update 11/6

README.md

@@ -22,7 +22,169 @@ Incidentally, "karipaku" in Japanese slang indicates embezzling something borrow
 
 ## Description
 
-KaliPAKU is a semi-automated, user-friendly framework for penetration testing tools. Using only the keypad, you can use the penetration test tool like a game.
-It's also a great introductory tool for beginners. Learn the flow of penetration testing with KaliPAKU without having to wrestle with confusing command lines and tools.
+KaliPAKU is a semi-automated, user-friendly framework for penetration testing tools. Using only the keypad, you can use the penetration test tool like a game.  
+It's also a great introductory tool for beginners. Learn the flow of penetration testing with KaliPAKU without having to wrestle with confusing command lines and tools.  
+The first step is to get used to it. Experience and learn penetration testing by executing commands with combinations of numbers.  
+The next step is to understand. KaliPAKU displays help for the commands and options to be executed. By learning its contents little by little, players can improve their own skills. KaliPAKU also has a simplified menu called the "Smart Menu". Combine that menu with number input to increase the learning effect.  
+The last step is actual practice. KaliPAKU also supports manual command input. Check the help for the commands you have used so far and perform a penetration test by actually entering the commands manually.
 
+|CAUTION|
+|:--- |
+|If you are interested, please use them in an environment under your control and at your own risk. And, if you execute the KaliPAKU on systems that are not under your control, it may be considered an attack and you may have legally liabillity for your action.|
 ---
+
+## Your benefits
+
+By using our KaliPAKU, you will benefit from the following.
+
+For redteam:
+(a) Red Teams can easily perform operations such as information enumeration and vulnerability scanning.
+(b) Visualizing the survey results is possible only with the numeric keypad.
+
+For blueteam:
+(c) The Blue Team can experience a dummy attack by simply operating the numeric keypad even they do not have any penetration testing skill.
+
+For beginner:
+(d) KaliPAKU has been created to support the early stages of penetration testing. These can be achieved with what is included in Kali-Tools. It can be useful for training the entry level pentesters.
+
+---
+
+## usage
+
+1. Just start kalipaku.sh. Installation is not required in principle.  
+
+``` shell
+┌──(kali㉿kali)-[~/KaliPAKU]
+└─$ ./kalipaku.sh
+```
+
+2. KaliPAKU Terminal will be activated.
+
+```shell
+┌─(KaliPAKU)kali@kali:/home/kali/KaliPAKU
+└─Command? > 
+
+```
+
+3. KaliPAKU Terminal
+
+Enter "5963" or "kp" or "kalipaku" in the kalipaku terminal to activate the KaliPAKU menu.
+
+``` shell
+ _  __     _ _ ____   _    _  ___   _ 
+| |/ /__ _| (_)  _ \ / \  | |/ / | | |
+| ' // _` | | | |_) / _ \ | ' /| | | |
+| . \ (_| | | |  __/ ___ \| . \| |_| |
+|_|\_\__,_|_|_|_| /_/   \_\_|\_\\___/ 
+
+  |  +---+
+  +--| 1 | Kali-tools-top10
+  |  +---+ 
+  |  +---+
+  +--| 2 | Tools
+  |  +---+ 
+  |  +---+
+  +--| 3 | Attack
+  |  +---+ 
+  |  +---+
+  +--| 9 | Exit
+     +---+ 
+```
+
+Entering the numeric key corresponding to the command to be used will build and execute the command. Also, press tab. The "Smart Menu" will open.
+
+## Feature
+
+- kali-tools-top10
+    1. [wifite](https://www.kali.org/tools/wifite/)
+    2. [burpsuite](https://www.kali.org/tools/burpsuite/)
+    3. [crackmapexec](https://www.kali.org/tools/crackmapexec/)
+    4. [hydra](https://www.kali.org/tools/hydra/)
+    5. [john](https://www.kali.org/tools/john/)
+    6. [metasploit-framework](https://www.kali.org/tools/metasploit-framework/)
+    7. [nmap](https://www.kali.org/tools/nmap/)
+    8. [responder](https://www.kali.org/tools/responder/)
+    9. [sqlmap](https://www.kali.org/tools/sqlmap/)
+    10. [wireshark](https://www.kali.org/tools/wireshark/)
+- tools
+    1. [nmapAutorecon](https://github.com/21y4d/nmapAutomator)
+    2. [set](https://www.kali.org/tools/set/#setoolkit)
+    3. [msfpc](https://www.kali.org/tools/msfpc/)
+    4. [searchsploit](https://www.kali.org/tools/exploitdb/#searchsploit)
+
+## Cheatsheet
+
+- KaliPAKU Terminal
+
+    | Command | Description |
