AutoPWN Suite

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Features

• Fully automatic!
• Detect network IP range without any user input.
• Vulnerability detection based on version.
• Web app vulnerability testing. (LFI, XSS, SQLI)
• Web app dirbusting.
• Get information about the vulnerability right from your terminal.
• Automatically download exploit related with vulnerability.
• Noise mode for creating a noise on the network.
• Evasion mode for being sneaky.
• Automatically decide which scan types to use based on privilege.
• Easy to read output.
• Specify your arguments using a config file.
• Send scan results via webhook or email.
• Works on Windows, MacOS and Linux.
• Use as a module!
• Use as a Daemon to periodically scan the network.

How does it work?

AutoPWN Suite uses nmap TCP-SYN scan to enumerate the host and detect the version of softwares running on it. After gathering enough information about the host, AutoPWN Suite automatically generates a list of "keywords" to search NIST vulnerability database.

Demo

AutoPWN Suite has a very user friendly easy to read output.

Installation

Windows

git clone https://github.com/GamehunterKaan/AutoPWN-Suite.git
cd AutoPWN-Suite
pip install -r requirements.txt

Linux

For a system-wide installation on Linux (which requires root privileges), use the provided installation script. (Recommended)

# Install as root
sudo bash install.sh
# Uninstall
sudo bash uninstall.sh

You can clone the repo and create a virtual environment. This installation method can be used for non-root installation in Linux.

git clone https://github.com/GamehunterKaan/AutoPWN-Suite.git
cd AutoPWN-Suite
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

Docker

You can use the docker image.

docker pull gamehunterkaan/autopwn-suite
docker run -it gamehunterkaan/autopwn-suite

Cloud

You can use Google Cloud Shell.

Usage

Running with root privileges (sudo) is always recommended.

Automatic Mode

autopwn-suite -y

Scan a Specific Target

autopwn-suite -t <target ip address>

Change Scanning Speed

autopwn-suite -s <1, 2, 3, 4, 5>

Change Scanning Mode

autopwn-suite -m <evade, noise, normal>

For more details about usage and flags use -h flag.

Install Daemon

autopwn-suite --daemon-install

Module Usage

from autopwn_suite.api import AutoScanner

scanner = AutoScanner()
json_results = scanner.scan("192.168.0.1")
scanner.save_to_file("autopwn.json")

Development and Testing

You can use poetry to install dependencies and run tests.

Installing dependencies

poetry install

Running Tests

# Run all tests with coverage
poetry run test

# Run tests without coverage
poetry run test --no-cov

# Run only unit tests
poetry run test -m unit

# Run only integration tests
poetry run test -m integration

# Run tests excluding slow tests
poetry run test -m "not slow"

Contributing to AutoPWN Suite

I would be glad if you are willing to contribute this project. I am looking forward to merge your pull request unless its something that is not needed or just a personal preference. Also minor changes and bug fixes will not be merged. Please create an issue for those and I will do it myself. Click here for more info!

Legal

You may not rent or lease, distribute, modify, sell or transfer the software to a third party. AutoPWN Suite is free for distribution, and modification with the condition that credit is provided to the creator and not used for commercial use. You may not use software for illegal or nefarious purposes. No liability for consequential damages to the maximum extent permitted by all applicable laws.

Support or Contact

Having trouble using this tool? You can create an issue or create a discussion!