Skip to content
/ pentest-automation Public

⚡ Automated penetration testing framework. Streamline security assessments with intelligent automation, professional reporting, and CI/CD integration.

License

View license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Panda1847/pentest-automation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

⚡ Pentest Automation

Version License Platform Python Automation

Automated Penetration Testing Framework for Efficient Security Assessments

FeaturesInstallationModulesUsageWorkflows

🌟 Overview

Pentest Automation is a comprehensive framework that automates repetitive penetration testing tasks, streamlines assessment workflows, and generates professional reports. Built for efficiency without sacrificing thoroughness, this toolkit enables security professionals to focus on complex analysis while automation handles routine tasks.

🎯 Mission

Reduce manual effort in penetration testing by 70% through intelligent automation while maintaining the quality and depth of security assessments. Enable faster, more consistent, and more comprehensive testing.

🔬 What We Automate

  • Network Scanning - Automated discovery and enumeration
  • Vulnerability Assessment - Multi-scanner integration
  • Web Application Testing - Automated fuzzing and injection
  • Exploit Execution - Intelligent exploitation workflows
  • Post-Exploitation - Automated privilege escalation and data collection
  • Reporting - Professional report generation
  • Continuous Testing - Scheduled and triggered assessments
  • CI/CD Integration - DevSecOps pipeline integration

✨ Features

Core Capabilities

Feature Description Status
Auto-Recon Automated reconnaissance and enumeration ✅ Active
Vuln Scanning Multi-scanner vulnerability assessment ✅ Active
Web Testing Automated web app security testing ✅ Active
Exploit Automation Intelligent exploit selection and execution ✅ Active
Privilege Escalation Automated privesc enumeration ✅ Active
Credential Harvesting Automated password and hash collection ✅ Active
Report Generation Professional PDF/HTML reports ✅ Active
CI/CD Integration Jenkins, GitLab CI, GitHub Actions ✅ Active
API Testing Automated API security assessment ✅ Active
Cloud Security AWS, Azure, GCP security testing ✅ Active

🚀 Installation

Quick Start

# Clone the repository
git clone https://github.com/Panda1847/pentest-automation.git
cd pentest-automation

# Run setup
chmod +x setup.sh
./setup.sh

# Configure
cp configs/config.example.yaml configs/config.yaml
# Edit configs/config.yaml

# Run first scan
python3 pentest.py --target 192.168.1.0/24 --mode full

Prerequisites

  • Python 3.9+
  • Kali Linux or similar pentesting distro
  • Root/sudo access
  • 8GB RAM minimum
  • 50GB disk space

Docker Installation

# Build image
docker build -t pentest-automation .

# Run container
docker run -it --rm --network host pentest-automation

# Run scan
docker run -it pentest-automation python3 pentest.py --target example.com

🛠️ Modules

1. 🔍 Reconnaissance Module

Automated information gathering and enumeration.

# Full reconnaissance
python3 pentest.py --target example.com --module recon

# Specific recon types
python3 pentest.py --target example.com --recon subdomain,port,service

What it does:

  • Subdomain enumeration
  • Port scanning (Nmap, Masscan)
  • Service detection and versioning
  • OS fingerprinting
  • SSL/TLS analysis
  • DNS enumeration
  • WHOIS lookup
  • Technology detection

2. 🔓 Vulnerability Scanning Module

Multi-scanner vulnerability assessment.

# Full vulnerability scan
python3 pentest.py --target 192.168.1.100 --module vulnscan

# Specific scanners
python3 pentest.py --target 192.168.1.100 --scanners nessus,openvas,nuclei

Integrated Scanners:

  • Nessus (commercial)
  • OpenVAS
  • Nuclei
  • Nikto
  • WPScan
  • Custom CVE checks

3. 🌐 Web Application Testing Module

Automated web security testing.

# Full web app test
python3 pentest.py --target https://example.com --module webapp

# Specific tests
python3 pentest.py --target https://example.com --tests sqli,xss,xxe

Tests Included:

  • SQL Injection (SQLMap)
  • XSS (XSStrike)
  • XXE (custom)
  • SSRF (custom)
  • Command Injection (Commix)
  • Directory Traversal
  • File Upload vulnerabilities
  • Authentication bypass
  • Session management
  • CORS misconfigurations

4. 💥 Exploitation Module

Intelligent exploit selection and execution.

# Auto-exploit
python3 pentest.py --target 192.168.1.100 --module exploit --auto

# Manual exploit selection
python3 pentest.py --target 192.168.1.100 --exploit CVE-2021-44228

Features:

  • Automatic exploit matching
  • Metasploit integration
  • Custom exploit library
  • Payload generation
  • Exploit verification
  • Safe exploitation mode

5. 🔑 Post-Exploitation Module

Automated post-exploitation activities.

# Full post-exploitation
python3 pentest.py --session 1 --module postexploit

# Specific activities
python3 pentest.py --session 1 --postexploit privesc,creds,lateral

Activities:

  • Privilege escalation enumeration
  • Credential harvesting
  • Lateral movement
  • Persistence establishment
  • Data exfiltration
  • Network pivoting
  • Domain enumeration

6. 📊 Reporting Module

Professional report generation.

# Generate report
python3 pentest.py --report --input scan_results/ --output report.pdf

# Custom template
python3 pentest.py --report --template custom.html --output report.html

Report Formats:

  • PDF (professional)
  • HTML (interactive)
  • JSON (machine-readable)
  • Markdown (documentation)
  • CSV (data analysis)

📋 Automated Workflows

Full Network Pentest

python3 pentest.py --target 192.168.1.0/24 --workflow network-full

Workflow Steps:

  1. Network discovery
  2. Port scanning
  3. Service enumeration
  4. Vulnerability scanning
  5. Exploitation attempts
  6. Post-exploitation
  7. Report generation

Duration: 2-6 hours depending on network size

Web Application Assessment

python3 pentest.py --target https://example.com --workflow webapp-full

Workflow Steps:

  1. Technology detection
  2. Directory brute-forcing
  3. Parameter discovery
  4. Vulnerability scanning
  5. Injection testing
  6. Authentication testing
  7. Authorization testing
  8. Report generation

Duration: 1-4 hours depending on app size

External Perimeter Test

python3 pentest.py --target example.com --workflow external

Workflow Steps:

  1. Subdomain enumeration
  2. Port scanning
  3. Service identification
  4. Web application discovery
  5. Vulnerability assessment
  6. Exploitation
  7. Report generation

Duration: 3-8 hours

Internal Network Assessment

python3 pentest.py --target 10.0.0.0/8 --workflow internal

Workflow Steps:

  1. Network discovery
  2. Host enumeration
  3. Service scanning
  4. Vulnerability assessment
  5. Active Directory enumeration
  6. Credential attacks
  7. Lateral movement
  8. Report generation

Duration: 1-3 days

🎓 Usage Examples

Example 1: Quick Scan

# Fast scan of single host
python3 pentest.py --target 192.168.1.100 --mode quick

Example 2: Comprehensive Assessment

# Full assessment with all modules
python3 pentest.py --target example.com --mode full --output results/

Example 3: Web App Only

# Focus on web application
python3 pentest.py --target https://app.example.com --modules webapp --depth deep

Example 4: Scheduled Scanning

# Schedule daily scans
python3 pentest.py --target 192.168.1.0/24 --schedule daily --time 02:00

Example 5: CI/CD Integration

# .gitlab-ci.yml
security_scan:
  stage: test
  script:
    - python3 pentest.py --target $CI_ENVIRONMENT_URL --mode quick
    - python3 pentest.py --report --output security-report.pdf
  artifacts:
    paths:
      - security-report.pdf

Example 6: API Testing

# Test REST API
python3 pentest.py --target https://api.example.com --module api --swagger swagger.json

Example 7: Cloud Security

# AWS security assessment
python3 pentest.py --cloud aws --profile default --modules s3,iam,ec2

🔧 Configuration

Main Configuration

Edit configs/config.yaml:

# General Settings
scan_speed: normal  # slow, normal, fast, insane
threads: 10
timeout: 30
retry: 3

# Modules
modules:
  recon:
    enabled: true
    subdomain_tools: [subfinder, amass, assetfinder]
    port_scanner: nmap
    
  vulnscan:
    enabled: true
    scanners: [nuclei, nikto]
    severity_threshold: medium
    
  webapp:
    enabled: true
    tests: [sqli, xss, xxe, ssrf]
    depth: 3
    
  exploit:
    enabled: false  # Requires explicit enable
    auto_exploit: false
    verify_exploits: true

# Reporting
reporting:
  format: pdf
  template: professional
  include_screenshots: true
  executive_summary: true

# Notifications
notifications:
  slack:
    enabled: false
    webhook: ""
  email:
    enabled: false
    smtp_server: ""
    recipients: []

Module-Specific Config

Each module has detailed configuration in configs/modules/:

  • recon.yaml - Reconnaissance settings
  • vulnscan.yaml - Vulnerability scanning
  • webapp.yaml - Web application testing
  • exploit.yaml - Exploitation settings
  • postexploit.yaml - Post-exploitation

