TIDoS: The Offensive Web Application Penetration Testing Framework

A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis.

Here is some light on what the framework is all about:

• A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis.
• Has 5 main phases, subdivided into 14 sub-phases consisting a total of 108 modules.
• Reconnaissance Phase has 50 modules of its own (including active and passive recon, information disclosure modules).
• Scanning & Enumeration Phase has got 16 modules (including port scans, WAF analysis, etc)
• Vulnerability Analysis Phase has 37 modules (including most common vulnerabilities in action).
• Exploits Castle has only 1 exploit. (purely developmental)
• And finally, Auxiliaries have got 4 modules. more under development
• All four phases each have an Auto-Awesome module which automates every module for you.
• huge performance boost through multiprocessing
• Piping Attacks through Tor (not implemented everywhere yet)
• You just need the domain, and leave everything is to this tool.
• TIDoS has full verbose out support, so you’ll know whats going on.
• Attacking now even easier with a new GUI

Main new features

• the programming language: TIDoS is fully ported to Python3
• the interface: TIDoS presents a new, Metasploit-like console interface
• Parallelisation: TIDoS uses multiprocessing to speed up attacks
• An alternative CLI interface for faster interaction with one specific module
• Anonymity: Attacking through Tor is possible (95% done)
• Module Completion: Some modules have been feature-extended (e.g. more evasion, supporting more than 1 query parameter)
• Some new modules: arpscan
• A Graphical User Interface for easier interaction with the toolkit
• Supports non-default http(s) ports

Upcoming

• results of modules will be stored in a database
• new modules: nikto&photon

Installation

Installation Script (Globally)

To install the framework globally in /opt, run the provided core/install.py script as root. After this, you can launch TIDoS simply by typing tidos on the command line.

Manual Installation (Locally)

• Clone the repository locally and navigate there:

git clone https://github.com/0xinfection/tidos-framework.git
cd tidos-framework

TIDoS needs some libraries to run, which can be installed via aptitude or dnf Package Managers.

sudo apt-get install libncurses5 libxml2 nmap tcpdump libexiv2-dev build-essential python3-pip libmariadbclient18 libmysqlclient-dev tor konsole

Now after these dependencies are finished installing, we need to install the remaining Python Package dependencies, hence run:

pip3 install -r requirements.txt

TIDoS uses Vailyn to scan for path traversals in a new, improved path traversal module. If you want to use that module, head to https://github.com/VainlyStrain/Vailyn, and follow the installation instructions there.

Thats it. You now have TIDoS at your service. Fire it up using:

python3 tidv2               #Qt5 interface
sudo python3 tidconsole.py  #console interface

Docker image

You can build it from Dockerfile:

git clone https://github.com/0xinfection/tidos-framework.git
cd tidos-framework/core/docker
docker build -t tidos .

To run TIDoS:

docker run --interactive --tty --rm tidos bash
tidos

Update: TIDoS is now available on Docker Hub. Install and run the container like this:

docker run -it vainlystrain/tidos-framework

Updating TIDoS

To get the current version of TIDoS, move into the installation folder and perform (sudo) git pull #sudo if installed by install.py. Alternatively, you can run the fetch command in tidconsole.

Getting Started

To get started, you need to set your own API KEYS for various OSINT & Scanning and Enumeration purposes. To do so, open up API_KEYS.py under files/ directory and set your own keys and access tokens for SHODAN, CENSYS, FULL CONTACT, GOOGLE and WHATCMS.

Commands:

__                                                    __                                                        
 !  attack    Attack specified target(s)              M
 :  clear     Clear terminal.                         :
 V  creds     Handle target credentials.              
 :  fetch     Check for and install updates.          :
 :  find      Search a module.                        :
    help      Show help message.                      :
    info      Show description of current module.     M
 :  intro     Display Intro.                          :
 :  leave     Leave module.                           M
    list      List all modules of a category.         :
 :  load      Load module.                            :
 :  netinfo   Show network information.               :
 :  opts      Show options of current module.         M
    phpsploit Load the phpsploit framework.           :
              (needs to be downloaded externally)
 :  processes Set number of processes in parallelis.  :
    q         Terminate TIDoS session.                :
 :  sessions  Interact with cached sessions.          :
 :  set       Set option value of module.             M
 :  tor       Pipe Attacks through the Tor Network.   :
    vicadd    Add Target to list.                     :
    vicdel    Delete Target from list.                :
    viclist   List all targets.                       :

  Avail. Cmds
    M needs loaded modvle
    V [! potentially] need loaded target(s)