From 6878e51b076f08c130c6ad219a02675dc572c0f3 Mon Sep 17 00:00:00 2001 From: sinX Date: Sun, 9 Nov 2025 21:17:14 -0500 Subject: [PATCH] Upload files to "/" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit # APEX Framework ## Advanced Penetration and Exploitation eXecution Framework **The Most Powerful Ethical Hacking Tool** --- ## 🚀 Overview APEX is a comprehensive, modular ethical hacking framework designed for security professionals, penetration testers, and bug bounty hunters. It combines multiple security testing capabilities into a single, unified platform with an intuitive interface and powerful automation features. ## ✨ Key Features ### 🔍 Reconnaissance & Information Gathering - **Subdomain Enumeration**: Passive and active subdomain discovery - **Port Scanning**: Fast, multi-threaded port scanning with service detection - **DNS Enumeration**: Complete DNS record analysis - **Network Mapping**: Automated host discovery - **OSINT Collection**: Open-source intelligence gathering - **Certificate Transparency**: CT log analysis for subdomain discovery ### 🌐 Web Application Security Testing - **SQL Injection Scanner**: Error-based, Boolean-based, and time-based detection - **XSS Scanner**: Reflected, Stored, and DOM-based XSS testing - **LFI/RFI Scanner**: Local and remote file inclusion detection - **Command Injection**: OS command injection vulnerability testing - **Directory Bruteforce**: Intelligent directory and file discovery - **API Fuzzer**: REST API endpoint testing and fuzzing ### 💥 Exploitation Framework - **Payload Generator**: Generate reverse shells, bind shells, and web shells - **Multi-Language Support**: Bash, Python, PHP, Perl, Ruby, PowerShell, etc. - **Encoding Options**: Base64, URL, hex, and custom encoding - **Exploit Helpers**: Listener management and connection handling - **SQL/XSS Payloads**: Pre-built exploitation payloads ### 🔓 Post-Exploitation - **Privilege Escalation**: Automated privilege escalation checks - **SUID Binary Finder**: Identify exploitable SUID binaries - **Sudo Enumeration**: Check sudo permissions and capabilities - **Persistence Mechanisms**: Maintain access through various methods - **System Enumeration**: Comprehensive system information gathering ### 🏗️ Architecture - **Modular Plugin System**: Easy to extend with custom modules - **Asynchronous Operations**: Fast, concurrent execution - **Interactive Console**: Metasploit-style command interface - **Configuration Management**: Flexible JSON-based configuration - **Results Export**: Save results in multiple formats --- ## 📦 Installation ### Prerequisites ```bash # Python 3.8 or higher required python3 --version # Install system dependencies sudo apt-get update sudo apt-get install -y python3-pip python3-venv whois nmap ``` ### Setup ```bash # Navigate to tools directory cd /home/bughunter/tools # Activate virtual environment source venv/bin/activate # Install Python dependencies pip install aiohttp beautifulsoup4 dnspython # Make APEX executable chmod +x apex.py apex_demo.py # Run APEX python3 apex.py ``` --- ## 🎯 Usage ### Interactive Mode Launch the interactive console: ```bash python3 apex.py ``` #### Basic Commands ``` apex> help # Show help menu apex> modules # List all modules apex> info # Framework information apex> use recon/subdomain_enum # Select a module apex> set TARGET example.com # Set target apex> options # Show module options apex> run # Execute module apex> back # Return to main menu apex> exit # Exit framework ``` ### Command-Line Mode Execute modules directly: ```bash # Run subdomain enumeration python3 apex.py --module recon/subdomain_enum --target example.com # Run port scan python3 apex.py --module scan/port_scan --target 192.168.1.1 # List all available modules python3 apex.py --list-modules ``` --- ## 📚 Module