Hello Kali Team,

I'd like to propose the inclusion of ZeroDay, an offensive security framework designed for WordPress reconnaissance, vulnerability detection, and ethical exploitation.

� GitHub Repository: https://github.com/quantumproject/zeroday
� License: MIT
� Language: Python 3
� Debian Dependencies: python3, python3-requests, python3-beautifulsoup4, python3-lxml

� Key Features

• User Enumeration: Safe (REST API, author ID) + Aggressive (login error brute-force)
• Client-Side Deep Scan: Detects API keys, DOM XSS, hidden endpoints, and developer comments in JS
• Exploit Chain: From XSS → beacon → session capture (localhost-only by default)
• Ethical Safeguards:
  • C2 server binds only to 127.0.0.1
  • No remote payload without explicit user opt-in
  • Clear warnings for aggressive modes

�️ Use Case

Designed exclusively for authorized penetration testing, bug bounty programs, and security research. The tool includes strong defaults to prevent accidental misuse.

� Packaging

• Compliant with Debian policy
• Includes man page (zeroday.1)
• Desktop entry for GUI environments

Thank you for considering ZeroDay for inclusion in Kali Linux.

— quantumproject