Yuki Chan is an Automated Penetration Testing tool this tool will audit all standard security methods for you.
WARNING
By using this tool you agree that
- use for legitimate security testing
- not for crime
- the use of this tool solely for educational reasons only
By using this tool you agree that
- You are willing to be charged with criminal or state law applicable by law enforcement officers and government when abused
- the risk is borne by yourself
Thank you and happy pentest
Feature
- Automated
- Intel-Gathering
- Vulnerability Analysis
- Security Auditing
- OSINT
- Tracking
- System Enumeration
- Fuzzing
- CMS Auditing
- SSL Security Auditing
Modules In Yuki Chan
- Whois domain analyzer
- Nslookup
- Nmap
- TheHarvester
- Metagoofil
- DNSRecon
- Sublist3r
- Wafw00f
- WAFNinja
- XSS Scanner
- WhatWeb
- Spaghetti
- WPscan
- WPscanner
- WPSeku
- Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
- SSLScan
- SSLyze
- A2SV
- Dirsearch
How To Use It ?
This tool is only designed for Linux OS but if you have an Android Smarphone or Tablet you can run this tool via Termux or GNURoot Debian
A few tools are already installed in Kali Linux
- Nmap
- Wafw00f
- WPScan
- SSLScan
- SSLyze
If you are using a different OS than Kali see below on installing the necessary apps.
- Nmap
Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum
yum install nmapDebian Linux and Derivatives such as Ubuntu
apt-get install nmapmore info : https://nmap.org
- Wafw00f
git clone https://github.com/EnableSecurity/wafw00f.gitcd wafw00fpython setup.py installor simple way
pip install wafw00f- WPScan
Installing dependencies on Ubuntu
sudo apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-devInstalling dependencies on Fedora
sudo dnf install gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch rpm-buildInstalling dependencies on Arch Linux
pacman -Syu rubypacman -Syu libyamlInstalling manually (not recommended)
git clone https://github.com/wpscanteam/wpscan.gitcd wpscansudo gem install bundler && bundle install --without testmore info https://github.com/wpscanteam/wpscan if you cannot install WPScan don’t worry just Skip it i have alternative wpscan module for you
- SSLScan
more info about installing this modulehttps://github.com/rbsec/sslscan- SSLyze :
git clone https://github.com/nabla-c0d3/sslyze.gitcd sslyzepip install -r requirements.txt --target ./libor simple way
pip install --upgrade setuptoolspip install sslyzeMake sure all tools are installed
Q : can i skip using this tool without Nmap, Wafw00f, WPScan, SSLScan, SSLyze installed in my OS ?
A : yes you can do it but won’t work very well
First Things First Clone This Tool
git clone https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest.gitGet inside of directory
cd Yuki-Chan-The-Auto-PentestGive Chmod 777 Access Level
chmod 777 wafninja joomscan install-perl-module.shchmod 777 Module/WhatWeb/whatwebAnd Then Install Python Module
pip install -r requirements.txtAfter That Install Perl Module
./install-perl-module.shpreparation finished now run this tool and happy pentest
Run This Tool
./yuki.shScreenShoot Preview
Greetings
From : Yukinoshita 47
Team : Garuda Security Hacker
Web : http://www.garudasecurityhacker.org