📊 Output & Reports

Scan Results Structure

results/
├── example.com/
│   ├── recon/
│   │   ├── subdomains.txt
│   │   ├── ports.xml
│   │   └── services.json
│   ├── vulnscan/
│   │   ├── nuclei_results.json
│   │   └── nikto_results.txt
│   ├── webapp/
│   │   ├── sqli_results.json
│   │   └── xss_results.json
│   └── report/
│       ├── report.pdf
│       ├── report.html
│       └── report.json

Report Contents

  1. Executive Summary

    • High-level findings
    • Risk assessment
    • Recommendations

  2. Technical Details

    • Vulnerability descriptions
    • Proof of concepts
    • Remediation steps

  3. Appendices

    • Scan logs
    • Tool outputs
    • Screenshots

🔄 CI/CD Integration

GitHub Actions

name: Security Scan
on: [push, pull_request]

jobs:
  pentest:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Run Pentest
        run: |
          docker run pentest-automation \
            python3 pentest.py --target ${{ secrets.TARGET_URL }} --mode quick

Jenkins

pipeline {
    agent any
    stages {
        stage('Security Scan') {
            steps {
                sh 'python3 pentest.py --target ${TARGET_URL} --mode quick'
            }
        }
    }
}

GitLab CI

security_scan:
  stage: test
  script:
    - python3 pentest.py --target $CI_ENVIRONMENT_URL
  artifacts:
    reports:
      security: security-report.json

⚠️ Legal & Ethical Use

✅ Authorized Use

  • Systems you own
  • Authorized penetration tests
  • Bug bounty programs
  • Security research (authorized)
  • Educational environments

❌ Prohibited Use

  • Unauthorized systems
  • Without written permission
  • Illegal activities
  • Malicious purposes
  • Violating laws or policies

📜 Authorization

Always obtain written authorization before testing:

Authorization Letter Template:

I, [Name], authorize [Tester] to conduct security testing on:
- Systems: [List]
- IP Ranges: [List]
- Domains: [List]
- Timeframe: [Dates]
- Scope: [Details]

Signature: _______________
Date: _______________

🛡️ Safety Features

Built-in Safeguards

  • Dry-run mode - Test without execution
  • Safe mode - Avoid destructive tests
  • Rate limiting - Prevent DoS
  • Scope validation - Stay within boundaries
  • Backup prompts - Confirm dangerous actions
  • Logging - Audit trail of all actions

Safe Mode

# Run in safe mode (no exploitation)
python3 pentest.py --target example.com --safe-mode

# Dry run (show what would be done)
python3 pentest.py --target example.com --dry-run

📚 Documentation

Comprehensive documentation in docs/:

Document Description
SETUP.md Installation guide
MODULES.md Module documentation
WORKFLOWS.md Workflow guides
API.md API documentation
CICD.md CI/CD integration
LEGAL.md Legal guidelines

🤝 Contributing

Contributions welcome! We need:

  • 🔧 New modules
  • 🐛 Bug fixes
  • 📝 Documentation
  • 💡 Feature ideas
  • 🎯 Workflow templates
  • 🔌 Tool integrations

See CONTRIBUTING.md for guidelines.

🔄 Updates

Latest (v1.0.0 - January 2026)

  • ✅ Core automation framework
  • ✅ 6 main modules
  • ✅ 10+ automated workflows
  • ✅ Professional reporting
  • ✅ CI/CD integration

Roadmap

v1.1 (Q2 2026)

  • Machine learning exploit selection
  • Cloud-native testing
  • Container security
  • Mobile app testing

v2.0 (Q4 2026)

  • Web interface
  • Collaborative testing
  • Real-time dashboards
  • AI-powered analysis

📜 License

MIT License - see LICENSE for details.

Disclaimer: For authorized security testing only. Unauthorized use is illegal.

🙏 Acknowledgments

  • Offensive Security - Kali Linux and tools
  • Metasploit - Exploitation framework
  • OWASP - Web security standards
  • Security Community - Tools and techniques

📞 Support

⚡ Automate Testing. Accelerate Security. ⚡

Test Responsibly. Automate Ethically. Secure Continuously.

⬆ Back to Top

About

⚡ Automated penetration testing framework. Streamline security assessments with intelligent automation, professional reporting, and CI/CD integration.

Topics

security automation tools exploit reporting hacking cybersecurity nmap pentesting cicd kali-linux offensive-security red-team devsecops vulnerability-scanner

Resources

Readme

License

View license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published