Pythem
is a python framework used for performing various security tests on
networks and web applications. These include scanning, web crawling,
web application bruteforcing, ARP spoofing, DNS spoofing, DHCP spoofing,
redirect webserver attack, network sniffing, and denial of service
attacks. Moreover, Pythem is also loaded with other utilities, such as
exploits, reverse engineering, pforensics (.pcap packets filtering), geo
ip tracing, coding, and decoding.
Pythem Installation
Pythem is a python based tool that requires packages including essential, dev, pip, tcpdump, capstone, libnetfilter-queue-dev, libffi, and libssl. Install these packages using the following command before installing the Pythem framework.
sudo apt-get updatesudo apt-get install -y build-essential python-dev python-pip tcpdump python-capstone libnetfilter-queue-dev libffi-dev libssl-dev
After installaing the dependencies, Pythem can be installed using the
Pip or source installation. The source installation requires cloning
the framework on the Linux system using the following path.
git clone https://github.com/m4n3dw0lf/pythem
After cloning the framework, move to the Pythem folder and run the following command to complete the installation process.
cd pythem
sudo python setup.py install
Using Pythem
Pythem runs from the terminal using the sudo command.
sudo pythem
The command loads almost a blank pythem interface. From here we can
load any Pythem utility by just typing the commands. To know the working
of each utility/feature of Pythem, just add the help argument to the
desired utlity/feature. For example, if we want to use the scanning
utility of Pythem, and want to know about the syntax required to perform
the scanning on the target hosts, we can run the following help command
to explore this feature.
scan help
The output of above command can be seen in the following screenshot.
It shows the filters that can be used for scanning along with the
syntax, illustrated with an example. The same procedure can be applied
to all the Pythem utilities, such as sniff, dos, brute hash etc.
As mentioned above, Pythem is a multi-tasking framework that can
perform various security tests on a network. For instance, if we desire
to simulate the network sniffing attack, we can simply achieve this by
setting the network interface and providing the host ip along with the
desired port. For example, we want to monitor the network traffic for
wlan0 interface on port 1337 with the host ip address as 192.168.1.1, we
just type ‘sniff’ in the Pythem terminal.
sniff
Pythem prompts for the port number and the host IP address that can be provided in the following way.
port 1337 and host ip 192.168.1.1
The framework also gives the option of storing the sniffed packets
using a .pcap. Once configured, the framework starts the sniffer to
monitor the network traffic for the desired interface.
Besides networks security assessment, Pythem can perform web
application tasks like crawling the web application links for status
codes, port scanning of the target web application, and running a fake
web page for credentials harvesting etc.
Aucun commentaire:
Enregistrer un commentaire