Es una herramienta de código abierto, que está diseñado para automatizar la búsqueda de exploits en las principales bases de datos. Desarrollado en Python, tiene un sistema de búsqueda avanzada, facilitando así el trabajo de pentesters y hackers éticos. En su versión actual, realiza búsquedas en bases de datos: Exploit-db, 1337 días, Packetstorm Seguridad ...
Imformación (Readme)Installation
You can download the latest tarball by clicking here or latest zipball by clicking here.
Preferably, you can download pompem by cloning the Git repository:
git clone [url]https://github.com/rfunix/Pompem.git[/url] Pompem-dev
Pompem works out of the box with Python version '''2.6.x''' and '''2.7.x''' on any platform.
Pompem lib uses the following setup:
* BeautifulSoup
* Requests
If you have not realized the Download or use virtualenv:
* Create virtual env with virtualenv .env
* Activate virtualenv with source .env/bin/activate
* Install dependêncies with pip install -r requirements.txt
If you use pip and have not vitualenv use 'sudo pip install virtualenv' or see virtualenv website.
Usage
To get the list of basic options and information about the project:
python pompem.py -h
Examples of use:
python pompem.py -s Wordpress
python pompem.py -s Joomla --html
python pompem.py -s "Internet Explorer,joomla,wordpress" --html
python pompem.py -s FortiGate --txt
python pompem.py -s ssh,ftp,mysql
python pompem.py -s "joomla" -g
python pompem.py --update
Update
Last Modification: 2015-09-18
Codigo Fuente#!/usr/bin/python
# -*- coding: utf-8 -*-
import sys
sys.path.insert(0, '..')
import optparse
from engine.update import UpdateVersion
from engine.exec_and_print import execute
def main():
parser = optparse.OptionParser(add_help_option=False)
parser.add_option("-s", "--search", dest="keywords", type="string",
help="text for search",)
parser.add_option("--txt", dest="fileText", \
action="store_true", help="enter the file name",)
parser.add_option("--html", dest="fileHtml", action="store_true", \
help="enter the file name",)
parser.add_option("--update",
action="store_true", dest="update",
help="upgrade to latest version")
parser.add_option("-g","--get",
action="store_true", dest="get",
help="Download Exploits")
parser.add_option("-h", "--help",
action="store_true", dest="help", help="-h")
(options, args) = parser.parse_args()
args_parameters = {}
keywords = options.keywords
fileText = options.fileText
fileHtml = options.fileHtml
update = options.update
get = options.get
help = options.help
if help:
print_help_message()
return
#keywords = "ssh"
if (update):
u = UpdateVersion()
u.update() #Update from github
return
if (get):
args_parameters["get"] = True
if(keywords):
keywordsformated = str(keywords).split(",")
if fileText:
args_parameters["fileText"] = fileText
if fileHtml:
args_parameters["fileHtml"] = fileHtml
if keywordsformated:
args_parameters["keywordsformated"] = keywordsformated
args_parameters["keywords"] = keywords
execute(**args_parameters)
else:
basic_info()
return
def print_help_message():
print """
Options:
-h, --help show this help message and exit
-s, --search <keyword,keyword,keyword> text for search
--txt Write txt File
--html Write html File
--update upgrade to latest version
-g, --get Download exploit files
"""
def basic_info():
print """
Pompem - Exploit Finder | Developed by Relax Lab
\n Rafael Francischini (Programmer and Ethical Hacker) - @rfunix\n
Bruno Fraga (Security Researcher) - @brunofraga_net\n
Usage: pompem.py [-s/--search <keyword,keyword,keyword,...>]
[--txt Write txt file [�
y ]
[--html Write html file ]
6-ExB-g/--get Download exploit files ]
\n Get basic options and Help, use: -h\--help
"""
if __name__ == "__main__":
main()
You are not allowed to view links.
Register or
LoginFuente: Zephomet
