A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
- Banner Grab
- Whois
- Traceroute
- DNS Record
- Reverse DNS Lookup
- Zone Transfer Lookup
- Port Scan
- Admin Panel Scan
- Subdomain Scan
- CMS Identify
- Reverse IP Lookup
- Subnet Lookup
- Extract Page Links
- Directory Fuzz (NEW)
- File Fuzz (NEW)
- Shodan Search (NEW)
- Shodan Host Lookup (NEW)
- Wordpress
| WPScan
| WPScan Bruteforce
| Wordpress Plugin Vulnerability Checker
Features: // I will add more soon.
| WordPress Woocommerce - Directory Craversal
| Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting
| WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion
| WordPress Plugin Events Calendar - 'event_id' SQL Injection - Auto SQL Injection
Features:
| Union Based
| (Error Output = False) Detection
| Tested on 100+ Websites
- Deface Page
- Password Generator // NEW
- Text To Hash //NEW
This project is managed / enhanced everyday and sorry if it takes a while before another version is published. Well, I'm the only one who is managing this and also I have personal daily activities. This tool is for everyone. So please open an issue if you run into a bug. Well I can only test it in Windows and Kali Linux since that's the only device I have. Also please try the new AUTO SQL Injection that I'm proud of currently. I created a video already on how I created it. Check it out on my Youtube Channel. The WPScan is also checked for Windows and Kali Linux. If you are using other Linux Distro please add wpscan in your ~/.bashrc.
Any Python Version.
$ git clone https://github.com/alex14324/PureBlood
$ cd pureblood
$ pip install -r requirements.txt
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. You can also suggest a feature, just open an issue.
You can also: