Skip to content
forked from AlaBouali/bane

this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's a very intelligent tool ! It can easily detect: XSS (reflected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal... and more

License

Notifications You must be signed in to change notification settings

redbankdev/bane

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

"Oh, you think darkness is your ally. But you merely adopted the dark; I was born in it, molded by it. I didn't see the light until I was already a man, by then it was nothing to me but BLINDING! The shadows betray you, because they belong to me!" -Bane (Dark Knight)

                            .///` `.--::::::---.`` `///.                                    
                            h-.-s+++/--<br>.---/+o++s:.-h                                    
                            ++..-.                `:../s                                    
                         -+ydm-..:                :..-dmho:`                                
                      :odmNNNNs..-.              `:..+MNNNmmy/.                            `
                   .odmNNNNMMMN`..:              -..`mMMMMNNNNmy:                           
                  +mNNNNMMMMMMMo`.:`             :``/MMMMMMMMNNNmy.                         
                .yNNNNMMMMMMMMMd` `-<br>```````..-` `yMMMMMMMMMMNNNd:                        
               -dNNNMMMMMMMMMMMN`  ..-`      `-`-   mMMMMMMMMMMMMNNmo                       
              :mNNNMMMMMMMMMMMMM:   .         `.`  -MMMMMMMMMMMMMMNNNs`                     
             /mNNNMMMMMMMMMMMMMMy   ---      .--   oMMMMMMMMMMMMMMMNNNy`                    
            :mNNNMMMMMMMMMMMMMMMN```:.````````.:```dMMMMMMMMMMMMMMMMNNNy`                   
           -mNNNNMMMMMMMMMMMMMMMMo`.-`        `-.`+MMMMMMMMMMMMMMMMMNNNNo                   
           hNNNNNMMMMMMMMMMMMMMMMm.``-        .``.dMMMMMMMMMMMMMMMMMMNNNm-                  
          -NNNNNMMMMMMMMMMMMMMMMMM-..:        -<br>NMMMMMMMMMMMMMMMMMMNNNNs                  
          oNNNNNMMMMMMMMMMMMMMMMMMo``.`       -` +MMMMMMMMMMMMMMMMMMMNNNNm                  
         :dNNNNNNMMMMMMMMMMMMMMMMMd<br>-``````<br>.hMMMMMMMMMMMMMMMMMMMNNNNNs.                
       .ssmNNNNNNMMMMMMMMMMMMMMMMMM.``/:.  .-/```NMMMMMMMMMMMMMMMMMMNNNNNNyy+`             `
     `oy: mNNNNNNMMMMMMMMMMMMMMMMMM/``-`    `-``:MMMMMMMMMMMMMMMMMMMNNNNNN/`+y:            `
     +y`  dNNNNNNMMMMMMMMMMMMMMMMMMy..-:-  --:..oMMMMMMMMMMMMMMMMMMMNNNNNN:  -N`            
     m-   hNNNNNNMMMNdhhyyhddmMMMMMd```:.``.:```hMMMMNdhso++++shmNMMMNNNNN:   yo           `
    /d    yNNNNNMMh/-````````.-/ydNM.``-    -```NNds:.`..-----..-sNMMNNNNN-   -m`           
    h+    sNNNNNMMmsyhddmmmdhs:` `-o/../`  `/-.:+-` `:yhddmNNNNmmNMMMNNNNN.    d/           
    m/    oNNNNNMMMMMMMNdyssoooo:` `:..``.+```.-.  :o++//+yydMMMMMMMMNNNNN`   .so           
    d--   /NNNNNNMMMMMmyhm//   ymy.`-     o    `- odm:-  .ddssNMMMMMNNNNNm    /:s           
