LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers.
This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters.
As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one.
With all of that ! It automates the Pentesting process to help you do the job more quickly and
easily.
=============
Features
=============
Added value : (what makes it different from other frameworks).
Pentesting Tools Selection:
--------------------------
Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali,Parrot Os and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
Installation: You can install the tool automatically using the installer.sh , Manually or on Docker [COMING SOON]
Resources and cheatsheets: (Added value)
--------------------------
Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates (Added value) , Pentesting walkthrough examples and tempales (Added value) and more.
Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.
V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
AtScan : Advanced dork Search & Mass Exploit Scanner
WPSeku : Wordpress Security Scanner
Wpscan : A simple Wordpress scanner written in python
XSStrike : Most advanced XSS scanner.
Sqlmap : automatic SQL injection and database takeover tool
WhatWeb : the Next generation web scanner
joomscan : Joomla Vulnerability Scanner Project
Frameworks:
Dzjecter : Server checking Tool
Privilege Escalation:
Tools:
Linux :
Scripts :
linux_checksec.sh
linux_enum.sh
linux_gather_files.sh
linux_kernel_exploiter.pl
linux_privesc.py
linux_privesc.sh
linux_security_test
Linux_exploits folder
Windows :
windows-privesc-check.py
windows-privesc-check.exe
MySql :
raptor_udf.c
raptor_udf2.c
Reverse Engineering:
Radare2 : unix-like reverse engineering framework
VirtusTotal : VirusTotal tools
Miasm : Reverse engineering framework
Mirror : reverses the bytes of a file
DnSpy : .NET debugger and assembly
AngrIo : A python framework for analyzing binaries ( Suggested by @Hamz-a )
DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
yara : a tool aimed at helping malware researchers toidentify and classify malware samples
Spike : a protocol fuzzer creation kit + audits
other : other scripts collected somewhere
Exploitation:
Findsploit : Find exploits in local and online databases instantly
Pompem : Exploit and Vulnerability Finder
rfix : Python tool that helps RFI exploitation.
InUrlBr : Advanced search in search engines
Burpsuite : Burp Suite for security testing & scanning.
linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
other : other scripts I collected somewhere.
Shells:
WebShells : BlackArch's Webshells Collection
ShellSum : A defense tool - detect web shells in local directories
Weevely : Weaponized web shell
python-pty-shells : Python PTY backdoors
Password Attacks:
crunch : a wordlist generator
CeWL : a Custom Word List Generator
patator : a multi-purpose brute-forcer, with a modular design and a flexible usage
Encryption - Decryption: -------------------------- - Codetective : a tool to determine the crypto/encoding algorithm used - findmyhash : Python script to crack hashes using online services