Lockdoor-Framework: A PenTesting Framework With Cyber Security Resources

About Lockdoor-Framework
    Author: SofianeHamlaoui

• Github: SofianeHamlaoui
• Twitter: S0fianeHamlaoui
• Facebook: S0fianeHamlaoui

   Tested on: Kali Linux, Ubuntu, Arch Linux, Fedora, OpenSuse and Windows (Cygwin)

   LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Lockdoor-Framework installation:
   For now, Lockdoor-Framework supports Debian-based Linux distros (Kali Linux, ParrotSec, Ubuntu...), Arch Linux based distros (Manjaro, BlackArch, ArchStrike...), Fedora, OpenSuse, Cygwin on Windows.

   Open your Terminal and enter these commands:

You can watch detail here:

Lockdoor Tools contents 🛠️:
 * Information Gathering 🔎:

• dirsearch: A Web path scanner
• brut3k1t: security-oriented bruteforce framework
• gobuster: DNS and VHost busting tool written in Go
• Enyx: an SNMP IPv6 Enumeration Tool
• Goohak: Launchs Google Hacking Queries Against A Target Domain
• Nasnum: The NAS Enumerator
• Sublist3r: Fast subdomains enumeration tool for penetration testers
• wafw00f: identify and fingerprint Web Application Firewall
• Photon: ncredibly fast crawler designed for OSINT.
• Raccoon: offensive security tool for reconnaissance and vulnerability scanning
• DnsRecon: DNS Enumeration Script
• Nmap: The famous security Scanner, Port Scanner, & Network Exploration Tool
• sherlock: Find usernames across social networks
• snmpwn: An SNMPv3 User Enumerator and Attack tool
• Striker: an offensive information and vulnerability scanner.
• theHarvester: E-mails, subdomains and names Harvester
• URLextractor: Information gathering & website reconnaissance
• denumerator.py: Enumerates list of subdomains
• other: other Information gathering,recon and Enumeration scripts I collected somewhere.
• ReconDog: Reconnaissance Swiss Army Knife
• RED_HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling
• Dracnmap: Info Gathering Framework

 * Web Hacking 🌐:

• Spaghetti: Spaghetti - Web Application Security Scanner
• CMSmap: CMS scanner
• BruteXSS: BruteXSS is a tool to find XSS vulnerabilities in web application
• J-dorker: Website List grabber from Bing
• droopescan: scanner, identify, CMSs, Drupal, Silverstripe.
• Optiva: Web Application Scanner
• V3n0M: Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
• AtScan: Advanced dork Search & Mass Exploit Scanner
• WPSeku: Wordpress Security Scanner
• WPScan: A simple Wordpress scanner written in python
• XSStrike: Most advanced XSS scanner.
• SQLMap: automatic SQL injection and database takeover tool
• WhatWeb: the Next generation web scanner
• joomscan: Joomla Vulnerability Scanner Project
• Dzjecter: Server checking Tool

 * Privilege Escalation ⚠️:

• Linux 🐧:linux_checksec.sh
     linux_enum.sh
     linux_gather_files.sh
     linux_kernel_exploiter.pl
     linux_privesc.py
     linux_privesc.sh
     linux_security_test
     Linux_exploits folder
• Windows :   windows-privesc-check.py
     windows-privesc-check.exe
• MySql:raptor_udf.c
     raptor_udf2.c

 * Reverse Engineering ⚡:

• Radare2: unix-like reverse engineering framework
• VirtusTotal: VirusTotal tools
• Miasm: Reverse engineering framework
• Mirror: reverses the bytes of a file
• DnSpy: .NET debugger and assembly
• AngrIo: A python framework for analyzing binaries (Suggested by @Hamz-a)
• DLLRunner: a smart DLL execution script for malware analysis in sandbox systems.
• Fuzzy Server: a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
• yara: a tool aimed at helping malware researchers toidentify and classify malware samples
• Spike: a protocol fuzzer creation kit + audits
• other: other scripts collected somewhere

 * Exploitation ❗:

• Findsploit: Find exploits in local and online databases instantly
• Pompem: Exploit and Vulnerability Finder
• rfix: Python tool that helps RFI exploitation.
• InUrlBr: Advanced search in search engines
• Burpsuite: Burp Suite for security testing & scanning.
• linux-exploit-suggester2: Next-Generation Linux Kernel Exploit Suggester
• other: other scripts I collected somewhere.

 * Shells 🐚:

• WebShells: BlackArch's Webshells Collection
• ShellSum: A defense tool - detect web shells in local directories
• Weevely: Weaponized web shell
• python-pty-shells: Python PTY backdoors

 * Password Attacks ✳️:

• crunch : a wordlist generator
• CeWL : a Custom Word List Generator
• patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

 * Encryption - Decryption 🛡️:

• Codetective: a tool to determine the crypto/encoding algorithm used
• findmyhash: Python script to crack hashes using online services

 * Social Engineering 🎭:

• scythe: an accounts enumerator

Contributing:

1. Fork Lockdoor-Framework:
   git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git
2. Create your feature branch
3. Commit your changes
4. Push to the branch
5. Create a new Pull Request

Features 📙:

• Pentesting Tools Selection 📙:

   Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
   what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali Linux, ParrotSec and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
   Easy customization: Easily add/remove tools. (Added value)
   Installation: You can install the tool automatically using the install.sh. Manually or on Docker [COMING SOON]

• Resources and cheatsheets 📙 (Added value):

   Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools! Pentesing and Security Assessment Findings Reports templates (Added value), Pentesting walkthrough examples and tempales (Added value) and more.
   Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Check the Wiki Pages to know more about the tool 📙:

• Lockdoor Wiki page Home
• Lockdoor Demos
• Lockdoor Screenshots

Lockdoor-Framework's screenshots:

First Step

Lockdoor update

ROOT Menu

Information Gathering

Web Hacking

Exploitation

Reverse Engineering

Enc/Dec

Password Attacks

Shells

PrivEsc

Social Engineering

PSAFRT

Walkthroughs

About

Support the author:

   On Paypal: Sofiane Hamlaoui

   BTC Address: 

Download Lockdoor-Framework

Read more

• Hacking Etico Que Es
• Hacking Language
• Blackhat Hacking
• Un Hacker
• El Hacker Pelicula
• Como Ser Hacker
• Hacking System