Xerror: fully automated pentesting tool

by do son ·

Xerror automated penetration tool

Xerror

Xerror is an automated penetration tool, which will helps security professionals and nonprofessionals to automate their pentesting tasks. Xerror will do all tests and, at the end generate two reports for executives and analysts.

Xerror automated penetration toolAfter completion of Xerror, it will provide GUI, and internally it supports openVas, Nessus and Nexpose for vulnerability scanning, Metasploit for exploitation, and gives GUI based options after successful exploitation e.g Meterpreter sessions. Building in python as a major.

cve_2_MSF_exploit_Mapping

This module parse the openvas csv report, extract CVE number, and map with msf exploits_CVE file( msf_module_result folder have 1446 exploit list). At the end of the program returns the clean result containing CVE#, port, protocol, exploit_name.

automated penetration tool

Download

git clone https://github.com/Chudry/Xerror.git

Use

  1. Activate the virtual environment by following the command source env/bin/activate
  2. Start redis server service redis-server start
  3. Start python server
    1. cd xerror
    2. python mana.py runserver
  4. Start celery server
    1. cd xerror
    2. celery -A xerror worker -l info
  5. Start msfrpc server msfrpcd -P 123 -S -a 127.0.0.1
  6. Start openvas server for a default set OMP server credentials to admin@admin 127.0.0.1 9392

Source: https://github.com/Chudry/

Tags: automated penetration toolXerror