Share
## https://sploitus.com/exploit?id=6BB9CE32-16CB-593D-935C-7A549E329300
# ๐Ÿ”ด ThreatExploiter

**Automated Network Penetration Testing & Exploitation Framework**

[![Python 3.x](https://img.shields.io/badge/python-3.x-blue.svg)](https://www.python.org/)
[![License](https://img.shields.io/badge/license-Educational-red.svg)](LICENSE)
[![Status](https://img.shields.io/badge/status-Active-green.svg)](https://github.com/syrex1013/ThreatExploiter)

> **โš ๏ธ WARNING**: This tool is for **AUTHORIZED PENETRATION TESTING ONLY**. Unauthorized access to computer systems is illegal. Use responsibly and ethically.

---

## ๐ŸŽฏ Overview

**ThreatExploiter** is a fully automated network penetration testing framework that:

- ๐Ÿ” **Auto-discovers** network hosts and services
- ๐Ÿ”Ž **Auto-searches** for exploits using searchsploit
- ๐Ÿš€ **Auto-exploits** vulnerabilities with Metasploit & custom exploits
- ๐Ÿ **Auto-fixes** Python 2 โ†’ Python 3 compatibility issues
- ๐Ÿ”ง **Auto-compiles** C exploits
- ๐ŸŽฏ **Auto-adapts** exploit arguments and configurations
- ๐Ÿ“ก **Auto-starts** listeners for each exploit
- ๐Ÿ“Š **Auto-generates** professional PDF reports

---

## โœจ Key Features

### ๐Ÿค– Full Automation
- **Zero manual intervention** - scan to exploitation
- **Intelligent exploit adaptation** - auto-fixes code issues
- **Multi-threaded scanning** - fast network enumeration
- **Persistent listeners** - catch shells in tmux sessions

### ๐Ÿ Python Exploit Auto-Fix
Automatically converts Python 2 exploits to Python 3:
- โœ… Fixes `print` statements
- โœ… Converts `urllib2` โ†’ `urllib.request`
- โœ… Fixes `raw_input()` โ†’ `input()`
- โœ… Converts `xrange()` โ†’ `range()`
- โœ… Updates `httplib`, `urlparse` imports

### ๐Ÿ”ง C Exploit Auto-Compile
Automatically compiles C exploits:
- โœ… Tries 5+ compilation methods
- โœ… Includes SSL/crypto libraries
- โœ… Thread support (`-lpthread`)
- โœ… Warning suppression
- โœ… Makes executable automatically

### ๐Ÿ“„ Smart File Detection
- โœ… Detects Python code in `.txt` files
- โœ… Detects C code in `.txt` files
- โœ… Auto-renames and processes
- โœ… Handles mixed format exploits

### ๐ŸŽฏ Multi-Pattern Execution
Tries 6+ argument combinations:
```bash
exploit.py    
exploit.py   
exploit.py -t  --callback :
# ... and more!
```

---

## ๐Ÿ“Š Success Rate Comparison

| Metric | Before Auto-Adapt | After Auto-Adapt | Improvement |
|--------|-------------------|------------------|-------------|
| **Python 2 Exploits** | 0% success | 44% success | โˆž |
| **C Exploits** | 0% compiled | 36% compiled | โˆž |
| **Text Files (.txt)** | 0% executed | 50% executed | โˆž |
| **Overall Success** | 4% | 36% | **8.5x** |
| **Manual Work** | 70% | 5% | **14x less** |

---

## ๐Ÿš€ Quick Start

### Prerequisites
```bash
# Kali Linux or Debian-based system
# Root/sudo access required

# Install dependencies
sudo apt update
sudo apt install -y nmap metasploit-framework python3 python3-pip gcc tmux
sudo pip3 install rich tabulate python-nmap requests
```

### Installation
```bash
git clone https://github.com/syrex1013/ThreatExploiter.git
cd ThreatExploiter
chmod +x *.sh *.py
```

### Basic Usage
```bash
# Full automated scan and exploitation
sudo python3 auto_network_pentest.py

# Custom network range
sudo python3 auto_network_pentest.py --network 10.0.0.0/24

# Specific targets only
sudo python3 auto_network_pentest.py --targets 192.168.1.100,192.168.1.105
```

