Skip to content
master
Switch branches/tags
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Jun 16, 2021
Jun 16, 2021
Sep 14, 2020
Jun 16, 2021
Jun 17, 2021
Jun 16, 2021
Jun 17, 2021
Jun 16, 2021
Jun 18, 2021
Jun 17, 2021
Jun 16, 2021
Jun 18, 2021
Jun 25, 2021
Jun 16, 2021

Lockdoor v2.3

Table of contents

Changelog πŸ“Œ :

Version v2.3 IS OUT !!

    - Fixing some CI 

    - making a more stable version 

    - new docker iaage build

    - adding packages for each supported distros

Badges πŸ“Œ :

made-with-python Twitter GitHub License TestedON

Support me πŸ’° :

Contributors ⭐ :

commits

Versions

06/2021 : 2.3

  • Config file checking.

  • Updating the tools.

  • Showing the current version of Lockdoor by -v arg.

  • checking the version and asking for possible update.

  • Making it easier to customize.

  • No added tools for the moment.

  • Fixing the docker misconfiguration, the docker version now works perfectly.

    • Information Gathring Tools (21)
    • Web Hacking Tools(15)
    • Reverse Engineering Tools (15)
    • Exploitation Tools (6)
    • Pentesting & Security Assessment Findings Report Templates (6)
    • Password Attack Tools (4)
    • Shell Tools + Blackarch's Webshells Collection (4)
    • Walk Throughs & Pentest Processing Helpers (3)
    • Encryption/Decryption Tools (2)
    • Social Engineering tools (1)
    • All you need as Privilege Escalation scripts and exploits

03/2020 : 2.2.3

  • Information Gathring Tools (21)
  • Web Hacking Tools(15)
  • Reverse Engineering Tools (15)
  • Exploitation Tools (6)
  • Pentesting & Security Assessment Findings Report Templates (6)
  • Password Attack Tools (4)
  • Shell Tools + Blackarch's Webshells Collection (4)
  • Walk Throughs & Pentest Processing Helpers (3)
  • Encryption/Decryption Tools (2)
  • Social Engineering tools (1)
  • All you need as Privilege Escalation scripts and exploits
  • Working on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)

Youtube Video : Link

Youtube

Blogs & Articles πŸ“° :

  * Reddit : https://www.reddit.com/r/cybersecurity/comments/d4hthh/lockdoor_a_penetration_testing_framework_with/
  * Medium.com : https://medium.com/@SofianeHamlaoui/lockdoor-framework-a-penetration-testing-framework-with-cyber-security-resources-sofiane-22fbb7942378
  * Xploit Lab : https://xploitlab.com/lockdoor-framework-penetration-testing-framework-with-cyber-security-resources/
  * Station X : https://www.stationx.net/threat-intelligence-17th-september/
  * Kelvin Security : https://blog.kelvinsecurity.com/2019/09/12/lookdoor-framework-a-penetration-testing-framework-with-cyber-security-resources/
  * All About hacking : https://www.allabouthack.com/2019/09/lookdoor-framework-penetration-testing.html
  * Wired Intel : http://wiredintel.bravehost.com/wired/2019/09/15/%F0%9F%94%90-lockdoor-a-penetration-testing-framework-with-cyber-security-resources

        * Social networks :
              * LinkedIn :
                    * By Nermin S. : https://www.linkedin.com/posts/nsmajic_sofianehamlaouilockdoor-framework-activity-6578952540564529152-B-0P
              * Twitter :
                    * By Me :D : https://twitter.com/S0fianeHamlaoui/status/1173079963567820801
                    * National Cyber Security Services : https://twitter.com/NationalCyberS1/status/1173917454151475202
                    * Xploit Lab : https://twitter.com/xploit_lab/status/1173990273644261376
                    * More : https://twitter.com/search?q=Lockdoor%20Framework
                    * More : https://twitter.com/search?q=Lookdoor%20Framework
              * Facebook :
                    * By ME :D : https://www.facebook.com/S0fianeHamlaoui/posts/678704759315090
                    * National Cyber Security Services : https://www.facebook.com/ncybersec/posts/1273735519463836
                    * Xploit Lab : https://www.facebook.com/XploitLab/posts/2098443780463126
                    * Root Developers : https://www.facebook.com/root.deve/posts/1181412315364265
                    * More : https://www.facebook.com/search/top/?q=Lockdoor%20Framework
        * Youtube :
              * My youtube video : https://www.youtube.com/watch?v=_agvb29FQrs
              * The Shadow Brokers video : https://www.youtube.com/watch?v=6njKRrKQtow

Overview πŸ“™ :

LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Features πŸ“™ :

Pentesting Tools Selection πŸ“™ :

  • Tools: Lockdoor doesn't contain all pentesting tools , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite and the most used tools by Pentesters.

  • what Tools: the tools contains Lockdoor are a collection from the best tools on Kali,Parrot Os and BlackArch. Also some private tools from some other hacking teams like InurlBr, iran-cyber. Without forgetting some cool and amazing tools I found on Github made by some perfect human beings.

  • Easy customization: Easily add/remove tools.

  • Installation: You can install the tool automatically using the installer.sh , Manually or by running the Docker Image.

Resources and cheatsheets πŸ“™ :

  • Resources: That's what makes Lockdoor, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates, Pentesting walkthrough examples and templates and more.

  • Cheatsheets: Everyone can forget something on processing or a tool use, or even some tricks. Here comes the Cheatsheets role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Screenshots πŸ’» :

Demos πŸ’» :

Installation πŸ› οΈ :

The recommended way to use Lockdoor is by pulling the Docker Image so you will not have to worry about dependencies issues.

  • Docker Installation

    • Installing requirments
             sudo apt install docker < Debian-based distributions
             sudo dnf install docker < RPM-based distributions
             sudo pacman -S docker < Arch-based distributions
             sudo zypper install docker < OS-based distributions
             sudo yum install docker < RH-based distributions
    • Running the container
             1. *Pull lockdoor Docker Image:*
                  sudo docker pull sofianehamlaoui/lockdoor
      
             2. *Run fresh Docker container:*
                  sudo docker run -it --name lockdoor-container -w /Lockdoor-Framework --net=host sofianehamlaoui/lockdoor
      
             3. *Run Lockdoor Framework*
                  sudo lockdoor
      
             4. *To re-run a stopped container:*
                  sudo docker start -i sofianehamlaoui/lockdoor
             5. *To open multiple shells inside the container:*
                  sudo docker exec -it lockdoor-container bash
  • Using LockAller - Lockdoor Installer

    Installing it using the script may take some time depends on the packages already installed on your system. > here you can find a fresh installation on a new debian distro with no pre-installed packages : [11min]

    git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework && chmod +x ./install.sh && ./install.sh 

Lockdoor Tools contents πŸ› οΈ :

Information Gathering πŸ”Ž :

  • Tools:
    • dirsearch : A Web path scanner
    • brut3k1t : security-oriented bruteforce framework
    • gobuster : DNS and VHost busting tool written in Go
    • Enyx : an SNMP IPv6 Enumeration Tool
    • Goohak : Launchs Google Hacking Queries Against A Target Domain
    • Nasnum : The NAS Enumerator
    • Sublist3r : Fast subdomains enumeration tool for penetration testers
    • wafw00f : identify and fingerprint Web Application Firewall
    • Photon : ncredibly fast crawler designed for OSINT.
    • Raccoon : offensive security tool for reconnaissance and vulnerability scanning
    • DnsRecon : DNS Enumeration Script
    • Nmap : The famous security Scanner, Port Scanner, & Network Exploration Tool
    • sherlock : Find usernames across social networks
    • snmpwn : An SNMPv3 User Enumerator and Attack tool
    • Striker : an offensive information and vulnerability scanner.
    • theHarvester : E-mails, subdomains and names Harvester
    • URLextractor : Information gathering & website reconnaissance
    • denumerator.py : Enumerates list of subdomains
    • other : other Information gathering,recon and Enumeration scripts I collected somewhere.
  • Frameworks:
    • ReconDog : Reconnaissance Swiss Army Knife
    • RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling
    • Dracnmap : Info Gathering Framework

