vishnudxb/automated-pentest vishnudxb/automated-pentest

  • Stars
    star
    185
  • Rank 208,271 (Top 5 %)
  • Language
    Shell
  • License
    Apache License 2.0
  • Created over 5 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
vishnudxb/automated-pentest
github

vishnudxb

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Minimal docker container of Parrot OS for running an automated scan & pentest report.
Build Status
Build and Push to Dockerhub

automated-pentest

Creating a minimal docker container of Parrot OS for running an automated scan report.

This docker container can be used for auditing all standard security assessment for you.

There are more than 20 Modules has been Integrated with in the container which can be used for automated pentest.

Number Of Modules

  • Whois domain analyzer
  • Nslookup
  • Nmap
  • Uniscan
  • TheHarvester
  • Metagoofil
  • Dirb
  • DNSRecon
  • DNSmap
  • Wafw00f
  • Nikto
  • XssPy
  • XSStrike
  • WhatWeb
  • Wapiti
  • WPscan
  • Joomscan
  • Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
  • SSLScan
  • SSLyze
  • A2SV
  • WFuzz

Features

  • Intel-Gathering
  • Vulnerability Analysis
  • Security Auditing
  • OSINT
  • System Enumeration
  • Fuzzing
  • CMS Auditing
  • SSL Security Auditing
  • WAF Auditing
  • Intel-Gathering
  • On top of that, you can install your own packages, please check this repo

How to run it

Create a docker volume to store your automated pentest reports


â–¶ docker volume create pentest-reports

Download it from Dockerhub and run it on your system


â–¶ docker run -d --name pentest -d -v pentest-reports:/src vishnunair/pentest:latest

Or run the below commands if you want to play around with docker container in your local machine:



â–¶ git clone https://github.com/vishnudxb/automated-pentest.git && cd automated-pentest &&
  docker build -t=localhost/pentest . &&
  docker run -d --name pentest -d -v pentest-reports:/src -it localhost/pentest

Execute the pentest script inside the container like below:

â–¶ docker exec -it pentest bash

┌─[root@299c024d07ef]─[/src]
└──╼ #./pentest.sh --help

Usage: sh pentest.sh [OPTION]...
  -d, --domain   Provide your DOMAIN domain.
  -h, --help     Display help file

┌─[root@299c024d07ef]─[/src]
└──╼ #./pentest.sh -d example.com

All the reports can be seen in /src inside the container however you can also access it from your local machine.

If your docker host is Linux, you can find Docker volumes by /var/lib/docker/volumes path.


â–¶ docker volume inspect pentest-reports

However if you're using MacOs. Try to cd /var/lib/docker/volumes from your MacOS terminal, and you'll get nothing. You see, your Mac machine isn't a real Docker host.

So execute the below script to access the reports from your local machine path ~/Documents/ and you can use any browser to view the reports:


â–¶ bash ./volume.sh

Check your ~/Documents/src folder for the reports

Legal disclaimer:

Usage of this automated pentest for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes.

More Repositories

1

docker-blackeye

Docker container for creating the phishing sites using Blackeye
Dockerfile
131
star
2

docker-mkcert

Docker container for creating valid local ssl certificates
Go
98
star
3

docker-eks

Docker container for creating AWS EKS Cluster
Shell
15
star
4

docker-redis-cluster

A small docker container for redis cluster
Ruby
14
star
5

redis-cluster

Github action for running a redis cluster for your workflow
Shell
9
star
6

ansible-dcos

Ansible playbook for dc/os
Shell
7
star
7

cancel-workflow

Cancel a workflow run if a job failed in Github Actions
Dockerfile
5
star
8

ansible-chaosmonkey

Ansible playbook for Chaos Monkey
4
star
9

aws-vpc-nat-gateway

Ansible Role for creating a VPC with Public subnet & Private subnet at Amazon Web Services AWS and enable NAT gateway for Private Subnet
Shell
3
star
10

kube-ignite

Kube config for Apache Ignite
2
star
11

docker-postgres-hll

A postgres container with hll extension
Dockerfile
2
star
12

tryansible

2
star
13

k8s-rabbitmq-clusters

RabbitMQ cluster running in Kubernetes with high availability
Python
2
star
14

ansible-wherehows

Ansible playbook to install Wherehows - Data Discovery and Lineage for Big Data Ecosystem.
Python
2
star
15

docker-evilginx2

Docker container for running Evilginx2
Dockerfile
2
star
16

redisbackup-to-s3

Taking the db dump from the AWS Elasticache (Redis) and copying it to AWS S3
Shell
2
star
17

terraform-openstack-lxc

Creating Openstack with LXC hypervisor using Terraform
HCL
1
star
18

webpagetest

Setup a Private Webpagetest Server and agents.
Smarty
1
star
19

kube-vegeta

Kubernetes for Vegeta
1
star
20

sshban

Control your SSH Logins
Shell
1
star
21

terraform-coreos

1
star
22

ambari-presto

Ansible role for installing Presto using Ambari Service
1
star
23

docker-node-thumbor

1
star
24

k8s-django

sample django app in K8s
1
star
25

docker-ignite

Docker Image for Apache Ignite
1
star
26

ansible-docker-registry

Ansible playbooks to create private docker registry in AWS
Python
1
star
27

clickhouse-db-cluster

Running a Clickhouse db cluster (2 shards / 2 replica) with Zookeeper
Shell
1
star