Skip to content

Releases: aszone/avenger-sh

Version beta

03 Oct 05:20
@lenonleite lenonleite
v0.2.4
4710ff4
Compare
Choose a tag to compare
Version beta Latest
Latest

Using of new exploit, the brute force for WordPress, extracting users and force with passwords.

Assets 2

Beta Version

11 Sep 13:27
@lenonleite lenonleite
v0.2.3
4f0140e
Compare
Choose a tag to compare
Beta Version

Change version of package donwload files by ready static files for better read WordPress files

Assets 2

Version Beta

17 Aug 16:15
@lenonleite lenonleite
v0.2.2
d54790f
Compare
Choose a tag to compare
Version Beta

Change version of package donwload files by ready static files

Assets 2

Version beta

06 Aug 21:15
@lenonleite lenonleite
v0.2.1
a644e4f
Compare
Choose a tag to compare
Version beta

Using new version package of vunerabilities because is better speed

Assets 2

Beta

22 Jul 21:39
@aszonecombr aszonecombr
v0.2
d76abaf
Compare
Choose a tag to compare
Beta

PHP Avenger version 0.2 beta

New Vulnerabilities Checked

  • Cross Site Scripting XSS
  • Local File Inclusion LFI

Inclusion exploit for Local File Download (LFD)

Extracting files using this fail based in read static files with includes and internal links.

Assets 2

Version Beta

01 Jul 18:36
@aszonecombr aszonecombr
v0.1
fa59b89
Compare
Choose a tag to compare
Version Beta

PHP Avenger

PHP Avenger is a future collection open source of tools writting in PHP with focus in security and hacking.

Beta

  • PHP Avenger sh ( Search Enginer )

Future Implementation

r

  • PHP Avenger bt ( Brute - Force )
  • PHP Avenger sca ( State Code Analayse )
  • PHP Avenger pwp ( Plugin WordPress )
  • PHP Avenger cj ( Component Joomla )

#PHP Avenger SH

Php Avenger sh is a open source tool with ideia baseaded in fork inurlbr by Cleiton Pinheiro. Basicaly PHP Avenger sh is a tool automates the process of detecting of possibles vunerabilities in using mass scan and check if true or false. Php Avenget utility search enginers with google, bing and others using dorks ( avanced searching ).

Instalation

The recommended way to install PHP Avenger is through
Composer.

# Install Composer
curl -sS https://getcomposer.org/installer | php

Next, run the Composer command to install the latest beta version of Php Avenger SH:

php composer.phar create-project aszone/avenger-sh
cd avenger-sh

Basic Usage

Use command for init process, result will print in monitor and save in txt on folder results.

Get trash search

php avenger sh --dork="site:com.ar ext:sql password"

Result of trash search

alt tag

Check Sql Injection

php avenger sh --dork="site:com.ar inurl:php?id=" --check="sqli"

Result of Sql Injection

alt tag
alt tag

Check Local File Download

php avenger sh --dork="site:com.ar inurl:download.php?file=" --check="lfd"

Result of Local File Download

alt tag

Check is Admin Page

php avenger sh --dork="site:com.ar inurl:admin" --check="isAdmin"

Help for commands

php avenger sh

Details

Searchs Enginers

  • Google
  • GoogleApi
  • Bing
  • DukeDukeGo
  • Yahoo
  • Yandex

Vulnerabilities Checked

  • Sql Injection
  • Local File Download
  • Admin Page

Future Vulnerabilities Checked

  • RFI
  • Xss
  • Sensitive Files
    • Dump Files
    • Config Files
    • Open Folders

Features development

  • Power Search
  • Send Mail for results
  • Name of TXT
  • Proxys
    • TOR
    • Site of Proxys
    • Virgem Proxys

Help and docs

Assets 2