Windows>> APT>> 返回
项目作者: praneth-sai

项目描述 :
Automated Penetration Testing
高级语言: Python
项目地址: git://github.com/praneth-sai/APT.git
创建时间: 2019-12-16T11:13:18Z
项目社区:https://github.com/praneth-sai/APT
开源协议:
下载


apt-logo

Summary

This application automates most of the penetration testing tasks using the command line. It automates information gathering of DNS, e-mails, WHOIS, files, social media (Using Google Dorking), scans for live hosts, port scanning, vulnerability assessment as per OWASP standards, brute-force attacks, and scans for Website security as well.

This application can be used only on “Kali Linux”, it will not work on other Linux versions unless you install all the required tools manually.

How it works

APT uses Python to create an automated framework to use industry standard tools (such as preinstalled kali tools, OWASP ZAP, Nmap etc) to perform repeatable, well-designed procedures and creates an easily understandable report, listing vulnerabilities detected within the web application.

Information Gathering

  1.   To get information about a dns:
  2.   $python apt.py --company [YourClientDomainName] -dns
  1.   To get a list of email addresses:
  2.   $python apt.py --company [YourClientDomainName] -emails
  1.   To get information about WHOIS:
  2.   $python apt.py --company [YourClientDomainName] -whois
  1.   To get a list of leaked files on the internet:
  2.   $python apt.py --company [YourClientDomainName] -files
  1.   To get information about your client social media:
  2.   $python apt.py --company [YourClientDomainName] -socialmedia
  1.   To get information about your client using the search engines:
  2.   $python apt.py --company [YourClientDomainName] -websearch

Network Scanning

  1.   To scan for live hosts:
  2.   $python apt.py --company [YourClientDomainName] -ip [NetworkIPAddress/Range] -livehosts
  1.   For Port Scanning:
  2.   $python apt.py --company [YourClientDomainName] -ip [NetworkIPAddress/Range] -portscan

Vulnerability Assessment

  1.   Vulnerability Scan:
  2.   $python apt.py --company [YourClientDomainName] -ip [NetworkIPAddress/Range] -vulns
  1.   To brute-force the services on the client host machine(s):
  2.   $python apt.py --company [YourClientDomainName] -ip [NetworkIPAddress/Range] -bruteforce

Web Application Scan

  1.   To get information about the existence of Web Application Firewall (WAF):
  2.   $python apt.py --company [YourClientDomainName] --url [WebServerUrl] -waf
  1.   To get information about the server SSL/TLS security:
  2.   $python apt.py --company [YourClientDomainName] --url [WebServerUrl] -ssl
  1.   To get information about the webserver load balancing:
  2.   $python apt.py --company [YourClientDomainName] --url [WebServerUrl] -loadbalance
  1.   Web Server Vulnerability Assessment:
  2.   $python apt.py --company [YourClientDomainName] --url [WebServerUrl] -webvulns
  1.   To perform SQLMAP:
  2.   $python apt.py --company [YourClientDomainName] --url [WebServerUrl] -sql

OWASP Scanner using ADAPT Scan the whole web-application as per OWASP standards: $python apt.py --company [YourClientDomainName] -owasp

Credits

This application uses Open Source components. You can find the source code of their open source projects along with license information below. We acknowledge and are grateful to these developers for their contributions to open source.

Project: Adapt https://github.com/secdec/adapt
Licensed under the Apache-2.0 License.

Project: Kali Linux https://www.kali.org/
© OffSec Services Limited 2020 All rights reserved

Author will not be held responsible for any illegal use of the tool. The tool should solely be used for educational purposes or for internal security analysis.
ZAPGettingStartedGuide-2.7_1650373462717.pdf