Sample Cipher: Gur dhvpx oebja sbk whzcf bire gur ynml qbt

Now if you run rotdex.sh, it should prompt you to enter a text / message that needs to be decoded. So to decode and know the kind of sample cipher above, we obviously just need to write the cipher after the prompt of the terminal.

Sample Output:

ROT1: Ftq cguow ndaiz raj vgybe ahqd ftq xmlk pas
ROT2: Esp bftnv mczhy qzi ufxad zgpc esp wlkj ozr
ROT3: Dro aesmu lbygx pyh tewzc yfob dro vkji nyq
ROT4: Cqn zdrlt kaxfw oxg sdvyb xena cqn ujih mxp
ROT5: Bpm ycqks jzwev nwf rcuxa wdmz bpm tihg lwo
ROT6: Aol xbpjr iyvdu mve qbtwz vcly aol shgf kvn
ROT7: Znk waoiq hxuct lud pasvy ubkx znk rgfe jum
ROT8: Ymj vznhp gwtbs ktc ozrux tajw ymj qfed itl
ROT9: Xli uymgo fvsar jsb nyqtw sziv xli pedc hsk
ROT10: Wkh txlfn eurzq ira mxpsv ryhu wkh odcb grj
ROT11: Vjg swkem dtqyp hqz lworu qxgt vjg ncba fqi
ROT12: Uif rvjdl cspxo gpy kvnqt pwfs uif mbaz eph
ROT13: The quick brown fox jumps over the lazy dog
ROT14: Sgd pthbj aqnvm enw itlor nudq sgd kzyx cnf
ROT15: Rfc osgai zpmul dmv hsknq mtcp rfc jyxw bme
ROT16: Qeb nrfzh yoltk clu grjmp lsbo qeb ixwv ald
ROT17: Pda mqeyg xnksj bkt fqilo kran pda hwvu zkc
ROT18: Ocz lpdxf wmjri ajs ephkn jqzm ocz gvut yjb
ROT19: Nby kocwe vliqh zir dogjm ipyl nby futs xia
ROT20: Max jnbvd ukhpg yhq cnfil hoxk max etsr whz
ROT21: Lzw imauc tjgof xgp bmehk gnwj lzw dsrq vgy
ROT22: Kyv hlztb sifne wfo aldgj fmvi kyv crqp ufx
ROT23: Jxu gkysa rhemd ven zkcfi eluh jxu bqpo tew
ROT24: Iwt fjxrz qgdlc udm yjbeh dktg iwt apon sdv
ROT25: Hvs eiwqy pfckb tcl xiadg cjsf hvs zonm rcu

Thus, the sample cipher is ROT-13.

Author(s): 
scryptz0
Version: 
1.00
Date: 
01-17-2013
Filename: 
Size: 
1.00KB
Requirements: 

A Linux boxen

Status: 
Active
Future Plans: 
N/A
Syndicate content