   .h /   :NNNNNNNMMMmhshhy+++ohy/. .:   `o`  `/``-shysssyddddNMMMMNNNNNNd   --.h 
   -y `:  .NNNNNNNMMMMMMMMNNmmmhys/:.`..``.``..`-:syhhdmNNMMMMMMMMMMNNNNNy   / `d 
   :s  :`  dNNNNNMMMMMMMMMNNNmmNNh-    `.`  `.`  `+mMNNNNNMMMMMMMMMMNNNNN+  :`  m          `
   /o   /` oNNNNMMMMMMMMMMMMMMmd+.. `.:- -` - -:.. -sddmNMMMMMMMMMMMMNNNm. .:   m          `
   ++   `:``dNNNMMMMMMMMMMMNo+/.`./-. o`  --`  o `-/.``/+omMMMMMMMMMMNNNo .:    d`         `
   -h    `:`:mNNMMMMMMMMMMd-.+.+--:.`.+.-.::.-./-`.:--/:+..hMMMMMMMMMNNh`.:    -h          `
    s:    `:`+mNMMMMMMMMMm- `/:` o/://++:++++:+/+/:/o``:+` .mMMMMMMMMNd..:     y-           
    .h     `:`/hNMMMMMMd+: -::<br>s-:+`.+:+-.+:+:`/:-+:-.-:- :NMMMMMMNy.--    :y            
     o/   ` `:``:ymMNh:`-  /:-+`o::/`  +:/. +:+`  /::o./--+  /omMNdo- --  `   h.            
     `d` `+.` :.` -s:  -` ./:::`/::/   +-/. +-+`  :::/`-:::- `-`++.``-. `-+  :s             
      o+  /`-:``.-.   `-  /--/  /:-:   +-/. +-+   :-:+  /--/  .. `--. .:..:  h.             
      `d` :` +h+.     -  `+-:: .+-:+..-+://-+:+-../:-+-`-:-/.  -`   -yd. /  /s              
       o+ `:. -ydo.  -`  //::..o/-:o:.//:/++/:/+.:+/-/+: /::o   : :yd+``--  d.              
       `d   .:. -sy ..  .o--+ -.+-.`.-/<br>:/<br>/--`.-+.: +--o-  `/d+``--`:s               
        s/    .:` :.:```-o--o.-.:-` `:/   .:   /:` `-/ / s:-o-```+``.-`    h.               
        .h      -:`/.///`/..`:-.:`<br> <br><br><br>. <br>`: /--../ //:o.:.-y                
         s:       -o/::/:--.-.-.:                    : /`:.---/::+.       y-                
         `h.       ``/. `/ `  -.:```   <br><br>..`  ```: /  ` :` ./.     +o                 
          .y.         -.--    -.:.``- -```::```: ..`./ :    .-.-`       /s                  
           .y-                -.:```: :/::o+/::/ : ``: :              `+o                   
            `s+`     -..-     -.o/:/: `+::+//:+. -/::o`:     ..`-`   .s/                    
              :s-  ./-  `-    -.o//o.  /:::-::+  `o//o :    -`  ./.`+o.                     
               `/o:+..+`.`    -.://+<br>+--//:-+<br>////`:    `../-.ss-                       
                  /h  /` ..-`  .-o/+:..+--//:-+..-o/+:.` `-.- `+  y-                        
                   o+``.-+-.::<br>o//o- /--::--+ .o//s<br>:/.-//:``:s                         
                    -o:```.//:   :+::+.o--oo:-o.+::+/   :/o.```:o:                          
                      -o++oy.:    .- /`o::oo:-+-/ --    /o++++o:                            
                           `os      .. /..//../ ..`    `s:                                  
                            `o+.       `:`:-.-.     `.++-                                   
                              `/+/.`    `.  .`   `-++:`                                     
                                 `:+++/:-<br>-:+++/-                                         
                                      `.-::--`                                              
                                                                                           `

Table of contents

Introduction:

The "bane" Python library stands out as a robust toolkit catering to a wide spectrum of cybersecurity and networking tasks. Its versatile range of functionalities covers various aspects, including bruteforce attacks, cryptographic methods, DDoS attacks, information gathering, botnet creation and management, and CMS vulnerability scanning, among others. The library's capabilities extend from performing bruteforce login attempts to analyzing web pages for vulnerabilities, managing botnets, and conducting thorough network discovery. Noteworthy is its rich selection of modules, which encompass encryption tools, security testing utilities, network scanning features, and other essential functions. This comprehensive library, written in pure Python, operates seamlessly on both Python 2 and 3, as well as Jython and IronPython. Maintained diligently since April 2018 by its sole developer Ala Bouali, "bane" continues to evolve, offering cybersecurity professionals and network administrators a powerful and self-contained toolkit for their operations.

This library is intended exclusively for educational purposes and ethical use with the explicit permission from the people who this tool is used against. The author of this code expressly disclaims any responsibility for any misuse or improper application of this library. It is imperative to emphasize that the user, and the user alone, bears full accountability for their actions when utilizing this library. Any legal ramifications stemming from the misuse of this library are solely the responsibility of the user, and the author shall not be held liable for any such consequences. By utilizing this library, users are acknowledging their understanding and acceptance of these terms and conditions.

Documentation:

  • Installation

  • Home

  • Bruteforce:

    • Admin_Panel_Finder : used to search for potential admin panel URLs on a website using a predefined list of extensions.
    • Decryptor : used for performing various cryptographic hash decryption attempts.
    • Files_Manager_Finder : used to search for a filemanager on a website.
    • Force_Browsing : used to perform force browsing on a website by attempting to access various URLs with different extensions.
    • HTTP_Auth_Bruteforce : used to perform HTTP authentication bruteforce attacks on a website.
    • JWT_Manager : provides functionality for analyzing, encoding, decoding, and guessing secret keys for JSON Web Tokens (JWT). JWTs are widely used in web applications for secure data exchange and authentication.
    • Hydra : used for performing brute-force login attempts on various services, including SSH, Telnet, FTP, SMTP, MySQL, and WordPress. It takes a list of username-password combinations and tries to log in using different protocols. It reports success or failure for each combination.
    • Services_Login : class provides a set of methods for performing various login/authentication attempts for different services, such as SMTP, Telnet, SSH, FTP, and MySQL. These methods check for successful login using the provided credentials and options.
    • Web_Login_Bruteforce : used for performing brute-force login attempts on web-based login forms. It takes a list of username-password combinations and tries to log in by filling out the login form. It reports success or failure for each combination.

  • Common_Variables : used to store internal and necessary variables for bane to run including: more than 20k unique user-agents created on importation, valid lists legit values for many HTTP headers to choose from, various file types ( png , jpg , docx , pptx , html , php ... ) used to fill the forms and test of file upload vulnerabilities , ...

  • Cryptographers:

    • BASE64 : provides methods for encoding and decoding data using Base64 encoding.
    • CAESAR : provides methods for encoding and decoding text using the Caesar cipher ( just for fun )
    • MD5 : provides methods for generating and comparing MD-5 hash values for text and files.
    • SHA1 : provides methods for generating and comparing SHA-1 hash values for text and files.
    • SHA224 : provides methods for generating and comparing SHA-224 hash values for text and files.
    • SHA256 : provides methods for generating and comparing SHA-256 hash values for text and files.
    • SHA384 : provides methods for generating and comparing SHA-384 hash values for text and files.
    • SHA512 : provides methods for generating and comparing SHA-512 hash values for text and files.
    • XOR : provides methods for generating and comparing XOR hash values for text and files.

  • DDoS ( Distributed Denial-of-Service ) :

    • HTTP_Puncher : used for launching HTTP-based DDoS attacks on a target URL.
    • HTTP_Spam : used for launching HTTP-based DDoS attacks on a target URL by spamming each connection with a stream of requests unlike the previous one.
    • Proxies_Hammer : used for launching low-rate HTTP POST requests through a list of proxy servers to a target URL.
    • Proxies_HTTP_Spam : used for launching HTTP-based DDoS attacks on a target URL by spamming each connection with a stream of requests through proxies.
    • Proxies_Xerxes : used for performing a simple DDoS attack by sending NULL characters through a list of proxy servers.
    • Slow_Read : used to perform a slow reading attack on a target server. This attack sends normal HTTP requests but reads them slowly to keep the connection open for an extended period of time.
    • TCP_Flood : used to perform a TCP flooding attack on a target server. This attack floods the target with a large number of TCP packets to overwhelm the server and disrupt its normal operations.
    • Tor_Hammer : used for launching low-rate HTTP POST requests through TOR to a target URL.
    • UDP_Flood : used to perform a DDoS attack by flooding a target server with UDP (User Datagram Protocol) packets. UDP is a connectionless protocol, and this attack generates a large volume of UDP packets to overwhelm the target.
    • VSE_Flood : used to perform a DDoS attack known as the Valve Source Engine Query (VSE) flood attack. The attack sends spoofed queries to Source Engine servers in an attempt to overwhelm them with traffic. This attack is often used in the gaming community to disrupt online game servers.
    • Xerxes : used to perform a DDoS attack using the Xerxes tool. This attack sends NULL characters to a target server to flood it with traffic. The tool is named after the ancient Persian king Xerxes I, known for his invasion of Greece.

