Update README.md
Browse files
README.md
CHANGED
|
@@ -1,3 +1,100 @@
|
|
| 1 |
-
---
|
| 2 |
-
license: apache-2.0
|
| 3 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
---
|
| 2 |
+
license: apache-2.0
|
| 3 |
+
datasets:
|
| 4 |
+
- kuladeepmantri/4-Security-Tools-Pentesting
|
| 5 |
+
language:
|
| 6 |
+
- en
|
| 7 |
+
pipeline_tag: question-answering
|
| 8 |
+
tags:
|
| 9 |
+
- code
|
| 10 |
+
---
|
| 11 |
+
# Model: 4 Security Tools for Pentesting
|
| 12 |
+
|
| 13 |
+
### Description
|
| 14 |
+
|
| 15 |
+
This model is designed to accurately detect and classify commands associated with four essential security tools used in pentesting: Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit (SET). It leverages a Naive Bayes classifier trained on a comprehensive dataset of commands for these tools, enhancing the accuracy and effectiveness of recognizing and categorizing such commands.
|
| 16 |
+
|
| 17 |
+
### Tools Included
|
| 18 |
+
|
| 19 |
+
1. **Nmap**: A network scanning tool used to discover hosts and services on a computer network.
|
| 20 |
+
2. **Metasploit (msploit)**: A penetration testing framework for exploiting known vulnerabilities.
|
| 21 |
+
3. **John the Ripper (jtr)**: A password cracking software used to test password strength and recover lost passwords.
|
| 22 |
+
4. **Social Engineering Toolkit (SET)**: A collection of tools for conducting social engineering attacks.
|
| 23 |
+
|
| 24 |
+
### Structure
|
| 25 |
+
|
| 26 |
+
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.
|
| 27 |
+
|
| 28 |
+
### Purpose
|
| 29 |
+
|
| 30 |
+
The primary purpose of this model is to provide accurate detection and classification of commands related to Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit. It is ideal for researchers and practitioners looking to enhance the performance of their security-related applications.
|
| 31 |
+
|
| 32 |
+
### Usage
|
| 33 |
+
|
| 34 |
+
This model can be used in various applications, including:
|
| 35 |
+
- Integrating with automation tools to classify and execute security commands.
|
| 36 |
+
- Assisting in educational platforms to teach about different security tools.
|
| 37 |
+
- Enhancing the capabilities of pentesting frameworks by accurately identifying commands.
|
| 38 |
+
|
| 39 |
+
### Example Code
|
| 40 |
+
|
| 41 |
+
```python
|
| 42 |
+
import pandas as pd
|
| 43 |
+
from sklearn.model_selection import train_test_split
|
| 44 |
+
from sklearn.feature_extraction.text import TfidfVectorizer
|
| 45 |
+
from sklearn.naive_bayes import MultinomialNB
|
| 46 |
+
from sklearn.metrics import classification_report
|
| 47 |
+
import joblib
|
| 48 |
+
|
| 49 |
+
# Load the dataset from the txt file
|
| 50 |
+
data_path = 'trainingdata.txt'
|
| 51 |
+
data = []
|
| 52 |
+
|
| 53 |
+
# Read the file and parse the data
|
| 54 |
+
with open(data_path, 'r') as file:
|
| 55 |
+
lines = file.readlines()
|
| 56 |
+
for line in lines:
|
| 57 |
+
# Split each line into question and tool by the last comma
|
| 58 |
+
parts = line.rsplit(', "', 1)
|
| 59 |
+
if len(parts) == 2:
|
| 60 |
+
question = parts[0].strip().strip('"')
|
| 61 |
+
tool = parts[1].strip().strip('",')
|
| 62 |
+
data.append((question, tool))
|
| 63 |
+
|
| 64 |
+
# Create a DataFrame
|
| 65 |
+
df = pd.DataFrame(data, columns=['question', 'tool'])
|
| 66 |
+
|
| 67 |
+
# Split the data
|
| 68 |
+
X_train, X_test, y_train, y_test = train_test_split(df['question'], df['tool'], test_size=0.2, random_state=42)
|
| 69 |
+
|
| 70 |
+
# Vectorize the text data
|
| 71 |
+
vectorizer = TfidfVectorizer()
|
| 72 |
+
X_train_vectorized = vectorizer.fit_transform(X_train)
|
| 73 |
+
X_test_vectorized = vectorizer.transform(X_test)
|
| 74 |
+
|
| 75 |
+
# Train a Naive Bayes classifier
|
| 76 |
+
clf = MultinomialNB()
|
| 77 |
+
clf.fit(X_train_vectorized, y_train)
|
| 78 |
+
|
| 79 |
+
# Make predictions
|
| 80 |
+
y_pred = clf.predict(X_test_vectorized)
|
| 81 |
+
|
| 82 |
+
# Print the classification report
|
| 83 |
+
print(classification_report(y_test, y_pred))
|
| 84 |
+
|
| 85 |
+
# Save the model and vectorizer
|
| 86 |
+
joblib.dump(clf, 'findtool_model.pkl')
|
| 87 |
+
joblib.dump(vectorizer, 'vectorizer.pkl')
|
| 88 |
+
```
|
| 89 |
+
|
| 90 |
+
### Additional Information
|
| 91 |
+
|
| 92 |
+
I am the sole creator and maintainer of this model, which is part of a personal project focused on improving the classification of commands for these four tools. For convenience, the trained model and vectorizer have been attached and can be used to test and validate the dataset. More models and updates will be coming soon to expand the utility of this project.
|
| 93 |
+
|
| 94 |
+
### Disclaimer
|
| 95 |
+
|
| 96 |
+
This model is provided for educational purposes only. I am not responsible for any misuse of the information contained within this model. Users are encouraged to use this model ethically and responsibly, in compliance with all applicable laws and regulations.
|
| 97 |
+
|
| 98 |
+
### Conclusion
|
| 99 |
+
|
| 100 |
+
The "4 Security Tools for Pentesting" model is a valuable resource for anyone looking to improve their understanding and recognition of commands related to Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit. Its focused yet comprehensive nature makes it an excellent choice for enhancing security tool proficiency. Check out the attached model to get started, and stay tuned for more updates!
|