Penetration Testing Tools for Beginners

Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s.

Karkinos - Beginner Friendly Penetration Testing Tool

 

Karkinos Beginner Friendly Penetration Testing Tool Features

  • Encoding/Decoding characters
  • Encrypting/Decrypting text or files
  • Reverse shell handling
  • Cracking and generating hashes

How to Install Karkinos Beginner Friendly Penetration Testing Tool

Dependencies are:

  • Any server capable of hosting PHP
  • Tested with PHP 7.4.9
  • Tested with Python 3.8
  • Make sure it is in your path as:
  • Windows: python
  • Linux: python3
  • If it is not, please change the commands in includes/pid.php
  • Pip3
  • Raspberry Pi Zero friendly :) (crack hashes at your own risk)

Then:

  1. git clone https://github.com/helich0pper/Karkinos.git
  2. cd Karkinos
  3. pip3 install -r requirements.txt
  4. cd wordlists && unzip passlist.zip You can also unzip it manually using file explorer. Just make sure passlist.txt is in wordlists directory.
  5. Make sure you have write privilages for db/main.db
  6. Enable extension=mysqli in your php.ini file.
  7. If you don’t know where to find this, refer to the PHP docs. Note: MySQLi is only used to store statistics.
  8. Thats it! Now just host it using your preferred web server or run: php -S 127.0.0.1:8888 in the Karkinos directory.

Important: using port 5555, 5556, or 5557 will conflict with the Modules
If you insist on using these ports, change the PORT value in:

  • /bin/Server/app.py Line 87
  • /bin/Busting/app.py Line 155
  • /bin/PortScan/app.py Line 128

You can download Karkinos here:

Karkinos-main.zip

Or read more here.

Check Also

Whispers: A Powerful Static Code Analysis Tool for Credential Detection

“My little birds are everywhere, even in the North, they whisper to me the strangest …

Enabling AMD GPU for Hashcat on Kali Linux: A Quick Guide

Enabling AMD GPU for Hashcat on Kali Linux: A Quick Guide

If you’ve encountered an issue where Hashcat initially only recognizes your CPU and not the …

Leave your solution or comment to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from blackMORE Ops

Subscribe now to keep reading and get access to the full archive.

Continue reading

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.