  • Information Gathering:

    • Domain_Info : provides methods for gathering information about a domain, including WHOIS data, domain information, and DNS resolution.
    • Dorking_Info : provides a method for performing Google dork searches to find URLs related to a specific query.
    • IP_Info : provides methods for gathering information related to IP addresses, including obtaining your own IP, geolocation information, reverse IP lookup, and Shodan reports.
    • Network_Info : provides methods for network-related tasks, including retrieving local IP addresses, checking if a host is alive, performing TCP port scanning, and obtaining banners from network services.
    • Subdomain_Info : provides methods for extracting and analyzing subdomains associated with a given domain. It can fetch subdomains from sources like crt.sh and the Wayback Machine, allowing you to discover subdomains for a target domain.
    • URL_Info : provides methods for performing security checks, deep inspection, and HTTP OPTIONS requests on a given URL. You can use these methods to analyze and gather information about a specific URL, such as its security status, response headers, and more.

  • Botnet: creation , control and management with a scalable infrastructure :

    • Botnet_Master : used for managing botnet operations.
    • Botnet_Scanner : used for scanning safe IPs all over the internet with a word list to bruteforce various login protocols, including FTP, SSH, Telnet, SMTP, and MySQL. The scan results are saved to text files in the same directory.
    • Botnet_C_C_Server : used for managing a Command and Control (C&C) server for a botnet.
    • Botnet_Malware_Download_Server : used for creating a server to download malware files from a specified folder while preventing path traversal vulnerabilities.
    • Botnet_Reporting_Server : used for creating a server to receive reports from the bots and store them in the database.
    • Botnet_Web_Interface_Server : used for creating a web interface server for managing the botnet.

  • CMS's Vulnerability Scanner :

    • Drupal_Scanner : used to scan a website for Drupal-related information and vulnerabilities. It checks the target URL for Drupal version, server information, subdomains, and possible vulnerabilities.
    • Joomla_Scanner : used to scan a website for Joomla-related information and vulnerabilities. It checks the target URL for Joomla version, server information, subdomains, and possible vulnerabilities.
    • Magento_Scanner : used to scan a website for Magento-related information and vulnerabilities. It checks the target URL for Magento version, server information, subdomains, and possible vulnerabilities.
    • WordPress_Scanner : used to scan a website for WordPress-related information and vulnerabilities. It checks the target URL for WordPress version, server information, subdomains, themes, plugins, and possible vulnerabilities.

  • Data Visualization Stack :

    • ElasticSearch_Scanner : designed to scan an Elasticsearch server for information and vulnerabilities. It checks the target server for Elasticsearch version, performs a basic HTTP request, and retrieves relevant vulnerability information using the Vulners database.
    • Grafana_Scanner : designed to scan a Grafana server for information and vulnerabilities. It checks the target server for Grafana version, server information, subdomains, and possible vulnerabilities.

  • Databases :

    • MariaDB_Scanner : provides a static method for scanning MariaDB installations using the Vulners database.
    • MongoDB_Scanner : provides a static method for scanning MongoDB installations using the Vulners database.
    • Microsoft_SQL_Server_Scanner : provides a static method for scanning Microsoft SQL Server installations using the Vulners database.
    • MySQL_MySQL_Scanner : provides a static method for scanning MySQL Server installations using the Vulners database.
    • MySQL_Oracle_Scanner : provides a static method for scanning MySQL Server installations (Oracle variant) using the Vulners database.
    • PostgreSQL_Scanner : provides a static method for scanning PostgreSQL installations using the Vulners database.
    • Redis_Scanner : provides a static method for scanning Redis installations using the Vulners database.

