.png)
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
Features
- Fully automatic! (Use
-yflag to enable) - Detect network IP range without any user input.
- Vulnerability detection based on version.
- Web app vulnerability testing. (Only LFI for now)
- Get information about the vulnerability right from your terminal.
- Automatically download exploit related with vulnerability.
- Noise mode for creating a noise on the network.
- Evasion mode for being sneaky.
- Automatically decide which scan types to use based on privilege.
- Easy to read output.
- Specify your arguments using a config file.
- Send scan results via webhook or email.
- Works on Windows, MacOS and Linux.
How does it work?
AutoPWN Suite uses nmap TCP-SYN scan to enumerate the host and detect the version of softwares running on it. After gathering enough information about the host, AutoPWN Suite automatically generates a list of “keywords” to search NIST vulnerability database.
Installation
You can install it using pip. (sudo recommended)
sudo pip install autopwn-suite
OR
You can clone the repo.
git clone https://github.com/GamehunterKaan/AutoPWN-Suite.git
OR
You can download debian (deb) package from releases.
sudo apt-get install ./autopwn-suite_1.5.0.deb
Usage
Running with root privileges (sudo) is always recommended.
Automatic mode (This is the intended way of using AutoPWN Suite.)
autopwn-suite -y
Help Menu
$ autopwn-suite -h
usage: autopwn.py [-h] [-v] [-y] [-c CONFIG] [-t TARGET] [-hf HOSTFILE] [-st {arp,ping}] [-nf NMAPFLAGS] [-s {0,1,2,3,4,5}] [-a API] [-m {evade,noise,normal}]
[-nt TIMEOUT] [-o OUTPUT] [-rp {email,webhook}] [-rpe EMAIL] [-rpep PASSWORD] [-rpet EMAIL] [-rpef EMAIL] [-rpes SERVER] [-rpesp PORT] [-rpw WEBHOOK]
AutoPWN Suite
options:
-h, –help show this help message and exit
-v, –version Print version and exit.
-y, –yesplease Don’t ask for anything. (Full automatic mode)
-c CONFIG, –config CONFIG
Specify a config file to use. (Default : None)
Scanning:
Options for scanning
-t TARGET, –target TARGET
Target range to scan. This argument overwrites the hostfile argument. (192.168.0.1 or 192.168.0.0/24)
-hf HOSTFILE, –hostfile HOSTFILE
File containing a list of hosts to scan.
-st {arp,ping}, –scantype {arp,ping}
Scan type.
-nf NMAPFLAGS, –nmapflags NMAPFLAGS
Custom nmap flags to use for portscan. (Has to be specified like : -nf=”-O”)
-s {0,1,2,3,4,5}, –speed {0,1,2,3,4,5}
Scan speed. (Default : 3)
-a API, –api API Specify API key for vulnerability detection for faster scanning. (Default : None)
-m {evade,noise,normal}, –mode {evade,noise,normal}
Scan mode.
-nt TIMEOUT, –noisetimeout TIMEOUT
Noise mode timeout. (Default : None)
Reporting:
Options for reporting
-o OUTPUT, –output OUTPUT
Output file name. (Default : autopwn.log)
-rp {email,webhook}, –report {email,webhook}
Report sending method.
-rpe EMAIL, –reportemail EMAIL
Email address to use for sending report.
-rpep PASSWORD, –reportemailpassword PASSWORD
Password of the email report is going to be sent from.
-rpet EMAIL, –reportemailto EMAIL
Email address to send report to.
-rpef EMAIL, –reportemailfrom EMAIL
Email to send from.
-rpes SERVER, –reportemailserver SERVER
Email server to use for sending report.
-rpesp PORT, –reportemailserverport PORT
Port of the email server.
-rpw WEBHOOK, –reportwebhook WEBHOOK
Webhook to use for sending report.
.png&description=AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically. Fully automatic.){kind=link}