64

GitHub - M4cs/BabySploit: BabySploit Beginner Pentesting Toolkit/Framework Writt...

 5 years ago
source link: https://github.com/M4cs/BabySploit
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

README.md

BabySploit

Forks 68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f4d3463732f4261627953706c6f69742e737667 Issues License Python 3.6+ Twitter 68747470733a2f2f696d672e736869656c64732e696f2f62616467652f646973636f72642d6a6f696e2d626c75652e7376673f73796c653d706f706f7574

Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed)

Donate To The Developer

Forks

BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger,
more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody
from any experience level will find use out of BabySploit. Below are some screenshots of the framework.

Welcome

Changelog:

Types of Updates:

  • Updates: Framework has been updated with new features or major fixes.
  • Releases: Stable release milestone.
  • Hotfix: Quick hotfix. Minor bug fix or minor change.

0.1.6 Update:

  • Added Cloudflare Bypasser
  • Added WPSeku WP Vuln Scan

0.1.4 & 0.1.5 Hotfixes:

  • Fix updater

0.1.3 Hotfix:

  • Fix Method of grabbing default gateway

0.1.2 Hotfix:

  • Bug fixes

0.1.1 Hotfix:

  • Fix Requirements.txt

0.1.0 Release:

  • Basic Release

0.0.9 Hotfix:

  • Fix Updater

0.0.8 Update:

  • Fix Updater
  • Add Raccoon Vuln Scan
  • Fix PDFMeta
  • Update Display

0.0.7 Hotfix:

  • Fix some bugs

0.0.6 Update:

  • Fix updater script
  • Remove tcpdump
  • Add ftpvulnscan and pdfmeta

Installation Instructions:

BabySploit is best run out of the home directory so to clone it there run:

git clone git://github.com/M4cs/BabySploit ~/BabySploit

After cloning the installation you must install some pre-requisites. If you are on Kali you should already have all of these installed but it doesn't hurt to do so anyways just in case. Do so by running the following:

*from within the babysploit directory*
sudo apt-get update
sudo apt-get install exploitdb netcat nmap php7.0 perl -y
wget http://owl.phy.queensu.ca/~phil/exiftool/Image-ExifTool-11.17.tar.gz
tar xf Image-ExifTool-11.17.tar.gz
cd Image-ExifTool-11.17
perl MakeFile
make test
sudo make install
cd ..
sudo rm -rf Image-ExifTool-11.17

After installing these binaries you must install required Python 3 modules. To do so run the following:

*from within the BabySploit Directory*
pip3 install -r requirements.txt --user

Getting Started:

Setting Configuration Values:

BabySploit uses ConfigParser in order to write and read configuration. Your config file is automatically generated and located at ./babysploit/config/config.cfg. You can manually change configuration settings by opening up the file and editing with a text editor or you can use the set command to set a new value for a key. Use the set command like so:

set rhost
>> Enter Value For rhost: 10
>> Config Key Saved!

If before running this command the rhost key had a value of 80, the rhost key after running this command has a value of 10. You can also add configuration variables to the config by using the set command with a new key after it like so:

set newkey
>> Enter Value For newkey: hello
>> Config Key Saved!

Before running this there was no key named "newkey". After running this you will have a key named "newkey" in your config until you use the reset command which resets the saved configuration.

Running A Tool

In order to run a tool all you have to do is enter the name of the tool into BabySploit. You can use the tools command to display a menu with all the currently availble tools. If we run tools we get the depiction:

Tools

*this depiction may be outdated*

This menu will display the tools available and the description of each tool. To run a tool simply enter the tool name into BabySploit. Ex: ftpbruteforce - runs the ftpbruteforce tool.

Features (Current, In The Works, Planned):

Visit project board for tools.

  • Information Gathering
  • Exploitation
  • Post Exploitation
  • Bruteforcing
  • Phishing
  • Cryptography/Stenography

Information Gathering:

  • Nmap
  • IP Info
  • Tcpdump (In The Works)
  • Datasploit (In The Works)
  • Censys Lookup
  • DNS Lookup
  • Raccoon

Exploitation:

  • Searchsploit
  • ReverseShell Wizard
  • FTP Buffer Overflow Scan

Post Exploitation:

  • In The Works

Bruteforcing:

  • FTP Bruteforcer

Phishing:

  • BlackEye Python

Crypto/Stegano:

  • MetaKiller
  • PDFMeta

Contributing

Feel free to contribute by making plugins or fixing bugs with a Pull Request. All contributions are helpful and will help make this a great tool.

Licensed Under MIT.

Copyright (c) 2018 Syndicated Intelligence


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK