๐ก๏ธ Advanced Penetration Testing Framework & Vulnerability Scanner
By using OxTrace, you agree that:
- โ You have explicit written permission to test target systems
- โ You will NOT use this tool for illegal activities
- โ You understand unauthorized access is a criminal offense
- โ You accept FULL RESPONSIBILITY for your actions
- โ Unauthorized access is illegal and punishable by law
OxTrace is a comprehensive penetration testing framework designed for security professionals and ethical hackers. It combines 6+ specialized security testing modules into a single, powerful tool with real-time monitoring and professional reporting.
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ๐ฏ All-in-One โ 6+ specialized testing modules โ
โ ๐ Real-Time โ Live dashboard with progress โ
โ ๐ Professional โ HTML + JSON + Executive reports โ
โ โก High Performance โ Parallel processing up to 100 โ
โ ๐ Stealth Mode โ Proxy & TOR support โ
โ ๐จ Modern UI โ Beautiful terminal interface โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
|
|
# 1๏ธโฃ Clone the repository
git clone https://github.com/infocyn/oxtrace.git
cd oxtrace
# 2๏ธโฃ Install dependencies
pip install -r requirements.txt
# 3๏ธโฃ Verify installation
python oxtrace.py --help|
๐ฎ Interactive Mode (Beginners) python oxtrace.py -iEasy interactive menu:
|
โจ๏ธ Command Line (Advanced) # Full scan
python oxtrace.py -t https://example.com -m full -r html
# Specific modules
python oxtrace.py -t https://example.com -m auth,api,jwt
# JSON report
python oxtrace.py -t https://example.com -m full -r json |
python oxtrace.py [OPTIONS]| Option | Long Form | Description | Example |
|---|---|---|---|
-t |
--target |
Target URL/domain/IP (required) | -t https://example.com |
-m |
--modules |
Comma-separated modules | -m auth,api,jwt |
-r |
--report |
Report format (html/json/executive) | -r html |
-o |
--output |
Output directory | -o ./reports |
-i |
--interactive |
Interactive menu mode | -i |
-v |
--verbose |
Verbose debug output | -v |
--skip-legal |
Skip legal disclaimer | --skip-legal |
|
-h |
--help |
Show help message | -h |
| Code | Module | Description |
|---|---|---|
auth |
Authentication | Login mechanisms and auth security |
api |
API Security | REST/GraphQL API vulnerabilities |
jwt |
JWT Analysis | JWT token security flaws |
upload |
File Upload | File upload vulnerabilities |
session |
Session Management | Session handling and cookies |
crypto |
Cryptography | SSL/TLS and crypto configs |
full |
Full Scan | Run ALL modules (recommended) |
python oxtrace.py \
-t https://target.com \
-m full \
-r html \
-v |
python oxtrace.py \
-t https://api.target.com \
-m api,jwt \
-r json |
python oxtrace.py \
-t https://login.target.com \
-m auth \
-r executive |
export OXTRACE_USE_TOR="true"
python oxtrace.py \
-t https://target.com \
-m full |
python oxtrace.py \
-t https://upload.target.com \
-m upload \
-v |
python oxtrace.py \
-t https://secure.target.com \
-m crypto,session \
-r html |
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ๐ Interactive Dashboard โ
โ โโ ๐จ Modern dark theme design โ
โ โโ ๐ Interactive charts (Chart.js) โ
โ โโ ๐ Quick search functionality โ
โ โโ ๐ฑ Responsive for all devices โ
โ โโ ๐จ๏ธ Print-ready PDF export โ
โ โโ ๐ Direct CVSS & CWE links โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Generate:
python oxtrace.py -t https://example.com -m full -r htmlFeatures:
- ๐จ Professional cybersecurity aesthetic
- ๐ Severity distribution pie chart
