SkUlLY is a CLI-based exploit and vulnerability testing utility designed for red-team scanning, service probing, and automated form‑based exploitation attempts.
X-Files/{url}.db
This tool is built for high-obfuscation environments and supports torsocks routing with full User-Agent rotation.
A typical scan can be detected because requests originate from:
SkUlLY disrupts all of these by layering two obfuscation techniques:
Every request may originate from a new Tor exit node, making blocking impractical unless the entire Tor network is filtered.
Each request mimics a different device or crawler. Combined with rotating Tor IPs, every request appears to be a new global entity.
Pattern recognition becomes unreliable, breaking most WAF heuristics and behavioral fingerprinting.
torsocks ./skully
You will be prompted for a target URL:
Target URL (e.g., http://www.example.com/):
SkUlLY executes a sequence of exploit templates, each shrouded behind a rotated User-Agent, and stores discovered links.
SkUlLY is a security research tool.
Use only on systems you own or are authorized to test.
Unauthorized scanning may violate federal and international law.
==========================================
SkUlLY – Exploit & Vulnerability Tester
Author: K0NxT3D
Version: 1.0
Original File: skully.py
==========================================
DESCRIPTION:
------------
SkUlLY is a CLI-based exploit scanner and vulnerability testing utility.
It can optionally be routed through torsocks and is built to obfuscate
traffic using two layers of anonymity:
1. Tor IP rotation (via torsocks)
2. 1,132 rotating User-Agent strings
Output is stored as SQLite databases inside:
X-Files/{url}.db
WHY SKULLY IS DIFFICULT TO BLOCK:
---------------------------------
Most scanners are detected because they reuse the same browser signature
and originate from a known IP range. SkUlLY breaks both heuristics.
(1) Tor Circuit / Torsocks Routing
Every request may originate from a different Tor exit node.
Blocking Tor entirely is possible, but it requires the target to
block large numbers of global exit IPs.
(2) User-Agent Rotation
SkUlLY rotates through 1,132 different User-Agent strings.
When paired with Tor rotation, every request appears to be coming
from a different device somewhere on Earth.
The result is:
• No stable fingerprint
• No consistent IP
• No consistent platform signature
• No behavioral pattern
FEATURES:
---------
• URL parsing and host extraction
• Sends curated exploit payloads (WordPress, login forms, PeepSo, etc.)
• Random User-Agent per request
• Tor/torsocks compatible
• HTML parsing for link extraction
• SQLite3 database logging
• Duplicate-safe inserts
• CLI output showing request status and responses
USAGE:
------
Run:
torsocks ./skully
You will be prompted for:
Target URL (e.g., http://www.example.com/)
SkUlLY sends each exploit template to the target, rotating User-Agents,
and logging discovered links into X-Files/{url}.db.
FILE OUTPUT:
------------
Directory: X-Files/
Files: {domain}.db (SQLite database)
TECHNICAL:
----------
• Python standard libraries:
os, re, time, socket, random, sqlite3
• HTML parsing via BeautifulSoup
• Database engine: SQLite3
• Default port: 80
• CLI-based execution only
LEGAL NOTICE:
-------------
Use SkUlLY only on systems where you have explicit permission to test.
Unauthorized scanning may violate U.S. federal law, EU GDPR, and
international cybersecurity regulations.