Shulou(Shulou.com)05/31 Report--

This article mainly introduces what LockDoor is a framework, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

Overview of tools

LockDoor is a penetration testing framework with a large number of network security resources, mainly aimed at penetration testers, vulnerability bounty hunters and network security engineers. This tool can be run on Debian/Ubuntu/ArchLinux and other Linux-based distribution system platforms, and provides a large number of popular or commonly used penetration testing tools in the community to assist researchers to complete penetration testing tasks. For penetration testers, many people have their own favorite "/ pentest" toolkit, and the LockDoor framework can also help us build such an "arsenal". All in all, LockDoor can help us accomplish penetration testing tasks in the most efficient way.

Tool installation automatic installation git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git & & cd Lockdoor-Frameworkchmod + x. / install.sh./install.sh manual installation

Install dependent components:

Python python-pip python-requests python2 python2-pip gcc ruby php git wget bc curl netcat subversion jre-openjdk make automake gcc linux-headers gzip

Install the Go environment:

Wget https://dl.google.com/go/go1.13.linux-amd64.tar.gztar-xvf go1.13.linux-amd64.tar.gzmv go / usr/localexport GOROOT=/usr/local/goexport PATH=$GOPATH/bin:$GOROOT/bin:$PATHrm go1.13.linux-amd64.tar.gz

Install LockDoor:

# Clonniggit clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git & & cd Lockdoor-Framework# Create the config file# INSTALLDIR = where you want to install Lockdoor (Ex:/opt/sofiane/pentest) echo "Location:" $installdir > $HOME "/ .config/lockdoor/lockdoor.conf" # tool inventory information collection

Tools:

Dirsearch:Web path scanner

Brut3k1t: brute force cracking framework

Gobuster: DNS and VHost farm tools developed with Go

Enyx:SNMP IPv6 enumeration tool

Goohak: initiates a Google Hacking query against the target domain name

Nasnum:NAS enumerator

Sublist3r: a fast subdomain name enumeration tool for penetration testing

Wafw00f:Web Application Firewall fingerprint Identification tool identify

Photon: a fast crawler for open source intelligence gathering

Raccoon: a tool for network detection and vulnerability scanning

DnsRecon:DNS enumeration script

Nmap: Port scanning & a tool for network vulnerability exploitation

Sherlock: social network username search tool

Snmpwn:SNMPv3 user enumeration and attack tools

Striker: attack information and vulnerability scanner

TheHarvester: email, subdomain name and user name collection tool

URLextractor: information Collection & website investigation tool

Denumerator.py: subdomain name enumeration tool

Frame:

ReconDog: network Reconnaissance Switzerland * *

RED_HAWK: all-in-one information gathering, vulnerability scanning and web crawling tool

Dracnmap: information gathering framework

Web attack

Tools:

Spaghetti:Spaghetti-Web Application Security Scanner

CMSmap: a scanning tool for CMS

BruteXSS:XSS vulnerability scanner

J-dorker: a list of sites can be crawled from Bing

Droopescan: a scanning tool for CMS

Optiva:Web Application Scanner

V3n0M: a SQLi/XSS/LFI/RFI vulnerability scanner developed with Python 3.6,

AtScan: advanced Dorck search and exploit scanner

WPSeku:Wordpress security scanner

Wpscan: a Wordpress scanner developed with Python

XSStrike: advanced XSS scanner

Sqlmap:SQL injection vulnerabilities and database takeover tools

WhatWeb: next Generation Web Scanner

Joomscan:Joomla vulnerability scanner

Frame:

Dzjecter: server detection tool

Privilege promotion

Linux script:

Linux_checksec.sh

Linux_enum.sh

Linux_gather_files.sh

Linux_kernel_exploiter.pl

Linux_privesc.py

Linux_privesc.sh

Linux_security_test

Linux_exploits folder

Windows Windows tool:

Windows-privesc-check.py

Windows-privesc-check.exe

MySql tool:

Raptor_udf.c

Raptor_udf2.c

Reverse engineering

Radare2: Unix-like reverse engineering framework

VirtusTotal:VirusTotal tool

Miasm: reverse engineering framework

Mirror: file byte analysis tool

DnSpy:.NET debugger and assembler

AngrIo: a Python framework for analyzing binaries

DLLRunner: intelligent DLL script execution tool

Fuzzy Server: a server attack tool using prefabricated Spike scripts

Yara: malware sample classification tool

Spike: a fuzzy testing tool for protocols

Vulnerability exploitation

Findsploit: local / online database vulnerability scanning tool

Pompem: vulnerability exploitation and scanning tool

Rfix:RFI vulnerability exploitation tool

InUrlBr: advanced search engine

Burpsuite: a network security testing and scanning tool

Linux-exploit-suggester2: the next Generation of Linux Kernel exploit tool

Shell

Webshell** of WebShells:BlackArch

ShellSum: native Webshell Defense Detection tool

Weevely:Web Shell weapons depot

Python-pty-shells:Python PTY back door

Password attack

Crunch: dictionary generator

CeWL: custom dictionary generator

Patator: multi-function blasting tool

Encryption & decryption

Codetective: a tool for judging encryption algorithms and coding algorithms

Findmyhash: using online services to crack the hash

Social engineering

Scythe: a tool for enumerating user accounts

Thank you for reading this article carefully. I hope the article "what frame is LockDoor" shared by the editor will be helpful to you. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.