- ๐ Vulnerabilities by module bar chart
- ๐ Searchable findings table
- ๐ฑ Mobile-friendly responsive design
- ๐จ๏ธ Optimized for PDF printing
- ๐ Links to vulnerability databases
Generate:
python oxtrace.py -t https://example.com -m full -r jsonUse Cases:
- โ CI/CD pipeline integration
- โ Custom report generation
- โ Data analysis and metrics
- โ SIEM system integration
- โ Automated vulnerability tracking
Sample Structure:
{
"meta": {
"tool": "OxTrace",
"version": "5.0.0",
"target": "https://example.com",
"timestamp": "2024-01-15_14-30-00",
"scan_duration": 245.67
},
"summary": {
"total_vulnerabilities": 12,
"risk_score": 78,
"by_severity": {
"critical": 3,
"high": 5,
"medium": 2,
"low": 2
}
},
"scans": [
{
"target": "https://example.com",
"scan_type": "authentication_security",
"vulnerabilities": [
{
"name": "Default Credentials",
"severity": "critical",
"cvss": 9.8,
"cwe": "CWE-798",
"evidence": "Login successful with admin:admin"
}
]
}
]
}Generate:
python oxtrace.py -t https://example.com -m full -r executiveIdeal For:
- ๐ C-level executives
- ๐ Board presentations
- ๐ Compliance reports
- ๐ Risk assessments
Sample Output:
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
EXECUTIVE SECURITY SUMMARY
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
TARGET: https://example.com
DATE: 2024-01-15 14:30:00
SCAN DURATION: 4 minutes 5 seconds
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
RISK OVERVIEW
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Overall Risk Rating: CRITICAL
Total Vulnerabilities: 12
โโ Critical: 3
โโ High: 5
โโ Medium: 2
โโ Low: 2
Risk Score: 78/100 (HIGH RISK)
IMMEDIATE ACTION REQUIRED: 3 critical vulnerabilities
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
TOP 5 CRITICAL FINDINGS
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
1. DEFAULT CREDENTIALS ACCEPTED
Severity: CRITICAL | CVSS: 9.8
Location: https://example.com/login
Impact: Unauthorized administrative access
Recommendation: Change default credentials immediately
2. SQL INJECTION VULNERABILITY
Severity: CRITICAL | CVSS: 9.8
Location: https://example.com/login
Impact: Database compromise possible
Recommendation: Use parameterized queries
3. WEAK JWT SECRET KEY
Severity: CRITICAL | CVSS: 9.8
Location: Authentication tokens
Impact: Token forgery possible
Recommendation: Use strong secret (min 256 bits)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
BUSINESS IMPACT ASSESSMENT
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Data Breach Risk: HIGH
โโ SQL injection could expose customer data
Compliance Risk: HIGH
โโ May violate GDPR, PCI-DSS requirements
Reputational Risk: HIGH
โโ Security breach could damage brand trust
Financial Risk: HIGH
โโ Potential fines and remediation costs
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
PRIORITY RECOMMENDATIONS
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
IMMEDIATE (Within 24 hours):
1. Change all default credentials
2. Disable vulnerable endpoints
3. Rotate JWT secret keys
4. Enable WAF protection
SHORT-TERM (Within 1 week):
1. Fix SQL injection vulnerabilities
2. Implement proper API authorization
3. Add security headers
4. Enable rate limiting
LONG-TERM (Within 1 month):
1. Comprehensive code review
2. Security testing in CI/CD
3. Team security training
4. Vulnerability management program
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
What It Tests:
- โ Default credentials (admin:admin, root:root, etc.)
