Quantcast
Channel: KitPloit - PenTest Tools!
Viewing all articles
Browse latest Browse all 5816

Galileo - Web Application Audit Framework

$
0
0

Galileo is an open source penetration testing tool for web application, which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.

Installation
$ git clone https://github.com/m4ll0k/Galileo.git galileo
$ cd galileo
Install requirements
$ pip install -r requirements.txt
or
$ apt-get install python-pysocks
For windows
$ python -m pip install pysocks
Run
$ python galileo.py

Usage
Set global options:
galileo #> set
Set A Context-Specific Variable To A Value
------------------------------------------
- Usage: set <option> <value>
- Usage: set COOKIE phpsess=hacker_test


Name Current Value Required Description
---------- ------------- -------- -----------
PAUTH no Proxy auth credentials (user:pass)
PROXY no Set proxy (host:port)
REDIRECT True no Set redirect
THREADS 5 no Number of threads
TIMEOUT 5 no Set timeout
USER-AGENT Mozilla/5.0 (X11; Ubuntu; Linux x86_64) yes Set user-agent
VERBOSITY 1 yes Verbosity level (0 = minimal,1 = verbose)
Search module:
galileo #> search disclosure
[+] Searching for 'disclosure'...

Disclosure
----------
disclosure/code
disclosure/creditcard
disclosure/email
disclosure/privateip
Show modules:
galileo #> show modules

Bruteforce
----------
bruteforce/auth_brute
bruteforce/backup_brute
bruteforce/file_dir_brute

Disclosure
----------
disclosure/code
disclosure/creditcard
disclosure/email
disclosure/privateip

Exploits
--------
exploits/shellshock

Fingerprint
-----------
fingerprint/cms
fingerprint/framework
fingerprint/server

Injection
---------
injection/os_command_injection
injection/sql_injection

Scanner
-------
scanner/asp_trace

Tools
-----
tools/socket
Use module:
galileo #> use bruteforce/backup_brute
galileo bruteforce(backup_brute) #>
Set module options
galileo bruteforce(backup_brute) #> show options

Name Current Value Required Description
-------- ------------- -------- -----------
EXTS no Set backup extensions
HOST yes The target address
METHOD GET no HTTP method
PORT 80 no The target port
URL_PATH / no The target URL path
WORDLIST yes Common directory wordlist

galileo bruteforce(backup_brute) #> set HOST www.xxxxxxx.com
HOST => www.xxxxxxx.com
galileo bruteforce(backup_brute) #> set WORDLIST /home/m4ll0k/Desktop/all.txt
WORDLIST => /home/m4ll0k/Desktop/all.txt
Run:
galileo bruteforce(backup_brute) #> run




Viewing all articles
Browse latest Browse all 5816

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>