offseckit/osk

GitHub: offseckit/osk

一款面向终端的免费进攻性安全工具集，提供反向Shell生成、编码解码、哈希处理、漏洞载荷生成、安全头分析、CVSS计算等十余种渗透测试常用功能。

Stars: 0 | Forks: 0

# >_ osk **面向终端的免费进攻性安全工具集——包含反向Shell、编码、哈希、JWT分析、nmap命令构建、XSS载荷、SQLi载荷、头部安全分析、CVSS评分、子网计算、终端输出格式化、字典生成、chmod权限计算等工具。** 作为 [OffSecKit](https://offseckit.com) 的一部分——所有工具也可作为 [浏览器工具](https://offseckit.com/tools) 使用。 ## 安装 ``` pip install offseckit ``` 或克隆并本地安装： ``` git clone https://github.com/offseckit/osk.git cd osk pip install . ``` ## 快速开始 ``` # Generate a reverse shell osk revshell -i 10.10.10.10 -l python # Encode text to Base64 osk encode -o base64-encode "Hello World" # Identify a hash osk hash id 5d41402abc4b2a76b9719d911017c592 # Decode a JWT token osk jwt decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... # Build an nmap command osk nmap build -t 10.10.10.0/24 --syn --top-ports 1000 # Generate XSS payloads osk xss gen --context html-attr --action alert # Generate SQLi payloads osk sqli gen -d mysql -t union -c 3 # Analyze security headers curl -sI https://example.com | osk headers analyze # Calculate a CVSS score osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H # Calculate subnet details osk subnet calc 192.168.1.0/24 # Generate a wordlist with mutations osk wordlist gen password admin --leet --numbers # Convert and explain a chmod mode osk chmod 4755 --explain # Format terminal output with a styled frame nmap -sV 10.10.10.10 | osk format render ``` ## 工具 | 命令 | 描述 | |---------|-------------| | `osk revshell` | 生成12种以上语言的反向Shell单行命令 | | `osk encode` | 编码/解码文本（Base64、URL、Hex、HTML、Unicode、Binary、ROT13等） | | `osk hash` | 识别哈希类型并生成哈希（MD5、SHA1、SHA256、NTLM等） | | `osk jwt` | 解码并分析JWT令牌的安全问题 | | `osk nmap` | 构建nmap命令，支持扫描类型、脚本、Timing和规避选项 | | `osk xss` | 生成上下文感知的XSS载荷，支持WAF绕过和编码 | | `osk sqli` | 为MySQL、MSSQL、PostgreSQL、Oracle、SQLite生成SQL注入载荷 | | `osk headers` | 分析HTTP响应头部的安全配置错误 | | `osk cvss` | 计算CVSS 3.1和4.0漏洞评分 | | `osk subnet` | 计算子网详情、分割网络、检查IP归属 | | `osk format` | 使用样式化窗口框架格式化和美化终端输出 | | `osk wordlist` | 生成自定义字典，支持leet speak、大小写变换和密码模式 | | `osk chmod` | 转换并解释Linux文件权限，列出常见预设，查找setuid二进制文件 | ## 反向Shell ``` # Bash reverse shell osk revshell -i 10.10.10.10 -p 4444 # Python reverse shell with Base64 encoding osk revshell -i 10.10.10.10 -l python -e base64 # PowerShell reverse shell osk revshell -i 10.10.10.10 -l powershell # Show all netcat variants osk revshell -i 10.10.10.10 -l netcat --all # List all supported languages osk revshell list ``` ### 选项 | 标志 | 描述 | 默认值 | |------|-------------|---------| | `-i, --ip` | 攻击者IP地址 | （必填） | | `-p, --port` | 攻击者端口 | `4444` | | `-l, --lang` | 语言 | `bash` | | `-v, --variant` | 具体变体 | 第一个可用 | | `-e, --encoding` | `raw`、`base64`、`url`、`double-url` | `raw` | | `--all` | 显示所有变体 | — | | `--no-listener` | 隐藏监听命令 | — | ## 编码与解码 ``` # Base64 encode osk encode -o base64-encode "Hello World" # URL decode osk encode -o url-decode "%48%65%6C%6C%6F" # Chain: Base64 then URL encode osk encode -o base64-encode -o url-encode "test payload" # Double URL encode for WAF bypass osk encode -o url-encode -o url-encode "" # Show intermediate steps osk encode -o base64-encode -o url-encode -o hex-encode "test" --steps # Pipe from stdin echo "secret" | osk encode -o hex-encode # List all operations osk encode list ``` ## 哈希识别与生成 ``` # Identify a hash osk hash id 5d41402abc4b2a76b9719d911017c592 # Generate MD5 + SHA-256 + NTLM osk hash generate -a md5 -a sha256 -a ntlm "password" # Generate all default hashes osk hash generate "hello" # List supported algorithms osk hash list ``` ## JWT 解码器与分析器 ``` # Decode a JWT token osk jwt decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U # Analyze for security issues osk jwt analyze eyJhbGciOiJIUzI1NiIs... # List supported algorithms osk jwt algorithms ``` ## Nmap 命令构建器 ``` # Quick recon scan osk nmap preset quick-recon -t 10.10.10.0/24 # Full port SYN scan with service detection osk nmap build -t 10.10.10.10 --syn --all-ports --service-version # Stealth scan with evasion osk nmap build -t 10.10.10.10 --syn --timing T2 --fragment # List presets osk nmap presets # List scan types osk nmap scans ``` ## XSS 载荷生成器 ``` # Generate payloads for HTML attribute context osk xss gen --context html-attr --action alert # Generate with WAF bypass encoding osk xss gen --context js-string --waf cloudflare # Generate with blocked characters osk xss gen --context html-tag --block "<" --block ">" # Show polyglot payloads osk xss polyglots # List all contexts