- โ SQL injection in login forms
- โ Brute force protection mechanisms
- โ Account enumeration vulnerabilities
- โ HTTPS enforcement on credentials
- โ Session management after authentication
Sample Vulnerabilities:
[CRITICAL] Default Credentials
URL: https://example.com/login
Evidence: Login successful with admin:admin
CVSS: 9.8 | CWE-798
Fix: Change default credentials, enforce strong passwords
[CRITICAL] SQL Injection in Login
URL: https://example.com/login
Payload: ' OR '1'='1
Evidence: SQL error in response
CVSS: 9.8 | CWE-89
Fix: Use parameterized queries
[MEDIUM] No Brute Force Protection
URL: https://example.com/login
Evidence: 10 failed attempts without blocking
CVSS: 5.3 | CWE-307
Fix: Implement rate limiting and account lockout
What It Tests:
- โ BOLA/IDOR (Broken Object Level Authorization)
- โ Broken authentication mechanisms
- โ Excessive data exposure in responses
- โ Missing rate limiting
- โ Exposed API documentation
- โ Mass assignment vulnerabilities
Sample Vulnerabilities:
[HIGH] Potential BOLA/IDOR
URL: https://api.example.com/users/123
Evidence: Accessed resource with ID 456 unauthorized
CVSS: 7.5 | CWE-639
Fix: Implement proper authorization checks
[MEDIUM] Excessive Data Exposure
URL: https://api.example.com/users
Evidence: API returns password hashes
CVSS: 5.3 | CWE-200
Fix: Filter sensitive data from responses
[LOW] Exposed API Documentation
URL: https://api.example.com/swagger
Evidence: Swagger UI publicly accessible
CVSS: 3.7 | CWE-200
Fix: Restrict documentation in production
What It Tests:
- โ Algorithm confusion ('none' algorithm attacks)
- โ Weak signing secrets (brute force)
- โ Token expiration validation
- โ Sensitive data in payload
- โ Signature verification bypass
- โ Missing security claims
Sample Vulnerabilities:
[CRITICAL] Weak JWT Secret
Evidence: Token signed with "password123"
Algorithm: HS256
CVSS: 9.8 | CWE-798
Fix: Use cryptographically strong secret (256+ bits)
[CRITICAL] Algorithm Confusion
Evidence: Server accepts "none" algorithm
CVSS: 9.8 | CWE-327
Fix: Whitelist algorithms, never accept "none"
[HIGH] Sensitive Data in JWT
Evidence: Token contains user password
CVSS: 7.5 | CWE-200
Fix: Never store sensitive data in JWT payloads
What It Tests:
- โ Dangerous file types (PHP, JSP, ASPX)
- โ Double extension bypass (file.php.jpg)
- โ Null byte injection (file.php%00.jpg)
- โ MIME type validation bypass
- โ Path traversal in filenames
- โ File content validation
Sample Vulnerabilities:
[CRITICAL] Dangerous File Upload
URL: https://example.com/upload
Evidence: Successfully uploaded test.php
CVSS: 9.8 | CWE-434
Fix: Whitelist file types, validate content
[HIGH] Filter Bypass
URL: https://example.com/upload
Payload: test.php.jpg (double extension)
Evidence: PHP file executed
CVSS: 8.6 | CWE-434
Fix: Validate extensions properly, check magic bytes
[MEDIUM] No MIME Validation
URL: https://example.com/upload
Evidence: Uploaded executable with image MIME
CVSS: 6.5 | CWE-434
Fix: Validate both extension and MIME type
What It Tests:
- โ Secure flag on cookies
- โ HttpOnly flag validation
- โ SameSite attribute
- โ Session fixation vulnerabilities
- โ Session timeout enforcement
- โ Session ID randomness
Sample Vulnerabilities:
[HIGH] Session Fixation
URL: https://example.com
Evidence: Session ID not regenerated after login
CVSS: 7.5 | CWE-384
Fix: Regenerate session ID after authentication
[MEDIUM] Missing HttpOnly Flag
Cookie: PHPSESSID
Evidence: Cookie accessible via JavaScript
CVSS: 5.3 | CWE-1004
Fix: Set HttpOnly flag to prevent XSS theft
[MEDIUM] Missing Secure Flag
Cookie: session_token
Evidence: Cookie can be sent over HTTP
CVSS: 5.3 | CWE-614
Fix: Always set Secure flag for HTTPS cookies
What It Tests:
- โ SSL/TLS versions (SSLv2, SSLv3, TLS 1.0/1.1)
- โ Certificate validity and expiration
- โ Weak cipher suites
- โ RSA/ECC key sizes
- โ HSTS headers
- โ Certificate transparency
Sample Vulnerabilities:
[HIGH] Outdated TLS Version
URL: https://example.com
Protocol: TLSv1.0 (deprecated)
CVSS: 7.5 | CWE-326
Fix: Disable TLS 1.0/1.1, use TLS 1.2+ only
[MEDIUM] Weak Cipher Suite
