Evolve

Inspiration

Evolve was inspired by the need to provide users with accessible and effective cybersecurity tools that empower them to safeguard their digital presence. Recognizing the complexities of online security, Evolve offers a straightforward command line interface, enabling users to perform essential security tasks with confidence. By combining features like vulnerability testing, system scans, and password evaluations, Evolve allows users to take proactive steps in identifying and mitigating risks, ultimately fostering a greater sense of control and security in their digital lives.

What it does

The Evolve Command-Line Tool is a multifunctional utility designed for web security testing and information retrieval. It provides various tools and commands for users to perform tasks such as system scanning, password cracking, web searching, and more. Each command is structured to provide a user-friendly experience with detailed functionalities.

Commands Overview:

run websec: Launches the WebSec security testing tool for vulnerability assessments on specified web applications or systems. Vulnerability Scanning : It scans for common vulnerabilities, including SQL Injection, Cross-Site Scripting (XSS), Command Injection, and more.

         Reporting : Generates a report outlining detected vulnerabilities, their severity levels, and potential remediation steps, helping users understand the risks associated with their web applications. Provides Feedback during scanning, allowing users to monitor progress and receive immediate results.

sys scan: This command initiates a comprehensive scan of the user's system for malicious files and software.

run hunter: Searches for a person online and retrieves relevant information based on the provided input.

search web: Searches the web for specified keywords and returns a summary.

run cracker: Launches the Cracker Tool, which is designed for brute forcing password attacks and it can also generate custom passwordlist. When provided with keywords, it can create it's own custom list with the possible combinations of the provided keywords.

        ssh brute: Initiates an SSH brute force attack using a specified wordlist or keywords.

        ftp brute: Initiates a FTP brute force attack using a specified wordlist or keywords.

        cracker create: Creates a custom wordlist based on a specified range of numbers.

        quit: Exits the Cracker Tool and returns to the previous menu.

run script : Executes a specified Python or Batch script directly from the tool.

cipher : Evaluates the strength of the provided password.

geo : Provides geographical information about an IP address.

calc: Performs basic calculations.

clear: Clears the command line screen.

exit: Exits the Evolve Tool.

Additional Features:

Help Command: Type help to view a list of available commands and their descriptions.

User-Friendly Interface: The tool utilizes color coding to enhance the user experience and provide clear outputs.

How we built it

We built Evolve using Python, incorporating libraries like requests for web interactions, BeautifulSoup for web scraping, and whois for domain info. Key features include:

Vulnerability Testing: Methods for SQL injection, XSS, and command injection.

WHOIS Lookup: Retrieves domain registration details.

Open Ports Scanning: Checks for common open ports using socket programming.

System Scanning: Scans for potentially malicious files.

User Interface: Command-line interface for easy interaction.

Challenges we ran into

Ensuring reliable identification of vulnerabilities like SQL injection and XSS across diverse applications was difficult, leading to potential false positives or missed issues. Developing a clear method for rating the severity of detected vulnerabilities required extensive research and understanding of security risks. Balancing technical complexity with user-friendly feedback was challenging, as we aimed to provide actionable insights without overwhelming users with jargon. Variations in network configurations impacted detection accuracy, necessitating careful consideration of different scenarios. Combining various testing techniques into a cohesive tool required careful design to ensure performance and functionality. These challenges ultimately improved the tool's effectiveness

Accomplishments that we're proud of

We’re proud to have created a versatile command line tool that integrates multiple security testing functions into a cohesive user experience.

What we learned

Through this project, we learned the intricacies of web vulnerabilities and the importance of clear, user-friendly output in command line applications. We also gained insights into the command line’s potential for efficient cybersecurity tasks.

What's next for Evolve

Future developments will focus on adding new security features, enhancing automated testing capabilities, and possibly integrating a user-friendly GUI.

Built With

• beautiful-soup
• colorama
• paramiko
• python
• whois
• zxcvbn