Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Z4nzu
GitHub Repository: Z4nzu/hackingtool
 Path: blob/master/tools/webattack.py
1758 views
1
# coding=utf-8

2
import subprocess

3
from core import HackingTool

4
from core import HackingToolsCollection

5


6
from rich.console import Console

7
from rich.theme import Theme

8
from rich.table import Table

9
from rich.panel import Panel

10
from rich.prompt import Prompt

11


12
_theme = Theme({"purple": "#7B61FF"})

13
console = Console(theme=_theme)

14


15


16
class Web2Attack(HackingTool):

17
    TITLE = "Web2Attack"

18
    DESCRIPTION = "Web hacking framework with tools, exploits by python"

19
    INSTALL_COMMANDS = [

20
        "sudo git clone https://github.com/santatic/web2attack.git"

21
    ]

22
    RUN_COMMANDS = ["cd web2attack && sudo python3 w2aconsole"]

23
    PROJECT_URL = "https://github.com/santatic/web2attack"

24


25


26
class Skipfish(HackingTool):

27
    TITLE = "Skipfish"

28
    DESCRIPTION = (

29
        "Skipfish – Fully automated, active web application "

30
        "security reconnaissance tool \n "

31
        "Usage: skipfish -o [FolderName] targetip/site"

32
    )

33
    RUN_COMMANDS = [

34
        "sudo skipfish -h",

35
        'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat'

36
    ]

37


38
    def __init__(self):

39
        super(Skipfish, self).__init__(installable=False)

40


41


42
class SubDomainFinder(HackingTool):

43
    TITLE = "SubDomain Finder"

44
    DESCRIPTION = (

45
        "Sublist3r is a python tool designed to enumerate "

46
        "subdomains of websites using OSINT \n "

47
        "Usage:\n\t[1] python3 sublist3r.py -d example.com \n"

48
        "[2] python3 sublist3r.py -d example.com -p 80,443"

49
    )

50
    INSTALL_COMMANDS = [

51
        "sudo pip3 install requests argparse dnspython",

52
        "sudo git clone https://github.com/aboul3la/Sublist3r.git",

53
        "cd Sublist3r && sudo pip3 install -r requirements.txt"

54
    ]

55
    RUN_COMMANDS = ["cd Sublist3r && python3 sublist3r.py -h"]

56
    PROJECT_URL = "https://github.com/aboul3la/Sublist3r"

57


58


59
class CheckURL(HackingTool):

60
    TITLE = "CheckURL"

61
    DESCRIPTION = (

62
        "Detect evil urls that uses IDN Homograph Attack.\n\t"

63
        "[!] python3 checkURL.py --url google.com"

64
    )

65
    INSTALL_COMMANDS = ["sudo git clone https://github.com/UndeadSec/checkURL.git"]

66
    RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"]

67
    PROJECT_URL = "https://github.com/UndeadSec/checkURL"

68


69


70
class Blazy(HackingTool):

71
    TITLE = "Blazy(Also Find ClickJacking)"

72
    DESCRIPTION = "Blazy is a modern login page bruteforcer"

73
    INSTALL_COMMANDS = [

74
        "sudo git clone https://github.com/UltimateHackers/Blazy.git",

75
        "cd Blazy && sudo pip2.7 install -r requirements.txt"

76
    ]

77
    RUN_COMMANDS = ["cd Blazy && sudo python2.7 blazy.py"]

78
    PROJECT_URL = "https://github.com/UltimateHackers/Blazy"

79


80


81
class SubDomainTakeOver(HackingTool):

82
    TITLE = "Sub-Domain TakeOver"

83
    DESCRIPTION = (

84
        "Sub-domain takeover vulnerability occur when a sub-domain "

85
        "\n (subdomain.example.com) is pointing to a service "

86
        "(e.g: GitHub, AWS/S3,..)\nthat has been removed or deleted.\n"

87
        "Usage:python3 takeover.py -d www.domain.com -v"

88
    )

89
    INSTALL_COMMANDS = [

90
        "git clone https://github.com/edoardottt/takeover.git",

91
        "cd takeover;sudo python3 setup.py install"

92
    ]

93
    PROJECT_URL = "https://github.com/edoardottt/takeover"

94


95
    def __init__(self):

96
        super(SubDomainTakeOver, self).__init__(runnable=False)

97


98


99
class Dirb(HackingTool):

100
    TITLE = "Dirb"

101
    DESCRIPTION = (

102
        "DIRB is a Web Content Scanner. It looks for existing "

103
        "(and/or hidden) Web Objects.\n"

104
        "It basically works by launching a dictionary based "

105
        "attack against \n a web server and analyzing the response."

106
    )

107
    INSTALL_COMMANDS = [

108
        "sudo git clone https://gitlab.com/kalilinux/packages/dirb.git",

109
        "cd dirb;sudo bash configure;make"

110
    ]

111
    PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb"

112


113
    def run(self):

114
        uinput = input("Enter Url >> ")

115
        subprocess.run(["sudo", "dirb", uinput])

116


117


118
class WebAttackTools(HackingToolsCollection):

119
    TITLE = "Web Attack tools"

120
    DESCRIPTION = ""

121
    TOOLS = [

122
        Web2Attack(),

123
        Skipfish(),

124
        SubDomainFinder(),

125
        CheckURL(),

126
        Blazy(),

127
        SubDomainTakeOver(),

128
        Dirb()

129
    ]

130


131
    def pretty_print(self):

132
        table = Table(title="Web Attack Tools", show_lines=True, expand=True)

133
        table.add_column("Title", style="purple", no_wrap=True)

134
        table.add_column("Description", style="purple")

135
        table.add_column("Project URL", style="purple", no_wrap=True)

136


137
        for t in self.TOOLS:

138
            desc = getattr(t, "DESCRIPTION", "") or ""

139
            url = getattr(t, "PROJECT_URL", "") or ""

140
            table.add_row(t.TITLE, desc.strip().replace("\n", " "), url)

141


142
        panel = Panel(table, title="[purple]Available Tools[/purple]", border_style="purple")

143
        console.print(panel)

144


145
    def show_options(self, parent=None):

146
        console.print("\n")

147
        panel = Panel.fit("[bold magenta]Web Attack Tools Collection[/bold magenta]\n"

148
                          "Select a tool to view options or run it.",

149
                          border_style="purple")

150
        console.print(panel)

151


152
        table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)

153
        table.add_column("Index", justify="center", style="bold yellow")

154
        table.add_column("Tool Name", justify="left", style="bold green")

155
        table.add_column("Description", justify="left", style="white")

156


157
        for i, tool in enumerate(self.TOOLS):

158
            title = getattr(tool, "TITLE", tool.__class__.__name__)

159
            desc = getattr(tool, "DESCRIPTION", "—")

160
            table.add_row(str(i + 1), title, desc or "—")

161


162
        table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")

163
        console.print(table)

164


165
        try:

166
            choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")

167
            choice = int(choice)

168
            if 1 <= choice <= len(self.TOOLS):

169
                selected = self.TOOLS[choice - 1]

170
                if hasattr(selected, "show_options"):

171
                    selected.show_options(parent=self)

172
                elif hasattr(selected, "run"):

173
                    selected.run()

174
                else:

175
                    console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")

176
            elif choice == 99:

177
                return 99

178
        except Exception:

179
            console.print("[bold red]Invalid choice. Try again.[/bold red]")

180
        return self.show_options(parent=parent)

181


182


183
if __name__ == "__main__":

184
    tools = WebAttackTools()

185
    tools.pretty_print()

186
    tools.show_options()

187