Share
## https://sploitus.com/exploit?id=6A04D1C3-9C6E-5AC3-A5F3-68285C408A74
# โก Pentest Automation





**Automated Penetration Testing Framework for Efficient Security Assessments**
[Features](#-features) โข [Installation](#-installation) โข [Modules](#-modules) โข [Usage](#-usage) โข [Workflows](#-workflows)
---
## ๐ Overview
Pentest Automation is a comprehensive framework that automates repetitive penetration testing tasks, streamlines assessment workflows, and generates professional reports. Built for efficiency without sacrificing thoroughness, this toolkit enables security professionals to focus on complex analysis while automation handles routine tasks.
### ๐ฏ Mission
Reduce manual effort in penetration testing by 70% through intelligent automation while maintaining the quality and depth of security assessments. Enable faster, more consistent, and more comprehensive testing.
### ๐ฌ What We Automate
- **Network Scanning** - Automated discovery and enumeration
- **Vulnerability Assessment** - Multi-scanner integration
- **Web Application Testing** - Automated fuzzing and injection
- **Exploit Execution** - Intelligent exploitation workflows
- **Post-Exploitation** - Automated privilege escalation and data collection
- **Reporting** - Professional report generation
- **Continuous Testing** - Scheduled and triggered assessments
- **CI/CD Integration** - DevSecOps pipeline integration
---
## โจ Features
### Core Capabilities
| Feature | Description | Status |
|---------|-------------|--------|
| **Auto-Recon** | Automated reconnaissance and enumeration | โ
Active |
| **Vuln Scanning** | Multi-scanner vulnerability assessment | โ
Active |
| **Web Testing** | Automated web app security testing | โ
Active |
| **Exploit Automation** | Intelligent exploit selection and execution | โ
Active |
| **Privilege Escalation** | Automated privesc enumeration | โ
Active |
| **Credential Harvesting** | Automated password and hash collection | โ
Active |
| **Report Generation** | Professional PDF/HTML reports | โ
Active |
| **CI/CD Integration** | Jenkins, GitLab CI, GitHub Actions | โ
Active |
| **API Testing** | Automated API security assessment | โ
Active |
| **Cloud Security** | AWS, Azure, GCP security testing | โ
Active |
---
## ๐ Installation
### Quick Start
```bash
# Clone the repository
git clone https://github.com/Panda1847/pentest-automation.git
cd pentest-automation
# Run setup
chmod +x setup.sh
./setup.sh
# Configure
cp configs/config.example.yaml configs/config.yaml
# Edit configs/config.yaml
# Run first scan
python3 pentest.py --target 192.168.1.0/24 --mode full
```
### Prerequisites
- Python 3.9+
- Kali Linux or similar pentesting distro
- Root/sudo access
- 8GB RAM minimum
- 50GB disk space
### Docker Installation
```bash
# Build image
docker build -t pentest-automation .
# Run container
docker run -it --rm --network host pentest-automation
# Run scan
docker run -it pentest-automation python3 pentest.py --target example.com
```
---
## ๐ ๏ธ Modules
### 1. ๐ Reconnaissance Module
Automated information gathering and enumeration.
```bash
# Full reconnaissance
python3 pentest.py --target example.com --module recon
# Specific recon types
python3 pentest.py --target example.com --recon subdomain,port,service
```
**What it does:**
- Subdomain enumeration
- Port scanning (Nmap, Masscan)
- Service detection and versioning
- OS fingerprinting
- SSL/TLS analysis
- DNS enumeration
- WHOIS lookup
- Technology detection
### 2. ๐ Vulnerability Scanning Module
Multi-scanner vulnerability assessment.
```bash
# Full vulnerability scan
python3 pentest.py --target 192.168.1.100 --module vulnscan
# Specific scanners
python3 pentest.py --target 192.168.1.100 --scanners nessus,openvas,nuclei
```
**Integrated Scanners:**
- Nessus (commercial)
- OpenVAS
- Nuclei
- Nikto
- WPScan
- Custom CVE checks
### 3. ๐ Web Application Testing Module
Automated web security testing.
```bash
# Full web app test
python3 pentest.py --target https://example.com --module webapp
# Specific tests
python3 pentest.py --target https://example.com --tests sqli,xss,xxe
```
**Tests Included:**
- SQL Injection (SQLMap)
- XSS (XSStrike)
- XXE (custom)
- SSRF (custom)
- Command Injection (Commix)
- Directory Traversal
- File Upload vulnerabilities
- Authentication bypass
- Session management
- CORS misconfigurations
### 4. ๐ฅ Exploitation Module
Intelligent exploit selection and execution.
