TIDoS Framework for scanning sites

Welcome one and all to hacking a rise is feels so good to be back writing agen whoop whoop for those that know me and those that dont i am the one and only “LAUGHING MAN” this is a post is on TIDos framework as you see one the title so lets get started with this post 😀 .

two find out more on this tool check out the github

what is TIDos Framework

TIdos is a python script designed for recon it offers 108 modules split up 3 groups active and passive recon, information disclosure modules

the highlights of TIDos Framework

  • A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis.
  • Has 5 main phases, subdivided into 14 sub-phases consisting a total of 108 modules.
  • Reconnaissance Phase has 50 modules of its own (including active and passive recon, information disclosure modules).
  • Scanning & Enumeration Phase has got 16 modules (including port scans, WAF analysis, etc)
  • Vulnerability Analysis Phase has 37 modules (including most common vulnerabilites in action).
  • Exploits Castle has only 1 exploit. (purely developmental)
  • And finally, Auxillaries have got 4 modules. more under development
  • All four phases each have a Auto-Awesome module which automates every module for you.
  • You just need the domain, and leave everything is to this tool.
  • TIDoS has full verbose out support, so you’ll know whats going on.
  • Fully user friendly interaction environment.
  • Flawless Features

    TIDoS Framework presently supports the following: and more modules are under active development

  • Reconnaissance + OSINT

    Passive Reconnaissance:

    Nping Enumeration Via external APi
    WhoIS Lookup Domain info gathering
    GeoIP Lookup Pinpoint physical location
    DNS Configuration Lookup DNSDump
    Subdomains Lookup Indexed ones
    Reverse DNS Lookup Host Instances
    Reverse IP Lookup Hosts on same server
    Subnets Enumeration Class Based
    Domain IP History IP Instances
    Web Links Gatherer Indexed ones
    Google Search Manual search
    Google Dorking (multiple modules) Automated
    Email to Domain Resolver Email WhoIs
    Wayback Machine Lookups Find Backups
    Breached Email Check Pwned Email Accounts
    Enumeration via Google Groups Emails Only
    Check Alias Availability Social Networks
    Find PasteBin Posts Domain Based
    LinkedIn Gathering Employees & Company
    Google Plus Gathering Domain Profiles
    Public Contact Info Scraping FULL CONTACT
    Censys Intel Gathering Domain Based
    Threat Intelligence Gathering Bad IPs
    Active Reconnaissance:

    Ping Enumeration Advanced
    CMS Detection (185+ CMSs supported) IMPROVED
    Advanced Traceroute IMPROVED
    robots.txt and sitemap.xml Checker
    Grab HTTP Headers Live Capture
    Find HTTP Methods Allowed via OPTIONS
    Detect Server Type IMPROVED
    Examine SSL Certificate Absolute
    Apache Status Disclosure Checks File Based
    WebDAV HTTP Enumeration PROFIND & SEARCH
    PHPInfo File Enumeration via Bruteforce
    Comments Scraper Regex Based
    Find Shared DNS Hosts Name Server Based
    Alternate Sites Discovery User-Agent Based
    Discover Interesting Files via Bruteforce
    Common Backdoor Locations shells, etc.
    Common Backup Locations .bak, .db, etc.
    Common Password Locations .pgp, .skr, etc.
    Common Proxy Path Configs. .pac, etc.
    Multiple Index Paths index, index1, etc.
    Common Dot Files .htaccess, .apache, etc
    Common Logfile Locations .log, .changelog, etc
    Information Disclosure:

    Credit Cards Disclosure If Plaintext
    Email Harvester IMPROVED
    Fatal Errors Enumeration Includes Full Path Disclosure
    Internal IP Disclosure Signature Based
    Phone Number Havester Signature Based
    Social Security Number Harvester US Ones
    Scanning & Enumeration

    Remote Server WAF Enumeration Generic 54 WAFs
    Port Scanning Ingenious Modules
    Simple Port Scanner via Socket Connections
    TCP SYN Scan Highly reliable
    TCP Connect Scan Highly Reliable
    XMAS Flag Scan Reliable Only in LANs
    FIN Flag Scan Reliable Only in LANs
    Port Service Detector
    Web Technology Enumeration Absolute
    Complete SSL Enumeration Absolute
    Operating System Fingerprinting IMPROVED
    Banner Grabbing of Services via Open Ports
    Interactive Scanning with NMap 16 preloaded modules
    Internet Wide Servers Scan Using CENSYS Database
    Web and Links Crawlers
    Depth 1 Indexed Uri Crawler
    Depth 2 Single Page Crawler
    Depth 3 Web Link Crawler
    Vulnerability Analysis

