iT邦幫忙

第 11 屆 iT 邦幫忙鐵人賽

DAY 14
1

Rebel-Framework


Rebel-Framework 是一個測試框架,可以執行和網絡與Web application 程序有關的各種滲透測試工具。

https://github.com/reb311ion/rebel-framework


  • 操作環境 Parrot Security OS
  • 安裝
git clone https://github.com/rebellionil/rebel-framework.git
cd rebel-framework
bash setup.sh
bash rebel.sh

https://ithelp.ithome.com.tw/upload/images/20190930/20060971gFNbXUmUXq.png

  • 操作指令
cd rebel-framework
./rebel.sh

https://ithelp.ithome.com.tw/upload/images/20190930/200609715Y1bt7njmC.png

  • help
    https://ithelp.ithome.com.tw/upload/images/20190930/20060971NHX9LBOpgU.png
{REBEL}➤~# ?
   ┬                  Help
   ├
   ├  show modules     ➤     List all available modules
   ├  use + <module>   ➤     Use module
   ├  show options     ➤     Show module options
   ├  banner           ➤     Display an awesome rebel banner
   ├  set              ➤     Set a value to an option
   ├  run              ➤     Run module
   ├  clear/reset      ➤     Clear screen
   ├  back             ➤     Back to the main
   ├  exit - quit      ➤     Exit from rebel
   ├  ! <cmd>          ➤     Execute shell commands
   ├  help - ?         ➤     Show this message
  • modules
{REBEL}➤~# show modules
   ┬               Modules
   ├
   ├  net/iface             ➤       Interface info.
   ├  net/map               ➤       Hosts live Scan in LAN.
   ├  net/scan              ➤       Scan [Ports, OS, Etc] IP.
   ├  net/vuln              ➤       Scan for common vulnerabilities.
   ├  net/sniff             ➤       Unencrypted traffic network sniffer and modifier.
   ├  net/sslsniff          ➤       Sslstrip and sniff traffic.
   ├  net/cut               ➤       Cut connection bettwen two points or more.
   ├
   ├  info/site             ➤       Website information
   ├  info/phone            ➤       Phone number onformation
   ├  info/server           ➤       Find IP Address And E-mail Server
   ├  info/whois            ➤       Domain whois lookup
   ├  info/loc              ➤       Find website/IP address location
   ├  info/bcf              ➤       Bypass cloudFlare
   ├  info/subdomain        ➤       Subdomain scanner
   ├  info/valid            ➤       Check Email address validation
   ├  info/domain           ➤       Search Domain for Email addresses
   ├  info/email            ➤       Email information gathering
   ├
   ├  web/dirscan           ➤       Scan for hidden web directories
   ├  web/appscan           ➤       Gather OSINT and fuzz for OWASP vulnerabilities
   ├  web/cmsscan           ➤       Scan and detect CMS vulnerabilities [WordPress, Joomla and Drupal]
   ├
   ├  com/chat              ➤       create or join an existing chatroom
   ├  com/qrshare           ➤       Send files using qr codes
   ├
   ├  torrent/search        ➤       Search for torrents ans get thier info
   ├  torrent/get           ➤       Download torrents using command line
   ├
   ├  crypto/rot            ➤       Rot1..25 decoder
   ├  crypto/auto           ➤       Detect and decode encoded strings & crack hashes
   ├  crypto/mdr1           ➤       Encode/decode strings using our own Encoding algorithm
   ├  crypto/find           ➤       Find hashes inside files [md5,sha256,sha512crypt,etc..]
   ├
   ├  phish/google          ➤       Google phishing using ngrok.
   ├  phish/in              ➤       LinkedIn phishing using ngrok.
   ├  phish/git             ➤       Github phishing using ngrok.
   ├  phish/stack           ➤       StackOverflow phishing using ngrok.
   ├  phish/wp              ➤       WordPress phishing using ngrok.
   ├  phish/twitter         ➤       Twitter phishing using ngrok.
   ├  phish/advanced        ➤       Customizable advanced phishing
   ├
   ├  re/info               ➤       Collect information about the binary file
   ├  re/trace              ➤       Trace binary/PID system calls and signals
   ├  re/elfdec             ➤       Decompile elf file function(s)
   ├
   ├  df/entropy            ➤       Calculate file entropy
   ├  df/recover            ➤       Recursively scan and extracts all recoverable files
   ├  df/scan               ➤       Scan and recover a disk image for regular expressions and other content
  • 範例 net/scan
use net/scan
show options
set target IP/Subnet
run

https://ithelp.ithome.com.tw/upload/images/20190930/20060971INTOKYuPUA.png


上一篇
[Day 13]-dnswalk
下一篇
[Day 15]-Hacktronian
系列文
利用開源資源執行安全檢測30

尚未有邦友留言

立即登入留言