  • DevOps ( project management ) :

    • Ansible_Scanner : provides a static method for scanning Ansible installations using the Vulners database.
    • Docker_Scanner : provides a static method for scanning Docker installations using the Vulners database.
    • Git_Scanner : provides a static method for scanning Git installations using the Vulners database.
    • Jenkins_Scanner : designed to perform application security testing on Jenkins sites. It scans for known vulnerabilities using the Vulners database and provides detailed information about the Jenkins site's configuration, versions, and potential exploits.
    • Jira_Scanner : designed for application security testing on Jira sites. It scans for vulnerabilities using the Vulners database and provides detailed information about the Jira site's configuration, versions, and potential exploits.
    • Kubernetes_Scanner : provides a static method for scanning Kubernetes installations using the Vulners database.
    • Maven_Scanner : provides a static method for scanning Maven installations using the Vulners database.
    • Puppet_Scanner : provides a static method for scanning Puppet installations using the Vulners database.

  • ERP Solutions :

    • Dolibarr_Scanner : designed to scan a Dolibarr server for information and vulnerabilities. It checks the target server for Dolibarr version, server information, subdomains, and possible vulnerabilities.
    • Odoo_scanner : designed to scan a Odoo server for information and vulnerabilities. It checks the target server for Odoo version, server information, subdomains, and possible vulnerabilities.

  • Javasript Development Eco-System :

    • Angular_Scanner : provides a static method for scanning Angular installations using the Vulners database.
    • AngularJS_Scanner : provides a static method for scanning AngularJS installations using the Vulners database.
    • NodeJS_Scanner : designed to scan Node.js installations for known vulnerabilities using the Vulners database. It provides a static method to perform the scanning process based on the specified Node.js version.
    • NPMJS_Scanner : provides a static method for scanning npm packages using the Vulners database.
    • ReactJS_Scanner : designed to scan React.js installations for known vulnerabilities using the Vulners database. It provides a static method to perform the scanning process based on the specified React.js version.

  • LMS's Vulnerability Scanner :

    • Moodle_Scanner : used to scan a website for Moodle-related information and vulnerabilities. It checks the target URL for Moodle version, server information, subdomains, and possible vulnerabilities.

  • Mobile Applications development Stack :

    • Flutter_Scanner : provides a static method for scanning Flutter installations using the Vulners database.
    • React_Native_Scanner : provides a static method for scanning React Native installations using the Vulners database.

  • Network Discovery and Scanning:

  • Operating Systems :

    • Android_OS_Scanner : provides a static method for scanning Android OS installations using the Vulners database.
    • Busybox_OS_Scanner : provides a static method for scanning Busybox OS installations using the Vulners database.
    • CentOS_Scanner : provides a static method for scanning CentOS installations using the Vulners database.
    • Debian_OS_Scanner : provides a static method for scanning Debian OS installations using the Vulners database.
    • FreeBSD_OS_Scanner : provides a static method for scanning FreeBSD OS installations using the Vulners database.
    • IOS_Scanner : provides a static method for scanning iOS installations using the Vulners database.
    • Mac_OS_Scanner : provides a static method for scanning macOS installations using the Vulners database.
    • Ubuntu_OS_Scanner : provides a static method for scanning Ubuntu OS installations using the Vulners database.
    • Windows_OS_Scanner : provides a static method for scanning Windows OS installations using the Vulners database.

  • Vulnerability Scanners:

