{"id":13492638,"url":"https://github.com/0xInfection/TIDoS-Framework","last_synced_at":"2025-03-28T10:32:51.264Z","repository":{"id":40589217,"uuid":"136580263","full_name":"0xInfection/TIDoS-Framework","owner":"0xInfection","description":"The Offensive Manual Web Application Penetration Testing Framework.","archived":false,"fork":false,"pushed_at":"2023-04-19T19:02:06.000Z","size":23850,"stargazers_count":1778,"open_issues_count":16,"forks_count":389,"subscribers_count":124,"default_branch":"master","last_synced_at":"2024-10-29T17:56:09.448Z","etag":null,"topics":["enumeration","exploitation","footprinting","intelligence-gathering","osint","reconnaissance","scanning-enumeration","tidos-framework","vulnerability-analysis","vulnerability-detection","web-application-security","web-fuzzer","web-penetration-testing"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xInfection.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2018-06-08T07:05:39.000Z","updated_at":"2024-10-27T08:15:50.000Z","dependencies_parsed_at":"2022-07-13T15:59:28.515Z","dependency_job_id":"af15a32f-3be6-4275-8d95-d75e330ed3da","html_url":"https://github.com/0xInfection/TIDoS-Framework","commit_stats":null,"previous_names":["theinfecteddrake/tidos-framework"],"tags_count":21,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xInfection%2FTIDoS-Framework","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xInfection%2FTIDoS-Framework/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xInfection%2FTIDoS-Framework/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xInfection%2FTIDoS-Framework/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xInfection","download_url":"https://codeload.github.com/0xInfection/TIDoS-Framework/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222369834,"owners_count":16973287,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["enumeration","exploitation","footprinting","intelligence-gathering","osint","reconnaissance","scanning-enumeration","tidos-framework","vulnerability-analysis","vulnerability-detection","web-application-security","web-fuzzer","web-penetration-testing"],"created_at":"2024-07-31T19:01:07.740Z","updated_at":"2024-10-31T06:31:25.408Z","avatar_url":"https://github.com/0xInfection.png","language":"Python","readme":"\u003ch1 align=\"center\"\u003e\n  \u003cimg src='files/logo.png' height='500'\u003e\u003c/img\u003e\u003cbr\u003e\n  TIDoS\n  \u003cbr\u003e\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/0xInfection/TIDoS-Framework/blob/master/TIDoS\"\u003e\n    \u003cimg src=\"https://img.shields.io/static/v1.svg?label=Version\u0026message=2.0\u0026color=lightgrey\u0026style=flat-square\u0026logo=dev.to\u0026logoColor=white\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://www.python.org/\"\u003e\n    \u003cimg src=\"https://img.shields.io/static/v1.svg?label=Python\u0026message=3.7%2B\u0026color=lightgrey\u0026style=flat-square\u0026logo=python\u0026logoColor=white\"\u003e\n  \u003c/a\u003e\u003cbr\u003e\n  The Offensive Web Application Penetration Testing Framework.\n\u003c/p\u003e\n\n\u003e __IMPORTANT__:\n\u003e\n\u003e The new Qt5 interface is complete, but has additional dependencies. Take a look at the updated installation instructions.\n\n### Highlights :-\nHere is some light on what the framework is all about:\n-  A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis.\n-  Has 5 main phases, subdivided into __14 sub-phases__ consisting a total of __108 modules__.\n-  Reconnaissance Phase has 50 modules of its own (including active and passive recon, information disclosure modules).\n-  Scanning \u0026 Enumeration Phase has got 16 modules (including port scans, WAF analysis, etc)\n-  Vulnerability Analysis Phase has 37 modules (including most common vulnerabilities in action).\n-  Exploits Castle has only 1 exploit. `(purely developmental)`\n-  And finally, Auxiliaries have got 4 modules. `more under development`\n-  All four phases each have an `Auto-Awesome` module which automates every module for you.\n-  huge performance boost through multiprocessing\n-  Piping Attacks through Tor (not implemented everywhere yet)\n-  You just need the domain, and leave everything is to this tool.\n-  TIDoS has full verbose out support, so you'll know whats going on.