    Web-Bugs & Server Misconfigurations

    Insecure CORS Absolute
    Same-Site Scripting Sub-domain based
    Zone Transfer DNS Server based
    Clickjacking
    Frame-Busting Checks
    X-FRAME-OPTIONS Header Checks
    Security on Cookies
    HTTPOnly Flag
    Secure Flag on Cookies
    Cloudflare Misconfiguration Check
    DNS Misconfiguration Checks
    Online Database Lookup For Breaches
    HTTP Strict Transport Security Usage
    HTTPS Enabled but no HSTS
    Domain Based Email Spoofing
    Missing SPF Records
    Missing DMARC Records
    Host Header Injection
    Port Based Web Socket Based
    X-Forwarded-For Header Injection
    Security Headers Analysis Live Capture
    Cross-Site Tracing HTTP TRACE Method
    Session Fixation via Cookie Injection
    Network Security Misconfig.
    Checks for TELNET Enabled via Port 23
    Serious Web Vulnerabilities

    File Inclusions
    Local File Inclusion (LFI) Param based
    Remote File Inclusion (RFI) IMPROVED
    Parameter Based
    Pre-loaded Path Based
    OS Command Injection Linux & Windows (RCE)
    Path Traversal (Sensitive Paths)
    Cross-Site Request Forgery Absolute
    SQL Injection
    Error Based Injection
    Cookie Value Based
    Referer Value Based
    User-Agent Value Based
    Auto-gathering IMPROVED
    Blind Based Injection Crafted Payloads
    Cookie Value Based
    Referer Value Based
    User-Agent Value Based
    Auto-gathering IMPROVED
    LDAP Injection Parameter Based
    HTML Injection Parameter Based
    Bash Command Injection ShellShock
    Apache Struts Shock Apache RCE
    XPATH Injection Parameter Based
    Cross-Site Scripting IMPROVED
    Cookie Value Based
    Referer Value Based
    User-Agent Value Based
    Parameter Value Based Manual
    Unvalidated URL Forwards Open Redirect
    PHP Code Injection Windows + Linux RCE
    CRLF Injection HTTP Response Splitting
    User-Agent Value Based
    Parameter value Based Manual
    Sub-domain Takeover 50+ Services
    Single Sub-domain Manual
    All Subdomains Automated
    Other

    PlainText Protocol Default Credential Bruteforce

    FTP Protocol Bruteforce
    SSH Protocol Bruteforce
    POP 2/3 Protocol Bruteforce
    SQL Protocol Bruteforce
    XMPP Protocol Bruteforce
    SMTP Protocol Bruteforce
    TELNET Protocol Bruteforce
    Auxillary Modules

    Hash Generator MD5, SHA1, SHA256, SHA512
    String & Payload Encoder 7 Categories
    Forensic Image Analysis Metadata Extraction
    Web HoneyPot Probability ShodanLabs HoneyScore
    Exploitation purely developmental

    ShellShock
    Other Tools:
    net_info.py – Displays information about your network. Located under tools/.
    tidos_updater.py – Updates the framework to the latest release via signature matching. Located under tools/.
    TIDoS In Action:
    Lets see some screenshots of TIDoS in real world pentesting action:

  • Upcoming:
    These are some modules which I have thought of adding:

    Some more of Enumeraton & Information Disclosure modules.
    Lots more of OSINT & Stuff (let that be a suspense).
    More of Auxillary Modules.
    Some Exploits are too being worked on.
    Ongoing:
    Working on a full-featured Web UI implementation on Flask and MongoDB and Node.js.
    Working on a new framework, a real framework. To be released with v2
    Working on a campaign feature + addition of arguments.
    Normal Bug Fixing Stuffs. As per the issues being raised
    Some other perks:
    Working on a way for contributing new modules easily.
    A complete new method of multi-threaded fuzzing of parameters.
    Keeping better of new console stuff.
    Disclaimer:
    TIDoS is provided as a offensive web application audit framework. It has built-in modules which can reveal potential misconfigurations and vulnerabilties in web applications which could possibly be exploited maliciously.

    TIDos Framework install

    What You’ll Need

    To use TIDoS, you’ll need to install Python if you don’t have it already. It’s cross-platform, so you should be able to do so regardless of your operating system. Next, you’ll need to update your system with an apt update command in a terminal window, and then install some required libraries with the command below.

    sudo apt-get install libncurses5 libxml2 nmap tcpdump libexiv2-dev build-essential python-pip default-libmysqlclient-dev

    TIDoS Framework for scanning sites 1

    Once you have Python and these libraries installed, you’re really to install the TIDoS framework.

    now type in terminal

    git clone https://github.com/0xinfection/tidos-framework.git
    cd tidos-framework
    ls

    TIDoS Framework for scanning sites 2

    Now we type
    chmod +x install
    ./installTIDoS Framework for scanning sites 3

    TIDoS Framework for scanning sites 4
    hit enter here

    TIDoS Framework for scanning sites 5
    let it finsh

    Using TIDos Framework

    it is easy to use enter the url and pick a number that simple
    TIDoS Framework for scanning sites 6

    TIDoS Framework for scanning sites 7

    TIDoS Framework for scanning sites 8

    TIDoS Framework for scanning sites 9

    TIDoS Framework for scanning sites 10

    TIDoS Framework for scanning sites 11

    TIDoS Framework for scanning sites 12

    Final thoughts

    this python is a nice little framework great people starting to more advanced users as is saves a bit of time and the results are pretty good so i hope u enjoy this script

    pentester
    Hi im the laughing man im a pentester and the owner of Hacking a rise

    Leave a Reply