Sifter Save Abandoned
Sifter aims to be a fully loaded Op Centre for Pentesters
Project README
██████ ██▓ █████▒▄▄▄█████▓▓█████ ██▀███
▒██ ▒ ▓██▒▓██ ▒ ▓ ██▒ ▓▒▓█ ▀ ▓██ ▒ ██▒
░ ▓██▄ ▒██▒▒████ ░ ▒ ▓██░ ▒░▒███ ▓██ ░▄█ ▒
▒ ██▒░██░░▓█▒ ░ ░ ▓██▓ ░ ▒▓█ ▄ ▒██▀▀█▄
██▓ ██▓ ██▓ ▒██████▒▒░██░░▒█░ ▒██▒ ░ ░▒████▒░██▓ ▒██▒ ██▓ ██▓ ██▓
▒▓▒ ▒▓▒ ▒▓▒ ▒ ▒▓▒ ▒ ░░▓ ▒ ░ ▒ ░░ ░░ ▒░ ░░ ▒▓ ░▒▓░ ▒▓▒ ▒▓▒ ▒▓▒
░▒ ░▒ ░▒ ░ ░▒ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░▒ ░ ▒░ ░▒ ░▒ ░▒
░ ░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░ ░ ░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░ ░ ░ ░ ░
s1l3nt78
~The Dead Bunny Collective~
Because enumeration is key
Working on a GUI Frontend for windows
using Kali WSL2. SifterCS
Notice
[!] If you are the developer of any of the tools within Sifter and don't think your tool is
being utilized to its full potential please let me know and i will take another look
or optionally you can make an edit to the execution script of your specific tool and
submit a pull request and I will review it within 12hrs
[!] Or if you are a developer and would like your program added just submit an issue with the link
and ill check it out and if it fits, I'll make the addition with 24-48hrs
Release
@Codename: Sapphire
@Version : 12.2
[Sapphire's] latest release's zip package can be downloaded from here
[Sapphire's] latest .deb package is also available for download from here
Older Releases can be found here
Sifter Plugins
# Released Extensions
- G - Sifter's g extension gives a GUI overlay'--> Built on top of eDEX-UI
- F - Sifter's f extension provides the DanderFuzz Exploitational Plugin for Sifter
'--> Framework created by the EquationGroup courtesy of The Shadow Brokers
- M - Sifter's m extension provided malware analysis tools.
- C - Sifter's c extension is just a small script allowing CobaltStrike to be added to exploitation frameworks.
(A copy of CobaltStrike will NOT be provided, You must provide your own)
Updates:
Additions:
#__ Version: 12.3 _|_ Sapphire __#
- Blacknet - Allows you to search for .onion sites by keywords.
- Emagnet - Capture email addresses and passwords from leaked databases uploaded on pastebin.
- hahwul | Phoenix - hahwul's webtools
- ScriptHunter - Hunter JavaScript within websites
- TorBot - Onion URL info gatherer & crawler
- TacticalEK - Tactical exploitation toolkit to assist penetration testers during their assignments.
- Typing info into any menu will bring up the Module Information Screen.
- Typing session into any menu will start a new Sifter session to run concurrently.
- All Results can now be exported to Desktop and a backup zip package is created and time stamped.
Menu:
Overview
Sifter is a fully stocked Op Centre for Pentesters. Made up of over 80 different tools. It combines a plethara of OSINT, recon and vulnerability analysis tools within catagorized modsets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsoft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.
Gathered info is saved to the results folder, these output files can be easily parsed over to TigerShark in order to be utilised within your campaign. Or compiled for a final report to wrap up a penetration test.
Instructional Videos:
Official Version 11.5 [Violet] setup video.
