GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → takuzoo3868 → Penta

takuzoo3868 / Penta

Licence: other
Open source all-in-one CLI tool to semi-automate pentesting.

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects

Labels

securityautomationnetworkscannerpentestnmapsecurity-automationmetasploitshodan

Projects that are alternatives of or similar to Penta

Jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+396.15%)
Mutual labels:  automation, network, scanner, pentest
Silver
Mass scan IPs for vulnerable services
Stars: ✭ 588 (+352.31%)
Mutual labels:  network, scanner, nmap, shodan
Nwatch
🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting
Stars: ✭ 127 (-2.31%)
Mutual labels:  network, scanner, nmap
Sec Tools
Docker images for infosec tools
Stars: ✭ 135 (+3.85%)
Mutual labels:  pentest, nmap, metasploit
Hackers Tool Kit
Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+62.31%)
Mutual labels:  network, pentest, metasploit
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+210%)
Mutual labels:  network, scanner, pentest
Bscan
an asynchronous target enumeration tool
Stars: ✭ 207 (+59.23%)
Mutual labels:  network, scanner, nmap
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+217.69%)
Mutual labels:  network, scanner, nmap
Reconspider
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+377.69%)
Mutual labels:  scanner, pentest, shodan
Pythem
pentest framework
Stars: ✭ 1,060 (+715.38%)
Mutual labels:  network, scanner, pentest
Findsploit
Find exploits in local and online databases instantly
Stars: ✭ 1,160 (+792.31%)
Mutual labels:  pentest, nmap, metasploit
Ansible For Network Engineers
Репозиторий книги "Ansible для сетевых инженеров". Книга в процессе переноса на readthedocs и обновления содержания на Ansible 2.9!
Stars: ✭ 74 (-43.08%)
Mutual labels:  automation, network
Nac bypass
Script collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-39.23%)
Mutual labels:  network, pentest
Cloudfail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+853.08%)
Mutual labels:  scanner, pentest
Pynms
A vendor-agnostic NMS for carrier-grade network simulation and automation
Stars: ✭ 73 (-43.85%)
Mutual labels:  automation, network
Vkbot
Простой разговорный бот на PHP
Stars: ✭ 88 (-32.31%)
Mutual labels:  automation, network
Netshot
Network Configuration and Compliance Management
Stars: ✭ 91 (-30%)
Mutual labels:  automation, network
Patrowldocs
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-19.23%)
Mutual labels:  automation, security-automation
Fi6s
IPv6 network scanner designed to be fast
Stars: ✭ 116 (-10.77%)
Mutual labels:  network, scanner
Cisco ios
Ansible Network Cisco IOS Provider Role
Stars: ✭ 72 (-44.62%)
Mutual labels:  automation, network
View All Similar Projects ➔

penta (PENTest + semi-Automation tool)

Penta is is Pentest semi-automation tool using Python3. It provides advanced features to extract vuln info found on specific servers. I'm now developing a scanning system using vuln-db.

Python 3.7+ Platforms License: MIT Wiki

demo

demo

Installation

Install requirements

penta requires the following packages.

  • Python3.7+
  • pipenv

Resolve python package dependency.

$ pipenv install

If you dislike pipenv

$ pip install -r requirements.txt

Usage

$ pipenv run start <options>
OR
$ python penta/penta.py <options>

Usage: List options

$ pipenv run start -h
usage: penta.py [-h] [-v] [--proxy PROXY]

Penta is Pentest semi-automation tool

optional arguments:
  -h, --help     show this help message and exit
  -v, --verbose  Increase verbosity logging level
  --proxy PROXY  Proxy[IP:PORT]

Main menu

======= MAIN MENU ===========================================
 >  Menu list for IP-based scan
    Menu list for building VulnDB
    [Exit]

IP based scan menu

======= PENTEST MENU LIST ===================================
 >  Port scan
    Nmap & vuln scan
    Check HTTP option methods
    Grab DNS server info
    Shodan host search
    FTP connect with anonymous
    SSH connect with Brute Force
    Metasploit Frame Work
    Change target host
    [Return]

  1. Port scanning
    Check the port status of the target host and identify the active service.

  2. Nmap
    Check ports by additional means using Nmap.

  3. Check HTTP option methods
    Check the methods (e.g. GET,POST) for a target host.

  4. Grab DNS server info
    Displays and retrieves DNS whois information and useful records.

  5. Shodan host search
    To collect host service info from Shodan.
    Request Shodan API key to enable the feature.

  6. FTP connect with anonymous
    To check if it has anonymous access activated in port 21.
    FTP users can authenticate themselves using the plain text sign-in protocol (Typically username and password format), but they can connect anonymously if the server is configured to allow it. Anyone can log in to the server if the administrator has allowed an FTP connection with an anonymous login.

  7. SSH connect with Brute Force
    To check ssh connection to scan with Brute Force.
    Dictionary data is in data/dict.

  8. Metasploit Frame Work [Auto Scan is Future Work]
    To check useful msf modules from opened ports.
    Module DB is in data/msf/module_list.db.
    Now, I have built a module list DB, and I am moving to a method to use it.

VulnDB construction menu

======= REPORT MENU LIST ====================================
 >  Daily report: CVE,EDB,MSF...
    View  report
    Fetch CVEs
    Fetch Exploits
    Fetch Msf modules
    Menu list for DB
    [Return]

  1. Generate a daily report
    Retrieves the changed CVE, Metasploit framework module, and the latest ExploitDB records via online and outputs the information to the terminal.

  2. View a report
    The vulnerability information recorded in the local DB vuln_db.sqlite3 is output to the terminal, without retrieving the information.

  3. Fetch CVEs
    Download the specified year's CVE from NVD Data Feeds and record it to the DB.

  4. Fetch Exploits (Experimental Features)
    Retrieves exploit information in ExploitDB from the online site.

  5. Fetch Metasploit framework modules
    Each module of msf contains hardcoded CVE information and other information that is useful for scanning. This feature aggregates the information recorded in each module, both online and offline, and provides an association with CVE and EDB.

Wiki

In case you have more question about penta, the wiki is very detailed and explains penta in great detail.

License

Penta is released under the MIT License, see LICENSE.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].