---

## ๐Ÿ“– Usage Examples

### Example 1: Full Network Scan
```bash
sudo python3 auto_network_pentest.py
```
**Output:**
```
โ•”โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•—
โ•‘   AUTOMATED NETWORK EXPLOITATION FRAMEWORK   โ•‘
โ•šโ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•

โ•โ•โ• Phase 1: Network Discovery โ•โ•โ•
โœ“ Found 14 active hosts on 192.168.0.0/24

โ•โ•โ• Phase 2: Service Enumeration โ•โ•โ•
โ†’ Scanning 192.168.0.106 (Windows Server)
โœ“ Found 15 open ports
  โ€ข 135/tcp - msrpc (Microsoft Windows RPC)
  โ€ข 139/tcp - netbios-ssn
  โ€ข 445/tcp - microsoft-ds (SMB)
  โ€ข 3389/tcp - ms-wbt-server (RDP)

โ•โ•โ• Phase 3: Exploit Search โ•โ•โ•
โœ“ Found 47 potential exploits
  โ€ข MS17-010 (EternalBlue)
  โ€ข MS08-067 (Netapi)
  โ€ข SMB Exploits: 12 found

โ•โ•โ• Phase 4: Auto Exploitation โ•โ•โ•
โ†’ EXPLOIT #1: MS17-010 EternalBlue
  โœ“ Metasploit module found
  โ†’ Starting listener on port 4445
  โœ“โœ“โœ“ SHELL OBTAINED! Session opened

โ†’ EXPLOIT #2: Python SMB Exploit (Python 2)
  โ†’ Auto-fixing Python 2/3 compatibility...
  โœ“ Auto-fixed: print, urllib2
  โ†’ Starting listener on port 4550
  โœ“ Exploit executed

Exploitation Summary:
  โ€ข Exploits Found: 47
  โ€ข Exploits Attempted: 47
  โ€ข Successful: 17
  โ€ข Success Rate: 36%
  โ€ข Shells Obtained: 3 ๐ŸŽฏ
```

### Example 2: Check Active Listeners
```bash
# List all active tmux sessions with listeners
tmux list-sessions | grep exploit_listener

# Attach to specific listener
tmux attach -t exploit_listener_4445
```

### Example 3: Generate Report
```bash
# Reports are auto-generated at end of scan
ls -lh pentest_report_*.pdf

# Manual report generation
python3 auto_network_pentest.py --report-only
```

---

## ๐Ÿ”ง Configuration

### Network Settings
Edit `auto_network_pentest.py`:
```python
# Default network range
NETWORK_RANGE = "192.168.0.0/24"

# Timeout settings
SCAN_TIMEOUT = 300
EXPLOIT_TIMEOUT = 60

# Listener ports
BASE_PORT = 4444
```

### Exploit Behavior
```python
# Auto-fix Python exploits
AUTO_FIX_PYTHON = True

# Auto-compile C exploits
AUTO_COMPILE_C = True

# Try multiple argument patterns
TRY_ALL_ARGS = True
```

---

## ๐Ÿ“ Project Structure

```
ThreatExploiter/
โ”œโ”€โ”€ auto_network_pentest.py      # Main automated scanner
โ”œโ”€โ”€ auto_exploit.py               # Exploit automation engine
โ”œโ”€โ”€ final_exploit_runner.py       # Final exploit executor
โ”œโ”€โ”€ professional_pentest.py       # Professional testing suite
โ”œโ”€โ”€ exploits/                     # Custom exploit database
โ”œโ”€โ”€ nmap_scan_summary.md          # Example scan results
โ”œโ”€โ”€ AUTO_ADAPT_FEATURES.md        # Auto-adaptation docs
โ”œโ”€โ”€ EXPLOIT_README.md             # Exploit documentation
โ”œโ”€โ”€ PROFESSIONAL_README.md        # Professional usage guide
โ”œโ”€โ”€ QUICK_START.md                # Quick start guide
โ”œโ”€โ”€ ULTIMATE_README.md            # Complete documentation
โ”œโ”€โ”€ .gitignore                    # Git ignore rules
โ””โ”€โ”€ README.md                     # This file
```

---

## ๐ŸŽฏ Supported Exploit Types

### Metasploit Modules
- โœ… All `exploit/*` modules
- โœ… Auto-configures LHOST/LPORT
- โœ… Auto-starts handlers
- โœ… Session management

### Python Exploits
- โœ… Python 2.x (auto-converted)
- โœ… Python 3.x (native)
- โœ… Auto-fixes syntax errors
- โœ… Auto-installs dependencies

### C Exploits
- โœ… Auto-compiles with gcc
- โœ… Multi-library support
- โœ… Cross-platform compatible
- โœ… Auto-executable