-----------------------------------------------------------------------------------------------------------
[Old Walkthrough](Version 6-7)
-----------------------------------------------------------------------------------------------------------
[New Walkthrough](Version 11.5)
Tested OS
Working on: - Kali
- Parrot
- Ubuntu
- Linux (any distro)
- Windows (Linux Subsystem with Docker and VcXsrc or KeX)
Works on windows with linux-subsystem but please ensure docker is properly installed and configured,
following the instructions from docker website
Untested on mac, though theoretically the same should apply to mac as windows - regarding docker install & tools
Important
[ ! ] Please do not run sifter or the install as ROOT user.
use a regular user and give permissions only when needed.
NOTE!!
If a scan does not work correctly at first, remove web-protocol from target. eg:
- use target.com
- instead of https;//target.com
Installation:
[!] For oneliner install (Deb Package), copy and paste the following code into a terminal:
*
$ wget https://github.com/s1l3nt78/sifter/releases/download/12/sifter_12.deb; sudo dpkg -i sifter_12.deb; sifter
[!] For oneliner install (source), copy and paste the following into a terminal:
*
$ git clone https://github.com/s1l3nt78/sifter.git && cd sifter && bash install.sh
[!] Sifter Plugins can be found at https://github.com/Sifter-Ex
[!] To install Sifter with plugins run:
*
$ git clone --recursive https://github.com/s1l3nt78/sifter; cd sifter; bash install.sh
Modules:
- Click to Expand
#Enterprise Information Gatherers
- theHarvester- Osmedeus
- ReconSpider
- Emagnet
- CredNinja
- OSINT-Framework
#Targeted Information Gatherers
- Maryam- Seeker
- Sherlock
- E2P (Email2Phone)
- CardPwn
- iKy
- GHunt
#Post-Exploitation
- EoP Exploit (Privilege Escalation Exploit)- Potatoes
-- BadPotato
-- SweetPotato
- PEAS
-- winPEAS
-- linPEAS
- WinPwn
- CredHarvester
- PowerSharp
- ACLight2
- PowerHub
- InveighZero
#Exploitation Frameworks
+ DanderFuzz - Equation Group, Courtesy of the Shadow Brokers- FuzzBunch
- Danderspritz
(Provided by the F plugin.)
+ CobaltStrike
(Provided by the C plugin.)
+ PHPSploit
+ Thoron
+ Metasploit
#Network Scanners
- nMap- WebMap
- AttackSurfaceMapper
- aSnip
- wafw00f
- Arp-Scan
- Espionage
- Intrigue-Core
- Responder
#Vulnerability Scanners
- Flan- Rapidscan
- Yuki-Chan
- Katana-VF (Vulnerability Framework)
- OWASP-Nettacker
- Big IP Remote Execution Scanner
- WeblogicScanner
- Vailyn
#Website Scanners & Enumerators
- Nikto- Blackwidow
- Blacknet
- Wordpress
--- WPScan
--- WPForce/Yertle
- Zeus-Scanner
- Dirb
- DorksEye
- Katana-DS (Dork Scanner)
#Operational Security & Threat Analysis
- EventCleaner- Threat Dragon
- TruffleSNout
- Snaffler
- Mitre-Attack Website
#Cross-Site Scripting & SQL Injection
- SQLinjection--- WhiteWidow
--- V3n0M-Scanner
- Cross-Site Scripting
--- XSStrike
--- finDOM-XSS
--- XSS-Freak
#Web Mini-Games
- This was added in order to have a fun way to pass timeduring the more time intensive modules.
Such as nMap Full Port scan or a RapidScan run.
Other Projects
All information on projects in development can be found here.
For any requests or ideas on current projects please submit an issue request to the corresponding tool.
For ideas or collaboration requests on future projects., contact details can be found on the page.
GitHub Pages can be found here.
- MkCheck = MikroTik Router Exploitation Tool
- TigerShark = Multi-Tooled Phishing Framework
<!--############# VGhlIERlYWQgQnVubnkgQ29sbGVjdGl2ZQ== #############--!>
Open Source Agenda is not affiliated with "Sifter" Project. README Source: s1l3nt78/sifter
Stars
521
Open Issues
0
Last Commit
2 years ago
License
Open Source Agenda Badge
