Download Hackers Handbook 2018

Yuki Chan – Automate Pentest Tool

Comments Off on Yuki Chan – Automate Pentest Tool

Yuki Chan is an Automated Penetration Testing tool this tool will audit all standard security methods for you.

WARNING

By using this tool you agree that

  1. use for legitimate security testing
  2. not for crime
  3. the use of this tool solely for educational reasons only

By using this tool you agree that

  1. You are willing to be charged with criminal or state law applicable by law enforcement officers and government when abused
  2. the risk is borne by yourself

Thank you and happy pentest

Feature

  • Automated
  • Intel-Gathering
  • Vulnerability Analysis
  • Security Auditing
  • OSINT
  • Tracking
  • System Enumeration
  • Fuzzing
  • CMS Auditing
  • SSL Security Auditing

Modules In Yuki Chan

  • Whois domain analyzer
  • Nslookup
  • Nmap
  • TheHarvester
  • Metagoofil
  • DNSRecon
  • Sublist3r
  • Wafw00f
  • WAFNinja
  • XSS Scanner
  • WhatWeb
  • Spaghetti
  • WPscan
  • WPscanner
  • WPSeku
  • Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
  • SSLScan
  • SSLyze
  • A2SV
  • Dirsearch

How To Use It ?
This tool is only designed for Linux OS but if you have an Android Smarphone or Tablet you can run this tool via Termux or GNURoot Debian

A few tools are already installed in Kali Linux

  • Nmap
  • Wafw00f
  • WPScan
  • SSLScan
  • SSLyze

If you are using a different OS than Kali see below on installing the necessary apps.

  • Nmap

Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum

yum install nmap

Debian Linux and Derivatives such as Ubuntu

apt-get install nmap

more info : https://nmap.org

  • Wafw00f
git clone https://github.com/EnableSecurity/wafw00f.git
cd wafw00f
python setup.py install

or simple way

pip install wafw00f
  • WPScan

Installing dependencies on Ubuntu

sudo apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev

Installing dependencies on Fedora

sudo dnf install gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch rpm-build

Installing dependencies on Arch Linux

pacman -Syu ruby
pacman -Syu libyaml

Installing manually (not recommended)

git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install --without test

more info https://github.com/wpscanteam/wpscan if you cannot install WPScan don’t worry just Skip it i have alternative wpscan module for you

  • SSLScan
more info about installing this module
https://github.com/rbsec/sslscan
  • SSLyze :
git clone https://github.com/nabla-c0d3/sslyze.git
cd sslyze
pip install -r requirements.txt --target ./lib

or simple way

pip install --upgrade setuptools
pip install sslyze

Make sure all tools are installed
Q : can i skip using this tool without Nmap, Wafw00f, WPScan, SSLScan, SSLyze installed in my OS ?
A : yes you can do it but won’t work very well

First Things First Clone This Tool

git clone https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest.git

Get inside of directory

cd Yuki-Chan-The-Auto-Pentest

Give Chmod 777 Access Level

chmod 777 wafninja  joomscan  install-perl-module.sh
chmod 777 Module/WhatWeb/whatweb

And Then Install Python Module

pip install -r requirements.txt

After That Install Perl Module

./install-perl-module.sh

preparation finished now run this tool and happy pentest
Run This Tool

./yuki.sh

ScreenShoot Preview

Greetings
From : Yukinoshita 47
Team : Garuda Security Hacker
Web : http://www.garudasecurityhacker.org

Related Articles