Share
## https://sploitus.com/exploit?id=82CB25C3-5704-5BF0-A8CE-A7DAD1B4C695
# ๐ก๏ธ AutoPenTest โ Automated Penetration Testing Tool
> **โ ๏ธ DISCLAIMER: For educational and authorized testing purposes ONLY. Unauthorized use is illegal.**
A full-stack automated penetration testing tool built with Python (Flask) and modern web technologies. Designed as a final-year CSE diploma project demonstrating real-world cybersecurity concepts.
---
## ๐ธ Features
| Module | Description |
|--------|-------------|
| ๐ **Port Scanner** | Multi-threaded scan of 24 common ports |
| ๐ **Service Detector** | Banner grabbing to identify running services |
| โ ๏ธ **Vulnerability Scanner** | CVE-based vulnerability identification |
| ๐ **Brute Force Simulator** | Educational password attack simulation |
| ๐ก **Packet Sniffer** | Live network packet capture & analysis |
| ๐ **Report Generator** | Professional HTML security report |
| ๐ **Scan Logger** | JSON-based scan history logging |
---
## ๐๏ธ Project Structure
```
pentest_tool/
โโโ app.py # Flask web server
โโโ requirements.txt # Python dependencies
โโโ modules/
โ โโโ port_scanner.py # Socket-based port scanning
โ โโโ service_detector.py # Banner grabbing & service ID
โ โโโ vulnerability_scanner.py # Vulnerability database checks
โ โโโ brute_force.py # Brute force simulation
โ โโโ packet_sniffer.py # Network packet capture
โ โโโ report_generator.py # HTML report generation
โโโ templates/
โ โโโ index.html # Main web interface
โโโ static/
โ โโโ css/style.css
โ โโโ js/main.js
โโโ wordlists/
โ โโโ common_passwords.txt
โโโ logs/ # Scan history
โโโ reports/ # Generated HTML reports
```
---
## ๐ Installation & Setup
### Prerequisites
- Python 3.8+
- pip
### Step 1 โ Clone / Download the project
```bash
git clone https://github.com/yourusername/autopentest.git
cd autopentest
```
### Step 2 โ Create virtual environment (recommended)
```bash
python -m venv venv
# Windows
venv\Scripts\activate
# Linux / Mac
source venv/bin/activate
```
### Step 3 โ Install dependencies
```bash
pip install -r requirements.txt
```
### Step 4 โ Run the application
```bash
python app.py
```
### Step 5 โ Open in browser
```
http://127.0.0.1:5000
```
---
## ๐งช How to Use
1. Enter a **target IP or domain** (only systems you own or are authorized to test)
2. Choose a scan type:
- **Full Scan** โ Runs all modules automatically
- **Port Scan** โ Identifies open ports only
- **Vuln Scan** โ Checks for known vulnerabilities
- **Brute Force** โ Educational password simulation
- **Packet Sniff** โ Captures live packets (needs root)
3. View results in the tabbed interface
4. **Download Report** for a professional HTML security report
---
## ๐ฆ Dependencies
| Package | Purpose |
|---------|---------|
| `flask` | Web framework |
| `requests` | HTTP requests for header checks |
| `colorama` | Colored terminal output |
| `paramiko` | SSH client (brute force module) |
| `urllib3` | HTTP utilities |
---
## ๐ Educational Notes
This project demonstrates:
- **Socket programming** โ raw TCP/IP connections
- **Multi-threading** โ concurrent port scanning
- **Banner grabbing** โ service fingerprinting techniques
- **HTTP security analysis** โ header inspection
- **Password attack concepts** โ brute force mechanics
- **Report generation** โ professional documentation
- **REST API design** โ Flask route architecture
---
## โ๏ธ Legal & Ethical Notice
This tool is strictly for:
- Learning cybersecurity concepts
- Testing systems you **own** or have **written permission** to test
- Authorized penetration testing engagements
**Never** use this tool against systems without explicit authorization.
Unauthorized scanning violates:
- IT Act 2000 (India) โ Section 43, 66
- Computer Fraud and Abuse Act (USA)
- Computer Misuse Act (UK)
---
## ๐ค Author
**[Your Name]**
CSE Diploma โ Final Year Project
[Your College Name]
---
## ๐ License
MIT License โ For educational use only.