GyoiThon: Next generation penetration test tool

Danial Zahoor
6 Feb, 2023

Next Generation Penetration Testing Tool Using Machine Learning.

New function!!

The new GyoiThon (version 0.0.4) can list up your subdomain facing on the internet. And if the subdomain is published as a Web service, then GyoiThon executes a health check that a non-destructive vulnerability assessment.

Note
New function uses a Google custom search API. So if you use a new function, then you have to prepare a API key of Google Custom search.
  • ex) Listing up your subdomain.
    First, you have to prepare the domain_list.csv is following:
"Domain Name"
mbsd.jp

And you execute following command.

root@kali:~/GyoiThon# python3 gyoithon.py -i --domain_list

Overview

GyoiThon is Intelligence Gathering tool for Web Server.

GyoiThon execute remote access to target Web server and identifies product operated on the server such as CMS, Web server software, Framework, Programming Language etc,. And, it can execute exploit modules to identified products using Metasploit. GyoiThon fully automatically execute above action.

GyoiThon's main features are following.

  • Remote access/Fully automatic
    GyoiThon can fully automatically gather the information of target Web server using only remote access. You only execute GyoiThon once for your operation.

  • Non-destructive test
    GyoiThon can gather information of target Web server using only normally access.
    But, when you use a part of option, GyoiThon execute abnormally access such as sending exploit modules.

  • Gathering various information
    GyoiThon has various intelligence gathering engines such as Web crawler, Google Custom Search API, Censys, explorer of default contents, examination of cloud services etc,. By analyze gathered information using strings pattern matching and machine learning, GyoiThon can identify product/version/CVE number operated on the target web server, unnecceary html comments/debug messageslogin page etc.

  • Examination of real vulnerability
    GyoiThon can execute exploit modules to identified products using Metasploit.
    As a result, it can examine real vulnerability of target web server.

    • Overview

    Note
    If you are interested, please use them in an environment under your control and at your own risk.

    Installation

    1. git clone GyoiThon's repository.
    root@kali:~# git clone https://github.com/gyoisamurai/GyoiThon.git
    1. Get python3-pip.
    root@kali:~# apt-get update
root@kali:~# apt-get install python3-pip
    1. install required python packages.
    root@kali:~# cd GyoiThon
root@kali:~/GyoiThon# pip3 install -r requirements.txt
root@kali:~/GyoiThon# apt install python3-tk
    1. Edit config.ini of GyoiThon.
      You have to edit your config.ini.
      More information is Usage.

Usage

By using default mode without option and combination of several options, GyoiThon can gather various information of target web server.

usage:
    .\gyoithon.py [-s] [-m] [-g] [-e] [-c] [-p] [-l --log_path=<path>] [--no-update-vulndb]
    .\gyoithon.py [-d --category=<category> --vendor=<vendor> --package=<package>]
    .\gyoithon.py [-i]
    .\gyoithon.py -h | --help
options:
    -s   Optional : Examine cloud service.
    -m   Optional : Analyze HTTP response for identify product/version using Machine Learning.
    -g   Optional : Google Custom Search for identify product/version.
    -e   Optional : Explore default path of product.
    -c   Optional : Discover open ports and wrong ssl server certification using Censys.
    -p   Optional : Execute exploit module using Metasploit.
    -l   Optional : Analyze log based HTTP response for identify product/version.
    -d   Optional : Development of signature and train data.
    -i   Optional : Explore relevant FQDN with the target FQDN.
    -h --help     Show this help message and exit.

Preparation.

  1. Edit target file host.txt.
    You have to write target web server to the host.txt.
    Writting format is protocol FQDN(or IP address) Port Crawling_root_path.
  • Example.
https gyoithon.example.com 443 /

If you want to indicate multiple target information, you have to write below.

https gyoithon.example.com 443 /
http 192.168.220.129 80 /vicnum/
https www.example.com 443 /catalog/
Note
You insert / at the beginning and end of Root Path.
  1. Edit configuration file config.ini.
    Parameters to be changed by the user are defined in the setting file config.ini.
    If you want to change parameters, edit config.ini.
    Detail of config.ini is here.

Execution of GyoiThon.

1. Default mode.

root@kali:~/GyoiThon# python3 gyoithon.py

The default mode gathers following minimum information.

  1. Gathering of HTTP responses by Web crawling.
  2. Identification of product/version using string pattern matching.
  3. Examination of CVE number (from NVD) for identified products.
  4. Examination of unneccesary HTML/JavaScript comments.
  5. Examination of unneccesary debug messages.
  6. Examination of login pages.
  • Crawling setting
    GyoiThon uses Scrapy that Python's library.
    By change the parameters in config.ini, you can change setting of Scrapy.

Operation check environment

  • Kali Linux 2018.2 (for Metasploit)
    • CPU: Intel(R) Core(TM) i5-5200U 2.20GHz
    • Memory: 8.0GB
    • Metasploit Framework 4.16.48-dev
    • Python 3.6.6

Danial Zahoor

Danial Zahoor

Professional Ethical Hacker and Cybersecurity Researcher with a proven track record in dismantling online threats. Successfully neutralized 4 scammer networks, thwarted 13 phishing schemes, and disrupted 4 kidnapper networks. Committed to ensuring online safety and security, I leverage my expertise to protect individuals and organizations from digital threats. Passionate about cybersecurity education and empowering others to stay safe online.

Next Post Previous Post
No Comment
Add Comment
comment url