+    | --- | --- |
+    | 5963 | Show KaliPAKU Menu |
+    | 4649 | Show Cheatsheet |
+
+- KaliPAKU Menu
+
+    | Number | Category | Command | Description |
+    | --- | --- | --- | --- |
+    | 111 | Kali-tools-top10 | wifite(aircrack-ng) | Execute |
+    | 112 | Kali-tools-top10 | wifite(aircrack-ng) | Manual |
+    | 112 | Kali-tools-top10 | burpsuite | Execute |
+    | 131 | Kali-tools-top10 | crackmapexec(SMB) | Target_format(Basic) |
+    | 132 | Kali-tools-top10 | crackmapexec(SMB) | Null_session |
+    | 133 | Kali-tools-top10 | crackmapexec(SMB) | Connect_to_target_using_local_account |
+    | 134 | Kali-tools-top10 | crackmapexec(SMB) | Path_the_hash_against_a_subnet |
+    | 135 | Kali-tools-top10 | crackmapexec(SMB) | Brutefocing_&_Password_Sprayin |
+    | 136 | Kali-tools-top10 | crackmapexec(SMB) | Manual |
+    | 141 | Kali-tools-top10 | hydra | Bruteforce_the_username_admin with_the_given_password_list |
+    | 142 | Kali-tools-top10 | hydra | Bruteforce_SSH_with_user_and_password_lists against_target_IP_address |
+    | 143 | Kali-tools-top10 | hydra | Manual |
+    | 151 | Kali-tools-top10 | john  | Cracking_with_a_wordlist |
+    | 152 | Kali-tools-top10 | john  | Attempt_to_crack_hash_file using_previously_cracked_passwords |
+    | 153 | Kali-tools-top10 | john  | Show_cracked_passwords |
+    | 154 | Kali-tools-top10 | john  | Attempt_to_crack_hash_using_incremental_mode(May_take_a_long_time) |
+    | 155 | Kali-tools-top10 | john  | Manual |
+    | 1011 | Kali-tools-top10 | metasploit-framework | Normal_Boot |
+    | 1012 | Kali-tools-top10 | metasploit-framework | Create_Multi_handler (windows/meterpreter/reverse_tcp) |
+    | 1013 | Kali-tools-top10 | metasploit-framework | Create_Payload (msfpc)|
+    | 1021 | Kali-tools-top10 | nmap | Ping_Scan |
+    | 1022 | Kali-tools-top10 | nmap | Intense_Scan |
+    | 1023 | Kali-tools-top10 | nmap | Intense_Scan+UDP |
+    | 1024 | Kali-tools-top10 | nmap | Intense_Scan_all_TCP_Port |
+    | 1025 | Kali-tools-top10 | nmap | Vuln_Scan |
+    | 1026 | Kali-tools-top10 | nmap | Manual |
+    | 1031 | Kali-tools-top10 | responder | Basic_Usage |
+    | 1032 | Kali-tools-top10 | responder | Analyze_mode |
+    | 1033 | Kali-tools-top10 | responder | Poisoning_with_Responder |
+    | 1034 | Kali-tools-top10 | responder | Basic_Authentication_&_WPAD |
+    | 1035 | Kali-tools-top10 | responder | Manual |
+    | 1041 | Kali-tools-top10 | sqlmap | GET_request |
+    | 1042 | Kali-tools-top10 | sqlmap | POST_request |
+    | 1043 | Kali-tools-top10 | sqlmap | Find_out_what_databases_exist with_SQL_injection |
+    | 1044 | Kali-tools-top10 | sqlmap | Find_out_what_table_exist with_SQL_injection |
+    | 1045 | Kali-tools-top10 | sqlmap | Display_table_contents with_SQL_injection |
+    | 1046 | Kali-tools-top10 | sqlmap | Manual |
+    | 1051 | Kali-tools-top10 | wireshark(tshark) | wireshark |
+    | 1051 | Kali-tools-top10 | wireshark(tshark) | tshark |
+    | 211 | Tools | AutoScan | Install |
+    | 2121 | Tools | Autoscan | Scanning the network with nmapAutomator |
+    | 2122 | Tools | Autoscan | Port scan with nmapAutomator |
+    | 2123 | Tools | Autoscan | Scan Script with nmapAutomotr|
+    | 2124 | Tools | Autoscan | Full port scan with nmapAutomator |
+    | 21201 | Tools | Autoscan | UDP scan with nmapPutomator |
+    | 21202 | Tools | Autoscan | Vulnerability Scanning with nmapAutomator|
+    | 21203 | Tools | Autoscan | Reconnaissance scan with nmapAutomator |
+    | 21204 | Tools | Autoscan | All scan with nmapAutomator |
+    | 221 | Tools | VuknCheck |Check |
+    | 31  | Attack | Exploit(Metasploit) | |
+    | 321 | Attack | Social-Engineering | Website_Attack_Vectors(Credential_Harvester_Attack)|
+    | 33 | Attack | Brute-force |
+    | 341 | Attack | MSFvenom_Payload_Creator(msfpc) | Create_Payload |
+    | 351 | Attack | Search_Exploit(searchsploit) |  Search |
+    | 351 | Attack | Search_Exploit(searchsploit) | Automatic_Search(Miscellaneous_Automation)|
+
+## Operation check environment
+
+- OS: Kali Linux 2022.2
+- Memory: 8.0GB
+
+## Contributors
+If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue for just DM me via [@Mr.Rabbit](https://twitter.com/01ra66it) or [@PAKURI](https://twitter.com/PAKURI9).

