• Stars
    star
    1,286
  • Rank 36,580 (Top 0.8 %)
  • Language
    Python
  • License
    GNU Affero Genera...
  • Created over 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

πŸ” Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Lockdoor v2.3

Table of contents

Changelog πŸ“Œ :

Version v2.3 IS OUT !!

    - Fixing some CI 

    - making a more stable version 

    - new docker iaage build

    - adding packages for each supported distros

Badges πŸ“Œ :

made-with-python Twitter GitHub License TestedON

Support me πŸ’° :

Contributors ⭐ :

commits

Versions

06/2021 : 2.3

  • Config file checking.

  • Updating the tools.

  • Showing the current version of Lockdoor by -v arg.

  • checking the version and asking for possible update.

  • Making it easier to customize.

  • No added tools for the moment.

  • Fixing the docker misconfiguration, the docker version now works perfectly.

    • Information Gathring Tools (21)
    • Web Hacking Tools(15)
    • Reverse Engineering Tools (15)
    • Exploitation Tools (6)
    • Pentesting & Security Assessment Findings Report Templates (6)
    • Password Attack Tools (4)
    • Shell Tools + Blackarch's Webshells Collection (4)
    • Walk Throughs & Pentest Processing Helpers (3)
    • Encryption/Decryption Tools (2)
    • Social Engineering tools (1)
    • All you need as Privilege Escalation scripts and exploits

03/2020 : 2.2.3

  • Information Gathring Tools (21)
  • Web Hacking Tools(15)
  • Reverse Engineering Tools (15)
  • Exploitation Tools (6)
  • Pentesting & Security Assessment Findings Report Templates (6)
  • Password Attack Tools (4)
  • Shell Tools + Blackarch's Webshells Collection (4)
  • Walk Throughs & Pentest Processing Helpers (3)
  • Encryption/Decryption Tools (2)
  • Social Engineering tools (1)
  • All you need as Privilege Escalation scripts and exploits
  • Working on Kali,Ubuntu,Arch,Fedora,Opensuse and Windows (Cygwin)

Youtube Video : Link

Youtube

Blogs & Articles πŸ“° :

  * Reddit : https://www.reddit.com/r/cybersecurity/comments/d4hthh/lockdoor_a_penetration_testing_framework_with/
  * Medium.com : https://medium.com/@SofianeHamlaoui/lockdoor-framework-a-penetration-testing-framework-with-cyber-security-resources-sofiane-22fbb7942378
  * Xploit Lab : https://xploitlab.com/lockdoor-framework-penetration-testing-framework-with-cyber-security-resources/
  * Station X : https://www.stationx.net/threat-intelligence-17th-september/
  * Kelvin Security : https://blog.kelvinsecurity.com/2019/09/12/lookdoor-framework-a-penetration-testing-framework-with-cyber-security-resources/
  * All About hacking : https://www.allabouthack.com/2019/09/lookdoor-framework-penetration-testing.html
  * Wired Intel : http://wiredintel.bravehost.com/wired/2019/09/15/%F0%9F%94%90-lockdoor-a-penetration-testing-framework-with-cyber-security-resources

        * Social networks :
              * LinkedIn :
                    * By Nermin S. : https://www.linkedin.com/posts/nsmajic_sofianehamlaouilockdoor-framework-activity-6578952540564529152-B-0P
              * Twitter :
                    * By Me :D : https://twitter.com/S0fianeHamlaoui/status/1173079963567820801
                    * National Cyber Security Services : https://twitter.com/NationalCyberS1/status/1173917454151475202
                    * Xploit Lab : https://twitter.com/xploit_lab/status/1173990273644261376
                    * More : https://twitter.com/search?q=Lockdoor%20Framework
                    * More : https://twitter.com/search?q=Lookdoor%20Framework
              * Facebook :
                    * By ME :D : https://www.facebook.com/S0fianeHamlaoui/posts/678704759315090
                    * National Cyber Security Services : https://www.facebook.com/ncybersec/posts/1273735519463836
                    * Xploit Lab : https://www.facebook.com/XploitLab/posts/2098443780463126
                    * Root Developers : https://www.facebook.com/root.deve/posts/1181412315364265
                    * More : https://www.facebook.com/search/top/?q=Lockdoor%20Framework
        * Youtube :
              * My youtube video : https://www.youtube.com/watch?v=_agvb29FQrs
              * The Shadow Brokers video : https://www.youtube.com/watch?v=6njKRrKQtow

Overview πŸ“™ :

LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Features πŸ“™ :

Pentesting Tools Selection πŸ“™ :

  • Tools: Lockdoor doesn't contain all pentesting tools , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite and the most used tools by Pentesters.

  • what Tools: the tools contains Lockdoor are a collection from the best tools on Kali,Parrot Os and BlackArch. Also some private tools from some other hacking teams like InurlBr, iran-cyber. Without forgetting some cool and amazing tools I found on Github made by some perfect human beings.

  • Easy customization: Easily add/remove tools.

  • Installation: You can install the tool automatically using the installer.sh , Manually or by running the Docker Image.

Resources and cheatsheets πŸ“™ :

  • Resources: That's what makes Lockdoor, Lockdoor Doesn't contain only tools ! Pentesing and Security Assessment Findings Reports templates, Pentesting walkthrough examples and templates and more.

  • Cheatsheets: Everyone can forget something on processing or a tool use, or even some tricks. Here comes the Cheatsheets role ! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Screenshots πŸ’» :

Demos πŸ’» :

Installation πŸ› οΈ :

The recommended way to use Lockdoor is by pulling the Docker Image so you will not have to worry about dependencies issues.

  • Docker Installation

    • Installing requirments
             sudo apt install docker < Debian-based distributions
             sudo dnf install docker < RPM-based distributions
             sudo pacman -S docker < Arch-based distributions
             sudo zypper install docker < OS-based distributions
             sudo yum install docker < RH-based distributions
    • Running the container
             1. *Pull lockdoor Docker Image:*
                  sudo docker pull sofianehamlaoui/lockdoor
      
             2. *Run fresh Docker container:*
                  sudo docker run -it --name lockdoor-container -w /Lockdoor-Framework --net=host sofianehamlaoui/lockdoor
      
             3. *Run Lockdoor Framework*
                  sudo lockdoor
      
             4. *To re-run a stopped container:*
                  sudo docker start -i sofianehamlaoui/lockdoor
             5. *To open multiple shells inside the container:*
                  sudo docker exec -it lockdoor-container bash
  • Using LockAller - Lockdoor Installer

    Installing it using the script may take some time depends on the packages already installed on your system. > here you can find a fresh installation on a new debian distro with no pre-installed packages : [11min]

    git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git && cd Lockdoor-Framework && chmod +x ./install.sh && ./install.sh 

Lockdoor Tools contents πŸ› οΈ :

Information Gathering πŸ”Ž :

  • Tools:
    • dirsearch : A Web path scanner
    • brut3k1t : security-oriented bruteforce framework
    • gobuster : DNS and VHost busting tool written in Go
    • Enyx : an SNMP IPv6 Enumeration Tool
    • Goohak : Launchs Google Hacking Queries Against A Target Domain
    • Nasnum : The NAS Enumerator
    • Sublist3r : Fast subdomains enumeration tool for penetration testers
    • wafw00f : identify and fingerprint Web Application Firewall
    • Photon : ncredibly fast crawler designed for OSINT.
    • Raccoon : offensive security tool for reconnaissance and vulnerability scanning
    • DnsRecon : DNS Enumeration Script
    • Nmap : The famous security Scanner, Port Scanner, & Network Exploration Tool
    • sherlock : Find usernames across social networks
    • snmpwn : An SNMPv3 User Enumerator and Attack tool
    • Striker : an offensive information and vulnerability scanner.
    • theHarvester : E-mails, subdomains and names Harvester
    • URLextractor : Information gathering & website reconnaissance
    • denumerator.py : Enumerates list of subdomains
    • other : other Information gathering,recon and Enumeration scripts I collected somewhere.
  • Frameworks:
    • ReconDog : Reconnaissance Swiss Army Knife
    • RED_HAWK : All in one tool for Information Gathering, Vulnerability Scanning and Crawling
    • Dracnmap : Info Gathering Framework

