Skip to main content

Lockdoor Framework : A Penetration Testing framework

Project description


Lockdoor Pentesting Framework

[~]Tested on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)[~]

!NEWS!


Lockdoor v2.2 is OUT!

Lockdoor is now available on Docker

Lockdoor is now optimized for quick execution

Lockdoor availabe on Redcould ( Soon )

Bugs Fixing for 7 tools

fixing (apt) package manager problems

Versions:

12/2019 : 2.0

  • Information Gathring Tools (21)
  • Web Hacking Tools(15)
  • Reverse Engineering Tools (15)
  • Exploitation Tools (6)
  • Pentesting & Security Assessment Findings Report Templates (6)
  • Password Attack Tools (4)
  • Shell Tools + Blackarch's Webshells Collection (4)
  • Walk Throughs & Pentest Processing Helpers (3)
  • Encryption/Decryption Tools (2)
  • Social Engineering tools (1)
  • All you need as Privilege Escalation scripts and exploits
  • Working on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)

image

Check the Wiki Pages to know more about the tool.

Overview

LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one.

Features

Added value : (what makes it different from other frameworks).

Pentesting Tools Selection:

  • Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
  • what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali,Parrot Os and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
  • Easy Customization: Easily add/remove tools. (Added value)

Resources and cheatsheets: (Added value)

  • Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates (Added value) , Pentesting walkthrough examples and tempales (Added value) and more.

  • Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Lockdoor Tools contents:

Information Gathering:

Tools:

  • dirsearch : A Web path scanner
  • brut3k1t : security-oriented bruteforce framework
  • gobuster : DNS and VHost busting tool written in Go
  • Enyx : an SNMP IPv6 Enumeration Tool
  • Goohak : Launchs Google Hacking Queries Against A Target Domain
  • Nasnum : The NAS Enumerator
  • Sublist3r : Fast subdomains enumeration tool for penetration testers
  • wafw00f : identify and fingerprint Web Application Firewall
  • Photon : ncredibly fast crawler designed for OSINT.
  • Raccoon : offensive security tool for reconnaissance and vulnerability scanning
  • DnsRecon : DNS Enumeration Script
  • sherlock : Find usernames across social networks
  • snmpwn : An SNMPv3 User Enumerator and Attack tool
  • Striker : an offensive information and vulnerability scanner.
  • theHarvester : E-mails, subdomains and names Harvester
  • URLextractor : Information gathering & website reconnaissance
  • denumerator.py : Enumerates list of subdomains
  • other : other Information gathering,recon and Enumeration scripts I collected somewhere.
  • Frameworks: : - ReconDog : Reconnaissance Swiss Army Knife : - RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling : - TIDoS : Offensive Manual Web Application Penetration Testing Framework. : - Dracnmap : Info Gathering Framework

Web Hacking:

Tools:

  • Spaghetti : Spaghetti - Web Application Security Scanner
  • HTTPoxyScan : HTTPoxy Exploit Scanner by 1N3
  • CMSmap : CMS scanner
  • BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
  • J-dorker : Website List grabber from Bing
  • droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
  • ptiva : Web Application Scanne
  • V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
  • Priv8SqliTool : Find Sqli Targets v
  • SqliV : massive SQL injection vulnerability scanner
  • AtScan : Advanced dork Search & Mass Exploit Scanner
  • WPSeku : Wordpress Security Scanner
  • WpBrute : Wordpress BruteForce Tools
  • Wpscan : A simple Wordpress scanner written in python
  • B7S-ToolB0x : Wordpress vulnerability scanner
  • XSStrike : Most advanced XSS scanner.
  • joomscan : Joomla Vulnerability Scanner Project
  • Frameworks: : - Dzjecter : Server checking Tool : - W3af : web application attack and audit framework

Privilege Escalation:

Linux :

  • Scripts :
  • linux_checksec.sh
  • linux_enum.sh
  • linux_gather_files.sh
  • linux_kernel_exploiter.pl
  • linux_privesc.py
  • linux_privesc.sh
  • linux_security_test
  • Linux_exploits folder

Windows :

  • windows-privesc-check.py
  • windows-privesc-check.exe

MySql :

  • raptor_udf.c
  • raptor_udf2.c

Reverse Engineering:

  • Radare2 : unix-like reverse engineering framework
  • VirtusTotal : VirusTotal tools
  • Miasm : Reverse engineering framework
  • Mirror : reverses the bytes of a file
  • DnSpy : .NET debugger and assembly
  • DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
  • Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
  • yara : a tool aimed at helping malware researchers toidentify and classify malware samples
  • Spike : a protocol fuzzer creation kit + audits
  • other : other scripts collected somewhere

Exploitation:

  • Findsploit : Find exploits in local and online databases instantly
  • MassExpConsole : concurrent exploiting
  • Pompem : Exploit and Vulnerability Finder
  • rfix : Python tool that helps RFI exploitation.
  • InUrlBr : Advanced search in search engines
  • linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
  • other : other scripts I collected somewhere.

Shells:

  • WebShells : Webshells Collection
  • ShellSum : A defense tool - detect web shells in local directories
  • Weevely : Weaponized web shell
  • python-pty-shells : Python PTY backdoors

Password Attacks:

  • crunch : a wordlist generator
  • CeWL : a Custom Word List Generator
  • patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

Encryption - Decryption:

  • Codetective : a tool to determine the crypto/encoding algorithm used
  • findmyhash : Python script to crack hashes using online services
  • hashID : Software to identify the different types of hashes

Post Exploitation::

  • TheFatRat : massive exploiting tool

Reverse Engineering:

  • scythe : an accounts enumerator

Lockdoor Resources contents:

Information Gathering:

Crypto:

Exploitation:

Networking:

Password Attacks:

Post Exploitation:

Privilege Escalation:

Pentesting & Security Assessment Findings Report Templates:

Reverse Engineering:

Social Engineering:

Walk Throughs:

Web Hacking:

Other:

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

lockdoor-2.2-py3-none-any.whl (39.7 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page