lacewing 0.1.0

data/lib/lacewing/exploits.rb

@@ -0,0 +1,119 @@
+require 'lacewing/core'
+
+module Lacewing
+  class Exploits
+
+    def self.lfi
+      puts 'LFI: Local File Inclusion'.bold.green
+      puts Lacewing::PROMPT + 'Here are a few articles on how to test LFI:'
+      places = ['https://www.owasp.org/index.php/Testing_for_Local_File_Inclusion', 'https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/']
+      places.each { |i| puts "\t#{i}"}
+
+      puts Lacewing::PROMPT + 'Here are some common payloads:'
+      payloads = %w[../../../../etc/passwd ../../../../etc/shadow ../../../../var/mail/root]
+      payloads.each { |i| puts "\t#{i}" }
+
+      puts 'Press any key to continue... '.bold.green
+      return if STDIN.getch
+    end
+
+    def self.rce
+      puts 'RCE: Remote Code Execution'.bold.green
+      puts Lacewing::PROMPT + 'There\'s a lot of different kinds of RCE, so here are some examples:'
+      examples = %w[https://thehackernews.com/2018/04/windows-patch-updates.html https://www.symantec.com/security_response/vulnerability.jsp?bid=102375 https://en.wikipedia.org/wiki/EternalBlue]
+      examples.each { |i| puts "\t#{i}" }
+
+      puts Lacewing::PROMPT + 'Here are some tools to use:'
+      tools = ['Metasploit Framework - metasploit.com', 'Golismero - golismero-project.com/']
+      tools.each { |i| puts "\t#{i}"}
+
+      puts 'Press any key to continue... '.bold.green
+      return if STDIN.getch
+    end
+
+    def self.xss
+      puts 'XSS: Cross-Site Scripting'.bold.green
+      xss_types = ['Reflected - Specially crafted input returned back to user', 'Stored - Permanent Injection', 'DOM-based - XSS artifact as an HTML DOM']
+      type = $prompt.select('There are different kinds of XSS attacks. Which one do you want?', xss_types)
+      case type
+        when xss_types[0]
+          ref = [
+                  'https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OWASP-DV-001)',
+                 'https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet',
+                 'https://security.stackexchange.com/questions/65142/what-is-reflected-xss'
+                ]
+          puts Lacewing::PROMPT + 'Here are some references to Reflected XSS:'
+          ref.each { |i| puts "\t#{i}" }
+        when xss_types[1]
+          ref = [
+                  'https://www.incapsula.com/web-application-security/cross-site-scripting-xss-attacks.html',
+                  'https://www.hackingloops.com/what-is-stored-cross-site-scripting-or-stored-xss/',
+                  'https://www.acunetix.com/websitesecurity/xss/'
+                ]
+          puts Lacewing::PROMPT + 'Here are some references for Stored XSS'
+          ref.each { |i| puts "\t#{i}" }
+        when xss_types[2]
+          ref = [
+                  'https://www.owasp.org/index.php/DOM_Based_XSS',
+                  'https://www.netsparker.com/blog/web-security/dom-based-cross-site-scripting-vulnerability/',
+                  'https://en.wikipedia.org/wiki/Cross-site_scripting#Server-side_versus_DOM-based_vulnerabilities'
+                ]
+          puts Lacewing::PROMPT + 'Here are some references for DOM-based XSS'
+          ref.each { |i| puts "\t#{i}" }
+      end
+      puts 'Press any key to continue... '.bold.green
+      return if STDIN.getch
+    end
+
+    def self.code_injection
+      puts 'Code Injection - An attack to inject code into a vulnerable computer program to change the course of execution.'.bold.green
+      puts Lacewing::PROMPT + 'Here are some references for different kinds of code injection vulnerabilities'
+      ref = [
+              'Shell Injection - https://en.wikipedia.org/wiki/Code_injection#Shell_injection',
+              'HTML Injection - https://en.wikipedia.org/wiki/Code_injection#HTML_script_injection',
+              'https://en.wikipedia.org/wiki/Code_injection#Object_injection'
+            ]
+      ref.each { |i| puts "\t#{i}" }
+
+      puts 'Press any key to continue...'.bold.green
+      return if STDIN.getch
+    end
+
+    def self.reverse_shell
+      puts 'Reverse Shell - The act of redirecting the input and output of a shell to a service so that it can be remotely accessed'.bold.green
+      puts Lacewing::PROMPT + "If you've found some sort of code injection vulnerability, you can use a reverse shell to get full access"
+      puts Lacewing::PROMPT + 'Here are a few great tools to exploit a reverse shell:'
+      tools = [
+                'Shell.now - https://shell.now.sh/',
+                'Metasploit - https://metasploit.com',
+                'Turtle - https://github.com/buckyroberts/Turtle'
+              ]
+      tools.each { |i| puts "\t#{i}" }
+      puts 'Press any key to continue...'.bold.green
+      return if STDIN.getch
+    end
+
+    def self.sqli
+      puts 'SQL Injection - An attack in which nefarious SQL statements are inserted into an entry field for execution'.bold.green
+      puts Lacewing::PROMPT + 'Here are some tools for exploiting SQL injections:'
+      tools = [
+                'SQLMap - https://github.com/sqlmapproject/sqlmap',
+                'BBQSQL - https://github.com/Neohapsis/bbqsql/',
+                'SQLNinja - https://github.com/xxgrunge/sqlninja'
+              ]
+      tools.each { |i| puts "\t#{i}" }
+
+      puts Lacewing::PROMPT + 'Here are some articles on SQL Injection:'
+      ref = [
+              'https://en.wikipedia.org/wiki/SQL_injection',
+              'https://technet.microsoft.com/en-us/library/ms161953(v=sql.105).aspx',
+              'https://www.veracode.com/security/sql-injection'
+            ]
+      ref.each { |i| puts "\t#{i}" }
+
+      puts 'Press any key to continue...'.bold.green
+      return if STDIN.getch
+    end
+
+  end
+end