    • ADB_Exploit_Scanner : used to scan for Android Debug Bridge (ADB) vulnerabilities on a target device.
    • Backend_Technologies_Scanner : used to scan web applications for information about the backend technologies and potential vulnerabilities associated with them.
    • ClickJacking_Scanner : used to scan a web page for Clickjacking protection headers and determine if Clickjacking is possible.
    • CORS_Misconfiguration_Scanner : used to detect Cross-Origin Resource Sharing (CORS) misconfigurations in web applications.
    • CRLF_Injection_Scanner : used to detect potential CRLF (Carriage Return Line Feed) injection vulnerabilities in web applications.
    • CSRF_Scanner : used for scanning and detecting Cross-Site Request Forgery (CSRF) vulnerabilities on web pages. It provides methods to identify vulnerable forms and perform tests to check for CSRF vulnerabilities.
    • Exposed_ENV_Scanner : used for scanning and detecting exposed environment (".env") files on web servers. It provides methods to check if a specific path or multiple common paths lead to an exposed environment file.
    • Exposed_Git_Scanner : used to scan for exposed Git repositories on web servers. It checks if a specific URL is an exposed Git repository and returns a boolean result.
    • Exposed_Telnet_Scanner : used to scan for exposed an unauthenticated Telnet services on a remote host. It attempts to establish a Telnet connection to a specified host and port and returns a boolean result indicating whether the connection was successful or not.
    • File_Upload_Scanner : used to scan web forms for potential file upload vulnerabilities. It searches for forms that allow file uploads, tests the file upload functionality, and reports potential issues such as unacceptable file extensions.
    • Open_Redirect_Scanner : used to scan web forms for potential open redirect vulnerabilities. It detects and reports open redirect issues in web applications, helping security professionals identify and mitigate these risks.
    • Path_Traversal_Scanner : used to scan web applications for Path Traversal vulnerabilities. It provides methods to check for directory traversal and file inclusion vulnerabilities in web pages.
    • PHP_Unit_Exploit_Scanner : used to detect vulnerabilities related to the PHP Unit exploit on a specified website URL.
    • RCE_Scanner : used for scanning web forms for Remote Code / Command Execution (RCE) vulnerabilities using various payload injections.
    • Shodan_Scanner : designed to interact with the Shodan API and retrieve information about a specific IP address.
    • Mixed_Content_Scanner : used to scan web pages for mixed content vulnerabilities, where HTTP content is loaded on an HTTPS page.
    • SpringBoot_Actuator_Exploit_Scanner : used to scan a Spring Boot application for vulnerabilities in the Actuator endpoints.
    • SSRF_Scanner : used for scanning web pages for Server-Side Request Forgery (SSRF) vulnerabilities.
    • SSTI_Scanner : used for scanning websites for Server-Side Template Injection (SSTI) vulnerabilities.
    • Vulners_Search_Scanner : used to search for vulnerabilities in software using the Vulners API.
    • XSS_Scanner : designed for systematically identifying and testing Cross-Site Scripting (XSS) vulnerabilities in web applications. This method allows users to spider through web pages, identify forms, and test them for XSS vulnerabilities. It provides flexibility to test multiple pages and payloads.

  • Web Development :

    • ASPNET_DAST_Scanner : designed to perform dynamic application security testing (DAST) on ASP.NET sites. It scans for known vulnerabilities using the Vulners database and provides detailed information about the ASP.NET site's configuration, version, and potential exploits.
    • PHP_DAST_Scanner : designed to perform dynamic application security testing (DAST) on PHP sites. It scans for known vulnerabilities using the Vulners database and provides detailed information about the PHP site's configuration, version, and potential exploits.
    • Ruby_DAST_Scanner : designed to perform dynamic application security testing (DAST) on Ruby on Rails sites. It scans for known vulnerabilities using the Vulners database and provides detailed information about the Ruby on Rails site's configuration, versions, and potential exploits.

  • Web Development Frameworks :

    • Django_Scanner : provides a static method for scanning Django installations using the Vulners database.
    • FastAPI_Scanner : provides a static method for scanning FastAPI installations using the Vulners database.
    • Flask_Scanner : provides a static method for scanning Flask installations using the Vulners database.
    • Laravel_Scanner : provides a static method for scanning Laravel installations using the Vulners database.
    • Spring_Boot_Scanner : provides a static method for scanning Spring Boot installations using the Vulners database.
    • Spring_Security_Scanner : provides a static method for scanning Spring Security installations using the Vulners database.
    • Symfony_Scanner : provides a static method for scanning Symfony installations using the Vulners database.

  • Web Servers :

  • Web Pages Analyzers:

    • Cookies_Manager : provides methods for managing HTTP cookies.
    • FORMS_FILLER : provides methods for filling HTML forms with data, including injecting payloads into form parameters.
    • FORMS_FINDER : provides methods for extracting and parsing HTML forms from web pages. It offers methods for sorting inputs in forms and parsing forms from web pages.
    • FORM_FILE_UPLOAD : used for extracting and identifying file upload forms from HTML documents. It provides methods to retrieve these forms both from a list of dictionaries and from a URL with HTML content.
    • Pager_Interface : provides various methods for web scraping and JavaScript code analysis.
    • RANDOM_GENERATOR : provides various static methods for generating random data, such as IP addresses, URLs, phone numbers, HTML input colors, and random dates.
    • LOGIN_FORM_FILLER : provides methods for working with login forms in web pages. It includes methods for getting a login form and setting its values for username and password.
    • URLS_Parser : provides methods for parsing and extracting information from URLs and web page sources. It includes methods for converting URLs to form data and extracting links from the page source.

