Gloom is a tool that helps test how secure a computer system or network is. Penetration testers, who are experts who check for security weaknesses, use tools like Gloom to safely try hacking into systems. Gloom runs on the Linux operating system. It brings together many existing free hacking tools and custom scripts in one toolkit. This makes it easier for testers to access the different tools they need from one place. Some things Gloom can help with are scanning networks, finding systems with possible security holes, trying different methods to gain access, and seeing what data could be reached if hackers got in. By seeing what vulnerabilities exist, penetration testers can then alert system owners so they can add more security protections where needed.
Features of Gloom:
- Admin Panel Finder: Helps discover administrative panels on the target, with the ability to customize locations.
- IP Geo-location: Utilizes the HackerTarget API to provide geolocation information for the targeted IP address.
- Web Whois: Gathers WHOIS information about the target using the pythonwhois Python package.
- Discover LAN Devices: Detects users/devices on the Local Area Network (LAN) leveraging Scapy.
-
Website IP Resolver: Retrieves the IP address of the targeted website using the
gethostbyname()function. -
Payload Generator: Generates various Windows payloads using Metasploit Meterpreter and msfvenom.
windows/meterpreter/reverse_tcpwindows/meterpreter/reverse_http
- WiFi Jammer: Conducts wireless de-authentication attacks using Scapy to transmit Dot11Deauth de-authentication packets.
- Port Listener: Listens for incoming connections on a user-specified port.
- Web Application Firewall Detection: Identifies web application firewalls, currently supporting CloudFlare (HatCloud & CloudFail).
- Port Scanner: Scans for open ports using Nmap.
Note: Make Sure You have Python Installed on your System, as this is a Python-based tool. Click to check the Installation process. Python Installation Steps on Linux
Installation of Gloom Tool on Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/StreetSec/Gloom-Framework.gitStep 2: Now use the following command to move into the directory of the tool. You have to move in the directory to run the tool.
cd Gloom-FrameworkStep 3: Now you have to give the Executable Permission to the install.py file to do that run the following command.
chmod +x install.py
ls
Step 4: Now we’ve to run the following command to Complete the Installation. Then it will start downloading the necessary packages and dependencies.
python install.pyWhen this Prompt came up Do you want to continue? type ” Y “.
Step 5: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.
sudo python gloom.pyWorking with Gloom Linux Penetration Testing Framework Tool
Example 1: Finding the Admin Panel from the Website
admin_panel_finderWe have provided the target domain as www.geeksforgeeks.org. In the results, we have got the two links, which are the admin panels of the target domain.
Example 2: Finding the Location of the Victim by their IP Address.
ip_geolocationWe have given the target IP address as the input to the Gloom Tool. In the result, we have the exact Geo Location information of the target according to the IP address. This information consists of Country, State, City, Latitude, and Longitude. Using this information, we can execute more advanced attacks on the target.
Conclusion
In conclusion, Gloom is a robust Linux Penetration Testing Framework written in Python, designed to facilitate targeted security assessments. With strict platform checks, it focuses on functionalities such as admin panel discovery, IP geolocation, LAN device detection, payload generation, WiFi jamming, and more. Its feature set, akin to Metasploit, empowers security professionals to conduct thorough penetration tests, ensuring a complete evaluation of target systems.