i BabySploit – A Penetration Testing Framework – All things in moderation

BabySploit – A Penetration Testing Framework

What is BabySppoit?
BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit.

Features
– Information Gathering:
Nmap
IP Info
Tcpdump (In The Works)
Datasploit (In The Works)
Censys Lookup
DNS Lookup
Raccoon
Cloudflare Bypasser
– Exploitation:
Searchsploit
ReverseShell Wizard
FTP Buffer Overflow Scan
WPSeku WordPress Vuln Scanner
– Post Exploitation:
In The Works
– Bruteforcing:
FTP Bruteforcer
WPSeku WordPress Login Bruteforce
– Phishing:
BlackEye Python
– Crypto/Stegano:
MetaKiller
PDFMeta

Getting Started
Setting Configuration Values:
BabySploit uses ConfigParser in order to write and read configuration. Your config file is automatically generated and located at ./babysploit/config/config.cfg. You can manually change configuration settings by opening up the file and editing with a text editor or you can use the set command to set a new value for a key. Use the set command like so:

set rhost
>> Enter Value For rhost: 10
>> Config Key Saved!

If before running this command the rhost key had a value of 80, the rhost key after running this command has a value of 10. You can also add configuration variables to the config by using the set command with a new key after it like so:

set newkey
>> Enter Value For newkey: hello
>> Config Key Saved!

Before running this there was no key named “newkey”. After running this you will have a key named “newkey” in your config until you use the reset command which resets the saved configuration.

Running A Tool
In order to run a tool all you have to do is enter the name of the tool into BabySploit. You can use the tools command to display a menu with all the currently availble tools. If we run tools we get the depiction:

This menu will display the tools available and the description of each tool. To run a tool simply enter the tool name into BabySploit. Ex: ftpbruteforce – runs the ftpbruteforce tool.

Installation Instructions
BabySploit is best run out of the home directory so to clone it there run:

git clone git://github.com/M4cs/BabySploit ~/BabySploit
cd ~/BabySploit

After cloning the installation you must install some pre-requisites. If you are on Kali you should already have all of these installed but it doesn’t hurt to do so anyways just in case. Do so by running the following:

~- From Within The BabySploit Directory -!
sudo apt-get update
sudo apt-get upgrade
sudo python3 install.py
virtualenv babysploit
source babysploit/bin/activate
pip3 install -r requirements.txt
python3 start.py
!- To Leave The Virtual Environment -!
deactivate

Demo
asciicast

Leave a Reply