\n-  Attacking now even easier with a new GUI\n\n### Main new features\n-  the programming language: TIDoS is fully ported to Python3\n-  the interface: TIDoS presents a new, Metasploit-like console interface\n-  Parallelisation: TIDoS uses multiprocessing to speed up attacks\n-  An alternative CLI interface for faster interaction with one specific module\n-  Anonymity: Attacking through Tor is possible (95% done)\n-  Module Completion: Some modules have been feature-extended (e.g. more evasion, supporting more than 1 query parameter)\n-  Some new modules: arpscan\n-  A Graphical User Interface for easier interaction with the toolkit\n-  Supports non-default http(s) ports\n\n### Upcoming\n-  results of modules will be stored in a database\n-  new modules: nikto\u0026photon\n\n### Installation :-\n\n#### Installation Script (Globally) :\n\nTo install the framework globally in /opt, run the provided `core/install.py` script as root. After this, you can launch TIDoS simply by typing `tidos` on the command line.\n\n#### Manual Installation (Locally) :\n\n* Clone the repository locally and navigate there:\n```\ngit clone https://github.com/0xinfection/tidos-framework.git\ncd tidos-framework\n```\n\nTIDoS needs some libraries to run, which can be installed via `aptitude` or `dnf` Package Managers.\n```\nsudo apt-get install libncurses5 libxml2 nmap tcpdump libexiv2-dev build-essential python3-pip libmariadbclient18 libmysqlclient-dev tor konsole\n```\nNow after these dependencies are finished installing, we need to install the remaining Python Package dependencies, hence run:\n```\npip3 install -r requirements.txt\n```\n\nTIDoS uses Vailyn to scan for path traversals in a new, improved path traversal module. If you want to use that module, head to `https://github.com/VainlyStrain/Vailyn`, and follow the installation instructions there.\n\nThats it. You now have TIDoS at your service. Fire it up using:\n```\npython3 tidv2               #Qt5 interface\nsudo python3 tidconsole.py  #console interface\n```\n\n#### Docker image :\n\nYou can build it from Dockerfile :\n```\ngit clone https://github.com/0xinfection/tidos-framework.git\ncd tidos-framework/core/docker\ndocker build -t tidos .\n```\n\nTo run TIDoS :\n\n```\ndocker run --interactive --tty --rm tidos bash\ntidos\n```\n\nUpdate: TIDoS is now available on Docker Hub. Install and run the container like this:\n\n```\ndocker run -it vainlystrain/tidos-framework\n```\n\n#### Updating TIDoS :\n\nTo get the current version of TIDoS, move into the installation folder and perform `(sudo) git pull  #sudo if installed by install.py`. Alternatively, you can run the `fetch` command in tidconsole.\n\n### Getting Started :-\n\nTo get started, you need to set your own `API KEYS` for various OSINT \u0026 Scanning and Enumeration purposes. To do so, open up `API_KEYS.py` under `files/` directory and set your own keys and access tokens for `SHODAN`, `CENSYS`, `FULL CONTACT`, `GOOGLE` and `WHATCMS`.\n\n\u003e __GOOD NEWS__:\n\u003e\n\u003e The latest release of TIDoS includes all API KEYS and ACCESS TOKENS for `SHODAN`, `CENSYS`, `FULL CONTACT`, `GOOGLE` and `WHATCMS` by default. I found these tokens on various repositories on GitHub itself. __You can now use all the modules__ which use the API KEYS. :)\n\n#### Commands :-\n\n```\n__                                                    __                                                        \n !  attack    Attack specified target(s)              M\n :  clear     Clear terminal.                         :\n V  creds     Handle target credentials.              \n :  fetch     Check for and install updates.          :\n :  find      Search a module.                        :\n    help      Show help message.                      :\n    info      Show description of current module.     M\n :  intro     Display Intro.                          :\n :  leave     Leave module.                           M\n    list      List all modules of a category.         :\n :  load      Load module.                            :\n :  netinfo   Show network information.               :\n :  opts      Show options of current module.         M\n    phpsploit Load the phpsploit framework.           :\n              (needs to be downloaded externally)\n :  processes Set number of processes in parallelis.  :\n    q         Terminate TIDoS session.                :\n :  sessions  Interact with cached sessions.          :\n :  set       Set option value of module.             M\n :  tor       Pipe Attacks through the Tor Network.   :\n    vicadd    Add Target to list.                     :\n    vicdel    Delete Target from list.                :\n    viclist   List all targets.                       :\n\n  Avail. Cmds\n    M needs loaded modvle\n    V [! potentially] need loaded target(s)\n```\n\n### Flawless Features :-\n\nTIDoS presently supports the following: `and more modules are under active development`\n\n* __Reconnaissance + OSINT__\n\n\t+ __Passive Reconnaissance:__\n\t    - Nping Enumeration `Via external APi`\n\t    - WhoIS Lookup `Domain info gathering`\n\t    - GeoIP Lookup `Pinpoint physical location`\n\t    - DNS Configuration Lookup `DNSDump`\n\t    - Subdomains Lookup `Indexed ones`\n\t    - Reverse DNS Lookup `Host Instances`\n\t    - Reverse IP Lookup `Hosts on same server`\n\t    - Subnets Enumeration `Class Based`\n\t    - Domain IP History `IP Instances`\n\t    - Web Links Gatherer `Indexed ones`\n\t    - Google Search `Manual search`\n\t    - Google Dorking (multiple modules) `Automated`\n\t    - Email to Domain Resolver `Email WhoIs`\n\t    - Wayback Machine Lookups `Find Backups`\n\t    - Breached Email Check `Pwned Email Accounts`\n\t    - Enumeration via Google Groups `Emails Only`\n\t    - Check Alias Availability `Social Networks`\n\t    - Find PasteBin Posts `Domain Based`\n\t    - LinkedIn Gathering `Employees \u0026 Company`\n\t    - Google Plus Gathering `Domain Profiles`\n\t    - Public Contact Info Scraping `FULL CONTACT`\n\t    - Censys Intel Gathering `Domain Based`\n\t    - Threat Intelligence Gathering `Bad IPs`\n\n\t+ __Active Reconnaissance:__\n\t    - Ping Enumeration `Advanced`\n\t    - CMS Detection `(185+ CMSs supported)` `IMPROVED`\n\t    - Advanced Traceroute `IMPROVED`\n\t    - `robots.txt` and `sitemap.xml` Checker\n\t    - Grab HTTP Headers `Live Capture`\n\t    - Find HTTP Methods Allowed `via OPTIONS`\n\t    - Detect Server Type `IMPROVED`\n\t    - Examine SSL Certificate `Absolute`\n\t    - Apache Status Disclosure Checks `File Based`\n\t    - WebDAV HTTP Enumeration `PROFIND \u0026 SEARCH`\n\t    - PHPInfo File Enumeration `via Bruteforce`\n\t    - Comments Scraper `Regex Based`\n\t    - Find Shared DNS Hosts `Name Server Based`\n\t    - Alternate Sites Discovery `User-Agent Based`\n\t    - Discover Interesting Files `via Bruteforce`\n\t\t    - Common Backdoor Locations `shells, etc.`\n\t\t    - Common Backup Locations `.bak, .db, etc.`\n\t\t    - Common Password Locations ` .pgp, .skr, etc.`\n\t\t    - Common Proxy Path Configs. `.pac, etc.`\n\t\t    - Multiple Index Paths `index, index1, etc.`\n\t\t    - Common Dot Files `.htaccess, .apache, etc`\n\t\t    - Common Logfile Locations `.log, .changelog, etc`\n\n\t+ __Information Disclosure:__\n\t    - Credit Cards Disclosure `If Plaintext`\n\t    - Email Harvester `IMPROVED`\n\t    - Fatal Errors Enumeration `Includes Full Path Disclosure`\n\t    - Internal IP Disclosure `Signature Based`\n\t    - Phone Number Havester `Signature Based`\n\t    - Social Security Number Harvester `US Ones`\n\n* __Scanning \u0026 Enumeration__\n\n\t+ Remote Server WAF Enumeration `Generic` `54 WAFs`\n\t+ Port Scanning `Ingenious Modules`\n\t    - Simple Port Scanner `via Socket Connections`\n\t    - TCP SYN Scan `Highly reliable`\n\t    - TCP Connect Scan `Highly Reliable`\n\t    - XMAS Flag Scan `Reliable Only in LANs`\n\t    - FIN Flag Scan `Reliable Only in LANs`\n\t    - Port Service Detector\n\t+ Web Technology Enumeration `Absolute`\n\t+ Complete SSL Enumeration `Absolute`\n\t+ Operating System Fingerprinting `IMPROVED`\n\t+ Banner Grabbing of Services `via Open Ports`\n\t+ Interactive Scanning with NMap `16 preloaded modules`\n\t+ Internet Wide Servers Scan `Using CENSYS Database`\n\t+ Web and Links Crawlers\n\t    - Depth 1 `Indexed Uri Crawler`\n\t    - Depth 2 `Single Page Crawler`\n\t    - Depth 3 `Web Link Crawler`\n\t+ ARP Scanner `NEW`\n\n* __Vulnerability Analysis__\n\n    __Web-Bugs \u0026 Server Misconfigurations__\n    \n\t+ Insecure CORS `Absolute`\n\t+ Same-Site Scripting `Sub-domain based`\n\t+ Zone Transfer `DNS Server based`\n\t+ Clickjacking \n\t\t- Frame-Busting Checks\n\t\t- `X-FRAME-OPTIONS` Header Checks\n\t+ Security on Cookies\n\t\t- `HTTPOnly` Flag\n\t\t- `Secure` Flag on Cookies\n\t+ Cloudflare Misconfiguration Check\n\t\t- DNS Misconfiguration Checks\n\t\t- Online Database Lookup `For Breaches`\n\t+ HTTP Strict Transport Security Usage\n\t\t- HTTPS Enabled but no HSTS\n\t+ Domain Based Email Spoofing\n\t\t- Missing `SPF` Records\n\t\t- Missing `DMARC` Records\n\t+ Host Header Injection\n\t\t- Port Based `Web Socket Based`\n\t\t- `X-Forwarded-For` Header Injection\n\t+ Security Headers Analysis `Live Capture`\n\t+ Cross-Site Tracing `HTTP TRACE Method`\n\t+ Session Fixation `via Cookie Injection`\n\t+ Network Security Misconfig.\n\t\t- Checks for `TELNET` Enabled `via Port 23`\n\t\n    __Serious Web Vulnerabilities__\n    \n\t+ File Inclusions\n\t    - Local File Inclusion (LFI) `Param based`\n\t    - Remote File Inclusion (RFI) `IMPROVED`\n\t    \t- Parameter Based\n\t\t     - Pre-loaded Path Based\n\t+ OS Command Injection `Linux \u0026 Windows (RCE)`\n\t+ Path Traversal `ENHANCED`\n\t+ Cross-Site Request Forgery `Absolute`\n\t+ SQL Injection \n\t    + Error Based Injection\n\t\t    - Cookie Value Based\n\t\t    - Referer Value Based\n\t\t    - User-Agent Value Based\n\t\t    - Auto-gathering `IMPROVED`\n\t    + Blind Based Injection `Crafted Payloads`\n\t\t    - Cookie Value Based\n\t\t    - Referer Value Based\n\t\t    - User-Agent Value Based\n\t\t    - Auto-gathering `IMPROVED`\n\t+ LDAP Injection `Parameter Based`\n\t+ HTML Injection `Parameter Based`\n\t+ Bash Command Injection `ShellShock`\n\t+ Apache Struts Shock `Apache RCE`\n\t+ XPATH Injection `Parameter Based`\n\t+ Cross-Site Scripting `IMPROVED`\n\t    - Cookie Value Based\n\t    - Referer Value Based\n\t    - User-Agent Value Based\n\t    - Parameter Value Based `Manual`\n\t+ Unvalidated URL Forwards `Open Redirect`\n\t+ PHP Code Injection `Windows + Linux RCE`\n\t+ CRLF Injection `HTTP Response Splitting`\n\t    - User-Agent Value Based\n\t    - Parameter value Based `Manual`\n\t+ Sub-domain Takeover `50+ Services`\n\t    - Single Sub-domain `Manual`\n\t    - All Subdomains `Automated`\n\n    __Other__\n\n\t+ PlainText Protocol Default Credential Bruteforce \n\n\t    - FTP Protocol Bruteforce\n\t    - SSH Protocol Bruteforce\n\t    - POP 2/3 Protocol Bruteforce\n\t    - SQL Protocol Bruteforce\n\t    - (XMPP Protocol Bruteforce) `BROKEN:DEP`\n\t    - SMTP Protocol Bruteforce\n\t    - TELNET Protocol Bruteforce\n\n- __Auxillary Modules__\n\n\t+ Hash Generator `MD5, SHA1, SHA256, SHA512`\n\t+ String \u0026 Payload Encoder `7 Categories`\n\t+ Forensic Image Analysis `Metadata Extraction`\n\t+ Web HoneyPot Probability `ShodanLabs HoneyScore` \n\n- __Exploitation__ `purely developmental`\n\n\t+ ShellShock\n\t\n### Other Tools:\n- `net_info.py` - Displays information about your network. Accessible from 'netinfo' command.\n\n### TIDoS In Action:\n\nLets see a demonstration of TIDoS in action:\n\n[![asciicast](https://asciinema.org/a/359477.svg)](https://asciinema.org/a/359477)\n\n### Version:\n```\nv2.0.1-5 [latest release] [#beta]\n```\n\n### Disclaimer:\n\nTIDoS is provided as an offensive web application audit framework. It has built-in modules which can reveal potential misconfigurations and vulnerabilties in web applications which could possibly be exploited maliciously.\n\n__THEREFORE, NEITHER THE AUTHOR NOR THE CONTRIBUTORS ARE RESPONSIBLE FOR ANY MISUSE OR DAMAGE DUE TO THIS TOOLKIT.__\n\n","funding_links":[],"categories":["Python","\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","Python (1887)","\u003ca id=\"5dd93fbc2f2ebc8d98672b2d95782af3\"\u003e\u003c/a\u003e工具","reconnaissance","Tools"],"sub_categories":["\u003ca id=\"2051fd9e171f2698d8e7486e3dd35d87\"\u003e\u003c/a\u003e渗透多合一\u0026\u0026渗透框架"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xInfection%2FTIDoS-Framework","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xInfection%2FTIDoS-Framework","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xInfection%2FTIDoS-Framework/lists"}