yuki chan tool - 情報セキュリティ株式会社 · yuki chan tool. information security ......

Information Security Inc.

Yuki Chan Tool

Information Security Confidential - Partner Use Only

Contents

2

• About Yuki chan

• Features

• Modules included

• Requirements

• Demo configuration

• Installing the tool

• Using the tool

• References


About Yuki chan

3

• Yuki Chan is an Automated Penetration Testing tool

• The tool will audit all standard security test methods


Features

4

• Automated

• Intel-Gathering

• Vulnerability Analysis

• Security Auditing

• OSINT

• Tracking

• System Enumeration

• Fuzzing

• CMS Auditing

• SSL Security Auditing


Modules included

5

• Whois domain analyzer

• Nslookup

• Nmap

• TheHarvester

• Metagoofil

• DNSRecon

• Sublist3r

• Wafw00f

• WAFNinja

• XSS Scanner

• WhatWeb

• Spaghetti

• WPscan


Modules included

6

• WPscanner

• WPSeku

• Droopescan ( CMS Vulnerability Scanner Wordpress, Joomla,

Silverstripe, Drupal, And Moodle)

• SSLScan

• SSLyze

• A2SV

• Dirsearch


Requirements

7

• sslyze

• wafw00f

• droopescan

• argparse

• netaddr

• dnspython

• requests

• beautifulsoup4

• prettytable

• progressbar

• configparser

• parse


Demo configuration

8

• Kali Linux 2017 64 bit (https://www.kali.org/downloads/)

• http://www.kitploit.com/2017/04/kali-linux-20171-release.html

https://www.kali.org/downloads/


Installing the tool

9

• Clone it

• Change filemode


Installing the tool

10

• Install requirements


Installing the tool

11

• Starting the tool


Using the tool

12

• Whois lookup


Using the tool

13

• Running nmap


Using the tool

14

• Running TheHarvester and Metagoofil


References

15

• Kitploit

http://www.kitploit.com/2017/09/yuki-chan-automate-pentest-tool.html

• Kali Linux

https://www.kali.org/downloads/

http://www.kitploit.com/2017/09/yuki-chan-automate-pentest-tool.html

yuki chan tool - 情報セキュリティ株式会社 · yuki chan tool. information security ......

Documents