kalipaku.sh

@@ -18,6 +18,7 @@ source $TOOL_PATH/32_kp_msfpc.sh
 source $TOOL_PATH/33_kp_searchsploit.sh
 source $TOP10_PATH/top10menu.sh
 source $MODULES_PATH/misc_module.sh
+source $MODULES_PATH/cheatsheet.sh
 source $TOOL_PATH/toolsmenu.sh
 source $TOOL_PATH/attackmenu.sh
 
@@ -51,6 +52,7 @@ function mainmenu(){
 
 function whiptail_menu(){
     var=$(whiptail --title "SmartMenu" --backtitle "${TITLE}" --menu "Simple Smart Menu" 0 0 0 \
+    0 "CeatSheet" \
     1 "kp_wifite        Wi-Fi Attack" \
     2 "kp_burpsuite     Local Web Proxy"\
     3 "kp_crackmapexec  Post Exploitation Tool"\
@@ -68,6 +70,7 @@ function whiptail_menu(){
     15 "kp_searchsploit  Search Exploit Code" \
     3>&1 1>&2 2>&3 )
     case $var in
+    0) cheatsheet ;;
     1) menu_wifite ;;
     2) cmd_burpsuite ;;
     3) menu_crackmapexec ;;
@@ -111,6 +114,9 @@ while :;do
     "kp"|"k"|"pakuri"|"kalipakuri"|"menu"|5963)
 		mainmenu
         ;;
+    "cs"|"cheat"|"cheatsheet"|4649)
+        cheatsheet
+        ;;
 	"exit"|"q"|"quit")
 		exit 0
         ;;

