PentestToGo

Automated penetration testing toolkit installer with 500+ security tools

A comprehensive pimpmykali-style installer script that automatically installs and configures security tools for penetration testing, bug bounty hunting, and CTF competitions.

Author: Dennis Liu

Quick Start

# Clone the repository
git clone https://github.com/aldiharley/pentesttogo.git
cd pentesttogo

# Run the installer
sudo ./pentesttogo.sh

# Or install everything at once
sudo ./pentesttogo.sh --all

Features

• 500+ Security Tools - Comprehensive collection of pentest tools
• Interactive Menu - Easy-to-use category selection
• Multiple Install Methods - apt, pip, pipx, go install, cargo, git clone, binary downloads
• Organized Categories - Recon, Web, Fuzzing, Exploitation, CTF tools, and more
• Language Support - Go, Rust, Python (pip/pipx), Ruby
• Automation Frameworks - Secator, Incursore, ReconFTW, AutoRecon

Tool Categories

Category	Tools	Examples
Core Dependencies	40+	Go, Rust, Python, pip, pipx, build tools
Reconnaissance	60+	subfinder, amass, httpx, naabu, massdns
Web Scanning	50+	nuclei, nikto, wpscan, sqlmap, dalfox
Directory Fuzzing	15+	gobuster, ffuf, feroxbuster, dirsearch
Exploitation	40+	metasploit, sqlmap, commix, XSStrike
Post-Exploitation	30+	crackmapexec, evil-winrm, impacket, PEASS
Active Directory	25+	bloodhound, responder, mimikatz, netexec
Cloud Security	20+	prowler, scoutsuite, pacu, s3scanner
Container Security	15+	trivy, kube-bench, docker-bench-security
Wireless	20+	aircrack-ng, wifite, bettercap, fluxion
OSINT	30+	sherlock, theHarvester, spiderfoot, maigret
Forensics	20+	volatility3, autopsy, binwalk, yara
CTF Tools	80+	steghide, pwntools, hashcat, ROPgadget
Automation	10+	Secator, Incursore, ReconFTW, AutoRecon
Wordlists	5+	SecLists, PayloadsAllTheThings, rockyou

Usage

Interactive Menu

sudo ./pentesttogo.sh

Command Line Options

# Install all tools
sudo ./pentesttogo.sh --all

# Install specific categories
sudo ./pentesttogo.sh --prereq     # Prerequisites (Go, Rust, Python, pip, pipx)
sudo ./pentesttogo.sh --recon      # Reconnaissance tools
sudo ./pentesttogo.sh --vuln       # Vulnerability scanners
sudo ./pentesttogo.sh --webapp     # Web application tools
sudo ./pentesttogo.sh --exploit    # Exploitation tools
sudo ./pentesttogo.sh --passwd     # Password cracking tools
sudo ./pentesttogo.sh --wifi       # Wireless tools
sudo ./pentesttogo.sh --ad         # Active Directory tools
sudo ./pentesttogo.sh --cloud      # Cloud security tools
sudo ./pentesttogo.sh --container  # Container security tools
sudo ./pentesttogo.sh --mobile     # Mobile security tools
sudo ./pentesttogo.sh --forensics  # Forensics tools
sudo ./pentesttogo.sh --osint      # OSINT tools
sudo ./pentesttogo.sh --re         # Reverse engineering tools
sudo ./pentesttogo.sh --report     # Reporting tools
sudo ./pentesttogo.sh --ctf        # CTF tools
sudo ./pentesttogo.sh --auto       # Automation tools (Secator + Incursore)
sudo ./pentesttogo.sh --secator    # Secator only
sudo ./pentesttogo.sh --incursore  # Incursore only

# Show help
sudo ./pentesttogo.sh --help

New Automation Tools

Secator

Secator is a powerful task and workflow runner for security tools. It provides a unified interface for running 35+ security tools with support for distributed processing.

Features:

• Unified CLI for 35+ security tools
• Workflow orchestration
• Distributed processing with Celery
• Multiple output formats

Incursore

Incursore is an automated enumeration tool that evolved from nmapAutomator. It performs comprehensive reconnaissance on targets.

Features:

• Port scanning and service enumeration
• Web application scanning
• SMB/SNMP/LDAP enumeration
• CVE vulnerability detection
• Automated recon suggestions

CTF Tools Included

Steganography

• steghide, stegcracker, stegsolve, zsteg, jsteg
• openstego, outguess, snow, exiftool

Binary Exploitation / Pwn

• ROPgadget, ropper, one_gadget, checksec
• pwntools, patchelf, angr, gef, pwndbg, peda

Cryptography

• hashcat, john, hashid, RsaCtfTool
• ciphey, xortool, fcrackzip, pdfcrack

Forensics / PCAP

• wireshark, tshark, tcpdump, tcpflow
• scapy, bulk_extractor, volatility3

Requirements

• Linux (Debian/Ubuntu/Kali recommended)
• Root privileges (sudo)
• Internet connection
• ~50GB disk space (for full installation)

Installation Directories

Tools are installed to:

• /opt/alt-tools/ - Git repositories
• /usr/local/bin/ - Binaries and symlinks
• ~/go/bin/ - Go tools
• ~/.cargo/bin/ - Rust tools
• ~/.local/bin/ - pipx tools

Language Support

The installer automatically sets up:

• Go - golang from apt + environment configuration
• Rust - rustup + cargo
• Python - pip3 + pipx for isolated tool installation
• Ruby - ruby + ruby-dev

License

MIT License - See LICENSE for details.

Acknowledgments

Inspired by:

• pimpmykali
• reconftw
• secator
• incursore
• ProjectDiscovery tools
• HackTricks, CTF cheatsheets

Contributing

Pull requests welcome! Feel free to add more tools or improve the installer.

---

Use responsibly. Only test systems you have permission to test.