```bash
# Auto-exploit
python3 pentest.py --target 192.168.1.100 --module exploit --auto
# Manual exploit selection
python3 pentest.py --target 192.168.1.100 --exploit CVE-2021-44228
```
**Features:**
- Automatic exploit matching
- Metasploit integration
- Custom exploit library
- Payload generation
- Exploit verification
- Safe exploitation mode
### 5. ๐ Post-Exploitation Module
Automated post-exploitation activities.
```bash
# Full post-exploitation
python3 pentest.py --session 1 --module postexploit
# Specific activities
python3 pentest.py --session 1 --postexploit privesc,creds,lateral
```
**Activities:**
- Privilege escalation enumeration
- Credential harvesting
- Lateral movement
- Persistence establishment
- Data exfiltration
- Network pivoting
- Domain enumeration
### 6. ๐ Reporting Module
Professional report generation.
```bash
# Generate report
python3 pentest.py --report --input scan_results/ --output report.pdf
# Custom template
python3 pentest.py --report --template custom.html --output report.html
```
**Report Formats:**
- PDF (professional)
- HTML (interactive)
- JSON (machine-readable)
- Markdown (documentation)
- CSV (data analysis)
---
## ๐ Automated Workflows
### Full Network Pentest
```bash
python3 pentest.py --target 192.168.1.0/24 --workflow network-full
```
**Workflow Steps:**
1. Network discovery
2. Port scanning
3. Service enumeration
4. Vulnerability scanning
5. Exploitation attempts
6. Post-exploitation
7. Report generation
**Duration:** 2-6 hours depending on network size
### Web Application Assessment
```bash
python3 pentest.py --target https://example.com --workflow webapp-full
```
**Workflow Steps:**
1. Technology detection
2. Directory brute-forcing
3. Parameter discovery
4. Vulnerability scanning
5. Injection testing
6. Authentication testing
7. Authorization testing
8. Report generation
**Duration:** 1-4 hours depending on app size
### External Perimeter Test
```bash
python3 pentest.py --target example.com --workflow external
```
**Workflow Steps:**
1. Subdomain enumeration
2. Port scanning
3. Service identification
4. Web application discovery
5. Vulnerability assessment
6. Exploitation
7. Report generation
**Duration:** 3-8 hours
### Internal Network Assessment
```bash
python3 pentest.py --target 10.0.0.0/8 --workflow internal
```
**Workflow Steps:**
1. Network discovery
2. Host enumeration
3. Service scanning
4. Vulnerability assessment
5. Active Directory enumeration
6. Credential attacks
7. Lateral movement
8. Report generation
**Duration:** 1-3 days
---
## ๐ Usage Examples
### Example 1: Quick Scan
```bash
# Fast scan of single host
python3 pentest.py --target 192.168.1.100 --mode quick
```
### Example 2: Comprehensive Assessment
```bash
# Full assessment with all modules
python3 pentest.py --target example.com --mode full --output results/
```
### Example 3: Web App Only
```bash
# Focus on web application
python3 pentest.py --target https://app.example.com --modules webapp --depth deep
```
### Example 4: Scheduled Scanning
```bash
# Schedule daily scans
python3 pentest.py --target 192.168.1.0/24 --schedule daily --time 02:00
```
### Example 5: CI/CD Integration
```yaml
# .gitlab-ci.yml
security_scan:
stage: test
script:
- python3 pentest.py --target $CI_ENVIRONMENT_URL --mode quick
- python3 pentest.py --report --output security-report.pdf
artifacts:
paths:
- security-report.pdf
```
### Example 6: API Testing
```bash
# Test REST API
python3 pentest.py --target https://api.example.com --module api --swagger swagger.json
```
### Example 7: Cloud Security
```bash
# AWS security assessment
python3 pentest.py --cloud aws --profile default --modules s3,iam,ec2
```
---
## ๐ง Configuration
### Main Configuration
Edit `configs/config.yaml`:
```yaml
# General Settings
scan_speed: normal # slow, normal, fast, insane
threads: 10
timeout: 30
retry: 3
# Modules
modules:
recon:
enabled: true
subdomain_tools: [subfinder, amass, assetfinder]
port_scanner: nmap
vulnscan:
enabled: true
scanners: [nuclei, nikto]
severity_threshold: medium
webapp:
enabled: true
tests: [sqli, xss, xxe, ssrf]
depth: 3
exploit:
enabled: false # Requires explicit enable
auto_exploit: false
verify_exploits: true
# Reporting
reporting:
format: pdf
template: professional
include_screenshots: true
executive_summary: true
# Notifications
notifications:
slack:
enabled: false
webhook: ""
email:
enabled: false
smtp_server: ""
recipients: []
```
