TIDoS Framework – The Offensive Web Application Penetration Testing Framework

TIDoS Framework is a comprehensive web-app audit framework. let’s keep this simpleHighlights :-The main highlights of this framework is:TIDoS Framework now boasts of a century+ of modules.A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis.Has 5 main phases, subdivided into 14 sub-phases consisting a total of 104 modules.Reconnaissance Phase has 48 modules of its own (including active and passive recon, information disclosure modules).Scanning & Enumeration Phase has got 15 modules (including port scans, WAF analysis, etc)Vulnerability Analysis Phase has 36 modules (including most common vulnerabilites in action).Exploits Castle has only 1 exploit. (purely developmental)And finally, Auxillaries have got 4 modules. under dev.All four phases each have a Auto-Awesome module which automates every module for you.You just need the domain, and leave everything is to this tool.TIDoS has full verbose out support, so you’ll know whats going on.Fully user friendly interaction environment. (no shits)Installation :Clone the repository locally and navigate there:git clone https://github.com/theinfecteddrake/tidos-framework.gitcd tidos-frameworkInstall the dependencies:chmod +x install./installThats it! Now you are good to go! Now lets run the tool:tidosGetting Started :-TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules.But before that, you need to set your own API KEYS for various OSINT purposes. To do so, open up API_KEYS.py under files/ directory and set your own keys and access tokens for SHODAN, CENSYS, FULL CONTACT, GOOGLE and WHATCMS. Public API KEYS and ACCESS TOKENS for SHODAN and WHATCMS have been provided with the TIDoS release itself. You can still add your own… no harm!Finally, as the framework opens up, enter the website name eg. http://www.example.com and let TIDoS lead you. Thats it! Its as easy as that.Recommended: Follow the order of the tool (Run in a schematic way). Reconnaissance ➣ Scanning & Enumeration ➣ Vulnerability Analysis To update this tool, use tidos_updater.py module under tools/ folder.Flawless Features :-TIDoS Framework presently supports the following: and is under active development Reconnaissance + OSINT Passive Reconnaissance: Nping Enumeration Via external APiWhoIS Lookup Domain info gatheringGeoIP Lookup Pinpoint physical locationDNS Configuration Lookup DNSDumpSubdomains Lookup Indexed onesReverse DNS Lookup Host InstancesReverse IP Lookup Hosts on same serverSubnets Enumeration Class BasedDomain IP History IP InstancesWeb Links Gatherer Indexed onesGoogle Search Manual searchGoogle Dorking (multiple modules) AutomatedEmail to Domain Resolver Email WhoIsWayback Machine Lookups Find BackupsBreached Email Check Pwned Email AccountsEnumeration via Google Groups Emails OnlyCheck Alias Availability Social NetworksFind PasteBin Posts Domain BasedLinkedIn Gathering Employees & CompanyGoogle Plus Gathering Domain ProfilesPublic Contact Info Scraping FULL CONTACTCensys Intel Gathering Domain BasedThreat Intelligence Gathering Bad IPsActive Reconnaissance Ping Enumeration AdvancedCMS Detection (185+ CMSs supported) IMPROVEDAdvanced Traceroute IMPROVEDrobots.txt and sitemap.xml CheckerGrab HTTP Headers Live CaptureFind HTTP Methods Allowed via OPTIONSDetect Server Type IMPROVEDExamine SSL Certificate AbsoluteApache Status Disclosure Checks File BasedWebDAV HTTP Enumeration PROFIND & SEARCHPHPInfo File Enumeration via BruteforceComments Scraper Regex BasedFind Shared DNS Hosts Name Server BasedAlternate Sites Discovery User-Agent BasedDiscover Interesting Files via Bruteforce Common Backdoor Locations shells, etc.Common Backup Locations .bak, .db, etc.Common Password Locations .pgp, .skr, etc.Common Proxy Path Configs. .pac, etc.Common Dot Files .htaccess, .apache, etcInformation Disclosure Credit Cards Disclosure If PlaintextEmail Harvester IMPROVEDFatal Errors Enumeration Includes Full Path DisclosureInternal IP Disclosure Signature BasedPhone Number Havester Signature BasedSocial Security