GyoiThon: Next generation penetration test tool

Next Generation Penetration Testing Tool Using Machine Learning.

New function!!

The new GyoiThon (version 0.0.4) can list up your subdomain facing on the internet. And if the subdomain is published as a Web service, then GyoiThon executes a health check that a non-destructive vulnerability assessment.

New function uses a Google custom search API. So if you use a new function, then you have to prepare a API key of Google Custom search.
  • ex) Listing up your subdomain.
    First, you have to prepare the domain_list.csv is following:
"Domain Name"

And you execute following command.

root@kali:~/GyoiThon# python3 -i --domain_list


GyoiThon is Intelligence Gathering tool for Web Server.

GyoiThon execute remote access to target Web server and identifies product operated on the server such as CMS, Web server software, Framework, Programming Language etc,. And, it can execute exploit modules to identified products using Metasploit. GyoiThon fully automatically execute above action.

GyoiThon's main features are following.

  • Remote access/Fully automatic
    GyoiThon can fully automatically gather the information of target Web server using only remote access. You only execute GyoiThon once for your operation.

  • Non-destructive test
    GyoiThon can gather information of target Web server using only normally access.
    But, when you use a part of option, GyoiThon execute abnormally access such as sending exploit modules.

  • Gathering various information
    GyoiThon has various intelligence gathering engines such as Web crawler, Google Custom Search API, Censys, explorer of default contents, examination of cloud services etc,. By analyze gathered information using strings pattern matching and machine learning, GyoiThon can identify product/version/CVE number operated on the target web server, unnecceary html comments/debug messageslogin page etc.

  • Examination of real vulnerability
    GyoiThon can execute exploit modules to identified products using Metasploit.
    As a result, it can examine real vulnerability of target web server.

  • Overview

    If you are interested, please use them in an environment under your control and at your own risk.


    1. git clone GyoiThon's repository.
    root@kali:~# git clone
    1. Get python3-pip.
    root@kali:~# apt-get update
    root@kali:~# apt-get install python3-pip
    1. install required python packages.
    root@kali:~# cd GyoiThon
    root@kali:~/GyoiThon# pip3 install -r requirements.txt
    root@kali:~/GyoiThon# apt install python3-tk
    1. Edit config.ini of GyoiThon.
      You have to edit your config.ini.
      More information is Usage.


By using default mode without option and combination of several options, GyoiThon can gather various information of target web server.

    .\ [-s] [-m] [-g] [-e] [-c] [-p] [-l --log_path=<path>] [--no-update-vulndb]
    .\ [-d --category=<category> --vendor=<vendor> --package=<package>]
    .\ [-i]
    .\ -h | --help
    -s   Optional : Examine cloud service.
    -m   Optional : Analyze HTTP response for identify product/version using Machine Learning.
    -g   Optional : Google Custom Search for identify product/version.
    -e   Optional : Explore default path of product.
    -c   Optional : Discover open ports and wrong ssl server certification using Censys.
    -p   Optional : Execute exploit module using Metasploit.
    -l   Optional : Analyze log based HTTP response for identify product/version.
    -d   Optional : Development of signature and train data.
    -i   Optional : Explore relevant FQDN with the target FQDN.
    -h --help     Show this help message and exit.


  1. Edit target file host.txt.
    You have to write target web server to the host.txt.
    Writting format is protocol FQDN(or IP address) Port Crawling_root_path.
  • Example.
https 443 /

If you want to indicate multiple target information, you have to write below.

https 443 /
http 80 /vicnum/
https 443 /catalog/
You insert / at the beginning and end of Root Path.
  1. Edit configuration file config.ini.
    Parameters to be changed by the user are defined in the setting file config.ini.
    If you want to change parameters, edit config.ini.
    Detail of config.ini is here.

Execution of GyoiThon.

1. Default mode.

root@kali:~/GyoiThon# python3

The default mode gathers following minimum information.

  1. Gathering of HTTP responses by Web crawling.
  2. Identification of product/version using string pattern matching.
  3. Examination of CVE number (from NVD) for identified products.
  4. Examination of unneccesary HTML/JavaScript comments.
  5. Examination of unneccesary debug messages.
  6. Examination of login pages.
  • Crawling setting
    GyoiThon uses Scrapy that Python's library.
    By change the parameters in config.ini, you can change setting of Scrapy.

Operation check environment

  • Kali Linux 2018.2 (for Metasploit)
    • CPU: Intel(R) Core(TM) i5-5200U 2.20GHz
    • Memory: 8.0GB
    • Metasploit Framework 4.16.48-dev
    • Python 3.6.6

Next Post Previous Post
No Comment
Add Comment
comment url