### Module-Specific Config
Each module has detailed configuration in `configs/modules/`:
- `recon.yaml` - Reconnaissance settings
- `vulnscan.yaml` - Vulnerability scanning
- `webapp.yaml` - Web application testing
- `exploit.yaml` - Exploitation settings
- `postexploit.yaml` - Post-exploitation
---
## ๐ Output & Reports
### Scan Results Structure
```
results/
โโโ example.com/
โ โโโ recon/
โ โ โโโ subdomains.txt
โ โ โโโ ports.xml
โ โ โโโ services.json
โ โโโ vulnscan/
โ โ โโโ nuclei_results.json
โ โ โโโ nikto_results.txt
โ โโโ webapp/
โ โ โโโ sqli_results.json
โ โ โโโ xss_results.json
โ โโโ report/
โ โโโ report.pdf
โ โโโ report.html
โ โโโ report.json
```
### Report Contents
1. **Executive Summary**
- High-level findings
- Risk assessment
- Recommendations
2. **Technical Details**
- Vulnerability descriptions
- Proof of concepts
- Remediation steps
3. **Appendices**
- Scan logs
- Tool outputs
- Screenshots
---
## ๐ CI/CD Integration
### GitHub Actions
```yaml
name: Security Scan
on: [push, pull_request]
jobs:
pentest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run Pentest
run: |
docker run pentest-automation \
python3 pentest.py --target ${{ secrets.TARGET_URL }} --mode quick
```
### Jenkins
```groovy
pipeline {
agent any
stages {
stage('Security Scan') {
steps {
sh 'python3 pentest.py --target ${TARGET_URL} --mode quick'
}
}
}
}
```
### GitLab CI
```yaml
security_scan:
stage: test
script:
- python3 pentest.py --target $CI_ENVIRONMENT_URL
artifacts:
reports:
security: security-report.json
```
---
## โ ๏ธ Legal & Ethical Use
### โ
Authorized Use
- Systems you own
- Authorized penetration tests
- Bug bounty programs
- Security research (authorized)
- Educational environments
### โ Prohibited Use
- Unauthorized systems
- Without written permission
- Illegal activities
- Malicious purposes
- Violating laws or policies
### ๐ Authorization
Always obtain written authorization before testing:
```
Authorization Letter Template:
I, [Name], authorize [Tester] to conduct security testing on:
- Systems: [List]
- IP Ranges: [List]
- Domains: [List]
- Timeframe: [Dates]
- Scope: [Details]
Signature: _______________
Date: _______________
```
---
## ๐ก๏ธ Safety Features
### Built-in Safeguards
- **Dry-run mode** - Test without execution
- **Safe mode** - Avoid destructive tests
- **Rate limiting** - Prevent DoS
- **Scope validation** - Stay within boundaries
- **Backup prompts** - Confirm dangerous actions
- **Logging** - Audit trail of all actions
### Safe Mode
```bash
# Run in safe mode (no exploitation)
python3 pentest.py --target example.com --safe-mode
# Dry run (show what would be done)
python3 pentest.py --target example.com --dry-run
```
---
## ๐ Documentation
Comprehensive documentation in `docs/`:
| Document | Description |
|----------|-------------|
| [SETUP.md](docs/SETUP.md) | Installation guide |
| [MODULES.md](docs/MODULES.md) | Module documentation |
| [WORKFLOWS.md](docs/WORKFLOWS.md) | Workflow guides |
| [API.md](docs/API.md) | API documentation |
| [CICD.md](docs/CICD.md) | CI/CD integration |
| [LEGAL.md](docs/LEGAL.md) | Legal guidelines |
---
## ๐ค Contributing
Contributions welcome! We need:
- ๐ง New modules
- ๐ Bug fixes
- ๐ Documentation
- ๐ก Feature ideas
- ๐ฏ Workflow templates
- ๐ Tool integrations
See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
---
## ๐ Updates
### Latest (v1.0.0 - January 2026)
- โ
Core automation framework
- โ
6 main modules
- โ
10+ automated workflows
- โ
Professional reporting
- โ
CI/CD integration
### Roadmap
**v1.1** (Q2 2026)
- [ ] Machine learning exploit selection
- [ ] Cloud-native testing
- [ ] Container security
- [ ] Mobile app testing
**v2.0** (Q4 2026)
- [ ] Web interface
- [ ] Collaborative testing
- [ ] Real-time dashboards
- [ ] AI-powered analysis
---
## ๐ License
MIT License - see [LICENSE](LICENSE) for details.
**Disclaimer:** For authorized security testing only. Unauthorized use is illegal.
---
## ๐ Acknowledgments
- **Offensive Security** - Kali Linux and tools
- **Metasploit** - Exploitation framework
- **OWASP** - Web security standards
- **Security Community** - Tools and techniques
---
## ๐ Support
- ๐ [Documentation](docs/)
- ๐ [Issues](https://github.com/Panda1847/pentest-automation/issues)
- ๐ฌ [Discussions](https://github.com/Panda1847/pentest-automation/discussions)
---
**โก Automate Testing. Accelerate Security. โก**
**Test Responsibly. Automate Ethically. Secure Continuously.**
[โฌ Back to Top](#-pentest-automation)