Web Hacking 🌐 :

  • Tools:
    • Spaghetti : Spaghetti - Web Application Security Scanner
    • CMSmap : CMS scanner
    • BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
    • J-dorker : Website List grabber from Bing
    • droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
    • Optiva : Web Application Scanne
    • V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
    • AtScan : Advanced dork Search & Mass Exploit Scanner
    • WPSeku : Wordpress Security Scanner
    • Wpscan : A simple Wordpress scanner written in python
    • XSStrike : Most advanced XSS scanner.
    • Sqlmap : automatic SQL injection and database takeover tool
    • WhatWeb : the Next generation web scanner
    • joomscan : Joomla Vulnerability Scanner Project
  • Frameworks:
    • Dzjecter : Server checking Tool

Privilege Escalation ⚠️ :

  • Tools:
    • Linux 🐧 :
      • Scripts :
        • linux_checksec.sh
        • linux_enum.sh
        • linux_gather_files.sh
        • linux_kernel_exploiter.pl
        • linux_privesc.py
        • linux_privesc.sh
        • linux_security_test
      • Linux_exploits folder
    • Windows |Windows| :
      • windows-privesc-check.py
      • windows-privesc-check.exe
    • MySql :
      • raptor_udf.c
      • raptor_udf2.c

Reverse Engineering ⚑:

  • Radare2 : unix-like reverse engineering framework
  • VirtusTotal : VirusTotal tools
  • Miasm : Reverse engineering framework
  • Mirror : reverses the bytes of a file
  • DnSpy : .NET debugger and assembly
  • AngrIo : A python framework for analyzing binaries ( Suggested by @Hamz-a )
  • DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
  • Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
  • yara : a tool aimed at helping malware researchers toidentify and classify malware samples
  • Spike : a protocol fuzzer creation kit + audits
  • other : other scripts collected somewhere

Exploitation ❗:

  • Findsploit : Find exploits in local and online databases instantly
  • Pompem : Exploit and Vulnerability Finder
  • rfix : Python tool that helps RFI exploitation.
  • InUrlBr : Advanced search in search engines
  • Burpsuite : Burp Suite for security testing & scanning.
  • linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
  • other : other scripts I collected somewhere.

Shells 🐚:

  • WebShells : BlackArch's Webshells Collection
  • ShellSum : A defense tool - detect web shells in local directories
  • Weevely : Weaponized web shell
  • python-pty-shells : Python PTY backdoors

Password Attacks ✳️:

  • crunch : a wordlist generator
  • CeWL : a Custom Word List Generator
  • patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

Encryption - Decryption πŸ›‘οΈ:

  • Codetective : a tool to determine the crypto/encoding algorithm used
  • findmyhash : Python script to crack hashes using online services

Social Engineering 🎭:

  • scythe : an accounts enumerator

Lockdoor Resources contents πŸ“š :

Information Gathering πŸ”Ž :

Crypto πŸ›‘οΈ:

Exploitation ❗:

Networking πŸ–§ :

Password Attacks ✳️:

Post Exploitation ❗❗:

Privilege Escalation ⚠️:

Pentesting & Security Assessment Findings Report Templates πŸ“ :

Reverse Engineering ⚑ :

Social Engineering 🎭:

Walk Throughs 🚢 :

Web Hacking 🌐 :

Other πŸ“š :

Contributing :

  1. Read Contributing, The Code of Conduct and The pull request template
  2. Fork it (https://github.com/SofianeHamlaoui/Lockdoor-Framework/fork)
  3. Create your feature branch
  4. Commit your changes
  5. Push to the branch
  6. Create a new Pull Request