URL: https://example.com
Cipher: DES-CBC3-SHA
CVSS: 5.9 | CWE-327
Fix: Disable weak ciphers, use AES-GCM
[LOW] Certificate Expiring Soon
URL: https://example.com
Evidence: Certificate expires in 15 days
CVSS: 3.7 | CWE-295
Fix: Renew certificate before expiration
# Proxy Configuration
export OXTRACE_PROXY="http://proxy.example.com:8080"
export OXTRACE_PROXY_USER="username"
export OXTRACE_PROXY_PASS="password"
# TOR Support
export OXTRACE_USE_TOR="true"
export OXTRACE_TOR_PROXY="socks5://127.0.0.1:9050"
# Custom User Agent
export OXTRACE_USER_AGENT="Mozilla/5.0 Custom Scanner"
# Threading
export OXTRACE_MAX_THREADS="50"
# Timeouts
export OXTRACE_TIMEOUT="30"
# Rate Limiting
export OXTRACE_RATE_LIMIT="0.1"
# Output Directory
export OXTRACE_OUTPUT_DIR="/path/to/reports"# OxTrace Configuration File
# Global Settings
version: "5.0.0"
verbose: false
# Scanning Settings
scanning:
max_threads: 100
max_async_tasks: 200
timeout: 30
max_retries: 3
rate_limit_delay: 0.05
# Proxy Settings
proxy:
enabled: false
proxy_list:
- "http://proxy1.example.com:8080"
- "http://proxy2.example.com:8080"
rotation: true
# TOR Settings
tor:
enabled: false
proxy: "socks5://127.0.0.1:9050"
# Stealth Mode
stealth:
rotate_user_agent: true
random_delay: true
delay_min: 0.1
delay_max: 0.5
evasion_mode: true
# Module Configuration
modules:
auth:
enabled: true
test_default_creds: true
test_sql_injection: true
test_brute_force: true
api:
enabled: true
test_bola: true
test_rate_limiting: true
jwt:
enabled: true
test_weak_secrets: true
test_algorithm_confusion: true
upload:
enabled: true
test_dangerous_types: true
test_bypasses: true
session:
enabled: true
test_cookie_security: true
test_fixation: true
crypto:
enabled: true
test_ssl_tls: true
test_certificates: true
# Reporting
reporting:
default_format: "html"
output_directory: "./reports"
include_screenshots: false
include_request_response: true
# Logging
logging:
level: "INFO"
file: "oxtrace.log"
max_size_mb: 100
backup_count: 5
# Custom Payloads
custom_payloads:
sql_injection:
- "' OR '1'='1"
- "admin'--"
- "1' UNION SELECT NULL--"
xss:
- "<script>alert('XSS')</script>"
- "<img src=x onerror=alert(1)>"
# Wordlists
wordlists:
usernames: "wordlists/usernames.txt"
passwords: "wordlists/passwords.txt"
directories: "wordlists/directories.txt"CRITICAL: Always obtain written permission
Required Documentation:
โ
Signed penetration testing agreement
โ
Scope of work document
โ
Rules of engagement
โ
Emergency contact information
โ
Data handling procedures
Clearly Define:
โ
Target systems and IP ranges
โ
Allowed testing methods
โ
Off-limits systems
โ
Testing time windows
โ
Data sensitivity levels
Pre-Testing Checklist:
โ
Verify target backups exist
โ
Set up monitoring and logging
โ
Establish communication channels
โ
Prepare incident response plan
โ
Document baseline system state
# Monitor system performance
# Stop if issues detected
# Document all activities
# Maintain stakeholder communication# Use appropriate delays
python oxtrace.py -t https://example.com -m full --delay 0.5
# For production systems
export OXTRACE_RATE_LIMIT="1.0"Keep Detailed Records:
โ
All commands executed
โ
Vulnerabilities discovered
โ
Activity timestamps
โ
System anomalies
โ
Evidence and screenshots
# Encrypt sensitive reports
gpg --encrypt --recipient security@example.com report.html
# Set appropriate permissions
chmod 600 report.htmlFollow These Steps:
1. Report to authorized contacts immediately
2. Provide detailed remediation guidance
3. Allow time for fixes (30-90 days)
4. Follow up on progress
5. Document disclosure process
Post-Assessment Actions:
โ
Remove test accounts created
โ
Delete uploaded test files
โ
Clear temporary data
โ
Verify no persistent access
โ
Document cleanup activities
# Solution
pip install -r requirements.txt# Solution 1
pip install --upgrade certifi
# Solution 2 (testing only)
export PYTHONHTTPSVERIFY=0# Solution
python oxtrace.py -t target --timeout 60 |
# Solution
export OXTRACE_RATE_LIMIT="1.0"# Solution
mkdir -p reports
chmod 755 reports# Solution
export OXTRACE_MAX_THREADS="20" |
We welcome contributions from the security community!
