|
|
PTF 的选项:
- -------------------------------------------------------------------------------------
- | Global Option |
- -------------------------------------------------------------------------------------
- | Command Description |
- |-----------------------------------------------------------------------------------|
- | show modules | Look this modules |
- | show options | Show Current Options Of Selected Module |
- | ipconfig | Network Informasion |
- | shell | Execution Command Shell >[ctrl+C exit shell ] |
- | use | Select Tipe Module For Use |
- | set | Select Modules For Use |
- | run | Excute modules |
- | update | Update Pentest Framework |
- | banner | PTF Banner |
- | about | Informasion Tools |
- | credits | Credits && Thanks |
- | clear | Clean Pentest input/output |
- | exit | Exit the progam |
- -------------------------------------------------------------------------------------
模块:
- +-----------------------------------------------------------------------------------------------------------------------------------+
- | EXPLOITS |
- -------------------------------------------------------------------------------------------------------------------------------------
- | COMMANDS Rank Description |
- -------------------------------------------------------------------------------------------------------------------------------------
- | exploit/abrt_privilege_escalation | normal | ABRT - sosreport Privilege Escalation |
- | exploit/web_delivery | good | Script Web Delivery |
- | exploit/apache | good | Apache exploit |
- | exploit/shellshock | good | cgi-bin/vulnerable shellshock |
- | exploit/davtest | good | Testing tool for webdav server |
- | exploit/auto_sql | good | auto with sqlmap |
- | exploit/ldap_buffer_overflow | normal | Apache module mod_rewrite LDAP protocol Buffer Overflow |
- | exploit/vbulletin_rce | good | vBulletin 5.x 0day pre-quth RCE exploit |
- | exploit/cmsms_showtime2_rce | normal | CMS Made Simple (CMSMS) Showtime2 File Upload RCE |
- | exploit/awind_snmp_exec | good | AwindInc SNMP Service Command Injection |
- | exploit/webmin_packageup_rce | excellent | Webmin Package Updates Remote Command Execution |
- | exploit/samsung_knox_smdm_url | good | Samsung Galaxy KNOX Android Browser RCE |
- | exploit/cisco_dcnm_upload_2019 | excellent | Cisco Data Center Network Manager Unauthenticated Remote Code Execution |
- | exploit/zenworks_configuration | excellent | Novell ZENworks Configuration Management Arbitrary File Upload |
- | exploit/cisco_ucs_rce | excellent | Cisco UCS Director Unauthenticated Remote Code Execution |
- | exploit/sonicwall | normal | Sonicwall SRA <= v8.1.0.2-14sv remote exploit |
- | exploit/bluekeep | good | cve 2019 0708 bluekeep rce |
- | exploit/eternalblue | good | MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption |
- | exploit/inject_html | normal | Inject Html code in all visited webpage |
- | exploit/robots | normal | robots.txt Detected |
- | exploit/jenkins_script_console | good | Jenkins-CI Script-Console Java Execution |
- | exploit/php_thumb_shell_upload | good | php shell uploads |
- | exploit/cpanel_bruteforce | normal | cpanel bruteforce |
- | exploit/cms_rce | normal | CMS Made Simple 2.2.7 - (Authenticated) Remote Code Execution |
- | exploit/joomla_com_hdflayer | manual | joomla exploit hdflayer |
- | exploit/wp_symposium_shell_upload | good | symposium shell upload |
- | exploit/joomla0day_com_myngallery | good | exploits com myngallery |
- | exploit/jm_auto_change_pswd | normal | vulnerability |
- | exploit/android_remote_access | expert | Remote Acces Administrator (RAT) |
- | exploit/power_dos | manual | Denial Of Service |
- | exploit/tp_link_dos | normal | TP_LINK DOS, 150M Wireless Lite N Router, Model No. TL-WR740N |
- | exploit/joomla_com_foxcontact | high | joomla foxcontact |
- | exploit/joomla_simple_shell | high | joomla simple shell |
- | exploit/joomla_comfields_sqli_rce | high | Joomla Component Fields SQLi Remote Code Execution |
- | exploit/inject_javascript | normal | Inject Javascript code in all visited webpage |
- | exploit/dns_bruteforce | high | Dns Bruteforce with nmap |
- | exploit/dos_attack | normal | hping3 dos attack |
- | exploit/shakescreen | high | Shaking Web Browser content |
- | exploit/bypass_waf | normal | bypass WAf |
- | exploit/enumeration | high | simple enumeration |
- | exploit/restrict_anonymous | normal | obtain credentials |
