mblanke/StrikePackageGPT
1
0
Fork 0
mirror of https://github.com/mblanke/StrikePackageGPT.git synced 2026-03-01 06:10:21 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
b9428df6df7523b4682c586ee645763b4ae03f2c
StrikePackageGPT/services/shared/tools.py
mblanke b9428df6df feat: Add HackGpt Enterprise features 
- 6-Phase pentest methodology UI (Recon, Scanning, Vuln, Exploit, Report, Retest)
- Phase-aware AI prompts with context from current phase
- Attack chain analysis and visualization
- CVSS-style severity badges (CRITICAL/HIGH/MEDIUM/LOW)
- Findings sidebar with severity counts
- Phase-specific tools and quick actions
2025-11-28 10:54:25 -05:00

264 lines
8.9 KiB
Python
Raw Blame History

"""
Security tool definitions and command builders.
"""
from typing import Dict, List, Optional, Any
SECURITY_TOOLS = {
# ============== Reconnaissance ==============
"nmap": {
"name": "nmap",
"description": "Network scanner and security auditing tool",
"category": "reconnaissance",
"templates": {
"quick": "nmap -T4 -F {target}",
"full": "nmap -sV -sC -O -p- {target}",
"stealth": "nmap -sS -T2 -f {target}",
"udp": "nmap -sU --top-ports 100 {target}",
"vuln": "nmap --script vuln {target}",
"version": "nmap -sV -p {ports} {target}",
"os": "nmap -O --osscan-guess {target}",
},
"default_template": "quick",
"output_parser": "nmap"
},
"masscan": {
"name": "masscan",
"description": "Fast TCP port scanner",
"category": "reconnaissance",
"templates": {
"quick": "masscan {target} --ports 0-1000 --rate 1000",
"full": "masscan {target} --ports 0-65535 --rate 10000",
"top100": "masscan {target} --top-ports 100 --rate 1000",
},
"default_template": "quick",
},
"amass": {
"name": "amass",
"description": "Subdomain enumeration tool",
"category": "reconnaissance",
"templates": {
"passive": "amass enum -passive -d {target}",
"active": "amass enum -active -d {target}",
"intel": "amass intel -d {target}",
},
"default_template": "passive",
},
"theharvester": {
"name": "theHarvester",
"description": "OSINT tool for gathering emails, names, subdomains",
"category": "reconnaissance",
"templates": {
"all": "theHarvester -d {target} -b all",
"google": "theHarvester -d {target} -b google",
"linkedin": "theHarvester -d {target} -b linkedin",
},
"default_template": "all",
},
"whatweb": {
"name": "whatweb",
"description": "Web technology fingerprinting",
"category": "reconnaissance",
"templates": {
"default": "whatweb {target}",
"aggressive": "whatweb -a 3 {target}",
"verbose": "whatweb -v {target}",
},
"default_template": "default",
},
"dnsrecon": {
"name": "dnsrecon",
"description": "DNS enumeration tool",
"category": "reconnaissance",
"templates": {
"standard": "dnsrecon -d {target}",
"zone": "dnsrecon -d {target} -t axfr",
"brute": "dnsrecon -d {target} -t brt",
},
"default_template": "standard",
},
# ============== Vulnerability Scanning ==============
"nikto": {
"name": "nikto",
"description": "Web server vulnerability scanner",
"category": "vulnerability_scanning",
"templates": {
"default": "nikto -h {target}",
"ssl": "nikto -h {target} -ssl",
"tuning": "nikto -h {target} -Tuning x",
"full": "nikto -h {target} -C all",
},
"default_template": "default",
"output_parser": "nikto"
},
"sqlmap": {
"name": "sqlmap",
"description": "SQL injection detection and exploitation",
"category": "vulnerability_scanning",
"templates": {
"test": "sqlmap -u '{target}' --batch",
"dbs": "sqlmap -u '{target}' --batch --dbs",
"tables": "sqlmap -u '{target}' --batch -D {database} --tables",
"dump": "sqlmap -u '{target}' --batch -D {database} -T {table} --dump",
"forms": "sqlmap -u '{target}' --batch --forms",
},
"default_template": "test",
"output_parser": "sqlmap"
},
"wpscan": {
"name": "wpscan",
"description": "WordPress vulnerability scanner",
"category": "vulnerability_scanning",
"templates": {
"default": "wpscan --url {target}",
"enumerate": "wpscan --url {target} -e vp,vt,u",
"aggressive": "wpscan --url {target} -e ap,at,u --plugins-detection aggressive",
