The Astra Exploit Framework (astra) is a tool for exploit development and penetration testing, designed focusing on team based events.
The team server is an RPC/PubSub router/client combination using a WAMP-like protocol to communicate with other clients. All actual work (exploits thrown, files transfered, etc) is done on the server. This way, it is easier to share objects and operations between users (such as sending the same console output to multiple people). All clients use the same WAMP-like protocol to communicate with the server. This means that a console client, and a web based client all use the same protocol, and have the same capabilities.
Install using pip for python 3 (pip3 install astra
). Then run the following command
astra teamserver
Optionally (for development) you may simply clone this repository, then from the root of the clone run the following command:
python3 astra teamserver
Once the teamserver is running, browse to http://[hostname]:[port]/console.html
To run the unit tests after install, run the following command:
astra test
All version numbers follow PEP-440