Home
LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one.
Added value : (what makes it different from other frameworks).
- Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
- what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali,Parrot Os and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
- Easy Customization: Easily add/remove tools. (Added value)
- Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates (Added value) , Pentesting walkthrough examples and tempales (Added value) and more.
- Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.
- Tools:
- dirsearch : A Web path scanner
- brut3k1t : security-oriented bruteforce framework
- gobuster : DNS and VHost busting tool written in Go
- Enyx : an SNMP IPv6 Enumeration Tool
- Goohak : Launchs Google Hacking Queries Against A Target Domain
- Nasnum : The NAS Enumerator
- Sublist3r : Fast subdomains enumeration tool for penetration testers
- wafw00f : identify and fingerprint Web Application Firewall
- Photon : ncredibly fast crawler designed for OSINT.
- Raccoon : offensive security tool for reconnaissance and vulnerability scanning
- DnsRecon : DNS Enumeration Script
- Reconnoitre : multithreaded information gathering and service enumeratio tool
- sherlock : Find usernames across social networks
- snmpwn : An SNMPv3 User Enumerator and Attack tool
- Striker : an offensive information and vulnerability scanner.
- theHarvester : E-mails, subdomains and names Harvester
- URLextractor : Information gathering & website reconnaissance
- denumerator.py : Enumerates list of subdomains
- other : other Information gathering,recon and Enumeration scripts I collected somewhere.
- Frameworks:
- ReconDog : Reconnaissance Swiss Army Knife
- RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling
- TIDoS : Offensive Manual Web Application Penetration Testing Framework.
- Dracnmap : Info Gathering Framework
- Tools:
- Spaghetti : Spaghetti - Web Application Security Scanner
- HTTPoxyScan : HTTPoxy Exploit Scanner by 1N3
- CMSmap : CMS scanner
- BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
- PyFiScan : web-application vulnerability and version scanner
- J-dorker : Website List grabber from Bing
- droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
- ptiva : Web Application Scanne
- V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
- Priv8SqliTool : Find Sqli Targets v
- SqliV : massive SQL injection vulnerability scanner
- AtScan : Advanced dork Search & Mass Exploit Scanner
- ToolB0x : penetration testing and information gathering!
- WPSeku : Wordpress Security Scanner
- WpBrute : Wordpress BruteForce Tools
- Wpscan : A simple Wordpress scanner written in python
- B7S-ToolB0x : Wordpress vulnerability scanner
- XSStrike : Most advanced XSS scanner.
- joomscan : Joomla Vulnerability Scanner Project
- Frameworks:
- Dzjecter : Server checking Tool
- W3af : web application attack and audit framework
- Tools:
- Linux :
- Scripts :
- linux_checksec.sh
- linux_enum.sh
- linux_gather_files.sh
- linux_kernel_exploiter.pl
- linux_privesc.py
- linux_privesc.sh
- linux_security_test
- Linux_exploits folder
- Windows :
- windows-privesc-check.py
- windows-privesc-check.exe
- MySql :
- raptor_udf.c
- raptor_udf2.c
- Radare2 : unix-like reverse engineering framework
- VirtusTotal : VirusTotal tools
- Miasm : Reverse engineering framework
- Mirror : reverses the bytes of a file
- DnSpy : .NET debugger and assembly
- DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
- Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
- yara : a tool aimed at helping malware researchers toidentify and classify malware samples
- Spike : a protocol fuzzer creation kit + audits
- other : other scripts collected somewhere
- Findsploit : Find exploits in local and online databases instantly
- MassExpConsole : concurrent exploiting
- Pompem : Exploit and Vulnerability Finder
- rfix : Python tool that helps RFI exploitation.
- InUrlBr : Advanced search in search engines
- linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
- other : other scripts I collected somewhere.
- WebShells : Webshells Collection
- ShellSum : A defense tool - detect web shells in local directories
- Weevely : Weaponized web shell
- python-pty-shells : Python PTY backdoors
- crunch : a wordlist generator
- CeWL : a Custom Word List Generator
- patator : a multi-purpose brute-forcer, with a modular design and a flexible usage
- Codetective : a tool to determine the crypto/encoding algorithm used
- findmyhash : Python script to crack hashes using online services
- hashID : Software to identify the different types of hashes
- -Tools :
- TheFatRat : massive exploiting tool
- scythe : an accounts enumerator
- Cheatsheet_SMBEnumeration
- configuration_management
- dns_enumeration
- file_enumeration
- http_enumeration
- information_gathering_owasp_guide
- miniserv_webmin_enumeration
- ms_sql_server_enumeration
- nfs_enumeration
- osint_recon_ng
- passive_information_gathering
- pop3_enumeration
- ports_emumeration
- rpc_enumeration
- scanning
- smb_enumeration
- smtp_enumeration
- snmb_enumeration
- vulnerability_scanning
- auxiliary_info.md
- Cheatsheet_ApacheSSL
- Cheatsheet_AttackingMSSQL
- Cheatsheet_DomainAdminExploitation
- Cheatsheet_SQLInjection
- Cheatsheet_VulnVerify.txt
- code-execution-reverse-shell-commands
- file_upload.md
- html5_cheat_sheet
- jquery_cheat_sheet_1.3.2
- sqli
- sqli_cheatsheet
- sqli-quries
- sqli-tips
- web_app_security
- web_app_vulns_Arabic
- Xss_1
- Xss_2
- xss_actionscript
- xxe
