Share
## https://sploitus.com/exploit?id=C158BF5D-D13F-526E-AE64-F498AFE83810
# SecBot v2.0
Advanced Security Reconnaissance Toolkit for Ethical Hackers & Pentesters
Made by p6cy / kareeen133
```
_____ _____ _____ ____ ____ _____
/ ___// ____/ ____/ __ )/ __ /_ _/
\__ \/ __/ / / / __ / / / / / /
___/ / /___/ /___/ /_/ / /_/ / / /
/____/_____/\____/_____/\____/ /_/ v2.0
Advanced Security Reconnaissance Toolkit
```
---
## Features
### Reconnaissance
- Subdomain enumeration with custom wordlists
- Subdomain takeover vulnerability detection
- WHOIS & DNS lookups with zone transfer checks
- Web technology fingerprinting
- Wayback Machine URL extraction
- Certificate transparency (crt.sh) search
### Network Analysis
- Multi-threaded port scanning
- Service version detection
- SSL/TLS security analysis
- Ping & traceroute
- GeoIP lookup
- Reverse DNS
### Web Security Testing
- Security headers analysis
- CORS misconfiguration detection
- HTTP methods enumeration
- Website crawler
- Directory bruteforce
- Parameter fuzzing
- robots.txt parser
### Payload Generators
- XSS payloads (multiple contexts)
- SQL injection payloads (MySQL, MSSQL, Oracle, PostgreSQL)
- LFI/RFI payloads
- SSTI payloads (Jinja2, Twig, Freemarker, Smarty)
- XXE payloads
- Reverse shell generator (Bash, Python, PHP, NC, PowerShell)
### Cryptography
- Hash generation (MD5, SHA1, SHA256, SHA512, bcrypt)
- Hash identification
- Hash cracking with wordlists
- JWT decode & none-algorithm attack
- Multi-format encoding/decoding (Base64, Hex, URL, HTML, Binary)
- Classical ciphers (Caesar, ROT13, Vigenere, XOR, Atbash)
### OSINT
- Username checker across 25+ platforms
- Email OSINT
- Google dork generator
- File metadata extraction
- Phone number lookup
### Exploit Research
- CVE lookup
- ExploitDB search
- Vulners database search
### Utilities
- Secure password generator
- Custom wordlist generator
- User agent spoofing
- Session export (JSON, HTML, Markdown)
---
## Installation
```bash
# Clone the repository
git clone https://github.com/kareeen133/secbot.git
cd secbot
# Install dependencies
pip install -r requirements.txt
# Run SecBot
python main.py
```
## Requirements
- Python 3.8+
- requests
- dnspython
- python-whois
- pyOpenSSL (optional, for detailed SSL info)
---
## Usage
```bash
python main.py
```
Type `modules` to see all categories, `help` to see all commands.
### Example Commands
```bash
# Subdomain enumeration
secbot> subdomains example.com
# Port scanning
secbot> portscan 192.168.1.1
secbot> portscan example.com 1-1000
# Security headers check
secbot> headers https://example.com
# Generate XSS payloads
secbot> xss html
# Crack a hash
secbot> crack 5f4dcc3b5aa765d61d8327deb882cf99
# Check username across platforms
secbot> username johndoe
# Generate reverse shell
secbot> revshell python 10.10.10.10 4444
# CVE lookup
secbot> cve CVE-2021-44228
```
---
## Commands Reference
| Command | Description |
|---------|-------------|
| `subdomains ` | Enumerate subdomains |
| `subdomain_takeover ` | Check for takeover vulnerabilities |
| `whois ` | WHOIS lookup |
| `dns ` | DNS enumeration |
| `tech ` | Detect technologies |
| `crtsh ` | Certificate transparency search |
| `portscan [ports]` | Port scanning |
| `fullscan ` | Full scan + service detection |
| `ssl ` | SSL/TLS analysis |
| `ping ` | Ping host |
| `geoip ` | GeoIP lookup |
| `ipinfo [ip]` | Get IP information |
| `headers ` | Security headers check |
| `cors ` | CORS misconfiguration check |
| `httpmethods ` | Check HTTP methods |
| `robots ` | Fetch robots.txt |
| `crawl [depth]` | Crawl website |
| `dirbrute ` | Directory bruteforce |
| `xss [context]` | XSS payloads |
| `sqli [dbtype]` | SQLi payloads |
| `lfi [os]` | LFI payloads |
| `ssti [engine]` | SSTI payloads |
| `xxe` | XXE payloads |
| `hash ` | Generate hashes |
| `identify ` | Identify hash type |
| `crack [wordlist]` | Crack hash |
| `jwt ` | Decode JWT |
| `jwtforge ` | JWT none-alg attack |
| `encode ` | Encode text |
| `decode ` | Decode text |
| `username ` | Check username |
| `email ` | Email OSINT |
| `dork ` | Google dorks |
| `cve ` | CVE lookup |
| `exploitdb ` | Search ExploitDB |
| `revshell ` | Reverse shell generator |
| `password [len] [type]` | Generate password |
| `export ` | Export session |
---
## Screenshots
Add your screenshots here after running the tool
---
## Disclaimer
This tool is intended for **authorized security testing** and **educational purposes only**.
- Always obtain proper authorization before testing any systems
- The developers are not responsible for any misuse of this tool
- Use responsibly and ethically
---
## Contributing
Contributions are welcome! Feel free to:
- Report bugs
- Suggest new features
- Submit pull requests
---
## Connect
- GitHub: [@kareeen133](https://github.com/kareeen133)
---
## License
This project is licensed under the MIT License.
---
Star this repo if you find it useful!