WARNING: Project is still in version 3 BETA. It is still under active development and bugs might be present.
Many tests are going on: see https://github.com/koutto/jok3r/blob/master/tests/TESTS.rst. Ideas, bug reports, contributions are welcome !
Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.
Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challenging stuff.
To achieve that, it combines open-source Hacking tools to run various security checks against all common network services.
- Install automatically all the hacking tools used by Jok3r,
- Keep the toolbox up-to-date,
- Easily add new tools.
- Target most common network services (including web),
- Run security checks by chaining hacking tools, following standard process (Reconaissance, Vulnerability scanning, Exploitation, Account bruteforce, (Basic) Post-exploitation).
- Let Jok3r automatically choose the checks to run according to the context and knowledge about the target,
Mission management / Local database:
- Organize targets by missions in local database,
- Fully manage missions and targets (hosts/services) via interactive shell (like msfconsole db),
- Access results from security checks.
Note: Jok3r has been built with the ambition to be easily and quickly customizable: Tools, security checks, supported network services… can be easily added/edited/removed by editing settings files with an easy-to-understand syntax.
About using Hacking Tools
Infrastructure/web pentests are always following the same process:
- Port scanning,
- Vulnerability scanning,
- Exploitation of detected vulnerabilities,
- Bruteforce attack if needed,
During a pentest with a limited amount of time, a lot of these steps are actually done by running some tools. The selection of tools and commands to run actually depends on:
- Targeted services (result of port scanning),
- Technologies/products in use (result of fingerprinting),
- Credentials on the target (already known/compromised via bruteforce ? only valid usernames ? nothing ?)
Basically, doing all that automated stuff is usually boring and what we want is to spend the least amount of time on everything that can be automated, in order to be able to spend more time on manual testing and research of more tricky/unobvious vulnerabilities on the targets.
Note that we cannot only rely on commercial all-in-one vulnerability scanners such as Nessus because – by experience – it does not detect some typical vulnerabilities that might be easy to spot using some dedicated simple scripts.
Jok3r tries to solve the enumerated problems. It is useless to try to re-invent the wheel: lots of hacking tools/scripts are already available out there, they should be aggregated together in a smart way.