pythem - Penetration Testing Framework

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license. Only runs on GNU/Linux OS.

Installation

Step-by-step

• Installation

• Create a global executable on PATH

• Create a Desktop Shortcut

Quick-Start

git clone https://github.com/m4n3dw0lf/pythem
cd pythem
chmod +x install
./install

Run with:

pythem

Examples

• ARP spoofing - Man-in-the-middle.
• Man-in-the-middle HSTS bypass - Strip SSL
• ARP+DNS spoof - fake page redirect to credential harvester
• DHCP ACK Injection spoofing - Man-in-the-middle
• Man-in-the-middle inject BeEF hook
• SSH Brute-Force attack.
• Web page formulary brute-force
• URL content buster
• Overthrow the DNS of LAN range/IP address
• Redirect all possible DNS queries to host

Exploit Development with pythem

• Exploit Development 1: Overwriting Instruction Pointer
• Exploit Development 2: Ret2libc

Commands Reference

Index

Core

• help
• exit/quit
• set
• print

Network, Man-in-the-middle and Denial of service (DOS)

• arpspoof
• dhcpspoof
• dnsspoof
• hstsbypass
• redirect
• sniff
• dos
• pforensic
  pforensic: Commands Reference
  
  • help
  • clear
  • exit/quit
  • show
  • conversations
  • packetdisplay
  • filter

Exploit development and Reverse Engineering

• xploit
  xploit: Commands Reference
  
  • help
  • clear
  • exit/quit
  • set
  • decode/encode
  • shellcode
  • search
  • xploit
  • cheatsheet
  • fuzz

Brute Force

• brute

Utils

• geoip
• decode/encode
• cookiedecode