Web Hacking 🌐 :

  • Tools:
    • Spaghetti : Spaghetti - Web Application Security Scanner
    • CMSmap : CMS scanner
    • BruteXSS : BruteXSS is a tool to find XSS vulnerabilities in web application
    • J-dorker : Website List grabber from Bing
    • droopescan : scanner , identify , CMSs , Drupal , Silverstripe.
    • Optiva : Web Application Scanne
    • V3n0M : Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
    • AtScan : Advanced dork Search & Mass Exploit Scanner
    • WPSeku : Wordpress Security Scanner
    • Wpscan : A simple Wordpress scanner written in python
    • XSStrike : Most advanced XSS scanner.
    • Sqlmap : automatic SQL injection and database takeover tool
    • WhatWeb : the Next generation web scanner
    • joomscan : Joomla Vulnerability Scanner Project
  • Frameworks:
    • Dzjecter : Server checking Tool

Privilege Escalation ⚠️ :

  • Tools:
    • Linux 🐧 :
      • Scripts :
        • linux_checksec.sh
        • linux_enum.sh
        • linux_gather_files.sh
        • linux_kernel_exploiter.pl
        • linux_privesc.py
        • linux_privesc.sh
        • linux_security_test
      • Linux_exploits folder
    • Windows |Windows| :
      • windows-privesc-check.py
      • windows-privesc-check.exe
    • MySql :
      • raptor_udf.c
      • raptor_udf2.c

Reverse Engineering ⚑:

  • Radare2 : unix-like reverse engineering framework
  • VirtusTotal : VirusTotal tools
  • Miasm : Reverse engineering framework
  • Mirror : reverses the bytes of a file
  • DnSpy : .NET debugger and assembly
  • AngrIo : A python framework for analyzing binaries ( Suggested by @Hamz-a )
  • DLLRunner : a smart DLL execution script for malware analysis in sandbox systems.
  • Fuzzy Server : a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
  • yara : a tool aimed at helping malware researchers toidentify and classify malware samples
  • Spike : a protocol fuzzer creation kit + audits
  • other : other scripts collected somewhere

Exploitation ❗:

  • Findsploit : Find exploits in local and online databases instantly
  • Pompem : Exploit and Vulnerability Finder
  • rfix : Python tool that helps RFI exploitation.
  • InUrlBr : Advanced search in search engines
  • Burpsuite : Burp Suite for security testing & scanning.
  • linux-exploit-suggester2 : Next-Generation Linux Kernel Exploit Suggester
  • other : other scripts I collected somewhere.

Shells 🐚:

  • WebShells : BlackArch's Webshells Collection
  • ShellSum : A defense tool - detect web shells in local directories
  • Weevely : Weaponized web shell
  • python-pty-shells : Python PTY backdoors

Password Attacks ✳️:

  • crunch : a wordlist generator
  • CeWL : a Custom Word List Generator
  • patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

Encryption - Decryption πŸ›‘οΈ:

  • Codetective : a tool to determine the crypto/encoding algorithm used
  • findmyhash : Python script to crack hashes using online services

Social Engineering 🎭:

  • scythe : an accounts enumerator

Lockdoor Resources contents πŸ“š :

Information Gathering πŸ”Ž :

Crypto πŸ›‘οΈ:

Exploitation ❗:

Networking πŸ–§ :

Password Attacks ✳️:

Post Exploitation ❗❗:

Privilege Escalation ⚠️:

Pentesting & Security Assessment Findings Report Templates πŸ“ :

Reverse Engineering ⚑ :

Social Engineering 🎭:

Walk Throughs 🚢 :

Web Hacking 🌐 :

Other πŸ“š :

Contributing :

  1. Read Contributing, The Code of Conduct and The pull request template
  2. Fork it (https://github.com/SofianeHamlaoui/Lockdoor-Framework/fork)
  3. Create your feature branch
  4. Commit your changes
  5. Push to the branch
  6. Create a new Pull Request

