Specify targets and run sets of tools against them
autopwn is designed to make a pentester's life easier and more consistent by allowing them to specify tools they would like to run against targets, without having to type them in a shell or write a script. This tool will probably be useful during certain exams as well..
Only allow this package to listen on a loopback IP address. If you have this package listen on a public IP, you're allowing arbitrary users to execute commands as root on your server. Eventually, HTTPS and credentials will be required, but for now, don't be a moron.
- Execute
pip install autopwn
- Clone the Git repository
- Change into the newly created directory
- Execute
pip install .
Running autopwn will start the web server.
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
* Restarting with stat
127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /ping HTTP/1.1" 200 -
127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /favicon.ico HTTP/1.1" 404 -
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Developed by Aidan Marlin (aidan [dot] marlin [at] nccgroup [dot] com) while working at NCC Group. Second release by Steven van der Baan.
I'd like to thank the following contributors for their work on previous autopwn versions: