PwnThings is an swiss army knife for pentester and ctf player,Its Purely created and crafted with python3,some of its module needs to be run onlinux,its a single script so you can just move it to /bin in your linux distro and use it from anywhere.it doesnt need any user interaction to install it dependency it detects missing dependency and install those.
Description about some of its module.
- Base64 encode/decode
- Base32 encode/decode
- rot13 encode/decode
- google search from shell
- gtfobin search from shell
- lolbas search from shell
- exploit.shodan.io search from shell
- leakix search from shell
- spyse cve search from shell
- url to favihash generator
- ip2location
- subdomain enumerator
- generate php simple cmd shell
- connector for php simple cmd shell
- host2ip
- asnlookup with company name
- find cve exploit by cve number from github
- filter ip from stdin
- filter url from stdin
- filter email from stdin
- listner and generator for simple python backdoor
- temporary email address from shell
- generate ip address from given iprange
- apktool decryptor/compiler
- random proxy generator
- encrypted pdf cracker
encrypt/decrypt base64 with pwnthings
python3 pwnthings.py -base64e string #encrypt a plain text string to base64
python3 pwnthings.py -base64d base64_string #decrypt base64 string
python3 pwnthings.py -base32e string #encrypt a plain text string to base32
python3 pwnthings.py -base32d base32_string #decrypt base32 string
python3 pwnthings.py -rot13e string #encrypt a plain text string to rot13
python3 pwnthings.py -base32d rot13_string #decrypt rot13 string
As api for your own python3 script
from pwnthings import *
base64_encode('yourstring') #to encrypt a regular readable string to base64
base64_decode('yourstring') #to decrypt a base64 string
base32_encode('yourstring') #to encrypt a regular readable string to base32
base32_decode('yourstring') #to decrypt a base32 string
rot13_encode('yourstring') #to encrypt a regular readable string to rot13
rot13_decode('yourstring') #to decrypt a rot13 string
python3 pwnthings.py -gsearch "Your_search"
As api for your own python3 script
from pwnthings import *
google_search('your_query')
python3 pwnthings.py -gtfobin 'bin_name'
As Api for your own python3 script
from pwnthings import *
gtfobin_search('bin_name')
python3 pwnthings.py -lobas 'bin_name'
As Api for your own python3 script
from pwnthings import *
lolbas_search('bin_name')
python3 pwnthings.py -expshodan 'software name'
As Api for your own python3 script
from pwnthings import *
exploit_shodan('software name')
python3 pwnthings.py -leakix target_ip
As Api for your own python3 script
from pwnthings import *
leakix_search('ipaddress')
python3 pwnthings.py -spyse target_website
As Api for your own python3 script
from pwnthings import *
spyse_cve('ipaddress')
python3 pwnthings.py -favicohash https://target.com
As Api for your own python3 script
from pwnthings import *
favico_hash('https://target.com')
python3 pwnthings.py -ip2location yourtarget_ip
As Api for your own python3 script
from pwnthings import *
ip2location('yourtargetip')
python3 pwnthings.py -subdomain target.com
As Api for your own python3 script
from pwnthings import *
passive_subdomain('target.com')
python3 pwnthings.py -asnlookup company_name
As Api for your own python3 script
from pwnthings import *
asnlookup('company_name')
python3 pwnthings.py -tempmail yourusername
As Api for your own python3 script
from pwnthings import *
temp_mail('username')
python3 pwnthings.py -randomproxy proxytype[socks/http/https]
As Api for your own python3 script
from pwnthings import *
random_proxy('socks/http/https')
python3 pwnthings.py -pdfcrack pdf_file_name//wordlist
As Api for your own python3 script
from pwnthings import *
pdf_crack('filename.pdf','wordlist.txt')