modules/cheatsheet.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+source ../kp.conf
+function cheatsheet(){
+    printf "${WHITE}Command	Description${NC}\n"
+    printf "${WHITE}5963	${NC}Show KaliPAKU Menu\n"
+    printf "${WHITE}4649	${NC}Show Cheatsheet\n"
+    echo ""
+    printf "Number	Category        	Command	Description\n"
+    printf "${WHITE}111   	${RED}wifite(aircrack-ng)     Execute\n"
+    printf "${WHITE}112   	${RED}wifite(aircrack-ng)     Manual\n"
+    printf "${WHITE}112   	${GREEN}burpsuite               Execute\n"
+    printf "${WHITE}131   	${YELLOW}crackmapexec(SMB)       Target_format(Basic)\n"
+    printf "${WHITE}132   	${YELLOW}crackmapexec(SMB)       Null_session\n"
+    printf "${WHITE}133   	${YELLOW}crackmapexec(SMB)       Connect_to_target_using_local_account\n"
+    printf "${WHITE}134   	${YELLOW}crackmapexec(SMB)       Path_the_hash_against_a_subnet\n"
+    printf "${WHITE}135   	${YELLOW}crackmapexec(SMB)       Brutefocing_&_Password_Sprayin\n"
+    printf "${WHITE}136   	${YELLOW}crackmapexec(SMB)       Manual\n"
+    printf "${WHITE}141   	${BLUE}hydra                   Bruteforce_the_username_admin with_the_given_password_list\n"
+    printf "${WHITE}142   	${BLUE}hydre                   Bruteforce_SSH_with_user_and_password_lists against_target_IP_address\n"
+    printf "${WHITE}143   	${BLUE}hydra	                Manual\n"
+    printf "${WHITE}151   	${PURPLE}john                    Cracking_with_a_wordlist\n"
+    printf "${WHITE}152   	${PURPLE}john	                Attempt_to_crack_hash_file using_previously_cracked_passwords\n"
+    printf "${WHITE}153   	${PURPLE}john	                Show_cracked_passwords\n"
+    printf "${WHITE}154   	${PURPLE}john	                Attempt_to_crack_hash_using_incremental_mode(May_take_a_long_time)\n"
+    printf "${WHITE}155     ${PURPLE}john	                Manual\n"
+    printf "${WHITE}101   	${RED}metasploit-framework	Normal_Boot\n"
+    printf "${WHITE}1012  	${RED}metasploit-framework	Create_Multi_handler (windows/meterpreter/reverse_tcp)\n"
+    printf "${WHITE}1013  	${RED}metasploit-framework	Create_Payload (msfpc)\n"
+    printf "${WHITE}1021  	${GREEN}nmap	                Ping_Scan\n"
+    printf "${WHITE}1022  	${GREEN}nmap	                Intense_Scan\n"
+    printf "${WHITE}1023  	${GREEN}nmap	                Intense_Scan+UDP\n"
+    printf "${WHITE}1024  	${GREEN}nmap	                Intense_Scan_all_TCP_Port\n"
+    printf "${WHITE}1025  	${GREEN}nmap	                Vuln_Scan\n"
+    printf "${WHITE}1026  	${GREEN}nmap	                Manual\n"
+    printf "${WHITE}1031  	${YELLOW}responder               Basic_Usage\n"
+    printf "${WHITE}1032  	${YELLOW}responder               Analyze_mode\n"
+    printf "${WHITE}1033  	${YELLOW}responder               Poisoning_with_Responder\n"
+    printf "${WHITE}1034  	${YELLOW}responder               Basic_Authentication_&_WPAD\n"
+    printf "${WHITE}1035  	${YELLOW}responder               Manual\n"
+    printf "${WHITE}1041  	${BLUE}sqlmap	                GET_request\n"
+    printf "${WHITE}1042  	${BLUE}sqlmap	                POST_request\n"
+    printf "${WHITE}1043  	${BLUE}sqlmap	                Find_out_what_databases_exist with_SQL_injection\n"
+    printf "${WHITE}1044  	${BLUE}sqlmap	                Find_out_what_table_exist with_SQL_injection\n"
+    printf "${WHITE}1045  	${BLUE}sqlmap	                Display_table_contents with_SQL_injection\n"
+    printf "${WHITE}1046  	${BLUE}sqlmap	                Manual\n"
+    printf "${WHITE}1051  	${PURPLE}wireshark(tshark)       wireshark\n"
+    printf "${WHITE}1051  	${PURPLE}wireshark(tshark)       tshark\n"
+    printf "${WHITE}211   	${RED}AutoScan                Install\n"
+    printf "${WHITE}2121    ${RED}Autoscan                Scanning the network with nmapAutomator\n"
+    printf "${WHITE}2122    ${RED}Autoscan                Port scan with nmapAutomator\n"
+    printf "${WHITE}2123    ${RED}Autoscan                Scan Script with nmapAutomotr\n"
+    printf "${WHITE}2124    ${RED}Autoscan                Full port scan with nmapAutomator\n"
+    printf "${WHITE}21201   ${RED}Autoscan                UDP scan with nmapPutomator\n"
+    printf "${WHITE}21202   ${RED}Autoscan                Vulnerability Scanning with nmapAutomator\n"
+    printf "${WHITE}21203   ${RED}Autoscan                Reconnaissance scan with nmapAutomator\n"
+    printf "${WHITE}21204   ${RED}Autoscan                All scan with nmapAutomator\n"
+    printf "${WHITE}221     ${GREEN}VuknCheck               Check\n"
+    printf "${WHITE}31      ${RED}Exploit(Metasploit)	\n"
+    printf "${WHITE}321     ${GREEN}Social-Engineering      Website__Vectors(Credential_Harvester_)\n"
+    printf "${WHITE}33      ${YELLOW}Brute-force	\n"
+    printf "${WHITE}341     ${BLUE}MSFvenom_Payload_Creator(msfpc)	Create_Payload\n"
+    printf "${WHITE}351     ${PURPLE}Search_Exploit(searchsploit)	Search\n"
+    printf "${WHITE}351     ${PURPLE}Search_Exploit(searchsploit)	Automatic_Search(Miscellaneous_Automation)\n"
+}