# 1. Fork the repository
git clone https://github.com/infocyn/oxtrace.git
# 2. Create feature branch
git checkout -b feature/amazing-scanner
# 3. Make changes and test
# 4. Push changes
git push origin feature/amazing-scanner
# 5. Create Pull Requestโโ ๐ง New scanner modules (CORS, XXE, SSRF)
โโ ๐ Bug fixes and improvements
โโ ๐ Documentation enhancements
โโ ๐จ UI/UX improvements
โโ โก Performance optimizations
OWASP Resources:
- OWASP Top 10
- OWASP Testing Guide
- OWASP API Security Top 10
Vulnerability Databases:
- CVE Details
- NVD - National Vulnerability Database
- Exploit-DB
- "The Web Application Hacker's Handbook" by Dafydd Stuttard
- "Real-World Bug Hunting" by Peter Yaworski
- "Black Hat Python" by Justin Seitz
- "OWASP Testing Guide v4"
โโ Burp Suite โ Professional web testing
โโ OWASP ZAP โ Free alternative to Burp
โโ Nmap โ Network discovery
โโ Metasploit โ Exploitation framework
โโ SQLMap โ SQL injection tool
- ๐จ Real-time display with live dashboard
- ๐ Advanced multi-threading (up to 100 workers)
- โ๏ธ Interactive legal framework
- ๐ HTML reports with Chart.js visualizations
- ๐ซ JWT token analysis module
- ๐ค File upload vulnerability scanner
- ๐ Session management testing
- ๐ Cryptography and SSL/TLS testing
- ๐ต๏ธ Stealth mode with proxy/TOR support
- ๐พ Intelligent caching system
- Fixed race conditions in multi-threading
- Resolved SQL injection false positives
- Corrected charset encoding issues
- Fixed memory leaks in long scans
- 300% faster with parallel execution
- 40% reduced memory footprint
- Optimized regex patterns
- Improved request caching
MIT License
Copyright (c) 2024 OxTrace Security Team
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software.
Need help? Have questions?
๐ฎ Contact us via Facebook page
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ โ DO NOT use on systems you don't own โ
โ โ DO NOT use for malicious purposes โ
โ โ DO NOT ignore legal warnings โ
โ โ
โ โ
ALWAYS get written authorization โ
โ โ
FOLLOW responsible disclosure โ
โ โ
USE ethically and legally โ
โ โ
โ YOU ARE SOLELY RESPONSIBLE FOR YOUR ACTIONS โ
โ UNAUTHORIZED ACCESS IS ILLEGAL AND PUNISHABLE โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Legal Consequences: ๐ Criminal Prosecution | ๐ฐ Heavy Fines | โ๏ธ Imprisonment | ๐ Career Destruction
Use Responsibly. Stay Legal. Be Ethical.
Special thanks to:
- OWASP Project for security resources
- Python Community for excellent libraries
- Security Researchers for vulnerability research
- Contributors who improve OxTrace
- You for using OxTrace responsibly
Made with โค๏ธ by the Security Community
โญ Star on GitHub | ๐ Report Issues | ๐ค Contribute
OxTrace v5.0 - Ultimate Penetration Testing Framework
Scan Smart. Test Safe. Stay Ethical.
