/weaponizer

This repository contains a script that provide you the possibility to install automatically a set of hacking tools using docker.

Primary LanguageShellMIT LicenseMIT

weaponizer

This repository contains a script that provide you the possibility to install automatically a set of hacking tools using docker.

The tools that will be installed are

  • theHarvester search email, subdomain and host directly releated to your target
  • nmap is a most famous security and port scanner tool
  • RustScan is a modern (and faster) port scanner
  • sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection
  • nikto is a web server scanner
  • metasploit is the most famous penetration testing tool
  • wpscan WordPress security scanner tool

Requirements

Installing

First of all clone this repository

git clone https://github.com/lorenzodisidoro/weaponizer.git

Run the install script

./weaponizer install

Usage

theHarvester

docker run --rm $(whoami):theharvester -h

Nmap

docker run --rm $(whoami):nmap -h

RustScan

docker run -it --rm --name rustscan rustscan/rustscan -h

Metasploit

docker run --rm -it -v "${HOME}/.msf:/home/msf/.msf4" -p 4444:4444 metasploitframework/metasploit-framework ./msfconsole

sqlmap

docker run --rm $(whoami):sqlmap -h

Nikto

docker run --rm $(whoami):nikto -h

WPScan

docker run --rm $(whoami):wpscan -h

If you want access a file (e.g. password list), you have to mount the password file with -v. Following an example that show you how to provide the wordlist file to wpscan command in order to perform a brute force attack:

docker run -it -v "~/local/path/wordlist.txt":/wpscan/wordlist.txt --rm $(whoami):wpscan --url www.hackme.net --usernames admin -P wordlist.txt

Remove docker image

Run the following command to uninstall a tool

./weaponizer uninstall <TOOL_NAME>