I am pleased to announce the first version of Hackersh
(http://www.hackersh.org).
Hackersh ("Hacker Shell") is a free and open source shell (command
interpreter) written in Python with built-in security commands, and
out-of-the-box wrappers for various security tools, using Pythonect as
its scripting engine. Pythonect is a new, experimental,
general-purpose high-level dataflow programming language based on
Python. It aims to combine the intuitive feel of shell scripting (and
all of its perks like implicit parallelism) with the flexibility and
agility of Python.
An actual workflow that takes 'http://localhost', parses it as a URL,
scans it for open ports (via Nmap), and for each HTTP service -
launches a separate web vulnerabilities scan (via W3af).
Curious about the output? Here's a screenshot:
http://hackersh.org/hackersh000dev0_1.png
Hackersh is not limited to penetration testing and can be applied to
other security domains including but not limited to: malware analysis,
vulnerability development and intelligence gathering (OSINT).
You can read more about Hackerh and its features at:
http://blog.ikotler.org/2013/04/hackersh-01-release-announcement.html
If you have any questions, do not hesitate to contact me
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
I am pleased to announce the first version of Hackersh
(http://www.hackersh.org).
Hackersh ("Hacker Shell") is a free and open source shell (command
interpreter) written in Python with built-in security commands, and
out-of-the-box wrappers for various security tools, using Pythonect as
its scripting engine. Pythonect is a new, experimental,
general-purpose high-level dataflow programming language based on
Python. It aims to combine the intuitive feel of shell scripting (and
all of its perks like implicit parallelism) with the flexibility and
agility of Python.
The combination of the two makes:
"http://localhost" -> url -> nmap -> w3af -> print
An actual workflow that takes 'http://localhost', parses it as a URL,
scans it for open ports (via Nmap), and for each HTTP service -
launches a separate web vulnerabilities scan (via W3af).
Curious about the output? Here's a screenshot:
http://hackersh.org/hackersh000dev0_1.png
Hackersh is not limited to penetration testing and can be applied to
other security domains including but not limited to: malware analysis,
vulnerability development and intelligence gathering (OSINT).
You can read more about Hackerh and its features at:
http://blog.ikotler.org/2013/04/hackersh-01-release-announcement.html
If you have any questions, do not hesitate to contact me
Regards,
Itzik Kotler | http://www.ikotler.org
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]