大规模杀伤性武器(Weapon of Mass Destruction)
![WMD - Python 模块化安全工具集]()
Web 界面
![WMD - Python 模块化安全工具集]()
模块列表 CAT: TYPE: CALL: NAME: DESCRIPTION: bruteforce creds changeme Default creds scan Scan IP's for services and try logging in with default credentials (Arthur: ztgrace) bruteforce loginpath adminfinder Admin Finder A Simple script to find admin-paths for webpages. (Arthur: Spaddex) bruteforce rar bfrar BF RAR Bruteforce a RAR file bruteforce ssh bfssh Bruteforce SSH Bruteforce SSH login bruteforce web bfweb Bruteforce weblogin form Bruteforce a weblogin form with word- and passlist bruteforce zip bfzip BF ZIP Bruteforce a ZIP file cracking aut john John the Ripper As you know - kill the hash cracking hash hashid Identify hash Identify a hash cracking wpa crackwpa Crack WPA 4-way handshake Gather WPA 4-way handshake from accesspoint and crack it exploit browser browserpwn Browser Autopwn2 This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com) exploit search exploitdb Exploitdb Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu) mail sin mspoofcheck Spoofcheck email domain Check if a domain can be spoofed for e.g. emailing monitor arp arpmon ARP monitor alert Monitor ARP table and alert for changes monitor ip ipmon IP monitor alert Monitor IP's and alert for changes other settings settings Change settings Change your environment settings, e.g. interface pentesting niptt sparta SPARTA SPARTA is a python GUI application which simplifies network infrastructure penetration testing. phishing ap etphis Ewil Twin phishing Create a Evil Twin and redirect user to fake password page. phishing webpage webphis Webpage phishing Run a local flask server with phishing pages. recon dns dig Domain info groper Using dig command you can query DNS name servers for your DNS lookup related tasks recon dns dnsmap dnsmap DNS Network Mapper. Enumeration and bruteforcing. recon dns dnsrecon dnsrecon Multiple DNS recon abilities. router framework rsploit Routersploit Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security) scan sin lanscan Lan scan Scan local net - recon sniff aut apsniff AP sniff Create AP and sniff HTTPS and avoid HSTS + Beef sniff http sniffhttp Sniff HTTP Sniff HTTP packages. Extract username and passwords from traffic. sniff sin bettercap Bettercap Bettercap integration for sniffing packets and bypass HSTS and HTTPS socialeng instagram instabot Instagram bot Instagram bot for performing various activities (Arthur: LevPasha) spoof arp arpspoof ARP spoof Spoofing ARP sql sqli gdsqli Gdork SQLi Scrape net for urls and check if they are prone to SQL injection sql sqli sqlmap SQLmap Just an activation of SQLmap. system mac macc Macchanger Change your MAC address tools search searchht Search hacktools Searchengine for hackingtools wifi accesspoint createap Create an Accesspoint Create an Accesspoint wifi wifi wifiutils WiFi utils Utilities for WiFi, e.g. deauth, WiFi's, clients, probes, etc. 运行
这是一款用 python 写的安全工具集。软件封装于“模块”中。模块主要由纯 Python 代码和第三方程序组成。
主要功能 1) 要使用模块,运行命令 "use [module_call]",例如使用 "use apsniff" 激活模块。 2) 可以使用 "set [parameter] [value]" 更改模块选项。3) 在模块内,可以用命令 "so" 查看选项。
4) 环境设置位于 core/config.ini 中。请在运行程序之前进行调整。
截屏:
Web 界面
控制台运行命令“www”,激活 Flask 服务,即可在浏览器中展示模块。通过 127.0.0.1:5000 访问。
模块会直接加载到 xterm 中。
DEV:可以试一下 SniffHTTP 和 APsniff 模块 - 可在浏览器中定义参数。
Screenshot:
