You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
**Warning**: _Not all DNS records are implemented so check on this table what DNS records are available._
24
27
25
28
| RECORDS | STATUS |
@@ -35,20 +38,31 @@ Well, now you are ready to use the script, so enjoy it!
35
38
36
39
## Whois function
37
40
38
-
The whois function generates a dictionary with the information but I recommend to check the availability of the keys for the specified domain, anyway if the key isn't available an error message will be shown.
**Options**: `-f <filename>, -u(full information flag)`
52
+
53
+
_Note: If **-u** flag is set, you will get full information about the devices or services found. Otherwise, you will get only the IP._
54
+
44
55
The Shodan search function (ssearch) uses the Shodan external library in order to integrate Shodan browser in our script.
45
56
46
57
The script implements a "simple search"(is simple as you want), for the search query parameters we will put exactly the same that if we were searching using Shodan website but with the filters separated by "-" here is an example of search query:
The banner grabbing function first creates a socket with the specified IP and port, so we can use a list of ports (separated by `:`).
53
67
54
68
**Warning**: _Not all services are implemented so check on this table what service is available._
@@ -64,18 +78,25 @@ The banner grabbing function first creates a socket with the specified IP and po
64
78
65
79
## Flooding using PCAP function
66
80
81
+
**Usage**: `# python3 pentesting-multitool.py -o <number of sends or packets(generator mode)> -f <pcap filename>`
82
+
**Options**: `-g (Generator mode flag)`
83
+
67
84
The flooding function have two options. The first option is the generator mode that creates a PCAP file with a specified amount of packets and name. Those packets have two layers IP and ICMP (Echo request).
68
85
69
86
For the flood mode, using TCPReplay, we will send the list of packets included on the PCAP file in a loop of _n_ iterations. It's recommended to add 200 packets to the file for DOS Attack and 100 packets to generate latency increase but that varies between networks and AP's.
The fuzzing function will generate a number of random packets with UDP, TCP or ICMP layer as indicated by the user, _n_ times (number of generations parameter). After sending the packet it will wait for a response one second, if there is no response then a default packet will be created. All packets will be stored in a PCAP afterwards, where the first packet is the sent packet and the second one is the response of this packet.
74
93
75
94
Also, is obvius that you have to set the target IP because it useless to set it by using Scapy RandIP function.
Well, first I want to clarify that it is not a tool designed to attack, it is a tool to check if our network is vulnerable to a mitm scheme attack using ARP Spoofing.
80
101
81
102
Using ARP Spoofing we indicate to the router that the victim's IP is in our MAC Address and at the same time we indicate to the victim that the gateway's IP address is in our MAC address so we are intercepting all the traffic between the victim and the router.
0 commit comments