Skip to main content

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Project description

AutoPWN Suite

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

GitHub top language Lines of code Repo Size Tests GitHub issues GitHub closed issues GitHub Repo stars Banner

Features

  • Fully automatic!
  • Detect network IP range without any user input.
  • Vulnerability detection based on version.
  • Web app vulnerability testing. (LFI, XSS, SQLI)
  • Web app dirbusting.
  • Get information about the vulnerability right from your terminal.
  • Automatically download exploit related with vulnerability.
  • Noise mode for creating a noise on the network.
  • Evasion mode for being sneaky.
  • Automatically decide which scan types to use based on privilege.
  • Easy to read output.
  • Specify your arguments using a config file.
  • Send scan results via webhook or email.
  • Works on Windows, MacOS and Linux.
  • Use as a module!

How does it work?

AutoPWN Suite uses nmap TCP-SYN scan to enumerate the host and detect the version of softwares running on it. After gathering enough information about the host, AutoPWN Suite automatically generates a list of "keywords" to search NIST vulnerability database.

Visit "PWN Spot!" for more information.

Demo

AutoPWN Suite has a very user friendly easy to read output.

asciicast

Installation

You can install it using pip. (sudo recommended)

sudo pip install autopwn-suite

OR

You can clone the repo.

git clone https://github.com/GamehunterKaan/AutoPWN-Suite.git
cd AutoPWN-Suite
sudo pip install -r requirements.txt

OR

You can download debian (deb) package from releases.

sudo pip install requests rich python-nmap bs4 distro
sudo apt-get install ./autopwn-suite_2.1.5.deb

OR

If you are on Arch Linux based system you can install python-autopwn-suite package using AUR helper of your choice.

OR

You can use Google Cloud Shell.

Open in Cloud Shell

Usage

Running with root privileges (sudo) is always recommended.

Automatic mode

autopwn-suite -y

Help Menu

$ autopwn-suite -h

usage: autopwn.py [-h] [-v] [-y] [-c CONFIG] [-nc] [-t TARGET] [-hf HOST_FILE] [-sd] [-st {arp,ping}] [-nf NMAP_FLAGS] [-s {0,1,2,3,4,5}] [-ht HOST_TIMEOUT] [-a API] [-m {evade,noise,normal}] [-nt TIMEOUT]
                  [-o OUTPUT] [-ot {html,txt,svg}] [-rp {email,webhook}] [-rpe EMAIL] [-rpep PASSWORD] [-rpet EMAIL] [-rpef EMAIL] [-rpes SERVER] [-rpesp PORT] [-rpw WEBHOOK]

AutoPWN Suite | A project for scanning vulnerabilities and exploiting systems automatically.

options:
  -h, --help            show this help message and exit
  -v, --version         Print version and exit.
  -y, --yes-please      Don't ask for anything. (Full automatic mode)
  -c CONFIG, --config CONFIG
                        Specify a config file to use. (Default : None)
  -nc, --no-color       Disable colors.

Scanning:
  Options for scanning

  -t TARGET, --target TARGET
                        Target range to scan. This argument overwrites the hostfile argument. (192.168.0.1 or 192.168.0.0/24)
  -hf HOST_FILE, --host-file HOST_FILE
                        File containing a list of hosts to scan.
  -sd, --skip-discovery
                        Skips the host discovery phase.
  -st {arp,ping}, --scan-type {arp,ping}
                        Scan type.
  -nf NMAP_FLAGS, --nmap-flags NMAP_FLAGS
                        Custom nmap flags to use for portscan. (Has to be specified like : -nf="-O")
  -s {0,1,2,3,4,5}, --speed {0,1,2,3,4,5}
                        Scan speed. (Default : 3)
  -ht HOST_TIMEOUT, --host-timeout HOST_TIMEOUT
                        Timeout for every host. (Default :240)
  -a API, --api API     Specify API key for vulnerability detection for faster scanning. (Default : None)
  -m {evade,noise,normal}, --mode {evade,noise,normal}
                        Scan mode.
  -nt TIMEOUT, --noise-timeout TIMEOUT
                        Noise mode timeout.

Reporting:
  Options for reporting

  -o OUTPUT, --output OUTPUT
                        Output file name. (Default : autopwn.log)
  -ot {html,txt,svg}, --output-type {html,txt,svg}
                        Output file type. (Default : html)
  -rp {email,webhook}, --report {email,webhook}
                        Report sending method.
  -rpe EMAIL, --report-email EMAIL
                        Email address to use for sending report.
  -rpep PASSWORD, --report-email-password PASSWORD
                        Password of the email report is going to be sent from.
  -rpet EMAIL, --report-email-to EMAIL
                        Email address to send report to.
  -rpef EMAIL, --report-email-from EMAIL
                        Email to send from.
  -rpes SERVER, --report-email-server SERVER
                        Email server to use for sending report.
  -rpesp PORT, --report-email-server-port PORT
                        Port of the email server.
  -rpw WEBHOOK, --report-webhook WEBHOOK
                        Webhook to use for sending report.

Module usage

from autopwn_suite.api import AutoScanner

scanner = AutoScanner()
json_results = scanner.scan("192.168.0.1")
scanner.save_to_file("autopwn.json")

TODO

Do you have a cool feature idea? Create a feature request!

  • 23 Completed.
  • Function to brute force common services like ssh, vnc, ftp.
  • GUI interface.
  • Daemon mode.

Contributing to AutoPWN Suite

I would be glad if you are willing to contribute this project. I am looking forward to merge your pull request unless its something that is not needed or just a personal preference. Also minor changes and bug fixes will not be merged. Please create an issue for those and I will do it myself. Click here for more info!

Legal

You may not rent or lease, distribute, modify, sell or transfer the software to a third party. AutoPWN Suite is free for distribution, and modification with the condition that credit is provided to the creator and not used for commercial use. You may not use software for illegal or nefarious purposes. No liability for consequential damages to the maximum extent permitted by all applicable laws.

Support or Contact

Having trouble using this tool? You can reach me out on discord, create an issue or create a discussion!

Support & Hire Me!

If you want to support my work and also get your job done you can hire me on Fiverr! I do various things such as website pentesting, python programming, cleaning malware, PC optimization, file recovery and mentoring.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

autopwn-suite-2.1.5.tar.gz (40.4 kB view details)

Uploaded Source

Built Distribution

autopwn_suite-2.1.5-py3-none-any.whl (42.9 kB view details)

Uploaded Python 3

File details

Details for the file autopwn-suite-2.1.5.tar.gz.

File metadata

  • Download URL: autopwn-suite-2.1.5.tar.gz
  • Upload date:
  • Size: 40.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.1 CPython/3.9.2

File hashes

Hashes for autopwn-suite-2.1.5.tar.gz
Algorithm Hash digest
SHA256 bed7d9afdf2fa46b8692e3b940d5c08b8583eb36a492ce942ddb68b400ac4726
MD5 f0b53b36901f87b689636f780186bb44
BLAKE2b-256 32446b9639902986f5d9231a68c812b6dfeaa5dcc5fd7815078a7df1d10faaf0

See more details on using hashes here.

File details

Details for the file autopwn_suite-2.1.5-py3-none-any.whl.

File metadata

File hashes

Hashes for autopwn_suite-2.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 430b2095b565f19527a337443663c194767065036fb97a8eb934adadc4892277
MD5 595e6cbfb08101578fdee49f4b73a0dc
BLAKE2b-256 93015f8a85e26045ceb0d30d83796e3b66e7ec37d001a484db661a79f180b2ca

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page