- | exploit/openssl_heartbleed | high | dump openssl_heartbleed |
- | exploit/samba | good | Samba EXploits |
- | exploit/smb | good | Albitary samba exploit |
- | exploit/webview_addjavascriptinterface | good | Android Browser and WebView addJavascriptInterface Code Execution |
- -------------------------------------------------------------------------------------------------------------------------------------
扫描器:
- +------------------------------------------------------------------------------------------------------------------------------------+
- | SCANNERS |
- --------------------------------------------------------------------------------------------------------------------------------------
- | COMMANDS Rank Description |
- --------------------------------------------------------------------------------------------------------------------------------------
- | scanner/enumiax | good | protocol username enumeration |
- | scanner/wordpress_user_dislosure | normal | wordpress 5.3 User Disclosure |
- | scanner/botnet_scanning | normal | Bootnet Scanning, first need to find the botnet IP |
- | scanner/check_ssl_certificate | normal | SSL Certificate |
- | scanner/http_services | normal | Gather page titles from HTTP services |
- | scanner/dnsrecon | normal | Record enumeration |
- | scanner/sslscan | normal | SSL Scanner |
- | scanner/ssl_cert | normal | Nmap script ssl-cert |
- | scanner/dns_zone_transfer | normal | Dns Zone transfer |
- | scanner/dns_bruteforce | normal | Dns Bruteforce |
- | scanner/zone_walking | normal | Zone walking |
- | scanner/web_services | normal | Get HTTP headers of web services |
- | scanner/http_enum | normal | Find web apps from known paths |
- | scanner/ddos_reflectors | normal | Scan for UDP DDOS reflectors |
- | scanner/grabbing_detection | normal | Lighter banner grabbing detection |
- | scanner/discovery | normal | Scan selected ports - ignore discovery |
- | scanner/bluekeep | good | CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check |
- | scanner/drupal_scan | good | drupal scanner |
- | scanner/eternalblue | good | SMB RCE Detection |
- | scanner/header | good | header Scanner with nmap |
- | scanner/firewalk | good | firewalk |
- | scanner/whois | high | whois |
- | scanner/dmitry | good | Information Gathering Tool |
- | scanner/admin_finder | normal | Admin finder |
- | scanner/heartbleed | normal | heartbleed scanner vulnerability |
- | scanner/wordpress_scan | normal | wordpress scanner |
- | scanner/ssl_scanning | good | SSL Vulnerability Scanning |
- | scanner/dns_bruteforce | normal | dns bruteforce |
- | scanner/nmap_scanner | normal | port scanners nmap |
- | scanner/https_discover | normal | https discover |
- | scanner/smb_scanning | good | scan vulnerable SMB server |
- | scanner/joomla_vulnerability_scanners | high | vulnerability |
- | scanner/mysql_empty_password | good | mysql empty password Detected |
- | scanner/joomla_scanners_v.2 | good | joomla scaning |
- | scanner/joomla_scanners_v3 | normal | joomla scaning |
- | scanner/jomscan_v4 | good | scan joomla |
- | scanner/webdav_scan | normal | webdav scan vulnerable |
- | scanner/joomla_sqli_scanners | high | vulnerability scanners |
- | scanner/lfi_scanners | good | lfi bug scan |
- | scanner/port_scanners | manual | port scan |
- | scanner/dir_search | high | directory webscan |
- | scanner/dir_bruteforce | good | directory Scanning |
- | scanner/wordpress_user_scan | good | get wordpress username |
- | scanner/cms_war | high | FULL SCAN ALL WEBSITES |
- | scanner/usr_pro_wordpress_auto_find | norma | find user vulnerability |
- | scanner/nmap_vuln | normal | vulnerability Scanner |
- | scanner/xss_scaner | normal | Detected vulnerability xss |
- | scanner/spaghetti | high | Web Application Security Scanner |
- | scanner/dnslookup | normal | dnslookup scan |
- | scanner/reverse_dns | normal | Reverse Dns Lookup |
- | scanner/domain_map | normal | scanner domain map |
- | scanner/dns_report | normal | dns report |
- | scanner/find_shared_dns | normal | find shared dns |
- | scanner/golismero | normal | scan vulnerability with golismero |
- | scanner/dns_propagation | low | dns propagation |
- | scanner/find_records | normal | find records |
- | scanner/cloud_flare | normal | cloud flare |
- | scanner/extract_links | normal | links extract |
- | scanner/web_robot | normal | web robots scanner |
- | scanner/enumeration | normal | http-enumeration |
