PenBox: An Automated Pentesting Framework

PenBox – A Penetesting Framework

The Penetration Testing Framework, PenBox, is in the last version. It will have every script that a hacker needs, including:

Information Gathering

• Nmap
• Setoolkit
• Port Scanning
• Host To IP
• WordPress user enumeration
• CMS scanner
• XSStracer - checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection
• Doork - Google Dorks Passive Vulnerability Auditor

Password Attacks

• Cupp
• Ncrack

Wireless Testing

• reaver
• pixiewps

Exploitation Tools

• Venom
• SQLmap
• Shellnoob
• commix
• FTP Auto Bypass
• jboss-autopwn

Sniffing & Spoofing

• Setoolkit
• SSLtrip
• pyPISHER
• SMTP Mailer

Web Hacking

• Drupal Hacking
• Inurlbr
• WordPress & Joomla Scanner
• Gravity Form Scanner
• File Upload Checker
• WordPress Exploit Scanner
• WordPress Plugins Scanner
• Shell and Directory Finder
• Joomla! 1.5 - 3.4.5 remote code execution
• Vbulletin 5.X remote code execution
• BruteX - Automatically brute force all services running on a target

Private Tools

• Get all websites
• Get Joomla websites
• Get WordPress websites
• Find control panel
• Find zip files
• Find upload files
• Get server users
• Scan from SQL injection
• Scan ports (range of ports)
• Scan ports (common ports)
• Get server banner
• Bypass Cloudflare

Post Exploitation

• Shell Checker
• POET

Recon

• Sniper

Installation

Git clone: https://github.com/x3omdax/PenBox.git