Skip to content
/ RedFox Public
forked from Windro-exe/RedFox

Custom Automated Attack & Recon Framework

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

windro-xdd/RedFox

BranchesTags
ย 
ย 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

7 Commits
core
core
ย 
ย 
data
data
ย 
ย 
utils
utils
ย 
ย 
README.md
README.md
ย 
ย 
main.py
main.py
ย 
ย 

Repository files navigation

๐ŸฆŠ RedFox - Offensive Security Toolkit

RedFox is a modular and extensible Python-based offensive security tool designed to assist in red teaming, ethical hacking, and penetration testing operations. It automates core stages of the attack lifecycle: reconnaissance, vulnerability scanning, exploitation, and basic reporting.

๐Ÿ“ Project Structure

RedFox/
โ”œโ”€โ”€ main.py                     # Entry point of the tool
โ”œโ”€โ”€ core/                       # Core functionality
โ”‚   โ”œโ”€โ”€ recon.py                # DNS and IP recon
โ”‚   โ”œโ”€โ”€ scanner.py              # Nmap-based port scanner
โ”‚   โ”œโ”€โ”€ exploit.py              # XSS vulnerability tester
โ”‚   โ””โ”€โ”€ report.py               # Report generator
โ”œโ”€โ”€ utils/
โ”‚   โ””โ”€โ”€ helpers.py              # UI and formatting utilities
โ”œโ”€โ”€ data/
โ”‚   โ””โ”€โ”€ payloads.json           # XSS and SQLi payloads
โ””โ”€โ”€ README.md                   # Documentation

๐Ÿš€ Features

  • ๐ŸŒ Reconnaissance

    • DNS resolution (IP lookup)
    • Easily extendable to subdomain and WHOIS queries

  • ๐Ÿ” Port Scanning

    • Fast scanning using nmap for detecting open ports and services

  • ๐Ÿ’ฅ Exploitation

    • Tests for basic reflected XSS using GET requests
    • Uses customizable payloads from payloads.json

  • ๐Ÿ“ Reporting

    • Outputs a plain-text report of the recon and scan results

๐Ÿ“ฆ Requirements

๐Ÿ Python Libraries

Install required Python modules:

pip install requests

๐Ÿ”ง External Tools

Ensure nmap is installed:

sudo apt install nmap   # for Debian/Ubuntu

๐Ÿงช Usage

1. Run the Tool

python main.py

2. Enter Target

You'll be prompted to input a target domain or IP:

Enter target URL or IP: example.com

3. Sample Output

[+] Running recon on example.com
[+] Resolved IP: 93.184.216.34
[+] Scanning target: example.com
...
[+] Testing for basic XSS on example.com
[!] XSS vulnerability detected!
[+] Generating report for example.com

A report file will be saved in the current directory as:

example_com_report.txt

๐Ÿ“š Payload Configuration

The tool uses a JSON file for storing payloads:

{
  "xss": ["<script>alert(1)</script>", "<img src=x onerror=alert(1)>"],
  "sqli": ["' OR '1'='1", "'; DROP TABLE users; --"]
}

You can customize this file at data/payloads.json to include additional XSS or SQLi payloads.

๐Ÿ”ฎ Planned Enhancements

  • Subdomain enumeration
  • CMS and technology fingerprinting
  • SQLi testing using SQLMap integration
  • HTML/PDF report generation
  • Shodan/Censys passive recon support

โš ๏ธ Disclaimer

This tool is provided for educational and authorized testing purposes only. Do not use RedFox on systems you do not own or have explicit permission to test.

๐Ÿ“‚ Metadata

Repository: windro-exe/redfox
Files analyzed: 8
Directory: windro-exe-redfox
Report Digest Link:
https://gitdocs1.s3.amazonaws.com/digests/windro-exe-redfox/fb87cc8b-81b8-4499-b75c-ab486156ad28.txt

About

Custom Automated Attack & Recon Framework

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%