More Repositories

1

Pentest-Notes

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
XSLT
329
star
2

Pentest-Bookmarkz

A collection of useful links for Pentesters
144
star
3

WD-Decrypte

Western Digital Decryption tools
Python
75
star
4

ArchI0

ArchI0 : Arch-Based Distros Applications Automatic Installation Script
Shell
28
star
5

TorOverVPN

Setup a Tor over VPN or proxy/ VPS or Docker
Shell
27
star
6

b-ok-scraper

A b-ok.cc Simple Python Scraper
Python
26
star
7

Go-undercover

GUC - Go UnderCover : Switch appearance from *-Linux to Windows ( Kali-undercover for all distros )
Python
22
star
8

Burp-Addons

Burp-Addons : Some of Burp Addons I use ( Mindak ak fahem )
Python
12
star
9

42

My 1-month Experience with @42School (Lyon)
C
12
star
10

CVE-2022-0492-Checker

A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492
Shell
11
star
11

Conti-Clear

Extracted data & informations from the Conti & TrickBot leaks.
11
star
12

Spike-Fuzzer

Spike Fuzzer ( Spike for Archlinux ) && Audits
C
10
star
13

Youtube_Notes

Everything you see on my tutorials is here in this repo
10
star
14

Awesome-Arch

A curated list of awesome Arch-related projects,softwares and resources.
9
star
15

Security-Cheatsheets

Best Version of BriskSec Security Cheatsheets
HTML
8
star
16

nordvpn-rotating

NordVpn Rotating with megasync downloading for bypassing Mega download limits
Shell
8
star
17

movetocorner

A Movetocorner script for tilling WMs window
Shell
7
star
18

Massy-Boutakus-Searcher

MBS - Massy Boutakus Searcher : An FTP/HTTP Servers Files Seacher
Python
5
star
19

CheatSheets-Collection

A collection of CheatSheets
HTML
5
star
20

CySecTools

Cyber Security Tools Collection that I use
Shell
4
star
21

Toolbox

iran-cyber Toolbox
Python
4
star
22

CyberSecurityCare

CyberSecCare : A python Twitter that retweets all Security-Related tweets
Python
3
star
23

Learn-Git-and-Github

Start by learning Git and Github
3
star
24

Blackarch-docker

BlackArch Docker image ( Unofficial )
Dockerfile
3
star
25

Cryto-Minning-Simulator

A Simple Crypto Minning Simulator for my Youtube Bitcoin Explanations
Python
2
star
26

cloudflare-DDNS

Cloudflare DynamicDNS script
Shell
2
star
27

Kali-Dark

Kali Dark theme
CSS
2
star
28

Ana-Chajra

custom Sudo Warning Message
2
star
29

i3-Polybar-showdesktop-module

♻️ A Polybar ShowDesktop module (like the Windows one)
2
star
30

Linux-Commands

Linux Commands
1
star
31

vsc-rce

/
C#
1
star
32

IT_Links

A challenge
1
star
33

redditgtk

Imported from https://gitlab.gnome.org/GabMus/redditgtk
Python
1
star
34

Trickbotleaks

Visual graph of doxed TrickBot group members as published by #trickbotleaks
1
star
35

TweetDeck-Unofficial

Unofficial TweetDeck Desktop app
JavaScript
1
star
36

LuniCleaner

A *nix system cleaner for all linux distributions
Shell
1
star
37

ssn

SSN project: BlueBorne Impact Analysis
Python
1
star
38

Proxy-rotate

Proxy Rotating
Python
1
star
39

Course-Notes

Some Notes I take while taking some Coursera courses
1
star
40

tempus-themes-generator

(Not mine) Tool to build Tempus themes on demand. Tempus is a collection of themes for Vim, text editors, and terminal emulators that are compliant at the very least with the WCAG AA accessibility standard for colour contrast
Shell
1
star
41

bd3m2glTF

A script that converts bd3m files into glTF format, supporting the containing .glb & .bin if available.
Python
1
star