  • Useful Proxing Utilities:

    • BurpSuite_Getter : provides a method for obtaining a Burp Suite proxy configuration. It includes a method for getting the Burp Suite proxy settings with optional host and port parameters.
    • Proxies_Collector : used to collect and verify proxy information from various sources.
    • Proxies_Interface : provides methods for loading, parsing, and converting proxy data for use in various applications.
    • ProxyChecker : responsible for checking the validity and functionality of proxy servers in a list. It can perform proxy checks using either socket-level connections or HTTP requests, depending on the configuration.
    • Proxies_Getter : used to retrieve proxy sockets and proxy settings for various protocols.
    • Proxies_Parser : used to parse and handle proxy configurations and settings.

  • Additional Useful Modules :

    • Userful_Utilities : provides various utility methods for common tasks and operations.
    • Files_Interface : provides utility methods for working with files, including clearing, deleting, writing, and reading files. It also includes methods for creating and reading JSON files.
    • Bane_Instances_Interface : provides utility methods for working with instances of other classes, especially those created for parallel processing.
    • Socket_Connection : provides methods for creating and configuring socket connections.
    • Tor_Switch_Interface : provides methods for switching IP addresses when using the Tor network. It allows for automatic IP switching with or without a password, depending on the Tor configuration and platform.
    • Update_Module_Interface : provides methods for updating the "bane" module to a specified version or the latest version available.

    Why you should use "bane"

    • Bruteforce Tools:

      Tools for performing brute-force attacks on various services, such as admin panel finding, cryptographic hash decryption, and login attempts.

    • JWT Manager:

      Functionality for analyzing, encoding, decoding, and guessing secret keys for JSON Web Tokens (JWT).

    • DDoS Tools:

      Tools for launching different types of Distributed Denial-of-Service (DDoS) attacks for assessing server and network infrastructure resilience.

    • Information Gathering:

      Tools for gathering domain, IP, network, and subdomain information, useful for reconnaissance and vulnerability assessment.

    • Botnet Creation and Management:

      Features for creating, managing, and scaling a botnet infrastructure, valuable for studying botnets and their operations.

    • CMS Vulnerability Scanners:

      Specific scanners for popular Content Management Systems (CMS) like Drupal, Joomla, Magento, and WordPress, for identifying vulnerabilities in websites using these platforms.

    • Network Discovery and Scanning:

      Scanners for port scanning, amplification factor calculation, and network-related vulnerability assessment.

    • Vulnerability Scanners:

      Various vulnerability scanners for detecting different types of web application vulnerabilities, including CSRF, XSS, RCE, and more.

    • Additional Useful Modules:

      Utility modules for common tasks and operations, such as working with files, managing cookies, and updating the library.

    • Web Page Analyzers:

      Tools for analyzing web pages, filling forms, generating random data, and parsing URLs, useful for web scraping and data analysis.

    • Proxying Utilities:

      Utilities for handling proxy configurations and checking the validity of proxy servers, beneficial for tasks that require anonymity and security.

    • Proxies and TOR Support in Almost All Components ( including the Botnet's master and scanner ) :

      The "bane" library offers comprehensive support for a wide range of proxies across the majority of its functionalities. Notably, it includes support for TOR in various components, enhancing anonymity and security. The only exceptions are SSH and database connections, which fall outside the project's control.

    • No DNS Leakage with TOR:

      Thanks to its advanced capabilities, "bane" ensures that TOR users remain anonymous and free from any DNS leakage, reinforcing privacy and security for users seeking anonymity.

    • Request Routing via Random IPs in TOR:

      "bane" has implemented a feature that enables each request to exit through a different TOR node without the need to obtain a new identity or restart TOR's service. This innovation adds an extra layer of sophistication to the project, further enhancing user experience.

