LockDoor is a Framework aimed at
helping penetration testers, bug bounty hunters And cyber security engineers . This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.
Added value : (what makes it different from other frameworks).
Tools ? : Lockdoor doesn't contain
all pentesting tools (Added value) , let's be honest ! Who ever used all
the Tools you find on all those Penetration Testing distributions ?
Lockdoor contains only the favorite (Added value) and the most used
toolsby Pentesters (Added value).what Tools ? : the tools contains Lockdoor
are a collection from the best tools (Added value) on Kali,Parrot Os
and BlackArch. Also some private tools (Added value) from some other
hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting
some cool and amazing tools I found on Github made by some perfect human
beigns (Added value).Easy customization : Easily add/remove tools. (Added value)Installation : You can install the tool automatically using the installer.sh , Manually or on Docker [COMING SOON]
Resources : That's what makes Lockdoor
Added value, Lockdoor Doesn't contain only tools ! Pentesing and
Security Assessment Findings Reports templates (Added value) ,
Pentesting walkthrough examples and tempales (Added value) and more.Cheatsheets : Everyone can forget something on
processing or a tool use, or even some trciks. Here comes the
Cheatsheets (Added value) role ! there are cheatsheets about everything,
every tool on the framework and any enumeration,exploitation and
post-exploitation techniques.
First Step
Lockdoor update
ROOT Menu
Information Gathering
Web Hacking
Exploitation
Reverse Engineering
Enc/Dec
Password Attacks
Shells
PrivEsc
Social Engineering
PSAFRT
Walkthroughs
About
Kali Linux
Ubuntu
Arch Linux
Fedora
Opensuse
Windows (Cygwin)
Automatically
git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework
chmod +x ./install.sh
./install.sh
Manually
Installing requirments
python python-pip python-requests python2 python2-pip gcc ruby php git wget bc curl netcat subversion jre-openjdk make automake gcc linux-headers gzip
Installing Go
wget https://dl.google.com/go/go1.13.linux-amd64.tar.gz
tar -xvf go1.13.linux-amd64.tar.gz
mv go /usr/local
export GOROOT=/usr/local/go
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
rm go1.13.linux-amd64.tar.gz
Installing Lockdoor
# Clonnig
git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework
# Create the config file
# INSTALLDIR = where you want to install Lockdoor (Ex : /opt/sofiane/pentest)
echo "Location:"$installdir > $HOME"/.config/lockdoor/lockdoor.conf"
# Moving the resources folder
mv ToolsResources/* INSTALLDIR
# Installing Lockdoor from PyPi
pip3 install lockdoor
Docker Installation
COMING SOON
Tools:
dirsearch : A Web path scanner
brut3k1t : security-oriented bruteforce framework
gobuster : DNS and VHost busting tool written in Go
Enyx : an SNMP IPv6 Enumeration Tool
Goohak : Launchs Google Hacking Queries Against A Target Domain
Nasnum : The NAS Enumerator
Sublist3r : Fast subdomains enumeration tool for penetration testers
wafw00f : identify and fingerprint Web Application Firewall
Photon : ncredibly fast crawler designed for OSINT.
Raccoon : offensive security tool for reconnaissance and vulnerability scanning
DnsRecon : DNS Enumeration Script
Nmap : The famous security Scanner, Port Scanner, & Network Exploration Tool
sherlock : Find usernames across social networks
snmpwn : An SNMPv3 User Enumerator and Attack tool
Striker : an offensive information and vulnerability scanner.
theHarvester : E-mails, subdomains and names Harvester
URLextractor : Information gathering & website reconnaissance
denumerator.py : Enumerates list of subdomains
other : other Information gathering,recon and Enumeration scripts I collected somewhere.
Frameworks:
ReconDog : Reconnaissance Swiss Army Knife
RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling
Dracnmap : Info Gathering Framework
Tools:
Spaghetti : Spaghetti - Web Application Security Scanner
CMSmap : CMS scanner
BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
J-dorker : Website List grabber from Bing
droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
Optiva : Web Application Scanne
V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
AtScan : Advanced dork Search & Mass Exploit Scanner
WPSeku : Wordpress Security Scanner
Wpscan : A simple Wordpress scanner written in python
XSStrike : Most advanced XSS scanner.
Sqlmap : automatic SQL injection and database takeover tool
WhatWeb : the Next generation web scanner
joomscan : Joomla Vulnerability Scanner Project
Frameworks:
Dzjecter : Server checking Tool
Tools:
Linux
Scripts :
linux_checksec.sh
linux_enum.sh
linux_gather_files.sh
linux_kernel_exploiter.pl
linux_privesc.py
linux_privesc.sh
linux_security_test
Linux_exploits folder
Windows
windows-privesc-check.py
windows-privesc-check.exe
MySql :
raptor_udf.c
raptor_udf2.c
Radare2 : unix-like reverse engineering framework
VirtusTotal : VirusTotal tools
Miasm : Reverse engineering framework
Mirror : reverses the bytes of a file
DnSpy : .NET debugger and assembly
AngrIo : A python framework for analyzing binaries ( Suggested by @Hamz-a )
DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
yara : a tool aimed at helping malware researchers toidentify and classify malware samples
Spike : a protocol fuzzer creation kit + audits
other : other scripts collected somewhere
Findsploit : Find exploits in local and online databases instantly
Pompem : Exploit and Vulnerability Finder
rfix : Python tool that helps RFI exploitation.
InUrlBr : Advanced search in search engines
Burpsuite : Burp Suite for security testing & scanning.
linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
other : other scripts I collected somewhere.
WebShells : BlackArch's Webshells Collection
ShellSum : A defense tool - detect web shells in local directories
Weevely : Weaponized web shell
python-pty-shells : Python PTY backdoors
crunch : a wordlist generator
CeWL : a Custom Word List Generator
patator : a multi-purpose brute-forcer, with a modular design and a flexible usage
Codetective : a tool to determine the crypto/encoding algorithm used
findmyhash : Python script to crack hashes using online services
scythe : an accounts enumerator
:
:
:
:
:
::
:
:
:
:
:
:
:
:
Leave a Comment