Scorpion Effect is a powerful, modular cyber operations platform designed to simulate, monitor, and manage real-world cybersecurity scenarios across multiple environments. Built with flexibility and precision in mind, it serves as a unified toolkit for professionals and learners across the cybersecurity spectrum.
At its core, Scorpion Effect enables seamless interaction between different cybersecurity roles, including white hat hackers (ethical security testers), black hat simulation environments (for controlled research), red teams (offensive security), and blue teams (defensive security). This integrated approach allows users to test vulnerabilities, simulate attacks, and strengthen defenses within a controlled and customizable ecosystem.
- Phishing Campaigns: Facebook, Instagram, Twitter, Gmail, LinkedIn, Microsoft, Google, Apple
- QR Code Generation: Auto-generate QR codes for phishing links
- Credential Capture: Real-time credential harvesting with IP logging
- URL Shortening: Obfuscate phishing links with multiple services
- ๐ค Discord: Full command execution via Discord bot
- ๐ฑ Telegram: Complete C2 functionality
- ๐ผ Slack: Enterprise messaging platform support
- ๐ Google Chat: Webhook-based communication
- ๐ฅ๏ธ Web Terminal: Browser-based command interface
- ๐ Port Scanning: Nmap integration for comprehensive scanning
- ๐ Traffic Generation: ICMP, TCP, UDP, HTTP traffic simulation
- ๐ก Network Discovery: ARP spoofing, network mapping
- ๐ก๏ธ IP Management: Block/allow list with iptables integration
- ๐จ Threat Detection: Real-time threat monitoring
- ๐ Database Logging: SQLite/PostgreSQL for persistent storage
- ๐ Encryption: Secure credential storage
- ๐ Analytics: Command history, statistics, performance metrics
git clone https://github.com/Iankulani/scorpion_effect.git
cd scorpion-effect
docker-compose up -dopen http://localhost:5000chmod +x install.sh
./install.sh
./start_scorpion.shbatch_install.bat
scorpion_venv\Scripts\python scorpion_effect.pyUsing Python
python3 -m venv venvsource venv/bin/activate # Linux/Mac
pip install -r requirements.txtpython3 scorpion_effect.pydocker build -t scorpion-effect:alpine -f Dockerfile .docker run -d -p 5000:5000 -p 8080:8080 --name scorpion scorpion-effect:alpinedocker logs -f scorpiondocker stop scorpionEdit .scorpion-effect/config.json:
json
{
"discord_token": "YOUR_DISCORD_BOT_TOKEN",
"telegram_api_id": "YOUR_API_ID",
"telegram_api_hash": "YOUR_API_HASH",
"telegram_bot_token": "YOUR_BOT_TOKEN",
"slack_token": "xoxb-your-token",
"web_port": 5000,
"enable_discord": true,
"enable_telegram": true,
"enable_slack": true
}phish_facebook # Generate Facebook phishing link
phish_instagram # Generate Instagram phishing link
phish_twitter # Generate Twitter phishing link
phish_gmail # Generate Gmail phishing link
phish_start <id> # Start phishing server
phish_stop # Stop phishing server
phish_creds # View captured credentialsscan <target> # Quick port scan
nmap <target> # Full nmap scan
ping <target> # ICMP echo request
traceroute <target> # Network path tracing
whois <domain> # WHOIS lookuptraffic icmp <ip> <duration> # ICMP flood
traffic tcp <ip> <duration> # TCP connections
traffic http <ip> <duration> # HTTP requestsstatus # Show system status
history # Command history
sysinfo # System information
add_ip <ip> # Add IP to monitoring
block_ip <ip> # Block IP addressAccess the web terminal at http://localhost:5000-
Real-time command execution
-
Scorpion stinger game
-
Visual terminal interface
-
Multi-session support
The .gitlab-ci.yml provides:
-
Security Scan: Bandit, Safety checks
-
Build: Multi-stage Alpine Docker builds
-
Test: Unit, integration, performance tests
-
Deploy: Staging/Production deployment
IMPORTANT: This tool is for authorized security testing and educational purposes only. Users must:
-
Obtain written permission before testing
-
Comply with all applicable laws
-
Not use for unauthorized activities
-
Report vulnerabilities responsibly