Quick-Start

Vault, a Swiss army knife for hackers.

It can be used for performing various kind of vulberability scans and attack on the provided host.

Features

• Scan website for the following vulnerabilities

  • XSS
  • LFI

• Scanner

  • Port scanning : ACK, FIN, NULL, XMAS
  • IP scanning : Ping Sweep, ARP
  • SSL vulnerability scan
  • OS scan
  • Hash scanner : MD5, SHA1, SHA224, SHA256, SHA512

• Crawling

  • Crawl a website and collect all the links
  • Crawl and scrape the website for images

• Attacks

  • DDoS Attack
  • ARP Spoofer
  • De-authentication attack
  • Ping of death
  • MAC Flood attack

• Finder

  • Find comments in source code
  • Find e-mails in source code

• Others

  • Information Gathering
  • Clickjacking
  • jQuery version checking
  • Insecure cookie flags
  • Testing HTTP methods
  • Insecure headers
  • Header/banner grabbing
  • Brute force login through authorization headers
  • URL Fuzzer
  • WHOIS Lookup
  • Google Dork
  • Admin panel finder
  • Open redirect vulnerability
  • CMS Detection
  • Detect Honeypots

• Utilities

  • Keylogger
  • MAC address changer

Requirements

Software required:

• Python 3 or above
• python-virtualenv

For Python dependencies, see requirements.txt.

Gitter

You can join the Vault community at the following Gitter chat room.