Heitor Gouvêa

Home Projects About


Micro-framework for rapid development of reusable security tools


Here you will find a “spellbook” with my personal scripts, exploits and other small things I wrote during my bug hunts, pentesting or red teaming missions. Like any other spellbook, some things here are not going to be very easy to understand, but like any other spellbook it couldn’t be different, right?

The main focus of this “micro-framework” is to keep my personal scripts organized and make them available in a structure where I can reuse the code that has already been written to write something else. Furthermore, the Spellbook is just a research project that so far is no big deal and does not replace a truly robust framework.

Download and install

  $ git clone https://github.com/htrgouvea/spellbook && cd spellbook
  $ cpan install Getopt::Long Mojo::File Mojo::JSON

How to use

Spellbook v0.0.4
Core Commands
	Command       Description
	-------       -----------
	--show        List modules, you can filter by category
	--module      Set a module to use
	--read        Read the code of a module


# You can use the --show option to list the available modules
# valid parameters: all, recon, exploit, auxiliary or parser
$ perl spellbook.pl --show recon

Module: Recon::Find_Emails
Category: recon
Description: Find e-mails from a domain using hunter.io API

Module: Recon::Passive_Enum
Category: recon
Description: Enumerate ports and service from a IP using Shodan API

# To use a module, you can use the -m option followed by the name of the module
# followed by -t which is the main entry point of the module
$ perl spellbook.pl -m Recon::Find_Emails -t github.com

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

How to create new modules

First, you need to specify your module in the list of packages that Spellbook reads, present in: .config/modules.json

Just copy the last block of the json and insert the information of the new module;

Second, all modules are stored and accessible through the lib/Modules folder, each module is organized in a third folder that defines its category, such as:

Find the folder for the specific category of your module, or create one, then you can create your module normally like any other Perl module.

The only premise is that your module receives a main entry point and returns the results in an array.