Giter Club home page Giter Club logo

penta's Introduction

penta (PENTest + Automation tool) t

Penta is is Pentest automation tool using Python3.

(Future!) It provides advanced features such as metasploit and nexpose to extract vuln info found on specific servers.

demo

Installation

Install requirements

penta requires the following packages.

  • Python3.7
  • pipenv

Resolve python package dependency.

$ pipenv install

If you dislike pipenv...

$ pip install -r requirements.txt

Usage

$ pipenv run start <options>

If you dislike pipenv...

$ python penta/penta.py

Usage: List options

$ pipenv run start -h
usage: penta.py [-h] [-target TARGET] [-ports PORTS] [-proxy PROXY]

Penta is Pentest automation tool

optional arguments:
  -h, --help      show this help message and exit
  -target TARGET  Specify target IP / domain
  -ports PORTS    Please, specify the target port(s) separated by comma.
                  Default: 21,22,25,80,110,443,8080
  -proxy PROXY    Proxy[IP:PORT]

Usage: Main menu

[ ] === MENU LIST ===========================================
[0] EXIT
[1] Port scanning Default: 21,22,25,80,110,443,8080
[2] Nmap & vuln scanning
[3] Check HTTP option methods
[4] Grab DNS server info
[5] Shodan host search
[6] FTP connect with anonymous
[7] SSH connect with Brute Force
[8] Metasploit Frame Work
[99] Change target host

  1. Port scanning
    To check ports for a target. Log output supported.

  2. Nmap
    To check ports by additional means using nmap

  3. Check HTTP option methods
    To check the methods (e.g. GET,POST) for a target.

  4. Grab DNS server info
    To show the info about DNS server.

  5. Shodan host search
    To collect host service info from Shodan.
    Request Shodan API key to enable the feature.

  6. FTP connect with anonymous
    To check if it has anonymous access activated in port 21.
    FTP users can authenticate themselves using the plain text sign-in protocol (Typically username and password format), but they can connect anonymously if the server is configured to allow it. Anyone can log in to the server if the administrator has allowed an FTP connection with an anonymous login.

  7. SSH connect with Brute Force
    To check ssh connection to scan with Brute Force.
    Dictionary data is in data/dict.

  8. Metasploit Frame Work [Auto Scan is Future Work!!!] To check useful msf modules from opened ports. Module DB is in data/msf/module_list.db

penta's People

Contributors

takuzoo3868 avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.