Share
## https://sploitus.com/exploit?id=C9630E62-98D9-5582-A1CA-033A27C6BB44
# Pentest Scripts - Unified Security Testing Framework
## ๐ฏ Quick Start - Interactive Console
The framework provides an **interactive console interface** for easy testing:
```bash
# Start interactive framework
python start.py
```
### Interactive Console Commands:
Once started, you'll see an interactive menu:
```
pentest> set https://target.example.com # Set target URL
pentest> help # Show all modules help
pentest> help cloud-crypto # Show specific module help
pentest> 1 # Run cloud-crypto test
pentest> owasp-test # Run OWASP testing
pentest> exit # Exit framework
```
### Available Tests (Interactive Menu):
1. **cloud-crypto** - Infrastructure & Cloud Security Testing
2. **owasp-test** - OWASP Top 10 Complete Testing
3. **owasp-exploit** - OWASP Exploitation Attempts
4. **aggressive** - Aggressive Penetration Testing
5. **web-scan** - Advanced Web Application Testing
6. **exploit-found** - Exploit Found Vulnerabilities
7. **owasp-suite** - Combined OWASP Suite (All Tests)
### Alternative: Direct Command Line
You can also run tests directly without interactive mode:
```bash
python pentest.py cloud-crypto --url https://target.example.com
python pentest.py owasp-test
python pentest.py aggressive
```
## ๐ Available Test Modules
### ๐ Infrastructure & Cloud Security (`cloud-crypto`)
- **DNS reconnaissance** - Subdomain discovery, DNS records
- **TLS/HTTPS analysis** - Certificate validation, cipher suites
- **Port scanning** - Open ports, service enumeration
- **HTTP security headers** - CSP, HSTS, X-Frame-Options
- **External tool integration** - Nikto, Nmap (optional with `--extra`)
### ๐ก๏ธ OWASP Top 10 Testing (`owasp-test`)
- **A01: Broken Access Control** - IDOR, privilege escalation
- **A02: Cryptographic Failures** - Weak encryption, sensitive data
- **A03: Injection** - SQLi, XSS, command injection
- **A04: Insecure Design** - Business logic flaws
- **A05: Security Misconfiguration** - Debug endpoints, default credentials
- **A06: Vulnerable Components** - Outdated libraries
- **A07: Authentication Failures** - Weak auth mechanisms
- **A08: Software Integrity** - Insecure deserialization
- **A09: Logging Failures** - Insufficient monitoring
- **A10: Server-Side Request Forgery** - SSRF vulnerabilities
### โก OWASP Exploitation (`owasp-exploit`)
- **Active exploitation attempts** of discovered vulnerabilities
- **SQL injection payloads** with automated testing
- **Cross-site scripting** proof-of-concepts
- **Authentication bypass** techniques
- **Privilege escalation** attempts
### ๐ฅ Aggressive Pentesting (`aggressive`)
- **OTP brute force** with intelligent patterns
- **Account enumeration** via timing attacks
- **Session hijacking** analysis
- **Clickjacking** vulnerability checks
- **CSRF** protection testing
- **Race condition** exploitation
- **Information disclosure** discovery
- **JWT token** security analysis
### ๐ต๏ธ Advanced Web Testing (`web-scan`)
- **Content analysis** and information gathering
- **Cookie security** assessment
- **CORS misconfiguration** detection
- **XSS vulnerability** scanning
- **SQL injection** testing
- **Directory enumeration**
- **Rate limiting** analysis
- **Open redirect** detection
### ๐ Vulnerability Exploitation (`exploit-found`)
- **Refresh token theft** attempts
- **Session fixation** attacks
- **Token replay** vulnerabilities
- **CSRF exploitation** with generated PoCs
### ๐ช JWT Security Testing
- **Algorithm confusion** attacks
- **None algorithm** exploitation
- **Weak secret** brute force
- **Claim manipulation** attempts
### ๐จโ๐ผ Professional Multi-Tool Pentesting
- **Nmap integration** for port scanning
- **Nikto web scanning**
- **SQLMap injection testing**
- **Directory enumeration** tools
- **Fuzzing** attacks
- **SSL/TLS configuration** analysis
## โ๏ธ Configuration
### Environment Variables
```bash
# Set target URLs (optional, defaults to example.com)
export PENTEST_BASE_URL="https://target.example.com"
export PENTEST_BACKEND_API="https://api.example.com"
```
### Authentication
Place authentication tokens in:
- `saved_cookies.json` - Session cookies for authenticated testing
- `saved_storage.json` - Local storage data
## ๐ Reporting
All modules generate detailed JSON reports with:
- **Timestamped findings** with severity levels
- **Vulnerability details** and proof-of-concepts
- **Remediation recommendations**
- **PoC files** for exploits (saved to `/tmp/`)
Example report location: `cloud_crypto_results.json`
## ๐ Usage Examples
### Interactive Console Workflow (Recommended)
```bash
# Start interactive framework
python start.py
# In the interactive console:
pentest> set https://your-target.com # Set target
pentest> help # View all available tests
pentest> help cloud-crypto # Get detailed info about specific test
pentest> 1 # Run infrastructure testing (cloud-crypto)
pentest> 2 # Run OWASP Top 10 testing
pentest> 7 # Run complete OWASP suite
pentest> exit # Exit when done
```
### Full Pentest Session Example
```bash
$ python start.py
๐ INTERACTIVE PENETRATION TESTING FRAMEWORK ๐
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Available Commands:
1. cloud-crypto - Infrastructure & Cloud Security Testing
2. owasp-test - OWASP Top 10 Complete Testing
3. owasp-exploit - OWASP Exploitation Attempts
4. aggressive - Aggressive Penetration Testing
5. web-scan - Advanced Web Application Testing
6. exploit-found - Exploit Found Vulnerabilities
7. owasp-suite - Combined OWASP Suite (All Tests)
set - Set target URL
help - Show detailed help for all modules
help - Show help for specific module
clear - Clear screen
exit - Exit framework
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
pentest> set https://target.example.com
โ
Target URL set to: https://target.example.com
pentest> help cloud-crypto
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ Infrastructure & Cloud Security Testing
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[Detailed module information displayed here]
