WMD is a python tool with an accumulation of IT security software. The product is incapsulated in “modules”. The modules consists of unadulterated python code and or external third programs.
Also Read Air-Hammer – A Online Brute-Force Attack Tool
Run the command “www” from the console to activate a Flask server showing the modules in your browser. Access it from: 127.0.0.1:5000.
Modules are loaded directly into a xterm.
DEV: Try the SniffHTTP and APsniff module – define parameters in the browser.
CAT | TYPE | CALL | NAME | DESCRIPTION |
---|---|---|---|---|
bruteforce | creds | changeme | Default creds scan | Scan IP’s for services and try logging in with default credentials (Arthur: ztgrace) |
bruteforce | loginpath | adminfinder | Admin Finder | A Simple script to find admin-paths for webpages. (Arthur: Spaddex) |
bruteforce | rar | bfrar | BF RAR | Bruteforce a RAR file |
bruteforce | ssh | bfssh | Bruteforce SSH | Bruteforce SSH login |
bruteforce | web | bfweb | Bruteforce weblogin form | Bruteforce a weblogin form with word- and passlist |
bruteforce | zip | bfzip | BF ZIP | Bruteforce a ZIP file |
cracking | aut | john | John the Ripper | As you know – kill the hash |
cracking | hash | hashid | Identify hash | Identify a hash |
cracking | wpa | crackwpa | Crack WPA 4-way handshake | Gather WPA 4-way handshake from accesspoint and crack it |
exploit | browser | browserpwn | Browser Autopwn2 | This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com) |
exploit | search | exploitdb | Exploitdb | Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu) |
sin | mspoofcheck | Spoofcheck email domain | Check if a domain can be spoofed for e.g. emailing | |
monitor | arp | arpmon | ARP monitor alert | Monitor ARP table and alert for changes |
monitor | ip | ipmon | IP monitor alert | Monitor IP’s and alert for changes |
other | settings | settings | Change settings | Change your environment settings, e.g. interface |
pentesting | niptt | sparta | SPARTA | SPARTA is a python GUI application which simplifies network infrastructure penetration testing. |
phishing | ap | etphis | Ewil Twin phishing | Create a Evil Twin and redirect user to fake password page. |
phishing | webpage | webphis | Webpage phishing | Run a local flask server with phishing pages. |
recon | dns | dig | Domain info groper | Using dig command you can query DNS name servers for your DNS lookup related tasks |
recon | dns | dnsmap | dnsmap | DNS Network Mapper. Enumeration and bruteforcing. |
recon | dns | dnsrecon | dnsrecon | Multiple DNS recon abilities. |
router | framework | rsploit | Routersploit | Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security) |
scan | sin | lanscan | Lan scan | Scan local net – recon |
sniff | aut | apsniff | AP sniff | Create AP and sniff HTTPS and avoid HSTS + Beef |
sniff | http | sniffhttp | Sniff HTTP | Sniff HTTP packages. Extract username and passwords from traffic. |
sniff | sin | bettercap | Bettercap | Bettercap integration for sniffing packets and bypass HSTS and HTTPS |
socialeng | instabot | Instagram bot | Instagram bot for performing various activities (Arthur: LevPasha) | |
spoof | arp | arpspoof | ARP spoof | Spoofing ARP |
sql | sqli | gdsqli | Gdork SQLi | Scrape net for urls and check if they are prone to SQL injection |
sql | sqli | sqlmap | SQLmap | Just an activation of SQLmap. |
system | mac | macc | Macchanger | Change your MAC address |
tools | search | searchht | Search hacktools | Searchengine for hackingtools |
wifi | accesspoint | createap | Create an Accesspoint | Create an Accesspoint |
wifi | wifi | wifiutils | WiFi utils | Utilities for WiFi, e.g. deauth, WiFi’s, clients, probes, etc. |
Before your first run, please: 1. Adjust your environment settings in core/config.ini.default
2. Rename core/config.ini.default
to core/config.ini
Start the console with: python3 wmd.py
Start a single module: python3 wmd.py -m [CALL]
Start webserver: python3 wmd.py -w
Start without checking requirements: python3 wmd.py -nc
Before your first run, please: 1. Adjust your environment settings in core/config.ini.default
2. Rename core/config.ini.default
to core/config.ini
Requirements:
Optional tools/software/GIT:
modules which needs them will inform you about it and just dont run..
Checkout the template in modules/module_template.py
Run python3 wmd.py -a modulePathName.py
Do a run through config.ini and extract names for the updatecommand instead of DRY in two functions
Introduction Unlock the full potential of your Linux system with this comprehensive guide to essential…
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…