Number Harvester US Ones Scanning & Enumeration Remote Server WAF Enumeration Generic 54 WAFsPort Scanning Ingenious Modules Simple Port Scanner via Socket ConnectionsTCP SYN Scan Highly reliableTCP Connect Scan Highly ReliableXMAS Flag Scan Reliable Only in LANsFin Flag Scan Reliable Only in LANsPort Service DetectorWeb Technology Enumeration AbsoluteOperating System Fingerprinting IMPROVEDBanner Grabbing of Services via Open PortsInteractive Scanning with NMap 16 preloaded modulesEnumeration Domain-Linked IPs Using CENSYS DatabaseWeb and Links CrawlersDepth 1 Indexed Uri CrawlerDepth 2 Single Page CrawlerDepth 3 Web Link Crawler Vulnerability Analysis Web-Bugs & Server Misconfigurations Insecure CORS AbsoluteSame-Site Scripting Sub-domain basedZone Transfer DNS Server basedClickjackingFrame-Busting ChecksX-FRAME-OPTIONS Header ChecksSecurity on CookiesHTTPOnly FlagSecure FlagCloudflare Misconfiguration CheckDNS Misconfiguration ChecksOnline Database Lookup For BreachesHTTP Strict Transport Security UsageHTTPS Enabled but no HSTSDomain Based Email SpoofingMissing SPF RecordsMissing DMARC RecordsHost Header InjectionPort Based Over HTTP 80X-Forwarded-For Header InjectionSecurity Headers Analysis Live CaptureCross-Site Tracing HTTP TRACE MethodSession Fixation via Cookie InjectionNetwork Security Misconfig.Checks for TELNET Enabled via Port 23Serious Web Vulnerabilities File InclusionsLocal File Inclusion (LFI) Param basedRemote File Inclusion (RFI) IMPROVED Parameter BasedPre-loaded Path BasedOS Command Injection Linux & Windows (RCE)Path Traversal (Sensitive Paths)Cross-Site Request Forgery AbsoluteSQL InjectionError Based InjectionCookie Value BasedReferer Value BasedUser-Agent Value BasedAuto-gathering IMPROVEDBlind Based Injection Crafted Payloads Cookie Value BasedReferer Value BasedUser-Agent Value BasedAuto-gathering IMPROVEDLDAP Injection Parameter BasedHTML Injection Parameter BasedBash Command Injection ShellShockXPATH Injection Parameter BasedCross-Site Scripting IMPROVED Cookie Value BasedReferer Value BasedUser-Agent Value BasedParameter Value Based ManualUnvalidated URL Forwards Open RedirectPHP Code Injection Windows + LinuxHTTP Response Splitting CRLF Injection User-Agent Value BasedParameter value Based ManualSub-domain Takeover 50+ Services Single Sub-domain ManualAll Subdomains AutomatedOther PlainText Protocol Default Credential Bruteforce FTP Protocol BruteforceSSH Protocol BruteforcePOP 2/3 Protocol BruteforceSQL Protocol BruteforceXMPP Protocol BruteforceSMTP Protocol BruteforceTELNET Protocol Bruteforce Auxillary Modules Hash Generator MD5, SHA1, SHA256, SHA512String & Payload Encoder 7 CategoriesForensic Image Analysis Metadata ExtractionWeb HoneyPot Probability ShodanLabs HoneyScore Exploitation purely developmental ShellShockOther Tools:net_info.py – Displays information about your network. Located under tools/.tidos_updater.py – Updates the framework to the latest release via signature matching. Located under `tools/’.TIDoS In Action:Version:v1.6 [latest release] [#stable]Upcoming:There are some bruteforce modules to be added:Some more of Enumeraton & Information Disclosure modules.Lots more of OSINT & Stuff (let that be a suspense).More of Auxillary Modules.Some Exploits are too being worked on.Known Bugs:This version of TIDoS is purely developmental and is presently stable. There are bugs in resolving the [99] Back at various end-points which results in blind fall-backs. Though I have added global exception handling, still, there maybe bugs out there. Also TIDoS needs to develop more on logging all info displayed on the screen (help needed).Disclaimer:TIDoS is provided as a offensive web application audit framework. It has built-in modules which can reveal potential misconfigurations and vulnerabilties in web applications which could possibly be exploited maliciously.THEREFORE, I AM NOT EXCLUSIVELY RESPONSIBLE FOR ANY MISUSE OF THIS TOOLKIT.Download TIDoS-Framework

Link: http://feedproxy.google.com/~r/PentestTools/~3/dCgUcSrbBrM/tidos-framework-offensive-web.html