{"id":21158603,"url":"https://github.com/kdandy/RedOps","last_synced_at":"2025-07-09T12:34:08.538Z","repository":{"id":260927138,"uuid":"882735033","full_name":"kdandy/devtools","owner":"kdandy","description":"DevTools is a network and security testing tool. Key features: subdomain discovery, port scanning, and vulnerability testing. New features: Reverse DNS Lookup, DNS Zone Transfer Testing, Open Redirect Testing, Command Injection Testing, and CVE Exploit Checker.","archived":false,"fork":false,"pushed_at":"2024-11-10T19:39:27.000Z","size":39,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-11-10T20:27:53.581Z","etag":null,"topics":["csrf","ddos","domain","find","injection","pentesting","sql","ssl","vunerability","xss"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kdandy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-03T16:14:12.000Z","updated_at":"2024-11-10T19:39:30.000Z","dependencies_parsed_at":"2024-11-03T17:34:52.285Z","dependency_job_id":null,"html_url":"https://github.com/kdandy/devtools","commit_stats":null,"previous_names":["kdandy/devtools"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdandy%2Fdevtools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdandy%2Fdevtools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdandy%2Fdevtools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kdandy%2Fdevtools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kdandy","download_url":"https://codeload.github.com/kdandy/devtools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225552751,"owners_count":17487291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csrf","ddos","domain","find","injection","pentesting","sql","ssl","vunerability","xss"],"created_at":"2024-11-20T12:28:14.055Z","updated_at":"2025-07-09T12:34:08.521Z","avatar_url":"https://github.com/kdandy.png","language":"Python","readme":"# RedOps Code Documentation\n\nRedOps is a multifunctional tool designed for basic security testing on web applications and servers. The tool allows users to execute various testing functions for reconnaissance and vulnerability assessment, including:\n\n1. **Subdomain Discovery**: Searches for subdomains associated with a given domain using the `crt.sh` database.\n2. **GET Request Flooding**: Sends multiple repeated GET requests to a specified URL for testing request handling and rate-limiting detection.\n3. **Comprehensive Port Scanning**: Scans all ports (1-65535) on a target server to identify open ports.\n4. **Directory and Sensitive File Bruteforcing**: Attempts to access common directories and sensitive files on the target URL.\n5. **SQL Injection Testing**: Checks for SQL Injection vulnerabilities by injecting various SQL payloads into the URL parameters.\n6. **Cross-Site Scripting (XSS) Testing**: Tests for XSS vulnerabilities by injecting potential malicious scripts into URL parameters.\n7. **HTTP Header and SSL/TLS Inspection**: Inspects HTTP headers and SSL/TLS certificates for security insights.\n8. **CSRF Testing**: Attempts to detect CSRF vulnerabilities by simulating form submissions with common CSRF payloads.\n9. **Reverse DNS Lookup**: Performs reverse DNS lookup on a specified IP address to retrieve associated hostnames.\n10. **DNS Zone Transfer Testing**: Attempts to perform a DNS zone transfer on a target domain to discover hidden subdomains and DNS records.\n11. **Open Redirect Testing**: Tests for open redirect vulnerabilities by appending various payloads to URL parameters.\n12. **Command Injection Testing**: Injects command injection payloads into URL parameters to check for command execution vulnerabilities.\n13. **CVE Exploit Checker**: Checks the target server for known vulnerabilities (e.g., Log4Shell, Spring4Shell) based on a predefined list of CVEs.\n\n## Features\n\n### **Subdomain Discovery**\nRetrieves subdomains for a specified domain using the `crt.sh` database, which aggregates publicly available SSL/TLS certificates. This feature helps uncover additional assets and services linked to the target domain that may otherwise remain hidden. Subdomain discovery is a crucial step in expanding the attack surface during reconnaissance.\n\n### **Spam GET Requests**\nSends configurable batches of GET requests to a specified URL, helping to test server performance under load and identify rate-limiting mechanisms. This feature can:\n- Detect potential DoS vulnerabilities.\n- Reveal if the server implements throttling to mitigate abuse.\n- Simulate high-traffic scenarios to evaluate server resilience.\n\n### **Full Port Scanning**\nPerforms a comprehensive scan of all 65,535 ports on the target server to identify open ports. Open ports can indicate running services such as:\n- **SSH** (22)\n- **FTP** (21)\n- **HTTP/HTTPS** (80/443)\n- **Database Services** (MySQL, PostgreSQL, etc.)\nThis feature helps in identifying misconfigured services or unauthorized services running on the server.