Share
## https://sploitus.com/exploit?id=C158BF5D-D13F-526E-AE64-F498AFE83810
# SecBot v2.0


  
  
  
  



  Advanced Security Reconnaissance Toolkit for Ethical Hackers & Pentesters



  Made by p6cy / kareeen133


```
   _____ _____ _____ ____  ____ _____
  / ___// ____/ ____/ __ )/ __ /_   _/
  \__ \/ __/ / /   / __  / / / / / /
 ___/ / /___/ /___/ /_/ / /_/ / / /
/____/_____/\____/_____/\____/ /_/   v2.0

    Advanced Security Reconnaissance Toolkit
```

---

## Features

### Reconnaissance
- Subdomain enumeration with custom wordlists
- Subdomain takeover vulnerability detection
- WHOIS & DNS lookups with zone transfer checks
- Web technology fingerprinting
- Wayback Machine URL extraction
- Certificate transparency (crt.sh) search

### Network Analysis
- Multi-threaded port scanning
- Service version detection
- SSL/TLS security analysis
- Ping & traceroute
- GeoIP lookup
- Reverse DNS

### Web Security Testing
- Security headers analysis
- CORS misconfiguration detection
- HTTP methods enumeration
- Website crawler
- Directory bruteforce
- Parameter fuzzing
- robots.txt parser

### Payload Generators
- XSS payloads (multiple contexts)
- SQL injection payloads (MySQL, MSSQL, Oracle, PostgreSQL)
- LFI/RFI payloads
- SSTI payloads (Jinja2, Twig, Freemarker, Smarty)
- XXE payloads
- Reverse shell generator (Bash, Python, PHP, NC, PowerShell)

### Cryptography
- Hash generation (MD5, SHA1, SHA256, SHA512, bcrypt)
- Hash identification
- Hash cracking with wordlists
- JWT decode & none-algorithm attack
- Multi-format encoding/decoding (Base64, Hex, URL, HTML, Binary)
- Classical ciphers (Caesar, ROT13, Vigenere, XOR, Atbash)

### OSINT
- Username checker across 25+ platforms
- Email OSINT
- Google dork generator
- File metadata extraction
- Phone number lookup

### Exploit Research
- CVE lookup
- ExploitDB search
- Vulners database search

### Utilities
- Secure password generator
- Custom wordlist generator
- User agent spoofing
- Session export (JSON, HTML, Markdown)

---

## Installation

```bash
# Clone the repository
git clone https://github.com/kareeen133/secbot.git
cd secbot

# Install dependencies
pip install -r requirements.txt

# Run SecBot
python main.py
```

## Requirements

- Python 3.8+
- requests
- dnspython
- python-whois
- pyOpenSSL (optional, for detailed SSL info)

---

## Usage

```bash
python main.py
```

Type `modules` to see all categories, `help` to see all commands.

### Example Commands

```bash
# Subdomain enumeration
secbot> subdomains example.com

# Port scanning
secbot> portscan 192.168.1.1
secbot> portscan example.com 1-1000

# Security headers check
secbot> headers https://example.com

# Generate XSS payloads
secbot> xss html

# Crack a hash
secbot> crack 5f4dcc3b5aa765d61d8327deb882cf99

# Check username across platforms
secbot> username johndoe

# Generate reverse shell
secbot> revshell python 10.10.10.10 4444

# CVE lookup
secbot> cve CVE-2021-44228
```

---

## Commands Reference

| Command | Description |
|---------|-------------|
| `subdomains ` | Enumerate subdomains |
| `subdomain_takeover ` | Check for takeover vulnerabilities |
| `whois ` | WHOIS lookup |
| `dns ` | DNS enumeration |
| `tech ` | Detect technologies |
| `crtsh ` | Certificate transparency search |
| `portscan  [ports]` | Port scanning |
| `fullscan ` | Full scan + service detection |
| `ssl ` | SSL/TLS analysis |
| `ping ` | Ping host |
| `geoip ` | GeoIP lookup |
| `ipinfo [ip]` | Get IP information |
| `headers ` | Security headers check |
| `cors ` | CORS misconfiguration check |
| `httpmethods ` | Check HTTP methods |
| `robots ` | Fetch robots.txt |
| `crawl  [depth]` | Crawl website |
| `dirbrute ` | Directory bruteforce |
| `xss [context]` | XSS payloads |
| `sqli [dbtype]` | SQLi payloads |
| `lfi [os]` | LFI payloads |
| `ssti [engine]` | SSTI payloads |
| `xxe` | XXE payloads |
| `hash ` | Generate hashes |
| `identify ` | Identify hash type |
| `crack  [wordlist]` | Crack hash |
| `jwt ` | Decode JWT |
| `jwtforge ` | JWT none-alg attack |
| `encode  ` | Encode text |
| `decode  ` | Decode text |
| `username ` | Check username |
| `email ` | Email OSINT |
| `dork ` | Google dorks |
| `cve ` | CVE lookup |
| `exploitdb ` | Search ExploitDB |
| `revshell   ` | Reverse shell generator |
| `password [len] [type]` | Generate password |
| `export ` | Export session |

---

## Screenshots


  Add your screenshots here after running the tool


---

## Disclaimer

This tool is intended for **authorized security testing** and **educational purposes only**.

- Always obtain proper authorization before testing any systems
- The developers are not responsible for any misuse of this tool
- Use responsibly and ethically

---

## Contributing

Contributions are welcome! Feel free to:
- Report bugs
- Suggest new features
- Submit pull requests

---

## Connect

- GitHub: [@kareeen133](https://github.com/kareeen133)

---

## License

This project is licensed under the MIT License.

---


  Star this repo if you find it useful!