osk xss contexts ``` ## SQL 注入载荷生成器 ``` # Generate UNION-based payloads for MySQL osk sqli gen -d mysql -t union -c 3 # Generate error-based payloads for MSSQL osk sqli gen -d mssql -t error-based # Generate time-blind payloads for PostgreSQL osk sqli gen -d postgresql -t time-blind # Generate with WAF bypass (case swap) osk sqli gen -d mysql -t union --waf case-swap # Show authentication bypass payloads osk sqli auth # List supported databases osk sqli dbs ``` ## HTTP 头部安全分析器 ``` # Fetch headers directly from a URL osk headers analyze -u https://example.com # Pipe headers from curl curl -sI https://example.com | osk headers analyze # Read from a file osk headers analyze -f response-headers.txt # Output as JSON for CI/CD osk headers analyze -u https://example.com --json # List all security headers checked osk headers list ``` ## CVSS 计算器 ``` # Calculate CVSS 3.1 score from a vector osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H # Calculate CVSS 4.0 score osk cvss calc CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N # Output as JSON for CI/CD osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H --json # Show common vulnerability presets osk cvss presets # Compare two vectors osk cvss compare CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H ``` ## 子网计算器 ``` # Calculate subnet details from CIDR osk subnet calc 192.168.1.0/24 # Calculate with JSON output for scripting osk subnet calc 10.10.10.0/26 --json # Split a network into equal subnets osk subnet split 10.0.0.0/16 --into 4 # Check if an IP is within a CIDR range osk subnet contains 192.168.1.0/24 192.168.1.100 # List all usable hosts in a subnet osk subnet list 192.168.1.0/28 ``` ## CLI 输出格式化工具 ``` # Render terminal output with a styled window frame nmap -sV 10.10.10.10 | osk format render # Render from a file with a custom title osk format render -f output.txt --title "Nmap Scan Results" # Add line numbers cat output.log | osk format render -n --title "Server Logs" # Strip all ANSI escape codes cat colored-output.log | osk format strip # Get output statistics cat output.log | osk format stats --json ``` ## 字典生成器 ``` # Generate wordlist from base words with case variations osk wordlist gen password admin # Enable leet speak mutations osk wordlist gen password --leet # Append numbers (0-9) and symbols osk wordlist gen company --numbers --symbols # Full mutation suite and save to file osk wordlist gen company admin john -o wordlist.txt --case --leet --numbers --symbols --suffixes # Read base words from a file osk wordlist gen -f base_words.txt --leet --numbers # Append years instead of single digits osk wordlist gen company --numbers --number-range years --year-start 2020 --year-end 2026 # Show leet speak mappings osk wordlist leet ``` ## Chmod / 权限计算器 ``` # Convert octal to symbolic and back osk chmod 755 osk chmod rwxr-xr-x # Explain a setuid binary's mode bit-by-bit osk chmod 4755 --explain # Apply POSIX symbolic notation against a base mode osk chmod 644 --apply u+x osk chmod 755 --apply go-w # Detect risky permissions only osk chmod 777 --warnings # Output JSON for scripting osk chmod 4755 --json # List common permission presets (755, 644, 600, 1777, 4755, ...) osk chmod presets # Print find(1) recipes for privesc hunting osk chmod hunt ``` ## 依赖 - Python 3.8+ ## 相关工具 - [OffSecKit](https://offseckit.com) — 免费基于浏览器的安全工具集 - [Reverse Shell Generator](https://offseckit.com/tools/revshell) — 浏览器版本 - [Encoding Multi-Tool](https://offseckit.com/tools/encode) — 浏览器版本 - [Hash Identifier](https://offseckit.com/tools/hash) — 浏览器版本 - [JWT Decoder](https://offseckit.com/tools/jwt) — 浏览器版本 - [Nmap Builder](https://offseckit.com/tools/nmap) — 浏览器版本 - [XSS Generator](https://offseckit.com/tools/xss) — 浏览器版本 - [Header Security Analyzer](https://offseckit.com/tools/headers) — 浏览器版本 - [CVSS Calculator](https://offseckit.com/tools/cvss) — 浏览器版本 - [Subnet Calculator](https://offseckit.com/tools/subnet) — 浏览器版本 - [SQLi Payload Generator](https://offseckit.com/tools/sqli) — 浏览器版本 - [CLI Output Formatter](https://offseckit.com/tools/cli-format) — 浏览器版本 - [Wordlist Generator](https://offseckit.com/tools/wordlist) — 浏览器版本 - [Chmod Calculator](https://offseckit.com/tools/chmod) — 浏览器版本 ## 许可证 MIT

标签：CISA项目, CVSS, DNS 反向解析, JWT, Python, wordlist, XSS, XXE攻击, 代码生成, 反取证, 反向shell, 哈希, 嗅探欺骗, 子网计算, 安全头分析, 安全评估, 密码攻击, 密码管理, 数据展示, 文档结构分析, 无后门, 无线安全, 本体建模, 权限维持, 渗透测试工具, 漏洞情报, 红队, 编码解码, 网络安全, 隐私保护