AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

README

pythem - Penetration Testing Framework

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license.

Installation

Links:

• Create a Desktop Shortcut

Linux Installation

Dependencies Installation

NOTE: Tested only with Debian-based distros, feel free to try the dependencies installation with yum or zypper if you use Redhat-like or SUSE-like.

sudo apt-get update
sudo apt-get install -y build-essential python-dev python-pip tcpdump python-capstone \
libnetfilter-queue-dev libffi-dev libssl-dev

Installation

• With pip:

sudo pip install pythem

• With source:

git clone https://github.com/m4n3dw0lf/pythem
cd pythem
sudo python setup.py install

• With source and pip:

git clone https://github.com/m4n3dw0lf/pythem
cd pythem
sudo python setup.py sdist
sudo pip install dist/*

Running

• Call on a terminal (Requires root privileges):

$ sudo pythem

Running as Docker container

• Requires Docker

docker run -it --net=host --rm --name pythem m4n3dw0lf/pythem

Usage

Examples

• ARP spoofing - Man-in-the-middle.
• ARP+DNS spoof - fake page redirect to credential harvester
• DHCP ACK Injection spoofing - Man-in-the-middle
• Man-in-the-middle inject BeEF hook
• SSH Brute-Force attack.
• Web page formulary brute-force
• URL content buster
• Overthrow the DNS of LAN range/IP address
• Redirect all possible DNS queries to host
• Get Shellcode from binary
• Filter strings on pcap files
• Exploit Development 1: Overwriting Instruction Pointer
• Exploit Development 2: Ret2libc

Developing

• Running tests.

Commands Reference

Index

Core

• help
• exit/quit
• set
• print

Network, Man-in-the-middle and Denial of service (DOS)

• scan
• webcrawl
• arpspoof
• dhcpspoof
• dnsspoof
• redirect
• sniff
• dos
• pforensic
  pforensic: Commands Reference
  
  • help
  • clear
  • exit/quit
  • show
  • conversations
  • packetdisplay
  • filter

Exploit development and Reverse Engineering

• xploit
  xploit: Commands Reference
  
  • help
  • clear
  • exit/quit
  • set
  • shellcode
  • encoder
  • decoder
  • search
  • xploit
  • cheatsheet
  • fuzz
  • decode/encode

Brute Force

• brute

Utils

• decode/encode
• cookiedecode