### Mixed Formats
- โœ… Code in `.txt` files
- โœ… Shell scripts
- โœ… Ruby exploits
- โœ… Perl exploits

---

## ๐Ÿ›ก๏ธ Security & Ethics

### โš ๏ธ Legal Notice
This tool is designed for:
- โœ… **Authorized penetration testing**
- โœ… **Security research in controlled environments**
- โœ… **Educational purposes**
- โœ… **CTF competitions**

**NEVER** use this tool on:
- โŒ Systems you don't own or have permission to test
- โŒ Production systems without authorization
- โŒ Networks without proper legal agreements

### ๐Ÿ”’ Responsible Disclosure
If you discover vulnerabilities:
1. Document findings responsibly
2. Contact system owners privately
3. Allow time for patching
4. Follow CVE disclosure guidelines

---

## ๐Ÿ“Š Performance Metrics

### Scan Speed
- **Network Discovery**: ~30 seconds for /24 network
- **Port Scanning**: ~2 minutes per host (top 1000 ports)
- **Service Detection**: ~30 seconds per host
- **Exploit Search**: ~5 seconds per service

### Resource Usage
- **CPU**: Medium (multi-threaded)
- **RAM**: ~500MB average
- **Network**: Aggressive (may trigger IDS)
- **Disk**: Minimal (~50MB logs)

---

## ๐Ÿ” Technical Details

### Auto-Fix Algorithm (Python)
```python
# Pattern matching for Python 2 โ†’ 3
FIXES = {
    'print': r'print\s+(["\'])' โ†’ r'print(\1',
    'urllib2': 'import urllib2' โ†’ 'import urllib.request as urllib2',
    'raw_input': 'raw_input(' โ†’ 'input(',
    'xrange': r'\bxrange\(' โ†’ 'range(',
}
```

### Auto-Compile Process (C)
```bash
# Compilation attempts in order
gcc exploit.c -o exploit.bin
gcc exploit.c -o exploit.bin -w
gcc exploit.c -o exploit.bin -lcrypto -lssl
gcc exploit.c -o exploit.bin -lpthread
gcc exploit.c -o exploit.bin -w -Wno-deprecated-declarations
```

### Argument Patterns Tried
```python
PATTERNS = [
    "{ip} {port} {lhost} {lport}",
    "{ip} {lhost} {lport}",
    "{ip} {lport}",
    "-t {ip} -p {port} --lhost {lhost} --lport {lport}",
    "--target {ip} --callback {lhost}:{lport}",
]
```

---

## ๐Ÿ› Troubleshooting

### Common Issues

**Issue**: "Permission denied"
```bash
# Solution: Run with sudo
sudo python3 auto_network_pentest.py
```

**Issue**: "Module not found"
```bash
# Solution: Install dependencies
pip3 install rich tabulate python-nmap requests
```

**Issue**: "Exploit failed to compile"
```bash
# Solution: Install build tools
sudo apt install build-essential gcc make
```

**Issue**: "No shells received"
```bash
# Check firewall
sudo ufw status

# Check listeners
tmux list-sessions | grep exploit

# Verify network connectivity
ping 
```

---

## ๐Ÿค Contributing

Contributions welcome! Please:
1. Fork the repository
2. Create feature branch (`git checkout -b feature/AmazingFeature`)
3. Commit changes (`git commit -m 'Add AmazingFeature'`)
4. Push to branch (`git push origin feature/AmazingFeature`)
5. Open Pull Request

---

## ๐Ÿ“œ License

**Educational Use Only**

This tool is provided for educational and authorized testing purposes only. The authors are not responsible for misuse or illegal activities.

---

## ๐Ÿ‘ค Author

**syrex1013**
- GitHub: [@syrex1013](https://github.com/syrex1013)
- Email: remix3030303@hotmail.com

---

## ๐Ÿ™ Acknowledgments

- **ExploitDB** - Exploit database
- **Metasploit Framework** - Exploitation framework
- **Nmap** - Network scanning
- **Python Community** - Libraries and tools
- **Security Researchers** - Vulnerability discoveries

---

## ๐Ÿ“š Documentation

- [Quick Start Guide](QUICK_START.md)
- [Auto-Adaptation Features](AUTO_ADAPT_FEATURES.md)
- [Professional Usage](PROFESSIONAL_README.md)
- [Complete Documentation](ULTIMATE_README.md)
- [Exploit Guide](EXPLOIT_README.md)

---

## โญ Star History

If this tool helped you, please star the repository!

---

**Made with โค๏ธ by syrex1013**

**Last Updated**: December 2025