
Yuki Chan is an Automated Penetration Testing tool this tool will audit all standard security methods for you.
WARNING
By using this tool you agree that
- use for legitimate security testing
- not for crime
- the use of this tool solely for educational reasons only
By using this tool you agree that
- You are willing to be charged with criminal or state law applicable by law enforcement officers and government when abused
- the risk is borne by yourself
Thank you and happy pentest
Feature
- Automated
- Intel-Gathering
- Vulnerability Analysis
- Security Auditing
- OSINT
- Tracking
- System Enumeration
- Fuzzing
- CMS Auditing
- SSL Security Auditing
Modules In Yuki Chan
- Whois domain analyzer
- Nslookup
- Nmap
- TheHarvester
- Metagoofil
- DNSRecon
- Sublist3r
- Wafw00f
- WAFNinja
- XSS Scanner
- WhatWeb
- Spaghetti
- WPscan
- WPscanner
- WPSeku
- Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
- SSLScan
- SSLyze
- A2SV
- Dirsearch
How To Use It ?
This tool is only designed for Linux OS but if you have an Android Smarphone or Tablet you can run this tool via Termux or GNURoot Debian
A few tools are already installed in Kali Linux
- Nmap
- Wafw00f
- WPScan
- SSLScan
- SSLyze
If you are using a different OS than Kali see below on installing the necessary apps.
- Nmap
Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum
yum install nmap
Debian Linux and Derivatives such as Ubuntu
apt-get install nmap
more info : https://nmap.org
- Wafw00f
git clone https://github.com/EnableSecurity/wafw00f.git
cd wafw00f
python setup.py install
or simple way
pip install wafw00f
- WPScan
Installing dependencies on Ubuntu
sudo apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev
Installing dependencies on Fedora
sudo dnf install gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch rpm-build
Installing dependencies on Arch Linux
pacman -Syu ruby
pacman -Syu libyaml
Installing manually (not recommended)
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install --without test
more info https://github.com/wpscanteam/wpscan if you cannot install WPScan don’t worry just Skip it i have alternative wpscan module for you
- SSLScan
more info about installing this module
https://github.com/rbsec/sslscan
- SSLyze :
git clone https://github.com/nabla-c0d3/sslyze.git
cd sslyze
pip install -r requirements.txt --target ./lib
or simple way
pip install --upgrade setuptools
pip install sslyze
Make sure all tools are installed
Q : can i skip using this tool without Nmap, Wafw00f, WPScan, SSLScan, SSLyze installed in my OS ?
A : yes you can do it but won’t work very well
First Things First Clone This Tool
git clone https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest.git
Get inside of directory
cd Yuki-Chan-The-Auto-Pentest
Give Chmod 777 Access Level
chmod 777 wafninja joomscan install-perl-module.sh
chmod 777 Module/WhatWeb/whatweb
And Then Install Python Module
pip install -r requirements.txt
After That Install Perl Module
./install-perl-module.sh
preparation finished now run this tool and happy pentest
Run This Tool
./yuki.sh
ScreenShoot Preview
Greetings
From : Yukinoshita 47
Team : Garuda Security Hacker
Web : http://www.garudasecurityhacker.org