\n\n### **Directory and Sensitive File Bruteforcing**\nAttempts to access commonly known directories and sensitive files by brute-forcing predictable paths. Examples include:\n- **Directories**: `/admin`, `/config`, `/backup`\n- **Files**: `.env`, `wp-config.php`, `database.sql`\nThese paths can reveal critical information like environment variables, database credentials, or even backup files that should not be publicly accessible.\n\n### **SQL Injection Testing**\nInjects various SQL payloads into URL parameters to check for SQL Injection vulnerabilities. SQL Injection allows attackers to manipulate database queries, potentially leading to:\n- Unauthorized data access.\n- Database schema disclosure.\n- Data modification or deletion.\nThe tool tests for both error-based and time-based SQL Injection techniques.\n\n### **XSS Testing**\nTests for Cross-Site Scripting (XSS) vulnerabilities by injecting malicious JavaScript payloads into URL parameters. If a web application fails to properly sanitize user input, this can lead to:\n- **Session hijacking**.\n- **Phishing attacks**.\n- **Defacement or malware distribution**.\nThe tool covers a range of XSS vectors, including stored, reflected, and DOM-based XSS.\n\n### **HTTP Header and SSL/TLS Inspection**\nAnalyzes HTTP headers and SSL/TLS certificates to evaluate server security configurations. This feature helps in:\n- Detecting insecure HTTP headers such as `X-Frame-Options`, `Content-Security-Policy`, and `Strict-Transport-Security`.\n- Verifying SSL/TLS certificate validity, issuer, and expiration.\n- Identifying potential misconfigurations that could lead to man-in-the-middle (MITM) attacks or downgrade vulnerabilities.\n\n### **CSRF Testing**\nSimulates form submissions with common Cross-Site Request Forgery (CSRF) payloads to test for vulnerabilities. CSRF attacks trick authenticated users into executing unwanted actions, such as:\n- Changing account settings.\n- Transferring funds.\n- Deleting data.\nThis feature helps identify web applications that lack anti-CSRF protections, such as CSRF tokens.\n\n### **Reverse DNS Lookup**\nPerforms a reverse DNS lookup on a specified IP address to find associated hostnames. This feature helps:\n- Identify multiple services hosted on the same IP.\n- Expand the attack surface by discovering additional domains pointing to the same server.\n\n### **DNS Zone Transfer Testing**\nAttempts to perform a DNS zone transfer, which can reveal detailed DNS records if misconfigured. This includes:\n- **Subdomains**.\n- **Mail servers**.\n- **TXT records** (e.g., SPF, DKIM configurations).\nZone transfer is typically restricted to authorized hosts, but if left open, it can expose valuable information for further exploitation.\n\n### **Open Redirect Testing**\nChecks for open redirect vulnerabilities by appending payloads to URL parameters. Open redirect vulnerabilities can be exploited to:\n- Redirect users to malicious websites.\n- Facilitate phishing attacks.\n- Bypass URL filters.\nThe tool tests various endpoints and parameters to identify unvalidated redirects.\n\n### **Command Injection Testing**\nInjects command injection payloads into URL parameters to test for arbitrary command execution. If a web application improperly handles user input in system commands, it can lead to:\n- Unauthorized command execution.\n- File system manipulation.\n- Server compromise.\nThis feature tests common payloads to identify such vulnerabilities in web applications or APIs.\n\n### **CVE Exploit Checker**\nChecks the target server for known vulnerabilities based on a list of Common Vulnerabilities and Exposures (CVE). This feature allows you to quickly assess whether the server is vulnerable to widely known exploits, such as:\n- **Log4Shell (CVE-2021-44228)**: A critical vulnerability in the Log4j library.\n- **Spring4Shell (CVE-2022-22965)**: A vulnerability in the Spring framework.\n- **BlueKeep (CVE-2019-0708)**: A critical vulnerability in Microsoft Remote Desktop Services.\nRegularly updating the CVE list ensures the tool covers the latest threats.\n\n## Requirements\nThis tool requires Python 3.7 or higher and the `aiohttp` library. Make sure Python and required packages are installed on your system.\n\n### Installation\n1. **Clone the repository**:\n   ```bash\n   git clone https://github.com/kdandy/redops.git\n   cd RedOps\n2. **Install dependencies**:\n   ```bash\n   pip install -r requirements.txt\n\n### Installation python3-venv\n1. **Install python3-venv (if not installed)**:\n   ```bash\n   sudo apt install python3-venv\n   python3 -m venv myenv\n   source myenv/bin/activate\n   pip install -r requirements.txt\n2. **Once done, you can deactivate the environment by**:\n   ```bash\n   deactivate\n\n## Usage\n1. **Run the program**:\n   ```bash\n   python3 redops.py\n\n## LICENSE\n\nThis tool was developed by [kdandy](https://github.com/kdandy/devtools/blob/main/LICENSE) and is available on GitHub. Please use it responsibly and only for purposes that comply with service policies.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkdandy%2FRedOps","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkdandy%2FRedOps","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkdandy%2FRedOps/lists"}