Pythem – Penetration Testing Framework

Pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals.

The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license.

Linux Installation

• Dependencies
  • build-essential
  • python-dev
  • python-capstone
  • libnetfilter-queue-dev
  • libffi-dev
  • libssl-dev
  • tcpdump

Dependencies Installation

NOTE: Tested only with Debian-based distros, feel free to try the dependencies installation with yum or zypper if you use Redhat-like or SUSE-like.

$ sudo apt-get update
$ sudo apt-get install build-essential python-dev tcpdump python-capstone
$ sudo apt-get install libnetfilter-queue-dev libffi-dev libssl-dev

Installation

• With pip:

$ pip install pythem

• With source:

$ git clone https://github.com/m4n3dw0lf/pythem
$ cd pythem
$ sudo python setup.py install

• With source and pip:

$ git clone https://github.com/m4n3dw0lf/pythem
$ cd pythem
$ sudo python setup.py sdist
$ pip install dist/*

Running

• Call on a terminal (Requires root privileges):

$ sudo pythem

Also Read : Formphish – Auto Phishing Form Based Websites

Running as Docker container

• Requires Docker

$ docker run -it –net=host –name pythem m4n3dw0lf/pythem

Create a Desktop Shortcut

nside pythem directory execute the following commands:

#!/bin/bash
cat <<EOT > ~/.local/share/applications/pythem.desktop
[Desktop Entry]
Name=pythem
Exec=pythem
StartupNotify=true
Terminal=true
Type=Application
Icon=$PWD/img/pythemico.png
EOT

Usage

Examples

• ARP spoofing – Man-in-the-middle.
• ARP+DNS spoof – fake page redirect to credential harvester
• DHCP ACK Injection spoofing – Man-in-the-middle
• Man-in-the-middle inject BeEF hook
• SSH Brute-Force attack.
• Web page formulary brute-force
• URL content buster
• Overthrow the DNS of LAN range/IP address
• Redirect all possible DNS queries to host
• Get Shellcode from binary
• Filter strings on pcap files
• Exploit Development 1: Overwriting Instruction Pointer
• Exploit Development 2: Ret2libc

Developing

• Running tests.

Commands Reference

• Index
  • Core
    • help
    • exit/quit
    • set
    • print
  • Network, Man-in-the-middle and Denial of service (DOS)
    • scan
    • webcrawl
    • arpspoof
    • dhcpspoof
    • dnsspoof
    • redirect
    • sniff
    • dos
    • pforensic
  • pforensic: Commands Reference
    • help
    • clear
    • exit/quit
    • show
    • conversations
    • packetdisplay
    • filter
  • Exploit development and Reverse Engineering
    • xploit
  • xploit: Commands Reference
    • help
    • clear
    • exit/quit
    • set
    • shellcode
    • encoder
    • decoder
    • search
    • xploit
    • cheatsheet
    • fuzz
    • decode/encode
  • Brute Force
    • brute
  • Utils
    • decode/encode
    • cookiedecode