模块列表 CAT: TYPE: CALL: NAME: DESCRIPTION: bruteforce creds changeme Default creds scan Scan IP's for services and try logging in with default credentials (Arthur: ztgrace) bruteforce loginpath adminfinder Admin Finder A Simple script to find admin-paths for webpages. (Arthur: Spaddex) bruteforce rar bfrar BF RAR Bruteforce a RAR file bruteforce ssh bfssh Bruteforce SSH Bruteforce SSH login bruteforce web bfweb Bruteforce weblogin form Bruteforce a weblogin form with word- and passlist bruteforce zip bfzip BF ZIP Bruteforce a ZIP file cracking aut john John the Ripper As you know - kill the hash cracking hash hashid Identify hash Identify a hash cracking wpa crackwpa Crack WPA 4-way handshake Gather WPA 4-way handshake from accesspoint and crack it exploit browser browserpwn Browser Autopwn2 This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com) exploit search exploitdb Exploitdb Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu) mail sin mspoofcheck Spoofcheck email domain Check if a domain can be spoofed for e.g. emailing monitor arp arpmon ARP monitor alert Monitor ARP table and alert for changes monitor ip ipmon IP monitor alert Monitor IP's and alert for changes other settings settings Change settings Change your environment settings, e.g. interface pentesting niptt sparta SPARTA SPARTA is a python GUI application which simplifies network infrastructure penetration testing. phishing ap etphis Ewil Twin phishing Create a Evil Twin and redirect user to fake password page. phishing webpage webphis Webpage phishing Run a local flask server with phishing pages. recon dns dig Domain info groper Using dig command you can query DNS name servers for your DNS lookup related tasks recon dns dnsmap dnsmap DNS Network Mapper. Enumeration and bruteforcing. recon dns dnsrecon dnsrecon Multiple DNS recon abilities. router framework rsploit Routersploit Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security) scan sin lanscan Lan scan Scan local net - recon sniff aut apsniff AP sniff Create AP and sniff HTTPS and avoid HSTS + Beef sniff http sniffhttp Sniff HTTP Sniff HTTP packages. Extract username and passwords from traffic. sniff sin bettercap Bettercap Bettercap integration for sniffing packets and bypass HSTS and HTTPS socialeng instagram instabot Instagram bot Instagram bot for performing various activities (Arthur: LevPasha) spoof arp arpspoof ARP spoof Spoofing ARP sql sqli gdsqli Gdork SQLi Scrape net for urls and check if they are prone to SQL injection sql sqli sqlmap SQLmap Just an activation of SQLmap. system mac macc Macchanger Change your MAC address tools search searchht Search hacktools Searchengine for hackingtools wifi accesspoint createap Create an Accesspoint Create an Accesspoint wifi wifi wifiutils WiFi utils Utilities for WiFi, e.g. deauth, WiFi's, clients, probes, etc. 运行
运行前: 1. 调整 core/config.ini.default 中的环境选项。 2. 将 core/config.ini.default 重命名为 core/config.ini 。
开启终端: python3 wmd.py
使用单独的模块: python3 wmd.py -m [CALL]开启 web 服务: python3 wmd.py -w
不检查依赖运行: python3 wmd.py -nc
环境要求: linux 系统 Python3 Python 库的要求位于 requirements.txt 可选项 tools/software/GIT:这些模块需要时会通知你,并不会运行
GIT: Admin-Finder Aircrack-ng Airomon-ng Airodump-ng Airolib-ng Arp Arpspoof Beef Bettercap GIT: changeme CrackMapExec Create_ap Dig Dnsmap GIT: Dnsrecon GIT: Exploitdb GIT: Hashid Hostapd GIT: Instabot John the Ripper Nmap GIT: Routersploit SPARTA GIT: Spoofcheck GIT: XSSER 部署 项目结构 core --> 核心文件中使用了所有的代码。 files --> 静态文件,密码列表等。 logs --> 用于保存日志的标准文件夹。 modules --> 包括各种模块。 tmp --> 你猜呢 tools --> GIT 工具。 www --> webserver 的文件。 新模块可以在 modules/module_template.py 中检查模板。
添加模块Run python3 wmd.py -a modulePathName.py