Xerror is an automated penetration tool, which will helps security professionals and nonprofessionals to automate their pentesting tasks. Xerror will perform all tests and, at the end generate two reports for executives and analysts.
Xerror provides GUI easy to use menu-driven options. Internally it supports openVas for vulnerability scanning, Metasploit for exploitation, and gives GUI-based options after successful exploitation e.g Meterpreter sessions. Building in python as major.
Xerror builds on python2 as a primary language and Django2 as a web framework along with, WebSockets (Django channel) on celery server and Redis server to achieve synchronization. On the front side, it supports Django default template engine language which is jinga2 and jquery.
How to use this project:
1. Activate virtual environment by the following command
2. Start Redis server
service redis-server start
3. start python server
cd xerror 2. python mana.py runserver
4. start celery server
celery -A xerror worker -l info
5. start msfrpc server
msfrpcd -P 123 -S -a 127.0.0.1
6. start openvas server for the default set OMP server credentials to admin@admin 127.0.0.1 9392
You are good to go!
This is xerror Beta version, soon complete version will be uploaded with a complete explanation and detail of each step:
Contact: [email protected] or https://github.com/Chudry/Xerror
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky
That’s a lot of steps to start an “automated” program – perhaps you can roll those steps all into one command so the startup is also automated. Looks interesting though.