- | scanner/ip_locator | good | ip Detected LOcator |
- --------------------------------------------------------------------------------------------------------------------------------------
POST:
- +----------------------------------------------------------------------------------------------------------+
- | POST |
- ------------------------------------------------------------------------------------------------------------
- | COMMANDS Rank Description |
- ------------------------------------------------------------------------------------------------------------
- | post/enumeration | normal | http-enumeration |
- | post/vbulletin | high | exploits |
- | post/wordpress_user_scan | good | scanners |
- | post/dir_search | high | scanners |
- | post/cms_war | high | scanners |
- | post/usr_pro_wordpress_auto_find | normal | scanners |
- | post/android_remote_access | good | exploits |
- | post/samba | good | exploits |
- ------------------------------------------------------------------------------------------------------------
Password:
- +----------------------------------------------------------------------------------------------------------+
- | PASSWORD |
- ------------------------------------------------------------------------------------------------------------
- | COMMANDS Rank Description |
- ------------------------------------------------------------------------------------------------------------
- | password/base64_decode | good | base64 decode |
- | password/md5_decrypt | good | md5 decrypt |
- | password/sha1_decrypt | good | sha1 decrypt |
- | password/sha256_decrypt | good | sha256 decrypt |
- | password/sha384_decrypt | good | sha384 decrypt |
- | password/sha512_decrypt | good | sha512 decrypt |
- | password/ssh_bruteforce | good | ssh password bruteforce |
- ------------------------------------------------------------------------------------------------------------
监听器:
- +------------------------------------------------------------------------------------------------------------------------------------+
- | LISTENERS MODULES |
- --------------------------------------------------------------------------------------------------------------------------------------
- | COMMANDS Rank Description |
- --------------------------------------------------------------------------------------------------------------------------------------
- | android_meterpreter_reverse_tcp | good | Android Meterpreter, Android Reverse TCP Stager |
- | android_meterpreter_reverse_https | good | Android Meterpreter, Android Reverse HTTPS Stager |
- | java_jsp_shell_reverse_tcp | good | Java JSP Command Shell, Reverse TCP Inline |
- | linux_x64_meterpreter_reverse_https | good | linux/x64/meterpreter_reverse_https |
- | linux_x64_meterpreter_reverse_tcp | good | Linux Meterpreter, Reverse TCP Inline |
- | linux_x64_shell_reverse_tcp | good | Linux Command Shell, Reverse TCP Stager |
- | osx_x64_meterpreter_reverse_https | good | OSX Meterpreter, Reverse HTTPS Inline |
- | osx_x64_meterpreter_reverse_tcp | good | OSX Meterpreter, Reverse TCP Inline |
- | php_meterpreter_reverse_tcp | good | PHP Meterpreter, PHP Reverse TCP Stager |
- | python_meterpreter_reverse_https | good | Python Meterpreter Shell, Reverse HTTPS Inline |
- | python_meterpreter_reverse_tcp | good | python/meterpreter_reverse_tcp |
- | windows_x64_meterpreter_reverse_https | good | Windows Meterpreter Shell, Reverse HTTPS Inline (x64) |
- | windows_x64_meterpreter_reverse_tcp | good | Windows Meterpreter Shell, Reverse TCP Inline x64 |
- | cmd_windows_reverse_powershell | good | Windows Command Shell, Reverse TCP (via Powershell) |
- +------------------------------------------------------------------------------------------------------------------------------------+
Pentest Tools Framework (PTF) 是一个漏洞数据库,扫描器和渗透测试工具。Pentest 是一个强大的框架包括很多适合初学者的工具。可以探索内核漏洞,网络漏洞。
如何安装 PTF
- root@kali~# cd Pentest-Tools-Framework
- root@kali~# pip install -r requirements.txt
- root@kali~# python install.py
- root@kali~# PTF
运行 install.py 后,应该选择你的 backbox/kali linux /parrot Os ,所有计算机操作系统
关于 PTF 模块
- Exploits:利用软件漏洞并用于对计算机系统进行攻击的计算机程序、代码片段或命令序列。攻击的目的可以是夺取对系统的控制,并破坏其功能!
- Scanners:扫描指定 Internet 资源、归档或网站的程序。网络扫描器还可以扫描开放端口或你的本地网络和 IP!
为什么选择 PTF
- PTF 是一个免费的框架
- 对新人友好的 UI/UX 接口
- 有许多为新手准备的工具
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
窥视卡
雷达卡
发表于 2022-5-7 18:30:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