BLACKBOx – Penetration Testing Framework

BLACKBOx is a penetration testing framework that may allow user to run several type of attacks against his target. The framework include several modules to execute password attacks, Bruteforce the target with a random wordlist generated, execute some reconnaissance and information gathering , execute exploit modules and run web attack.

BLACKBOx - Penetration Testing Framework
BLACKBOx – Penetration Testing Framework

The list of modules and functionality are as follows:

PASSWORD ATTACKs:
  • MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MSSQL2000, MSSQL2005, MYSQL323, MYSQL41, ORACLE11 CRACKER
BRUTEFORCING :
  • WordPress Bruteforce – Bruteforce wordpress panel
  • FTP Bruteforce – Bruteforcing FTP LOGIN
  • SSH Bruteforce – Bruteforcing SSH LOGIN
  • Admin Page Finder – Find Admin Page
INFORMATION GATHERING :
  • Dnsinfo – dns info via Yougetsignal & viewdns & hackertarget
EXPLOIT :
  • Magento Rce – Magento eCommerce – Remote Code Execution
  • Joomla Rce – 1.5 – 3.4.5 remote code execution
  • Prestashop Exploit – PrestaShop Arbitrary file Upload (9 Modules)
  • PhpmoAdmin Rce – Exploit for phpMoAdmin, CVE-2015-2208
  • ElasticSearch rce – Exploit for ElasticSearch , {CVE-2015-1427}
  • PhpmoAdmin Rce – Exploit for phpMoAdmin, {CVE-2015-2208}
  • ElasticSearch rce – Exploit for ElasticSearch , {CVE-2015-1427}
  • LotusCMS Rce – LotusCMS 3.0 Unauthenticated Remote Code Execution
  • WPNmedia upload vuln – WordPress N-Media Website Contact Form with File Upload 1.3.4
  • WPSHOP upload vuln – WordPress WPShop eCommerce Shell Upload (WPVDB-7830)
WEB HACKING :
  • Google Dorker – google dorker (LFI/SQLi/XSS/RCE SCANNER)
  • Bing Dorker – bing dorker (LFI/SQLi/XSS/RCE SCANNER )
  • Scan list – Scan url in list from Vuln (SQLi/RCE/XSS/LFI)

You can read more and download this framewok over here: https://github.com/sepehrdaddev/blackbox

Share