IMPORTANT:

Vaile Framework will soon be merged into the original TIDoS Framework. You can find the latest progress here: https://github.com/VainlyStrain/TIDoS-Framework/tree/dev


Vaile


Pentest framework based on TIDoS.

IMPORTANT:

The new Qt5 interface is complete, but has additional dependencies. Take a look at the updated installation instructions.

Highlights :-

Here is some light on what the framework is all about:

Main new features

The main differences between Vaile and TIDoS are:

Installation :-

Installation Script (Globally) :

To install the framework globally in /opt, run the provided core/install.py script as root. After this, you can launch Vaile simply by typing Vaile on the command line.

Manual Installation (Locally) :

Vaile needs some libraries to run, which can be installed via aptitude or dnf Package Managers.

sudo apt-get install libncurses5 libxml2 nmap tcpdump libexiv2-dev build-essential python3-pip libmariadbclient18 libmysqlclient-dev tor konsole

Now after these dependencies are finished installing, we need to install the remaining Python Package dependencies, hence run:

pip3 install -r requirements.txt

Thats it. You now have Vaile at your service. Fire it up using:

python3 Vaile              #Qt5 interface
sudo python3 vsconsole.py  #console interface

Updating Vaile :

To get the current version of Vaile, move into the installation folder and perform (sudo) git pull #sudo if installed by install.py. Alternatively, you can run the fetch command in vsconsole.

Getting Started :-

To get started, you need to set your own API KEYS for various OSINT & Scanning and Enumeration purposes. To do so, open up API_KEYS.py under files/ directory and set your own keys and access tokens for SHODAN, CENSYS, FULL CONTACT, GOOGLE and WHATCMS.

GOOD NEWS:

The latest release of Vaile includes all API KEYS and ACCESS TOKENS for SHODAN, CENSYS, FULL CONTACT, GOOGLE and WHATCMS by default. I found these tokens on various repositories on GitHub itself. You can now use all the modules which use the API KEYS. :)

Commands :-

__                                                    __                                                        
 !  attack    Attack specified target(s)              M
 :  clear     Clear terminal.                         :
 V  creds     Handle target credentials.              
 :  fetch     Check for and install updates.          :
 :  find      Search a module.                        :
    help      Show help message.                      :
    info      Show description of current module.     M
 :  intro     Display Intro.                          :
 :  leave     Leave module.                           M
    list      List all modules of a category.         :
 :  load      Load module.                            :
 :  netinfo   Show network information.               :
 :  opts      Show options of current module.         M
    phpsploit Load the phpsploit framework.           :
              (needs to be downloaded externally)
 :  processes Set number of processes in parallelis.  :
    q         Terminate Vaile session.                :
 :  sessions  Interact with cached sessions.          :
 :  set       Set option value of module.             M
 :  tor       Pipe Attacks through the Tor Network.   :
    vicadd    Add Target to list.                     :
    vicdel    Delete Target from list.                :
    viclist   List all targets.                       :

  Avail. Cmds
    M needs loaded modvle
    V [! potentially] need loaded target(s)

Flawless Features :-

Vaile Attack presently supports the following: and more modules are under active development

Other Tools:

Vaile In Action:

Lets see some screenshots of Vaile in action:

Version:

v2.2.5-10 [latest release] [#stable]

Disclaimer:

Vaile is provided as an offensive web application audit framework. It has built-in modules which can reveal potential misconfigurations and vulnerabilties in web applications which could possibly be exploited maliciously.

THEREFORE, NEITHER THE AUTHOR NOR THE CONTRIBUTORS ARE RESPONSIBLE FOR ANY MISUSE OR DAMAGE DUE TO THIS TOOLKIT.