Rebel is a testing framework that can perform various penetration tests related to networks and web applications. Regarding networks, Rebel Framework scans networks, detects live hosts, does port scanning, finds common vulnerabilities, sniffs network traffic, obtains network interface information, and halts connection between two or more points in a network. The web application penetration testing features of Rebel Framework include website information gathering (IP address, email server, phone numbers), website/IP address location finding, sub-domains enumeration, email information gathering, CMS detection, CMS vulnerabilities detection, hidden web directories scanning, Open Source Intelligence (OSINT), and fuzzing. Rebel Framework can simulate phishing attacks using the ngrok application. Ngrok application helps in tunneling the local port/service securely. Besides the penetration testing, Rebel Framework can perform additional tasks, such as data encoding and decoding, finding hashes in given files, hash cracking, and recovering lost files and disk images.
Rebel Framework Installation
To install Rebel Framework from source code, clone the framework from Github using the following command.
git clone https://github.com/rebellionil/rebel-framework.git
After cloning the framework, move into the rebel-framework directory and run the setup file using the following commands.
cd rebel-framework bash setup.sh
How Rebel Framework Works
Rebel Framework can be launched by running the following command in the terminal.
bash rebel.sh
The Framework uses different modules to perform the aforesaid tasks. In order to view all the available modules, use the following command.
show modules
Rebel Framework displays all the available modules with some hint about their application.
In order to use the desired module, type its name in the following format.
use <module name>
To see the available options for the set module, use the following command.
show options
The above command shows different options that can be used to customize the selected module’s operations.
Network Examples
To demonstrate network penetration testing features of Rebel Framework, let’s assume a localhost network with 192.168.10.1-192.168.10.255 address range. In order to scan the live hosts in the target network, we use the net/map module in the following format.
use net/map
In the next step, set the target IP range in the following format and run the module
set target 192.168.10.1-255
run
The above commands scan the selected range of IP addresses and fetch details about live hosts in the following format.
We can run the net/scan module on a specific target host to find out the open ports information and running services on the target host.
use net/scan set target 192.168.10.2 run
Web Application Examples
Rebel Framework can perform web applications penetration tests like information gathering, hidden directories scanning, and identifying CMS related vulnerabilities. These tasks are performed by running the web applications modules. For instance, we can gather information about a website by using the info/site module in the following format.
use info/site set target www.vulnweb.com run
The info/site module gathers useful information, such as IP address, IP range, DNS, hosting country, contact, and CIDR information.
Rebel Framework can also simulate the phishing attacks during the red team engagements. The phishing modules clone the well-known networks to trick the users. For example, we can use the phish/google module to clone the Google account page. The following commands generate a link of the cloned web page that can be shared with the victim through any social engineering method.
use phish/google run
If the victim enters any sensitive data (credentials) on the cloned page, the information is captured by the phish/google module running on the host machine. Rebel Framework also allows custom urls (domains) for phishing purpose.
Conclusion
Rebel Framework can perform various penetration testing tasks related to networks and web applications. The tasks are performed automatically with very little human supervision.
Leave a Reply