pentest> 1
๐ Starting cloud-crypto against https://target.example.com...
[Test execution...]
โ
Cloud/Crypto pentest finished. Report: cloud_crypto_results.json
pentest> owasp-test
๐ Starting owasp-test against https://target.example.com...
[Test execution...]
โ
OWASP testing completed
pentest> exit
๐ Exiting framework. Stay safe!
```
### Direct Command Line (Alternative)
```bash
# Quick single-test execution
python pentest.py cloud-crypto --url https://target.example.com
python pentest.py owasp-test
python pentest.py aggressive
```
## ๐ ๏ธ Requirements
Install dependencies:
```bash
pip install -r requirements.txt
```
Optional external tools (for enhanced scanning):
```bash
# Install on Ubuntu/Debian
sudo apt-get install nmap nikto
# Install on macOS
brew install nmap nikto
```
## โ ๏ธ Important: Legal and Safety
**All personal data has been sanitized:**
- โ
Tokens replaced with `[REDACTED_TOKEN]`
- โ
IP addresses replaced with `[REDACTED_IP]`
- โ
Domains replaced with `example.com`
- โ
Phones replaced with `[REDACTED_PHONE]`
- โ
Emails replaced with `[REDACTED_EMAIL]`
**Usage requirements:**
- โ ๏ธ **Only for legal testing of systems you own**
- โ ๏ธ **Requires explicit permission from system owner**
- โ ๏ธ **Unauthorized use is illegal and prosecutable**
## ๐ Project Structure
```
pentest/
โโโ start.py # ๐ Interactive console (MAIN ENTRY POINT)
โโโ pentest.py # Direct CLI (alternative interface)
โโโ pentestkit/ # Configuration utilities
โ โโโ config.py # URL and token management
โ โโโ __init__.py # Package exports
โโโ pentest_cloud_crypto.py # Infrastructure security
โโโ pentest_advanced.py # Advanced web testing
โโโ pentest_aggressive.py # Aggressive pentesting
โโโ owasp_suite.py # Consolidated OWASP testing
โโโ test_owasp_top10_complete.py # OWASP Top 10 tests
โโโ exploit_all_owasp.py # OWASP exploitation
โโโ exploit_found_vulns.py # Found vulnerability exploits
โโโ jwt_exploitation_real.py # JWT security testing
โโโ professional_pentest_v2.py # Multi-tool pentesting
```
### Key Files:
- **`start.py`** - ๐ฏ **Interactive console interface** (recommended for users)
- User-friendly menu-driven interface
- Built-in help system for all modules
- Interactive target URL configuration
- Command shortcuts (1-7 for quick access)
- **`pentest.py`** - Direct command-line interface (for automation/scripts)
- Accepts command-line arguments
- Suitable for CI/CD integration
- **`pentestkit/config.py`** - Centralized configuration
- Shared by all modules
- Manages URLs and authentication tokens
## ๐ฏ Testing Workflow
### Recommended: Interactive Console Approach
```bash
# Step 1: Start interactive framework
python start.py
# Step 2: Set target URL
pentest> set https://target.example.com
# Step 3: Get help on available tests
pentest> help
# Step 4: Run infrastructure reconnaissance
pentest> cloud-crypto
# or
pentest> 1
# Step 5: Run web application testing
pentest> web-scan
# or
pentest> 5
# Step 6: Run comprehensive OWASP assessment
pentest> owasp-suite
# or
pentest> 7
# Step 7: Review results and exit
pentest> exit
```
### Alternative: Direct CLI for Automation
```bash
# Run tests via direct command line
python pentest.py cloud-crypto --url https://target.example.com
python pentest.py web-scan --url https://target.example.com
python pentest.py owasp-suite --url https://target.example.com
```
## ๐ Module Integration
All modules share:
- **Centralized configuration** via `pentestkit.config`
- **Unified authentication** handling
- **Consistent reporting** format
- **Modular architecture** for easy extension