Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement Utils #98

Open
xmpf opened this issue Apr 1, 2020 · 2 comments
Open

Enhancement Utils #98

xmpf opened this issue Apr 1, 2020 · 2 comments
Labels
enhancement New feature or request epic help wanted Extra attention is needed

Comments

@xmpf
Copy link
Contributor

xmpf commented Apr 1, 2020
edited
Loading

URL Grabbing Mechanism

Zolos should be able to grab urls shared in any channel (using a regex to match the URI) and post it to a dedicated channel #links (only zolos should have write permissions to that channel) for archive purposes.

Exploit Searching

Use websites like sploitus.com, exploit-db to search for exploits. This can be useful during CTFs and pentesting
eg: !searchploit wordpress

Reverse Shell "Generator"

From a list of known "payloads" such as pentestmonkey, dynamically configure code with LHOST,LPORT and send it back in the channel.
eg: !rshell 127.0.0.1 4444

Attack Vector Payloads

Find attack payloads for XSS, SQLi, XXE, ...
eg: !payload SQLi MySQL

Hash Cracking

Use hashid python module to identify hash format, and try to crack them using websites like crackstation.net
eg: !hashcrack 098f6bcd4621d373cade4e832627b4f6

Reconnaisance

Use various tools such whois, nslookup, traceroute, ... to provide information about a target
eg !recon website.com
@apogiatzis apogiatzis added epic help wanted Extra attention is needed enhancement New feature or request labels Apr 1, 2020
@s3nn
Copy link
Member

s3nn commented Apr 1, 2020

If we're gonna do this maybe put the info in our wiki or something and use Zolo to just retrieve it? The info should be decoupled from the bot

@apogiatzis
Copy link
Member

If we're gonna do this maybe put the info in our wiki or something and use Zolo to just retrieve it? The info should be decoupled from the bot

Totally agree on that. The data should be decoupled from the bot and configured at setup. We can always provide multiple integration options i.e. fetch from github, wiki, database etc..

@xmpf xmpf mentioned this issue Sep 23, 2020
Merged
apogiatzis pushed a commit that referenced this issue Sep 23, 2020
@xmpf
feat: added functionality for Caesar cipher (#133)
71bb49e 
* Enhancement: Added functionality for Caesar cipher

Issue: #98
utils.py:
+ Added command "!utils rotn"

* fixed "!utils rotn shift msg"
@xmpf xmpf mentioned this issue Sep 24, 2020
Merged
apogiatzis pushed a commit that referenced this issue Sep 24, 2020
@xmpf
feat: !utils genshadow (#135)
8d2d441 
* Enhancement: !utils genshadow

Issue: #98
Added functionality to generate a UNIX hash with a valid /etc/shadow
entry
Usage: !utils genshadow <cleartxt> [<method>]
Available methods:
+ md5
+ blowfish
+ sha256
+ sha512

* minor fixes: utils/genshadow()

* bug fix: replaced isalpha with isnumeric()

* bug fix: replaced isalpha with isnumeric()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request epic help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@xmpf @s3nn @apogiatzis