Skip to content

Attazy/Project-Strom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
config
config
 
 
core
core
 
 
modules
modules
 
 
utils
utils
 
 
.gitignore
.gitignore
 
 
ADVANCED_UPGRADES.md
ADVANCED_UPGRADES.md
 
 
ANDROID_CHANGELOG.txt
ANDROID_CHANGELOG.txt
 
 
ANDROID_QUICK_REFERENCE.txt
ANDROID_QUICK_REFERENCE.txt
 
 
ANDROID_TESTING_GUIDE.md
ANDROID_TESTING_GUIDE.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
COMPLETION_SUMMARY.txt
COMPLETION_SUMMARY.txt
 
 
INSTALL.md
INSTALL.md
 
 
INSTALL_GUIDE.md
INSTALL_GUIDE.md
 
 
PUSH_TO_GITHUB.md
PUSH_TO_GITHUB.md
 
 
QUICK_REFERENCE_ADVANCED.md
QUICK_REFERENCE_ADVANCED.md
 
 
README.md
README.md
 
 
README_ANDROID.md
README_ANDROID.md
 
 
READY_FOR_GITHUB.txt
READY_FOR_GITHUB.txt
 
 
UPDATE_DEPENDENCIES.md
UPDATE_DEPENDENCIES.md
 
 
UPGRADE_COMPLETE_SUMMARY.md
UPGRADE_COMPLETE_SUMMARY.md
 
 
UPGRADE_SUCCESS.txt
UPGRADE_SUCCESS.txt
 
 
art.py
art.py
 
 
init.py
init.py
 
 
keylogger.py
keylogger.py
 
 
requirements.txt
requirements.txt
 
 
strom.log
strom.log
 
 
strom.py
strom.py
 
 
test_android_module.py
test_android_module.py
 
 
test_dependencies.py
test_dependencies.py
 
 

Repository files navigation

Security Testing & Research Offensive Methodology

Advanced Penetration Testing Framework v3.0

Python 3.8+ License: MIT Version

⚠️ LEGAL DISCLAIMER

For AUTHORIZED security testing ONLY! Unauthorized access is illegal. Get written permission before testing. User is responsible for all actions.

🚀 Quick Installation

git clone https://github.com/Attazy/strom.git
cd strom
python3 -m venv venv
source venv/bin/activate  # Linux/Mac | venv\Scripts\activate for Windows
pip install -r requirements.txt
python3 strom.py

📋 Core Modules

[1] 🔍 Reconnaissance - 22 Features

DNS, WHOIS, Port Scanning (65+ ports), Subdomain Enumeration (244+ wordlist), SSL/TLS Analysis, WAF Detection, ASN/BGP Lookup, Certificate Transparency, OSINT Social Media (16+ platforms), Threat Intelligence (10+ sources), Cloud Detection

[2] 🌐 Web Scanner

CMS detection, Security headers, Form testing, Directory bruteforce, API discovery

[3] 💣 Exploitation Engine

SQL Injection, RCE, XSS, LFI, SSRF, XXE, Template Injection, Deserialization

[4] 🛡️ WAF Bypass

Auto-detect WAF, 20+ bypass techniques, Payload obfuscation

[5] 🔓 Post-Exploitation

Privilege escalation, Persistence, Network pivoting, Keylogger, File exfiltration

[6] 🔧 Utilities

Encoder/Decoder, Hash cracker, Password generator, Port scanner

[7] 📊 Reporting

HTML, PDF, Markdown, JSON reports with risk scoring and CVSS integration

[8] 🎨 Payload Generator

100+ SQL, 50+ RCE, XSS, LFI, XXE, SSRF payloads

[9] 📱 Android Remote Access

APK generation, Remote control, SMS/Call interception, Location tracking

🎯 Quick Start

python3 strom.py
# Select [1] Reconnaissance → Enter target → Choose features → Export results

Workflows:

  • Quick (5 min): DNS → WHOIS → Port Scan
  • Standard (15 min): Full Reconnaissance
  • Deep (30+ min): Full Recon + Advanced Features

⚙️ Configuration (Optional)

Edit config.yaml to enable API integrations:

api_keys:
  shodan: "YOUR_KEY"      # Get free at account.shodan.io
  censys_id: "YOUR_ID"    # Get free at censys.io

All features work without API keys.

📚 Documentation

📜 License

MIT License - Commercial use, modification, and distribution allowed. See LICENSE for details.

🌩️ STROM - Security Testing Reconnaissance Offensive Module

Made with ❤️ by Attazy | Version 3.0.0 | January 2026

XXE, SSRF Copy-paste ready [9] 📱 Android Remote Access ⚡ NEW Remote control Android devices

QR code deployment • No Metasploit required! • Screen mirror • Camera • SMS • Location • File browser

About

Project Offensive Security

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages