Venom

Offensive Security Framework for Vulnerability Scanning & Pentesting

Version 4.3.3 now requires PROXIES/VPN.

Features

• [x] USE PROXIES/VPN [Required]
• [x] Cloudflare Resolver [Cloudbuster]
• [x] LFI->RCE and XSS Scanning [LFI to RCE & XSS]
• [x] SQL Injection Vuln Scanner [SQLi]
• [x] Extremely Large D0rk Target Lists
• [x] Detects known WAFs
• [x] AdminPage Finding
• [x] CCTV/Networked Interfaces discovery [WIP] <<<<
• [x] Vulnerable FTPs Scanner [Toxin]
• [x] DNS Bruteforcer
• [x] Python 3.6 asyncio based scanning
• [x] Cloudflare resolver
• [x] Extremely quick "Toxin" Vulnerable IP scanner to scan potentially millions of ips for known vulnerable services.
• [x] Free and Open /src/
• [x] Cross-platform Python-based toolkit
• [x] Licensed under GPLv3
• [x] Built by hackers with full transparency
• [x] No more issues with dependencies from pre-alpha release

This is outdated.

NOTE: You MUST install these on Ubuntu and Kali.

Ubuntu users: Please make sure you sudo apt-get install python3-bs4 | apt-get install python3-setuptools

Kali users: Please apt-get install python3-dev | apt-get install python-dev

NOTE: Install Poetry for deps:

curl -sSL https://install.python-poetry.org | python3 - poetry install # install deps poetry update # when you want to check for deps updates

Docker users: Please see Dockerfile

Contact Information:

Submit a bug report/pull request with prefix "Query" at the start.

Credits to:

- Architect for the initial encouragement and support in V3n0ms early days
- SageHack for allowing Cloudbuster to be adapted for use within V3n0M
- D35m0nd142 for allowing Collaboration and the use of LFI Suite within V3n0M
- b4ltazar & all members of darkc0de.com for inspiring the project with darkd0rk3r

Make Love and Smoke Trees.