    • Dynamic Manipulation of HTTP Headers in DDoS Attacks:

      For added challenge and effectiveness in HTTP-based DDoS attacks, "bane" generates HTTP requests with headers featuring random but legitimate values, courtesy of its extensive list of 20,000 user-agents and header values. Subsequently, it rearranges these headers into a random order and selectively removes certain headers (with caution to retain critical ones) before sending the request, ensuring a multifaceted and impactful approach to DDoS attacks.

    • Enhanced Security Measures:

      bane offers an added layer of security by incorporating a hardcoded list of U.S. government and military IP ranges for several countries. This feature ensures that when generating random IP addresses for its botnet scanner, the tool will steer clear of these specified IP ranges. By doing so, bane mitigates the risk of unintentional interference with government or military infrastructure, thus safeguarding the user from any inadvertent involvement with such sensitive networks. This proactive approach not only protects users from legal complications but also underscores bane's commitment to responsible and ethical usage in the realm of cybersecurity.

    • Efficiency:

      Bane offers a streamlined and efficient process for security testing. It autonomously parses all available URLs, media sources (videos, images, etc.), and HTML forms, eliminating the need for manual intervention. This automation allows bane to systematically test each element one at a time while respecting the form's input types. It intelligently fills each parameter with the appropriate values, optimizing the testing process for comprehensive security assessments.

    Installation:

    If you are using Windows, please follow these steps:

    1. Download and install Npcap.
    2. Download and install PuTTY.
    3. Restart your computer after the installations are complete.
    4. Then, install bane using pip:
    pip install bane

    If you are on Linux, run the following command with sudo to ensure that required packages, sshpass and tor are installed ( it may take some time to finish their installation without any output so wait few minutes ):

    sudo pip install bane

    Otherwise if you wish to install the current version on github:

    git clone https://github.com/AlaBouali/bane
    cd bane
    pip install .

    To use bane you need to open the Python interpreter from your terminal / cmd, as bane can be used only within the interpreter after importing it or as a part of a script:

    python

    or

    python3

    After that, import bane and start using it as explained in the documentation above:

    import bane

    If you are using jython , please navigate to the site-packages directory (e.g., C:\jython\Lib\site-packages). Open the dns folder, and within the resolver.py file, comment out line 1149 by placing a # in front of it:

    socket.SOCK_DGRAM: [socket.SOL_UDP],
    to:
    #socket.SOCK_DGRAM: [socket.SOL_UDP],
    That should fix the error that you might encounter when importing "bane" the first time.

    Note : you might encounter such messages when importing this library:

    WARNING: can't import layer ipsec: cannot import name 'gcd' from 'fractions' (C:\...
    or
    WARNING: Failed to execute tcpdump. Check it is installed and in the PATH
    WARNING: can't import layer ipsec: cannot import name 'gcd' from 'fractions' (/usr/lib/python3.9/fractions.py)
    Please, ignore them since they are not related to the performance or classified as "importing issue" for "bane" library.

    Special Speech:

    Since embarking on this journey in late October 2016, my professional growth has been remarkable. I have had invaluable experiences and interactions that have not only rescued me but also nurtured my personal development. This transformative journey led me to transition from being a blackhat hacker to a highly skilled security researcher, penetration tester, and software engineer. Through the years, my project has evolved from a simple public proxies grabber and user agent scraper to its present state. This transformation has been a result of a gradual integration of new functionalities, rigorous testing, bug fixing, and continuous development efforts. While I have largely driven this project forward independently, I must acknowledge the mentors and supporters who guided me during my initial steps and believed in my potential. With immense gratitude, I dedicate this project to the community as a means of giving back and sharing the tools I've developed over the years. My goal is to simplify the complexities of code and empower others to create their own tools and solutions.

    Thank you all:

    • S0u1 : programmer and blackhat.
    • Vince : Linux and hardware expert, social engeneering and programmer.
    • Zachary Barker (lulz zombie) : teams leader, anarkist, ops organizer, progammer, cyber security expert and blackhat ( R.I.P ) .
    • Lulztigre : Bug Bounty Hunter, Penetration Tester And Python Programmer.
    • Jen Hill.

About

this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's a very intelligent tool ! It can easily detect: XSS (reflected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal... and more

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%