First initial release of PTF

README.md

@@ -0,0 +1,81 @@
+The PenTesters Framework (PTF) - A TrustedSec Project - Copyright 2015
+Written by: David Kennedy (@HackingDave)
+https://www.trustedsec.com
+Twitter: @TrustedSec, @HackingDave
+
+The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu based distributions to create a similar and familar distribution for Penetration Testing. As pentesters, we've been acustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all of the time. We have those "go to" tools that we use on a regular basis, and using the latest and gereat is important.
+
+PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used. PTF simplifies installation and packaging and creates an entire pentest framework for you. Since this is a framework, you can configure and add as you see fit. We commonly see internally developed repos that you can use as well as part of this framework. It's all up to you.
+
+The ultimate goal is for community support on this project. We want new tools added to the github repository. Submit your modules. It's super simple to configure and add them and only takes a few minute.
+
+#Instructions:
+
+First check out the config/ptf.config file which contains the base location of where to install everything. By default this will install in the /pentest directory. Once you have that configured, move to running PTF by typing ./ptf (or python ptf).
+
+This will put you in a Metasploitesk type shell which has a similar look and feel for consistency. Show modules, use <modules>, etc. are all accepted commands. First things first, always type help or ? to see a full list of commands.
+
+###Update EVERYTHING!
+
+If you want to install and/or update everything, simply do the following:
+
+./ptf
+use modules/install_update_all
+run
+
+This will install all of the tools inside of PTF. If they are already installed, this will iterate through and update everything for you automatically.
+
+You can also show options to change information about the modules.
+
+#Modules:
+
+First, head over to the modules/ directory, inside of there are sub directories based on the Penetration Testing Execution Standard (PTES) phases. Go into those phases and look at the different modules. As soon as you add a new one, for example testing.py, it will automatically be imported next time you launch PTF. There are a few key components when looking at a module that must be completed.
+
+Below is a sample module
+
+#!/usr/bin/env python
+#######################################
+# Installation module for BEEF      
+#######################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update the Browser Exploitation Framework (BeEF)"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/beefproject/beef"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="beef"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN="ruby1.9.3,sqlite3,ruby-sqlite3"
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS="cd {INSTALL_LOCATION},ruby install-beef,exit"
+
+###Module Development:
+
+All of the fields are pretty easy, on the repository locations, right now all thats supported is GIT. The plan in the next release is to expand to file downloader. This can still be accomplished through after commands (explained later). Fill in the depends, and where you want the install location to be. PTF will take where the python file is located (for example exploitation) and move it to what you specify in the PTF config (located under config). By default it installs all your tools to /pentest/<PTES_PHASE>/<TOOL_FOLDER>
+
+Note in modules, you can specify after commands {INSTALL_LOCATION}. This will append where you want the install location to go when using after commands.
+
+###After Commands:
+
+After commands are commands that you can insert after an installation. This could be switching to a directory and kicking off additional commands to finish the installation. For example in the BEEF scenario, you need to run ruby install-beef afterwards.  Below is an example of after commands using the {INSTALL_LOCATION} flag.
+
+AFTER_COMMANDS="cp config/dict/rockyou.txt {INSTALL_LOCATION}"
+
+For AFTER_COMMANDS that do self install (don't need user interaction) - place an exit after your commands so it exits the shell.
+
+
+#TODO:
+
+* Add ability to support SVN, and FILE download.
+* Support other operating systems aside from Kali, Ubuntu, Debian

config/ptf.config

@@ -0,0 +1,9 @@
+######################################
+# Main PTF Configuration file
+######################################
+#
+### This is the base directory where PTF will install the files
+BASE_INSTALL_PATH="/pentest"
+
+### Specify the output log file
+LOG_PATH="src/logs/ptf.log"

modules/exploitation/beef.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#######################################
+# Installation module for BEEF
+#######################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update the Browser Exploitation Framework (BeEF)"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/beefproject/beef"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="beef"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN="ruby1.9.3,sqlite3,ruby-sqlite3"
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS="cd {INSTALL_LOCATION},ruby install-beef,exit"

