TIDoS Framework is a comprehensive web-app audit framework.
let's keep this simple
The main highlights of this framework is:
Auto-Awesomemodule which automates every module for you.
Clone the repository locally and navigate there:
git clone https://github.com/theinfecteddrake/tidos-framework.git cd tidos-framework
Install the dependencies:
chmod +x install ./install
Thats it! Now you are good to go! Now lets run the tool:
Getting Started :-
TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules.
But before that, you need to set your own
API KEYS for various OSINT purposes. To do so, open up
files/ directory and set your own keys and access tokens for
FULL CONTACT ,
WHATCMS . Public
API KEYS and
ACCESS TOKENS for
WHATCMS have been provided with the TIDoS release itself. You can still add your own...
Finally, as the framework opens up, enter the website name
eg. http://www.example.com and let TIDoS lead you. Thats it! Its as easy as that.
> * Follow the order of the tool (Run in a schematic way).
Reconnaissance ➣ Scanning & Enumeration ➣ Vulnerability Analysis
To update this tool, use
tidos_updater.py module under
Flawless Features :-
TIDoS Framework presently supports the following:
and is under active development
Reconnaissance + OSINT
Via external APi
Domain info gathering
Pinpoint physical location
Hosts on same server
Pwned Email Accounts
Employees & Company
(185+ CMSs supported)
PROFIND & SEARCH
Name Server Based
.bak, .db, etc.
.pgp, .skr, etc.
.htaccess, .apache, etc
Credit Cards Disclosure
Includes Full Path Disclosure
Scanning & Enumeration
Remote Server WAF Enumeration
via Socket Connections
Reliable Only in LANs
Reliable Only in LANs
via Open Ports
16 preloaded modules
Using CENSYS Database
Indexed Uri Crawler
Single Page Crawler
Web Link Crawler
Web-Bugs & Server Misconfigurations
DNS Server based
Over HTTP 80
HTTP TRACE Method
via Cookie Injection
via Port 23
Serious Web Vulnerabilities
Linux & Windows (RCE)
Windows + Linux
PlainText Protocol Default Credential Bruteforce
FTP Protocol Bruteforce
MD5, SHA1, SHA256, SHA512
net_info.py- Displays information about your network. Located under
tidos_updater.py- Updates the framework to the latest release via signature matching. Located under `tools/'.
TIDoS In Action:
v1.6 [latest release] [#stable]
There are some bruteforce modules to be added:
This version of TIDoS is purely developmental and is presently
stable . There are bugs in resolving the
 Back at various end-points which results in blind fall-backs. Though I have added global exception handling, still, there maybe bugs out there. Also TIDoS needs to develop more on logging all info displayed on the screen
(help needed) .
TIDoS is provided as a offensive web application audit framework. It has built-in modules which can reveal potential misconfigurations and vulnerabilties in web applications which could possibly be exploited maliciously.
THEREFORE, I AM NOT EXCLUSIVELY RESPONSIBLE FOR ANY MISUSE OF THIS TOOLKIT.