## https://sploitus.com/exploit?id=5BE3AB4A-BD57-5241-9B24-E2EB6B40D355
Python Penetration Testing Toolkit
A Python-based penetration testing toolkit that combines multiple basic security assessment techniques into a single command-line application. This project is designed for educational use and demonstrates how common penetration testing tasks are implemented programmatically using Python.
Overview
The toolkit provides several commonly used penetration testing features such as port scanning, banner grabbing, directory brute forcing, SQL injection testing, XSS testing, hash cracking, and subdomain enumeration. Each module is accessible through a simple menu-driven interface, making the tool easy to understand and use for beginners in cybersecurity.
Features
TCP port scanning on common service ports
Banner grabbing for service identification
Directory brute force discovery
SQL Injection vulnerability testing
Cross-Site Scripting (XSS) detection
MD5 hash cracking using a wordlist
Subdomain enumeration
Tools and Techniques Included
Port Scanner
Scans common ports to identify open services on a target system.
Banner Grabbing
Retrieves service banners to identify running applications and versions.
Directory Bruteforce
Attempts to discover hidden directories using a predefined wordlist.
SQL Injection Scanner
Tests URL parameters for basic SQL injection vulnerabilities.
XSS Scanner
Checks for reflected cross-site scripting vulnerabilities.
Hash Cracker
Attempts to crack MD5 hashes using a simple dictionary attack.
Subdomain Enumeration
Identifies valid subdomains associated with a target domain.
Requirements
Python 3.7 or higher
requests
beautifulsoup4
Install dependencies:
pip install requests beautifulsoup4
Usage
Run the program:
python toolkit.py
Follow the on-screen menu and provide the required inputs for each module.
Disclaimer
This tool is intended strictly for educational purposes and authorized penetration testing only. Performing security testing on systems without permission is illegal and unethical. The author is not responsible for misuse of this software.
Future Improvements
Advanced port scanning with threading
Support for POST-based SQL injection testing
Stored XSS detection
Larger and customizable wordlists
Exportable scan reports