modules/tools/21_kp_autoscan.sh

@@ -73,6 +73,7 @@ function cmd_autoscan1(){
     num3 0 "Script"
     num4 0 "Full"
     num0 0 "Next"
+    num9 0 "Back"
     read -n 1 -s NUM
     case $NUM in
     1)
@@ -90,6 +91,9 @@ function cmd_autoscan1(){
     0)
         cmd_autoscan2
         ;;
+    9)
+        menu_autoscan
+        ;;
     *)
         ;;
     esac
@@ -132,6 +136,7 @@ function cmd_autoscan2(){
     num2 0 "Vulns"
     num3 0 "Recon"
     num4 0 "All"
+    num0 0 "Next"
     num9 0 "Back"
     read -n 1 -s NUM
     case $NUM in
@@ -147,9 +152,12 @@ function cmd_autoscan2(){
     4)
         cmd="$AUTOSCAN_PATH/nmapAutomator.sh -t All"
         ;;
-    9)
+    0)
         cmd_autoscan1
         ;;
+    9)
+        menu_autoscan
+        ;;
     *)
         ;;
     esac

modules/tools/31_kp_setoolkit.sh

@@ -5,7 +5,7 @@ source $MODULES_PATH/misc_module.sh
 
 function menu_setoolkit(){
     clear
-    figlet setools
+    figlet setoolkit
     num3 0 "Attack"
     num2 5 "Social-Engineering" "(setoolkit)"
     num1 10 "Website_Attack_Vectors" "(Credential_Harvester_Attack)"