data/lib/lacewing/scans.rb

@@ -0,0 +1,32 @@
+module Lacewing
+  class Scans
+    def self.subdomains
+      return unless $prompt.yes?(Lacewing::PROMPT + 'Do you want to find subdomains?')
+      puts Lacewing::PROMPT + "Here are a few places you can get #{'subdomains'.bold}:"
+      places = ["https://www.virustotal.com/#/domain/#{$target.gsub('http://', '')}", 'https://dnsdumpster.com/', 'https://pentest-tools.com/information-gathering/find-subdomains-of-domain']
+
+      places.each { |i| puts "\t#{i}" }
+
+      if $prompt.yes?(Lacewing::PROMPT + 'Would you like to open one of these in a browser?')
+        url = $prompt.select('Which one?', places)
+        system("open \"#{url}\"")
+      end
+    end
+
+    def self.nmap
+      puts Lacewing::PROMPT + 'Here are some nmap scans to get info on ' + $target
+      scans = ["nmap -p 1-65535 -sV -sS -T4 \"#{$target}\"", "nmap -v -sS -A -T4 \"#{$target}\"", "nmap -v -Pn -sS -sV --version-light \"#{$target}\""]
+      scans.each { |i| puts "\t#{i}" }
+      if $prompt.yes?(Lacewing::PROMPT + 'Would you like to execute one of these? (nmap required)')
+        if `which nmap`.empty?
+          puts Lacewing::PROMPT + 'nmap is not installed. Skipping...'.red
+        else
+          cmd = $prompt.select('Which one?', scans)
+          system(cmd)
+        end
+      end
+    end
+
+  end # Scans
+end # Lacewing
+

data/lib/lacewing/version.rb

@@ -0,0 +1,3 @@
+module Lacewing
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,203 @@
+--- !ruby/object:Gem::Specification
+name: lacewing
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- cbrnrd
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-04-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: trollop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: tty-prompt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.0
+- !ruby/object:Gem::Dependency
+  name: colorize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.8.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.8.1
+- !ruby/object:Gem::Dependency
+  name: rex-text
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.18
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.18
+- !ruby/object:Gem::Dependency
+  name: rex-socket
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.14
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.14
+- !ruby/object:Gem::Dependency
+  name: http
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Lacewing is a tool to assist you in your bug bounty adventures.
+email:
+- cbawsome77@gmail.com
+executables:
+- lacewing
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".idea/.rakeTasks"
+- ".idea/codeStyles/Project.xml"
+- ".idea/dbnavigator.xml"
+- ".idea/lacewing.iml"
+- ".idea/misc.xml"
+- ".idea/modules.xml"
+- ".idea/vcs.xml"
+- ".idea/workspace.xml"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/lacewing
+- img/logo.png
+- img/text-gradient.png
+- lacewing.gemspec
+- lib/lacewing.rb
+- lib/lacewing/cli.rb
+- lib/lacewing/constants.rb
+- lib/lacewing/core.rb
+- lib/lacewing/exploits.rb
+- lib/lacewing/scans.rb
+- lib/lacewing/version.rb
+- tools/.keep
+homepage: https://github.com/cbrnrd/lacewing
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2
+signing_key: 
+specification_version: 4
+summary: "\U0001F997 Your neighborhood bug bounty assistant"
+test_files: []