offensive-hub / Black Widow
Licence: gpl-3.0
GUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Black Widow
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+2272.58%)
Mutual labels: crawler, penetration-testing, sql-injection
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1454.84%)
Mutual labels: penetration-testing, offensive-security, sql-injection
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-31.45%)
Mutual labels: penetration-testing, cybersecurity, offensive-security
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+244.35%)
Mutual labels: open-source, penetration-testing, tool
Ptdesigner
Library and GUI tool for designing and generation of procedural textures, made as a part of my Bachelor thesis.
Stars: ✭ 77 (-37.9%)
Mutual labels: tool, gui
Mssqli Duet
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-33.87%)
Mutual labels: penetration-testing, sql-injection
Birthdaybuddy
A simple material-design orientated app to handle your friends' birthdays and other special events
Stars: ✭ 90 (-27.42%)
Mutual labels: open-source, tool
Fwdsh3ll
Forward shell generation framework
Stars: ✭ 62 (-50%)
Mutual labels: penetration-testing, cybersecurity
In Spectre Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-30.65%)
Mutual labels: penetration-testing, tool
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+8328.23%)
Mutual labels: penetration-testing, cybersecurity
Rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-38.71%)
Mutual labels: penetration-testing, cybersecurity
Penetration Testing Cheat Sheet
Work in progress...
Stars: ✭ 69 (-44.35%)
Mutual labels: penetration-testing, offensive-security
Neutron
Neutron is a CLI developed to help developers create new react projects with Redux + Redux Saga and offers well-structured code standardization.
Stars: ✭ 65 (-47.58%)
Mutual labels: open-source, tool
Punk.py
unix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-13.71%)
Mutual labels: penetration-testing, offensive-security
Pentest Notes
Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-28.23%)
Mutual labels: penetration-testing, offensive-security
D4n155
OWASP D4N155 - Intelligent and dynamic wordlist using OSINT
Stars: ✭ 105 (-15.32%)
Mutual labels: crawler, tool
Fawkes
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.
Stars: ✭ 108 (-12.9%)
Mutual labels: crawler, sql-injection
Gong Wpf Dragdrop
The GongSolutions.WPF.DragDrop library is a drag'n'drop framework for WPF
Stars: ✭ 1,669 (+1245.97%)
Mutual labels: open-source, gui
Csswand
🎨✨ Hover your wand and use your magic spell to copy beautiful css
Stars: ✭ 1,046 (+743.55%)
Mutual labels: open-source, tool
description: >- black-widow is one of the most useful, powerful and complete offensive penetration testing tool
black-widow
Offensive penetration testing tool (Open Source)
black-widow provides easy ways to execute many kinds of information gatherings and attacks.
- Fully Open Source
- Written in Python
- Continuously updated and extended
Features
- [x] Localhost Web GUI
- [x] Sniffing
- [x] Website crawling
- [x] Web page parsing
- [ ] SQL injection
- [ ] Injected database management
- [ ] Brute force attacks
- [ ] Cluster between other black-widows
- [ ] Multiple asynchronous requests
- [ ] Multiple targets management
- [ ] Useful CTF features
APT installation (ubutu/debian)
sudo add-apt-repository ppa:offensive-hub/black-widow
sudo apt-get update
sudo apt-get install black-widow
APT installation (other distro)
- Put the following text on
/etc/apt/sources.list.d/black-widow.list
file:deb http://ppa.launchpad.net/offensive-hub/black-widow/ubuntu focal main deb-src http://ppa.launchpad.net/offensive-hub/black-widow/ubuntu focal main
- Execute the following commands:
sudo sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5D26C76613E84EA9 sudo apt-get update sudo apt-get install black-widow
PyPI installation
sudo pip3 install black-widow
Docker installation
If you haven't Docker, install it
- GUI:
docker run -d -p 8095:80 offensive/black-widow -g
- Than visit: http://localhost:8095
- Command line:
docker run --rm offensive/black-widow <arguments>
Manual installation
sudo apt-get update && sudo apt-get install tidy clang tshark
mkdir black-widow
cd black-widow
touch black-widow.py && chmod +x black-widow.py
- Copy and paste the following code in file
black-widow.py
:#!/usr/bin/env python3 from black_widow.black_widow import main if __name__ == "__main__": main()
git clone [email protected]:offensive-hub/black-widow.git black_widow
sudo pip3 install -U -r black_widow/requirements.txt
./black-widow.py --django migrate
- Now you can run black-widow with:
./black-widow.py <arguments>
Run
-
GUI:
black-widow -g
-
Command line:
black-widow <arguments>
Debug
- Run django (examples):
black-widow --django runserver
black-widow --django help
black-widow --django "help createsuperuser"
Project layout
[root]
|
|-- app/ # Main application package
| |
| |-- arguments/ # User input arguments parser (100%)
| |
| |-- attack/ # Attack modality package (0%)
| |-- defense/ # Defense modality package (0%)
| |
| |-- gui/ # Graphical User Interface package (100%)
| |
| |-- helpers/ # Helper methods package (100%)
| |
| |-- managers/ # Managers package
| | |
| | |-- cluster/ # Cluster managers package (0%)
| | |-- crypto/ # Encryption managers package (70%)
| | |-- injection/ # Injection managers package (60%)
| | |-- parser/ # Parser managers package (100%)
| | |-- request/ # Request managers package (70%)
| | |-- sniffer/ # Sniffer managers package (95%)
| |
| |-- services/ # Services package
| | |
| | |-- logger.py # Logger service (100%)
| | |-- multitask.py # MultiTask service (100%)
| | |-- serializer.py # PickleSerializer and JsonSerializer serivces (100%)
| |
| |-- storage/ # Storage directory
| |
| |-- env.py # Environment variables management
|
|-- .env # Environment variables
|
|-- black-widow.py # Main executable
Links
- Homepage: https://black-widow.eu
- PyPI: https://pypi.org/project/black-widow
- GitHub: https://github.com/offensive-hub/black-widow
- Docker Registry: https://hub.docker.com/r/offensive/black-widow
- PPA: Launchpad.net
- Free Software Directory: https://directory.fsf.org/wiki/Black-widow
Contacts
Authors
Thanks to
Follow Us
SPONSORS
1st level Sponsors
2nd level Sponsors
3th level Sponsors
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].