EasyPen is a security scanning tool written in Python + wxPython, which provides a simple graphical interface and supports cross-platform use. It can be used for internal and external network inspections, emergency response, and continuous testing of various SRCs by white hat hackers.
It comes with over 100 built-in vulnerability detection plugins, and users can write their own plugins and quickly apply them to large-scale scans.
Core Features#
Asset Discovery: Discover domains, IP addresses, ports, and services to build an asset library for subsequent scans.
Vulnerability Scanning: A scanning framework based on AsyncIO, with over 100 built-in vulnerability detection plugins. It supports scheduling Hydra/Medusa/Ncrack scans for common weak passwords.
Emergency Response: After a high-risk vulnerability outbreak, relying on the framework and existing asset libraries, usually only a few lines of detection logic code need to be written to complete scans of thousands of targets in a few minutes.
Vulnerability Exploitation: Integration of multiple vulnerability exploitation tools.
Tool Installation
Windows users can download and run the generated executable file. After extracting it, run EasyPen.exe.
Users familiar with Python can use pip3 to install it.
pip3 install -r requirements.txt
Note: This tool is mainly developed and tested using Python 3.8. Please use Python 3.8 to install and run this program.
Ubuntu users can install the required tools.
apt install masscan nmap hydra medusa nfs-common ipmitool rsync -y
CentOS users can install the required tools.
yum install masscan nmap nfs-utils ipmitool rsync -y
Install Hydra: https://github.com/vanhauser-thc/thc-hydra
Or install Medusa: https://github.com/jmk-foofus/medusa