A comprehensive cybersecurity tool for automated security assessments and vulnerability scanning.
- DNS Enumeration: Discover subdomains, DNS records, and zone transfers
- Port Scanning: Identify open ports and running services
- Technology Detection: Fingerprint web servers, frameworks, and CMS
- Directory Enumeration: Discover hidden directories and files
- SSL/TLS Analysis: Check certificate validity and security configurations
- WHOIS Information: Gather domain registration and ownership details
- Email Harvesting: Find email addresses associated with the domain
- Metadata Extraction: Analyse documents and images for metadata
- SQL Injection: Detect various SQL injection vulnerabilities
- Union-based injection
- Error-based injection
- Time-based blind injection
- Boolean-based blind injection
- Cross-Site Scripting (XSS)
- Reflected XSS
- Stored XSS
- DOM-based XSS
- Template injection
- Security Misconfigurations
- Default credentials
- Exposed sensitive files
- Insecure HTTP headers
- Debug modes enabled
- Known CVE Detection: Check for known vulnerabilities in detected software versions
- Directory Traversal: Test for path traversal vulnerabilities
- File Upload Testing: Check for unsafe file upload handling
- Extension validation bypass
- Content-type validation
- File execution tests
- Access Control: Test authorisation mechanisms
- Horizontal privilege escalation
- Vertical privilege escalation
- IDOR vulnerabilities
- Input Validation: Test form fields and parameters
- Command injection
- XML injection
- Template injection
- NoSQL injection
- Advanced SQL Injection
- Database enumeration
- Data extraction
- Command execution
- XSS Exploitation
- Cookie stealing
- Keylogging
- Phishing payloads
- File Inclusion
- Local File Inclusion (LFI)
- Remote File Inclusion (RFI)
- PHP wrapper exploitation
- Command Injection
- OS command execution
- Reverse shell establishment
- File system access
- Authentication Bypass
- SQL injection bypass
- Logic flaws exploitation
- Session manipulation
- Privilege Escalation
- Kernel exploits
- Misconfigured permissions
- Vulnerable services
- Network Enumeration
- Internal network scanning
- Service discovery
- Asset identification
- Data Exfiltration
- Database dumping
- File system access
- Configuration retrieval
- Persistence
- Backdoor placement
- Credential harvesting
- System monitoring
- Comprehensive HTML Reports
- Executive summary
- Technical details
- Proof of concept
- Remediation steps
- Risk ratings
- JSON Export
- Machine-readable format
- Integration-ready data
- Detailed scan results
- Database Storage
- Historical scan data
- Vulnerability tracking
- Progress monitoring
- Custom Templates
- Customisable report formats
- Brand-specific styling
- Multiple export options
Note: This tool is designed for educational purposes and authorised security testing only. Always obtain proper permission before testing any system or network.
penetration-testing-toolkit/
├── src/
│ ├── models/ # Database models
│ ├── utils/ # Utility functions
│ └── templates/ # HTML report templates
├── artifacts/
│ ├── logs/ # Log files
│ ├── db/ # Database files
│ └── reports/ # Generated reports
├── requirements.txt # Python dependencies
└── README.md # Project documentation
- Clone the repository:
git clone https://github.com/Sharma-IT/penetration-testing-toolkit.git
cd penetration-testing-toolkit
- Install required packages:
pip install -r requirements.txt
- Install the tool system-wide:
sudo chmod +x install.sh
sudo ./install.sh
This will install the pentest
command to your system, making it available globally.
- Clone the repository:
git clone https://github.com/Sharma-IT/penetration-testing-toolkit.git
cd penetration-testing-toolkit
- Install required packages:
pip install -r requirements.txt
You can use the tool in two ways:
- If installed system-wide, use the
pentest
command:
# Run vulnerability scan
pentest -t https://example.com -m scan
# Run information gathering with verbose output
pentest -t 192.168.1.1 -m info -v
# List demo targets
pentest -d
- If installed locally, run the Python script directly:
python src/main.py -t https://example.com -m scan
Available options:
-t, --target
: Specify target URL or IP address-m, --mode
: Choose operation mode:info
: Information Gatheringscan
: Vulnerability Scanmanual
: Manual Testingexploit
: Exploitationpost
: Post-Exploitationreport
: Generate Reportclear
: Clear Database
-d, --demo
: List available demo targets-v, --verbose
: Enable verbose output
To start the interactive menu:
# If installed system-wide:
pentest
# If installed locally:
python src/main.py
For safe testing, use these approved demo targets:
- Rate limiting implemented
- Safe demo mode with pre-approved targets
- Input validation
- Secure database handling
- Comprehensive logging
- Authorisation required for non-demo targets
- Use a VPN service
- Use a proxy server
- Use the Tor network
- Use a dedicated testing environment
Never use this tool without proper authorisation and appropriate security measures in place.
- Python 3.11+
- SQLAlchemy for database management
- Requests for HTTP operations
- BeautifulSoup4 for HTML parsing
- Jinja2 for report generation
- python-dotenv for environment variables
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature
) - Commit your changes (
git commit -m 'Add some AmazingFeature'
) - Push to the branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
This project is licensed under the GNU V.3.0 License - see the LICENSE file for details.
This tool is for educational purposes only. Always obtain proper authorisation before testing any target systems.