A security framework for testing web applications.
Project description
LolyFramework
LolyFramework is a security testing framework designed to make it easier for penetration testers and security enthusiasts to find vulnerabilities in web applications. It offers a variety of tools for subdomain enumeration, URL discovery, vulnerability checking, and more, all in one place.
Features:
- Subdomain enumeration
- URL enumeration
- Vulnerability scanning (XSS, SQL injection, etc.)
- Web scanning and security checking
- Admin panel finder
- Port scanning
- DDoS simulation
Getting Started
Prerequisites
Before you begin, ensure you have the following installed on your system:
- Python 3.6 or higher
- Libraries listed in
requirements.txt(these can be installed using the instructions below)
PyPI Installation (Recommended)
- Alternatively, you can install the framework globally via PyPI:
sudo pip install loly-framework
- After installation, you can simply run the framework using
loly
Installation
Clone the repository to your local machine:
git clone https://github.com/hemaabokila/loly_framework
- Navigate to the project directory:
cd loly-framework
- Install the required dependencies:
pip install -r requirements.txt
- Run the framework:
python3 main.py
- Alternatively, to install the framework globally and run it directly using the command loly, you can use:
sudo pip install .
- After installation, simply run the framework with:
loly
Usage
Once the framework is running, you can use the following commands within the framework:
List of Tools
| Tool Name | Description | Example Command |
|---|---|---|
| subdomain | Subdomain Enumeration | run subdomain example.com >> subdomains.txt |
| enumurl | URL Enumeration | run enumurl http://example.com >> urls.txt |
| pf | URL Vulnerability Checker | run pf urls.txt >> vulnerabilities_report.txt |
| scanall | Security Checker | run scanall urls.txt >> security_report.txt |
| webscan | Comprehensive Web Scanner | run webscan urls.txt >> webscan_report.txt |
| adminp | Admin Panel Finder | run adminp http://example.com >> adminpanels.txt |
| portscan | Port Scanner | run portscan example.com >> ports.txt |
| ddos | DDoS Simulation | run ddos 192.168.1.1 |
Example Usage
To enumerate subdomains of example.com and save the output to a file:
run subdomain example.com >> subdomains.txt
To perform a full vulnerability check on URLs stored in a file urls.txt:
run scanall urls.txt >> security_report.txt
Commands Overview
- run: Executes a specific tool against a target.
- Usage: run <tool_name> [>> <output_file>]
- exit: Exits the framework.
- help: Displays detailed information about available commands and tools.
Available Tools
Subdomain Enumeration
- Find subdomains associated with a domain.
run subdomain <domain> [>> <output_file>]
URL Enumeration
- Enumerate URLs on a specified domain.
run enumurl <url> [>> <output_file>]
Vulnerability Checker
- Check URLs for common vulnerabilities like XSS or SQL injection.
run pf <urls_file> [>> <output_file>]
Security Checker
- Run a comprehensive security scan on a list of URLs.
run scanall <urls_file> [>> <output_file>]
Web Scanner
- Perform detailed security scanning on web applications.
run webscan <urls_file> [>> <output_file>]
Admin Panel Finder
- Scan for admin panel URLs on the target.
run adminp <url> [>> <output_file>]
Port Scanner
- Scan open ports on a target domain or IP.
run portscan <url_or_ip> [>> <output_file>]
DDoS Simulation
- Simulate a distributed denial-of-service (DDoS) attack.
run ddos <ip_address>
License
This project is licensed under the MIT License - see the LICENSE file for details.
Contact
Developed by Ibrahem Abo Kila
-
For any issues or inquiries, feel free to contact me:
-
Email: ibrahemabokila@gmail.com
-
GitHub: hemaabokila
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file loly_framework-1.0.0.tar.gz.
File metadata
- Download URL: loly_framework-1.0.0.tar.gz
- Upload date:
- Size: 843.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cd32086b5f9c07843d50e74b5a5467cba3a2d55ebd9aa4fe75ef13313b79f356
|
|
| MD5 |
73bc7b6c5a49d80a8c78541e8c303f53
|
|
| BLAKE2b-256 |
d9a8a01149a86c4d62949df188145805a18b52ad69ecd0aa9a52f47f773c3f86
|
File details
Details for the file loly_framework-1.0.0-py3-none-any.whl.
File metadata
- Download URL: loly_framework-1.0.0-py3-none-any.whl
- Upload date:
- Size: 18.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
812a6ca2837d1b49864652b1bbcf1b5b2a2d0524e168a2b3805d0ad21095fdb4
|
|
| MD5 |
6bd3d239c0f08828af8495244cbd8ba8
|
|
| BLAKE2b-256 |
521a8c7f023279b89cac0e2a0249e201da3582c9f4de5e40ad854af8e4a9eeb3
|