},
"default_template": "default",
},
# ============== Web Testing ==============
"gobuster": {
"name": "gobuster",
"description": "Directory/file brute-forcing",
"category": "web_testing",
"templates": {
"dir": "gobuster dir -u {target} -w /usr/share/wordlists/dirb/common.txt",
"big": "gobuster dir -u {target} -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt",
"dns": "gobuster dns -d {target} -w /usr/share/wordlists/dns/subdomains-top1million-5000.txt",
"vhost": "gobuster vhost -u {target} -w /usr/share/wordlists/dns/subdomains-top1million-5000.txt",
},
"default_template": "dir",
"output_parser": "gobuster"
},
"ffuf": {
"name": "ffuf",
"description": "Fast web fuzzer",
"category": "web_testing",
"templates": {
"dir": "ffuf -u {target}/FUZZ -w /usr/share/wordlists/dirb/common.txt",
"vhost": "ffuf -u {target} -H 'Host: FUZZ.{domain}' -w /usr/share/wordlists/dns/subdomains-top1million-5000.txt",
"param": "ffuf -u '{target}?FUZZ=test' -w /usr/share/wordlists/dirb/common.txt",
},
"default_template": "dir",
},
"dirb": {
"name": "dirb",
"description": "Web content scanner",
"category": "web_testing",
"templates": {
"default": "dirb {target}",
"small": "dirb {target} /usr/share/wordlists/dirb/small.txt",
"big": "dirb {target} /usr/share/wordlists/dirb/big.txt",
},
"default_template": "default",
},
# ============== Exploitation ==============
"searchsploit": {
"name": "searchsploit",
"description": "Exploit database search tool",
"category": "exploitation",
"templates": {
"search": "searchsploit {query}",
"exact": "searchsploit -e {query}",
"json": "searchsploit -j {query}",
"path": "searchsploit -p {exploit_id}",
},
"default_template": "search",
},
"hydra": {
"name": "hydra",
"description": "Network login cracker",
"category": "password_attacks",
"templates": {
"ssh": "hydra -l {user} -P /usr/share/wordlists/rockyou.txt {target} ssh",
"ftp": "hydra -l {user} -P /usr/share/wordlists/rockyou.txt {target} ftp",
"http_post": "hydra -l {user} -P /usr/share/wordlists/rockyou.txt {target} http-post-form '{form}'",
"smb": "hydra -l {user} -P /usr/share/wordlists/rockyou.txt {target} smb",
},
"default_template": "ssh",
"output_parser": "hydra"
},
# ============== Network Tools ==============
"netcat": {
"name": "nc",
"description": "Network utility for TCP/UDP connections",
"category": "network",
"templates": {
"listen": "nc -lvnp {port}",
"connect": "nc -v {target} {port}",
"scan": "nc -zv {target} {port_range}",
},
"default_template": "scan",
},
"curl": {
"name": "curl",
"description": "HTTP client",
"category": "web_testing",
"templates": {
"get": "curl -v {target}",
"headers": "curl -I {target}",
"post": "curl -X POST -d '{data}' {target}",
"follow": "curl -L -v {target}",
},
"default_template": "get",
},
}
def get_tool(name: str) -> Optional[Dict[str, Any]]:
"""Get tool definition by name."""
return SECURITY_TOOLS.get(name.lower())
def get_tools_by_category(category: str) -> List[Dict[str, Any]]:
"""Get all tools in a category."""
return [tool for tool in SECURITY_TOOLS.values() if tool.get("category") == category]
def build_command(tool_name: str, template_name: str = None, **kwargs) -> Optional[str]:
"""Build a command from a tool template."""
tool = get_tool(tool_name)
if not tool:
return None
template_name = template_name or tool.get("default_template")
template = tool.get("templates", {}).get(template_name)
if not template:
return None
try:
return template.format(**kwargs)
except KeyError as e:
return None
def list_all_tools() -> Dict[str, List[Dict[str, str]]]:
"""List all available tools grouped by category."""
result = {}
for tool in SECURITY_TOOLS.values():
category = tool.get("category", "other")
if category not in result:
result[category] = []
result[category].append({
"name": tool["name"],
"description": tool["description"],
"templates": list(tool.get("templates", {}).keys())
})
return result
Reference in New Issue View Git Blame Copy Permalink