Documentation ### Reconnaissance Modules #### `recon/subdomain_enum` Enumerate subdomains using multiple techniques **Options:** - `TARGET`: Target domain (required) - `WORDLIST`: Path to subdomain wordlist (optional) - `PASSIVE`: Use passive enumeration (default: true) - `ACTIVE`: Use active DNS bruteforce (default: true) **Example:** ``` apex> use recon/subdomain_enum apex> set TARGET example.com apex> set WORDLIST /path/to/subdomains.txt apex> run ``` #### `recon/port_scan` Advanced port scanning with service detection **Options:** - `TARGET`: Target IP or hostname (required) - `PORTS`: Port range or list (default: common) - `THREADS`: Number of concurrent scans (default: 100) **Example:** ``` apex> use recon/port_scan apex> set TARGET 192.168.1.1 apex> set PORTS 1-1000 apex> run ``` #### `recon/dns_enum` Complete DNS enumeration **Options:** - `TARGET`: Target domain (required) - `RECORD_TYPES`: Types to query (default: all) **Example:** ``` apex> use recon/dns_enum apex> set TARGET example.com apex> run ``` ### Web Testing Modules #### `web/sql_injection` SQL injection vulnerability scanner **Options:** - `TARGET`: Target URL (required) - `PARAM`: Parameter to test (required) - `METHOD`: HTTP method (default: GET) - `PAYLOADS`: Custom payload file (optional) **Example:** ``` apex> use web/sql_injection apex> set TARGET http://example.com/search apex> set PARAM id apex> run ``` #### `web/xss_scanner` XSS vulnerability detection **Options:** - `TARGET`: Target URL (required) - `PARAM`: Parameter to test (required) - `TYPE`: XSS type (reflected/stored/dom) **Example:** ``` apex> use web/xss_scanner apex> set TARGET http://example.com/search apex> set PARAM query apex> run ``` #### `web/directory_brute` Directory and file discovery **Options:** - `TARGET`: Target URL (required) - `WORDLIST`: Directory wordlist (required) - `EXTENSIONS`: File extensions (optional) - `THREADS`: Concurrent requests (default: 50) **Example:** ``` apex> use web/directory_brute apex> set TARGET http://example.com apex> set WORDLIST /usr/share/wordlists/dirb/common.txt apex> run ``` ### Exploitation Modules #### `exploit/payload_gen` Generate exploitation payloads **Options:** - `TYPE`: Payload type (reverse_shell/bind_shell/web_shell) - `LHOST`: Local host for callback (required for reverse shells) - `LPORT`: Local port for callback (required) - `SHELL`: Shell type (bash/python/php/nc/powershell) **Example:** ``` apex> use exploit/payload_gen apex> set TYPE reverse_shell apex> set LHOST 10.10.10.5 apex> set LPORT 4444 apex> set SHELL python apex> run ``` #### `exploit/reverse_shell` Generate and manage reverse shells **Options:** - `LHOST`: Listener host (required) - `LPORT`: Listener port (required) - `START_LISTENER`: Auto-start listener (default: true) **Example:** ``` apex> use exploit/reverse_shell apex> set LHOST 0.0.0.0 apex> set LPORT 4444 apex> run ``` ### Post-Exploitation Modules #### `post/privilege_esc` Privilege escalation enumeration **Example:** ``` apex> use post/privilege_esc apex> run ``` #### `post/persistence` Establish persistence mechanisms **Options:** - `METHOD`: Persistence method (ssh_key/cron_job/backdoor) - `PAYLOAD`: Payload to execute (required for some methods) **Example:** ``` apex> use post/persistence apex> set METHOD ssh_key apex> run ``` --- ## 🛠️ Configuration APEX uses a JSON configuration file located at `~/.apex/apex.json` ### Default Configuration ```json { "version": "1.0.0", "global": { "threads": 50, "timeout": 10, "user_agent": "APEX/1.0", "verify_ssl": false, "proxy": null }, "reconnaissance": { "passive_enum": true, "active_enum": true, "deep_scan": false }, "scanning": { "service_detection": true, "os_detection": false, "vulnerability_scan": true }, "exploitation": { "auto_exploit": false, "safe_mode": true, "payload_encoding": true }, "web_testing": { "sql_injection": true, "xss_testing": true, "csrf_testing": true, "file_inclusion": true, "command_injection": true } } ``` ### Custom Configuration ```bash # Use custom config file python3 apex.py --config /path/to/custom.json ``` --- ## 🎪 Demo Run the comprehensive demo to see all capabilities: ```bash python3 apex_demo.py ``` The demo showcases: - Subdomain enumeration - Port scanning - DNS enumeration - Payload generation - SQL injection testing - XSS scanning - Directory bruteforcing - And more! --- ## 📊 Output & Reporting ### Results Directory All scan results are saved to `~/.apex/results/` ### Output Formats - JSON (detailed results) - HTML (formatted reports) - Plain text (console output) ### Example Output ```json { "target": "example.com", "scan_type": "subdomain_enum", "timestamp": "2025-11-04T12:00:00", "results": { "subdomains_found": 15, "subdomains": [ "www.example.com", "mail.example.com", "api.example.com" ] } } ``` --- ## 🔌 Plugin Development ### Creating Custom Plugins Create a plugin file in `~/.apex/plugins/`: ```python # ~/.apex/plugins/my_scanner.py class MyScanner: def __init__(self, config): self.config = config def scan(self, target): # Your scanning logic here results = {"target": target, "findings": []} return results def register(apex): """Register plugin with APEX""" apex.register_module("custom/my_scanner", MyScanner) ``` The plugin will be automatically loaded on startup. --- ## 🔒 Security & Legal Notice ### ⚠️ IMPORTANT WARNINGS **APEX is designed for ETHICAL HACKING ONLY** ✅ **Authorized Use Cases:** - Penetration testing with written authorization - Bug bounty programs - Your own systems and networks - Educational purposes in controlled environments - Security research with proper authorization ❌ **NEVER Use For:** - Unauthorized access to systems - Attacking systems without permission - Malicious activities - Any illegal purposes ### Legal Disclaimer Users of APEX must: 1. Obtain written permission before testing any system 2. Comply with all applicable laws and regulations 3. Use responsibly and ethically 4. Accept full responsibility for their actions The authors and contributors assume no liability for misuse of this tool. --- ## 🤝 Contributing Contributions are welcome! Areas for improvement: - New modules and exploits - Enhanced detection techniques - Performance optimizations - Documentation improvements - Bug fixes --- ## 📝 Changelog ### Version 1.0.0 - Initial release - Core framework implementation - Reconnaissance modules - Web testing modules - Exploitation framework - Interactive console - Plugin system --- ## 👥 Credits Developed by the DarkSec Security Team Special thanks to: - The security research community - Open-source security tool developers - Bug bounty hunters worldwide --- ## 📞 Support For issues, questions, or suggestions: - GitHub Issues: [Report Issue] - Documentation: [Online Docs] - Community: [Discord/Forum] --- ## 📜 License This project is licensed under the terms specified in the LICENSE file. --- **Remember: With great power comes great responsibility. Use APEX ethically and legally!** --- ## Quick Reference Card ### Most Common Commands ```bash # Start APEX python3 apex.py # List modules apex> modules # Use a module apex> use recon/port_scan # Set options apex> set TARGET 0.0.0.0 apex> set PORTS 1-1000 # Run module apex> run # Save results apex> save results.json # Exit apex> exit ``` ### Key Features Summary - 🔍 **20+ Reconnaissance Tools** - 🌐 **15+ Web Testing Modules** - 💥 **10+ Exploitation Payloads** - 🔓 **Post-Exploitation Suite** - 🚀 **Async & Multi-threaded** - 🧩 **Modular Plugin System** - 💻 **Interactive Console** - 📊 **Comprehensive Reporting** --- *APEX - Making penetration testing powerful, efficient, and accessible.* --- APEX_README.md | 538 +++++++++++++++++++++++++++++++++++++++++++++++++ apex.py | 470 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1008 insertions(+) create mode 100644 APEX_README.md create mode 100644 apex.py diff --git a/APEX_README.md b/APEX_README.md new file mode 100644 index 0000000..f4f59af --- /dev/null +++ b/APEX_README.md @@ -0,0 +1,538 @@ +# APEX Framework + +## Advanced Penetration and Exploitation eXecution Framework + +**The Most Powerful Ethical Hacking Tool** + +--- + +## 🚀 Overview + +APEX is a comprehensive, modular ethical hacking framework designed for security professionals, penetration testers, and bug bounty hunters. It combines multiple security testing capabilities into a single, unified platform with an intuitive interface and powerful automation features. + +## ✨ Key Features + +### 🔍 Reconnaissance & Information Gathering +- **Subdomain Enumeration**: Passive and active subdomain discovery +- **Port Scanning**: Fast, multi-threaded port scanning with service detection +- **DNS Enumeration**: Complete DNS record analysis +- **Network Mapping**: Automated host discovery +- **OSINT Collection**: Open-source intelligence gathering +- **Certificate Transparency**: CT log analysis for subdomain discovery + +### 🌐 Web Application Security Testing +- **SQL Injection Scanner**: Error-based, Boolean-based, and time-based detection +- **XSS Scanner**: Reflected, Stored, and DOM-based XSS testing +- **LFI/RFI Scanner**: Local and remote file inclusion detection +- **Command Injection**: OS command injection vulnerability testing +- **Directory Bruteforce**: Intelligent directory and file discovery +- **API Fuzzer**: REST API endpoint testing and fuzzing + +### 💥 Exploitation Framework +- **Payload Generator**: Generate reverse shells, bind shells, and web shells +- **Multi-Language Support**: Bash, Python, PHP, Perl, Ruby, PowerShell, etc. +- **Encoding Options**: Base64, URL, hex, and custom encoding +- **Exploit Helpers**: Listener management and connection handling +- **SQL/XSS Payloads**: Pre-built exploitation payloads + +### 🔓 Post-Exploitation +- **Privilege Escalation**: Automated privilege escalation checks +- **SUID Binary Finder**: Identify exploitable SUID binaries +- **Sudo Enumeration**: Check sudo permissions and capabilities +- **Persistence Mechanisms**: Maintain access through various methods +- **System Enumeration**: Comprehensive system information gathering + +### 🏗️ Architecture +- **Modular Plugin System**: Easy to extend with custom modules +- **Asynchronous Operations**: Fast, concurrent execution +- **Interactive Console**: Metasploit-style command interface +- **Configuration Management**: Flexible JSON-based configuration +- **Results Export**: Save results in multiple formats + +--- + +## 📦 Installation + +### Prerequisites +```bash +# Python 3.8 or higher required +python3 --version + +# Install system dependencies +sudo apt-get update +sudo apt-get install -y python3-pip python3-venv whois nmap +``` + +### Setup +```bash +# Navigate to tools directory +cd /home/bughunter/tools + +# Activate virtual environment +source venv/bin/activate + +# Install Python dependencies +pip install aiohttp beautifulsoup4 dnspython + +# Make APEX executable +chmod +x apex.py apex_demo.py + +# Run APEX +python3 apex.py +``` + +--- + +## 🎯 Usage + +### Interactive Mode + +Launch the interactive console: +```bash +python3 apex.py +``` + +#### Basic Commands +``` +apex> help # Show help menu +apex> modules # List all modules +apex> info # Framework information +apex> use recon/subdomain_enum # Select a module +apex> set TARGET example.com # Set target +apex> options # Show module options +apex> run # Execute module +apex> back # Return to main menu +apex> exit # Exit framework +``` + +### Command-Line Mode + +Execute modules directly: +```bash +# Run subdomain enumeration +python3 apex.py --module recon/subdomain_enum --target example.com + +# Run port scan +python3 apex.py --module scan/port_scan --target 192.168.1.1 + +# List all available modules +python3 apex.py --list-modules +``` + +--- + +## 📚 Module Documentation + +### Reconnaissance Modules + +#### `recon/subdomain_enum` +Enumerate subdomains using multiple techniques + +**Options:** +- `TARGET`: Target domain (required) +- `WORDLIST`: Path to subdomain wordlist (optional) +- `PASSIVE`: Use passive enumeration (default: true) +- `ACTIVE`: Use active DNS bruteforce (default: true) + +**Example:** +``` +apex> use recon/subdomain_enum +apex> set TARGET example.com +apex> set WORDLIST /path/to/subdomains.txt +apex> run +``` + +#### `recon/port_scan` +Advanced port scanning with service detection + +**Options:** +- `TARGET`: Target IP or hostname (required) +- `PORTS`: Port range or list (default: common) +- `THREADS`: Number of concurrent scans (default: 100) + +**Example:** +``` +apex> use recon/port_scan +apex> set TARGET 192.168.1.1 +apex> set PORTS 1-1000 +apex> run +``` + +#### `recon/dns_enum` +Complete DNS enumeration + +**Options:** +- `TARGET`: Target domain (required) +- `RECORD_TYPES`: Types to query (default: all) + +**Example:** +``` +apex> use recon/dns_enum +apex> set TARGET example.com +apex> run +``` + +### Web Testing Modules + +#### `web/sql_injection` +SQL injection vulnerability scanner + +**Options:** +- `TARGET`: Target URL (required) +- `PARAM`: Parameter to test (required) +- `METHOD`: HTTP method (default: GET) +- `PAYLOADS`: Custom payload file (optional) + +**Example:** +``` +apex> use web/sql_injection +apex> set TARGET http://example.com/search +apex> set PARAM id +apex> run +``` + +#### `web/xss_scanner` +XSS vulnerability detection + +**Options:** +- `TARGET`: Target URL (required) +- `PARAM`: Parameter to test (required) +- `TYPE`: XSS type (reflected/stored/dom) + +**Example:** +``` +apex> use web/xss_scanner +apex> set TARGET http://example.com/search +apex> set PARAM query +apex> run +``` + +#### `web/directory_brute` +Directory and file discovery + +**Options:** +- `TARGET`: Target URL (required) +- `WORDLIST`: Directory wordlist (required) +- `EXTENSIONS`: File extensions (optional) +- `THREADS`: Concurrent requests (default: 50) + +**Example:** +``` +apex> use web/directory_brute +apex> set TARGET http://example.com +apex> set WORDLIST /usr/share/wordlists/dirb/common.txt +apex> run +``` + +### Exploitation Modules + +#### `exploit/payload_gen` +Generate exploitation payloads + +**Options:** +- `TYPE`: Payload type (reverse_shell/bind_shell/web_shell) +- `LHOST`: Local host for callback (required for reverse shells) +- `LPORT`: Local port for callback (required) +- `SHELL`: Shell type (bash/python/php/nc/powershell) + +**Example:** +``` +apex> use exploit/payload_gen +apex> set TYPE reverse_shell +apex> set LHOST 10.10.10.5 +apex> set LPORT 4444 +apex> set SHELL python +apex> run +``` + +#### `exploit/reverse_shell` +Generate and manage reverse shells + +**Options:** +- `LHOST`: Listener host (required) +- `LPORT`: Listener port (required) +- `START_LISTENER`: Auto-start listener (default: true) + +**Example:** +``` +apex> use exploit/reverse_shell +apex> set LHOST 0.0.0.0 +apex> set LPORT 4444 +apex> run +``` + +### Post-Exploitation Modules + +#### `post/privilege_esc` +Privilege escalation enumeration + +**Example:** +``` +apex> use post/privilege_esc +apex> run +``` + +#### `post/persistence` +Establish persistence mechanisms + +**Options:** +- `METHOD`: Persistence method (ssh_key/cron_job/backdoor) +- `PAYLOAD`: Payload to execute (required for some methods) + +**Example:** +``` +apex> use post/persistence +apex> set METHOD ssh_key +apex> run +``` + +--- + +## 🛠️ Configuration + +APEX uses a JSON configuration file located at `~/.apex/apex.json` + +### Default Configuration +```json +{ + "version": "1.0.0", + "global": { + "threads": 50, + "timeout": 10, + "user_agent": "APEX/1.0", + "verify_ssl": false, + "proxy": null + }, + "reconnaissance": { + "passive_enum": true, + "active_enum": true, + "deep_scan": false + }, + "scanning": { + "service_detection": true, + "os_detection": false, + "vulnerability_scan": true + }, + "exploitation": { + "auto_exploit": false, + "safe_mode": true, + "payload_encoding": true + }, + "web_testing": { + "sql_injection": true, + "xss_testing": true, + "csrf_testing": true, + "file_inclusion": true, + "command_injection": true + } +} +``` + +### Custom Configuration +```bash +# Use custom config file +python3 apex.py --config /path/to/custom.json +``` + +--- + +## 🎪 Demo + +Run the comprehensive demo to see all capabilities: +```bash +python3 apex_demo.py +``` + +The demo showcases: +- Subdomain enumeration +- Port scanning +- DNS enumeration +- Payload generation +- SQL injection testing +- XSS scanning +- Directory bruteforcing +- And more! + +--- + +## 📊 Output & Reporting + +### Results Directory +All scan results are saved to `~/.apex/results/` + +### Output Formats +- JSON (detailed results) +- HTML (formatted reports) +- Plain text (console output) + +### Example Output +```json +{ + "target": "example.com", + "scan_type": "subdomain_enum", + "timestamp": "2025-11-04T12:00:00", + "results": { + "subdomains_found": 15, + "subdomains": [ + "www.example.com", + "mail.example.com", + "api.example.com" + ] + } +} +``` + +--- + +## 🔌 Plugin Development + +### Creating Custom Plugins + +Create a plugin file in `~/.apex/plugins/`: + +```python +# ~/.apex/plugins/my_scanner.py + +class MyScanner: + def __init__(self, config): + self.config = config + + def scan(self, target): + # Your scanning logic here + results = {"target": target, "findings": []} + return results + +def register(apex): + """Register plugin with APEX""" + apex.register_module("custom/my_scanner", MyScanner) +``` + +The plugin will be automatically loaded on startup. + +--- + +## 🔒 Security & Legal Notice + +### ⚠️ IMPORTANT WARNINGS + +**APEX is designed for ETHICAL HACKING ONLY** + +✅ **Authorized Use Cases:** +- Penetration testing with written authorization +- Bug bounty programs +- Your own systems and networks +- Educational purposes in controlled environments +- Security research with proper authorization + +❌ **NEVER Use For:** +- Unauthorized access to systems +- Attacking systems without permission +- Malicious activities +- Any illegal purposes + +### Legal Disclaimer + +Users of APEX must: +1. Obtain written permission before testing any system +2. Comply with all applicable laws and regulations +3. Use responsibly and ethically +4. Accept full responsibility for their actions + +The authors and contributors assume no liability for misuse of this tool. + +--- + +## 🤝 Contributing + +Contributions are welcome! Areas for improvement: +- New modules and exploits +- Enhanced detection techniques +- Performance optimizations +- Documentation improvements +- Bug fixes + +--- + +## 📝 Changelog + +### Version 1.0.0 +- Initial release +- Core framework implementation +- Reconnaissance modules +- Web testing modules +- Exploitation framework +- Interactive console +- Plugin system + +--- + +## 👥 Credits + +Developed by the APEX Security Team + +Special thanks to: +- The security research community +- Open-source security tool developers +- Bug bounty hunters worldwide + +--- + +## 📞 Support + +For issues, questions, or suggestions: +- GitHub Issues: [Report Issue] +- Documentation: [Online Docs] +- Community: [Discord/Forum] + +--- + +## 📜 License + +This project is licensed under the terms specified in the LICENSE file. + +--- + +**Remember: With great power comes great responsibility. Use APEX ethically and legally!** + +--- + +## Quick Reference Card + +### Most Common Commands +```bash +# Start APEX +python3 apex.py + +# List modules +apex> modules + +# Use a module +apex> use recon/port_scan + +# Set options +apex> set TARGET 192.168.1.1 +apex> set PORTS 1-1000 + +# Run module +apex> run + +# Save results +apex> save results.json + +# Exit +apex> exit +``` + +### Key Features Summary +- 🔍 **20+ Reconnaissance Tools** +- 🌐 **15+ Web Testing Modules** +- 💥 **10+ Exploitation Payloads** +- 🔓 **Post-Exploitation Suite** +- 🚀 **Async & Multi-threaded** +- 🧩 **Modular Plugin System** +- 💻 **Interactive Console** +- 📊 **Comprehensive Reporting** + +--- + +*APEX - Making penetration testing powerful, efficient, and accessible.* diff --git a/apex.py b/apex.py new file mode 100644 index 0000000..eb7c304 --- /dev/null +++ b/apex.py @@ -0,0 +1,470 @@ +#!/usr/bin/env python3 +""" +APEX - Advanced Penetration and Exploitation eXecution Framework +The Most Powerful Ethical Hacking Tool + +Features: +- Multi-stage reconnaissance (passive & active) +- Advanced vulnerability scanning +- Automated exploitation +- Web application security testing +- Network penetration testing +- Wireless security assessment +- Post-exploitation modules +- Advanced reporting and analytics +- Plugin architecture +- Automation and scripting +""" + +import sys +import os +import argparse +import json +import asyncio +from pathlib import Path +from datetime import datetime +from typing import Dict, List, Any +import importlib.util + +# ANSI Color codes +class Colors: + HEADER = '\033[95m' + BLUE = '\033[94m' + CYAN = '\033[96m' + GREEN = '\033[92m' + YELLOW = '\033[93m' + RED = '\033[91m' + END = '\033[0m' + BOLD = '\033[1m' + UNDERLINE = '\033[4m' + +class ApexFramework: + """Main APEX Framework Class""" + + VERSION = "1.0.0" + BANNER = f""" +{Colors.CYAN}{Colors.BOLD} + ╔═╗╔═╗╔═╗═╗ ╦ + ╠═╣╠═╝║╣ ╔╩╦╝ + ╩ ╩╩ ╚═╝╩ ╚═ +{Colors.END}{Colors.GREEN} + Advanced Penetration and + Exploitation eXecution Framework + + Version: {VERSION} + {Colors.YELLOW}The Ultimate Ethical Hacking Tool{Colors.END} +{Colors.CYAN}═══════════════════════════════════════{Colors.END} +""" + + def __init__(self, config_file=None): + """Initialize APEX Framework""" + self.home_dir = Path.home() / ".apex" + self.home_dir.mkdir(exist_ok=True) + + self.config_file = config_file or self.home_dir / "apex.json" + self.plugins_dir = self.home_dir / "plugins" + self.plugins_dir.mkdir(exist_ok=True) + + self.results_dir = self.home_dir / "results" + self.results_dir.mkdir(exist_ok=True) + + self.wordlists_dir = self.home_dir / "wordlists" + self.wordlists_dir.mkdir(exist_ok=True) + + self.config = self.load_config() + self.modules = {} + self.session_data = {} + + def load_config(self) -> Dict: + """Load configuration""" + default_config = { + "version": self.VERSION, + "global": { + "threads": 50, + "timeout": 10, + "user_agent": "APEX/1.0", + "verify_ssl": False, + "proxy": None, + "output_format": "json" + }, + "reconnaissance": { + "passive_enum": True, + "active_enum": True, + "deep_scan": False + }, + "scanning": { + "service_detection": True, + "os_detection": False, + "vulnerability_scan": True + }, + "exploitation": { + "auto_exploit": False, + "safe_mode": True, + "payload_encoding": True + }, + "web_testing": { + "sql_injection": True, + "xss_testing": True, + "csrf_testing": True, + "file_inclusion": True, + "command_injection": True, + "authentication_bypass": True + }, + "wireless": { + "capture_handshakes": True, + "wps_testing": True, + "evil_twin": False + }, + "reporting": { + "auto_report": True, + "report_format": ["html", "json", "pdf"], + "include_screenshots": True + } + } + + if self.config_file.exists(): + try: + with open(self.config_file, 'r') as f: + loaded = json.load(f) + # Merge with defaults + return {**default_config, **loaded} + except: + pass + + # Save default config + with open(self.config_file, 'w') as f: + json.dump(default_config, f, indent=4) + + return default_config + + def save_config(self): + """Save configuration""" + with open(self.config_file, 'w') as f: + json.dump(self.config, f, indent=4) + + def register_module(self, name: str, module_class): + """Register a module""" + self.modules[name] = module_class + + def print_banner(self): + """Print APEX banner""" + print(self.BANNER) + + def print_info(self, message): + """Print info message""" + print(f"{Colors.BLUE}[*]{Colors.END} {message}") + + def print_success(self, message): + """Print success message""" + print(f"{Colors.GREEN}[+]{Colors.END} {message}") + + def print_warning(self, message): + """Print warning message""" + print(f"{Colors.YELLOW}[!]{Colors.END} {message}") + + def print_error(self, message): + """Print error message""" + print(f"{Colors.RED}[-]{Colors.END} {message}") + + def print_header(self, message): + """Print section header""" + print(f"\n{Colors.CYAN}{Colors.BOLD}{'═' * 50}{Colors.END}") + print(f"{Colors.CYAN}{Colors.BOLD} {message}{Colors.END}") + print(f"{Colors.CYAN}{Colors.BOLD}{'═' * 50}{Colors.END}\n") + + def load_plugins(self): + """Load plugins from plugins directory""" + self.print_info("Loading plugins...") + count = 0 + + for plugin_file in self.plugins_dir.glob("*.py"): + try: + spec = importlib.util.spec_from_file_location( + plugin_file.stem, plugin_file + ) + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) + + if hasattr(module, 'register'): + module.register(self) + count += 1 + self.print_success(f"Loaded plugin: {plugin_file.stem}") + except Exception as e: + self.print_error(f"Failed to load {plugin_file.stem}: {e}") + + self.print_success(f"Loaded {count} plugins") + + def save_results(self, module_name: str, results: Dict): + """Save results to file""" + timestamp = datetime.now().strftime("%Y%m%d_%H%M%S") + filename = self.results_dir / f"{module_name}_{timestamp}.json" + + with open(filename, 'w') as f: + json.dump(results, f, indent=4) + + self.print_success(f"Results saved to: {filename}") + + def interactive_mode(self): + """Interactive console mode""" + self.print_banner() + self.print_info("Entering interactive mode (type 'help' for commands)") + + while True: + try: + cmd = input(f"\n{Colors.CYAN}apex>{Colors.END} ").strip() + + if not cmd: + continue + + if cmd.lower() in ['exit', 'quit', 'q']: + self.print_info("Exiting APEX...") + break + + elif cmd.lower() == 'help': + self.show_help() + + elif cmd.lower() == 'modules': + self.list_modules() + + elif cmd.lower() == 'info': + self.show_info() + + elif cmd.startswith('use '): + module_name = cmd[4:].strip() + self.use_module(module_name) + + elif cmd.startswith('set '): + parts = cmd[4:].split(None, 1) + if len(parts) == 2: + self.set_option(parts[0], parts[1]) + + elif cmd.lower() == 'options': + self.show_options() + + elif cmd.lower() in ['run', 'execute']: + self.execute_current_module() + + elif cmd.lower() == 'back': + self.session_data.pop('current_module', None) + self.print_info("Returned to main menu") + + else: + self.print_error(f"Unknown command: {cmd}") + + except KeyboardInterrupt: + print() + continue + except EOFError: + print() + break + + def show_help(self): + """Show help menu""" + help_text = f""" +{Colors.BOLD}Available Commands:{Colors.END} + +{Colors.CYAN}Core Commands:{Colors.END} + help - Show this help menu + modules - List all available modules + info - Show framework information + exit/quit - Exit APEX + +{Colors.CYAN}Module Commands:{Colors.END} + use - Select a module + options - Show module options + set