On-The-Fly – Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)
▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓
▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█ ▀ ▓██ ▓██▒ ▒██ ██▒
▒██░ ██▒▓██ ▀█ ██▒ ▒ ▓██░ ▒░░▒██▀▀██ ▒███ ▒████ ▒██░ ▒██ ██░
▒██ ██░▓██▒ ▐▌██▒ ░ ▓██▓ ░ ░▓█ ░██ ▒▓█ ▄ ░▓█▒ ▒██░ ░ ▐██▓░
░ ████▓▒░▒██░ ▓██░ ▒██▒ ░ ░▓█▒░██▓▒░▒████ ▒░▒█░ ▒░██████ ░ ██▒▓░
░ ▒░▒░▒░ ░ ▒░ ▒ ▒ ▒ ░░ ▒ ░░▒░▒░░░ ▒░ ░ ▒ ░ ░░ ▒░▓ ██▒▒▒
░ ▒ ▒░ ░ ░░ ░ ▒░ ░ ▒ ░▒░ ░░ ░ ░ ░ ░ ░░ ░ ▒ ▓██ ░▒░
░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ░ ▒ ▒ ░░
░ ░ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ░
Different technologies and paradigms are hyperconnected and offer advances to society. The usage of other technologies among these devices makes security uneven. When facing a pentest in any environment, one major factor is the network. The network interconnects the world of the Internet of Things, the world of industrial control systems, and information technology. This README introduces the ‘on-the-fly’ tool, which gives capabilities to perform pentesting tests in several domains (IoT, ICS & IT). It is an innovative tool by bringing together different worlds sharing a common factor: the network.
Prerequisities
‘on-the-fly’ was written in Python and made extensive use of Scapy and netfilterqueue. It is crucial to have Scapy in Python and netfilterqueue installed with a compatible version of Python. For this, a version of Python 3 up to Python version 3.7.5 is recommended (and no higher, as there may be incompatibilities with 3.8 and 3.9 in some libraries that it uses ‘on-the-fly’). There is a requirements.txt file that must be executed the first time the tool is launched using ‘pip install -r requirements.txt’. Again the pip version must be oriented to a Python 3 version up to 3.7.5.
pip install -r requirements.txt
Usage
python on-the-fly.py
Example videos
on-the-fly: MySQL_manipulation Module
on-the-fly: SSDP_fake Module
on-the-fly: Proxy_socks4 Module
on-the-fly: Port_forwarding Module
on-the-fly: MDNS_Scan Module
Contact
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. WHENEVER YOU MAKE A CONTRIBUTION TO A REPOSITORY CONTAINING NOTICE OF A LICENSE, YOU LICENSE YOUR CONTRIBUTION UNDER THE SAME TERMS, AND YOU AGREE THAT YOU HAVE THE RIGHT TO LICENSE YOUR CONTRIBUTION UNDER THOSE TERMS. IF YOU HAVE A SEPARATE AGREEMENT TO LICENSE YOUR CONTRIBUTIONS UNDER DIFFERENT TERMS, SUCH AS A CONTRIBUTOR LICENSE AGREEMENT, THAT AGREEMENT WILL SUPERSEDE.
This software doesn’t have a QA Process. This software is a Proof of Concept.
If you have any problems, you can contact:
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.