modules/exploitation/responder.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for RESPONDER
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update Responder"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/Spiderlabs/Responder"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="responder"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN=""
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/exploitation/ridenum.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for RIDENUM
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update RIDENUM"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/trustedsec/ridenum"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="ridenum"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN=""
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/exploitation/set.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for SET
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update the Social-Engineer Toolkit (SET)"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/trustedsec/social-engineer-toolkit/"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="setoolkit"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN="git,build-essential,python-pexpect,python-crypto,python-openssl"
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/intelligence-gathering/dictionary.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#######################################
+# Installation module for dictionaries
+#######################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update download a massive list of dictionaries."
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/danielmiessler/SecLists/tree/master/Passwords"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="dictionary"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN=""
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/intelligence-gathering/recon-ng.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for recon-ng
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update Recon-NG"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://bitbucket.org/LaNMaSteR53/recon-ng/"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="recon-ng"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN="python"
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/post-exploitation/meterssh.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for MeterSSH
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update MeterSSH"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/trustedsec/meterssh"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="metershh"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN=""
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

modules/post-exploitation/unicorn.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+#####################################
+# Installation module for UNICORN
+#####################################
+
+# AUTHOR OF MODULE NAME
+AUTHOR="David Kennedy (ReL1K)"
+
+# DESCRIPTION OF THE MODULE
+DESCRIPTION="This module will install/update Unicorn"
+
+# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
+# OPTIONS = GIT, SVN, FILE
+INSTALL_TYPE="GIT"
+
+# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
+REPOSITORY_LOCATION="https://github.com/trustedsec/unicorn/"
+
+# WHERE DO YOU WANT TO INSTALL IT
+INSTALL_LOCATION="unicorn"
+
+# DEPENDS FOR DEBIAN INSTALLS
+DEBIAN=""
+
+# COMMANDS TO RUN AFTER
+AFTER_COMMANDS=""

ptf

@@ -0,0 +1,24 @@
+#!/usr/bin/env python
+#######################################################################################
+# The PenTesters Framewokr (PTF) - Automatic Penetration Testing Platform Creation
+# Written by: David Kennedy (ReL1K)
+# Twitter: @TrustedSec
+# Website: https://www.trustedsec.com
+#######################################################################################
+
+import sys
+
+try:
+
+    from src.core import *
+    import src.framework
+
+except KeyboardInterrupt:
+    print "\n"
+    exit_ptf()
+    sys.exit()
+
+except Exception, e:
+	print ("[!] DANGER WILL ROBINSON. DANGER WILL ROBINSON. Error has occured.")
+	print ("[!] It's not possible its due to my coding skillz, it must be you? :-)")
+	print ("[!] Printing that error. Get that error. You get it: " + str(e))

readme/CHANGELOG

@@ -0,0 +1,5 @@
+~~~~~~~~~~~~~~~~~
+version 0.1
+~~~~~~~~~~~~~~~~~
+
+* initial release of the pentesters framework

readme/changelog.txt

@@ -0,0 +1,5 @@
+~~~~~~~~~~~~~~~~~
+version 0.1
+~~~~~~~~~~~~~~~~~
+
+* initial release of the pentesters framework

src/commands.py

@@ -0,0 +1,37 @@
+#!/usr/bin/python
+##########################
+# After commands module
+##########################
+import pexpect
+# this will execute after everything is over
+def after_commands(command):
+    # if there is more than one command iterate through
+    if "," in command:
+        command = command.split(",")
+	child = pexpect.spawn("/bin/sh")
+	print "[!] Note that this will drop into a bash shell to execute commands. You will need to type exit once completed."
+        for commands in command:
+		try:
+			child.sendline(commands)
+		except: pass
+
+	# need to pass an exception here if the install has more things like psexec installer, etc.
+	try:
+		child.interact()
+
+	except: pass
+
+            #subprocess.Popen(commands, shell=True).wait()
+
+    else:
+        child = pexpect.spawn("/bin/sh")
+        print "[!] Note that this will drop into a bash shell to execute commands. You will need to type exit once completed."
+        try:
+        	child.sendline(command)
+        except: pass
+        # need to pass an exception here if the install has more things like psexec installer, etc.
+        try:
+                child.interact()
+
+        except: pass
+