Skip to content

Psychevus/pentest-toolkit

BranchesTags

Repository files navigation

🚀 Pentest Toolkit

CI PyPI Docker License

One-line Description

Pentest Toolkit orchestrates leading open-source scanning utilities to automate reconnaissance and vulnerability discovery.

Key Features

  • ✔️ Unified CLI for Subfinder, Httpx, Nuclei, Nmap, TestSSL and more
  • ✔️ JSON, HTML and PDF reporting
  • ✔️ Extensible plugin system for custom tools and notifiers
  • ✔️ Slack, Teams and Discord alerts
  • ✔️ Docker container and AWS Lambda compatible
  • ✔️ Distributed mode for horizontal scaling

Screenshots

Terminal screenshot

Installation

PyPI

pip install pentest-toolkit

Manual

git clone https://github.com/psychevus/pentest-toolkit.git
cd pentest-toolkit
pip install -r requirements.txt -r requirements-dev.txt

Docker

docker run --rm psychevus/pentest-toolkit --help

AWS Lambda

Deploy lambda_function.py with the PentestToolkitLambda IAM role and at least 2 minute timeout.

Quick Start

python main.py --target example.com --tools subfinder,httpx

Generated reports appear under output/ in JSON and optional HTML/PDF formats.

CLI Usage

Flag Description
--target Target domain or IP
--tools Comma separated list of modules
--report html, pdf, markdown or summary
--auto-install Attempt to install missing tools
--notify Send findings via Slack, Teams or Discord
--pipeline Feed one tool's output into the next
--distributed Offload work to remote runners
--ws-port WebSocket port for live results

Architecture Overview

subfinder --> httpx --> nuclei --> nmap --> testssl.sh

The toolkit loads each module dynamically and passes results through the pipeline above.

Plugins

Place Python modules inside plugins/ or set PENTEST_TOOLKIT_PLUGIN_DIR to load external plugins. Each plugin subclasses Module or Notifier to register automatically.

Output Formats

[
  {"type": "subdomain", "host": "api.example.com", "ip": "1.2.3.4"},
  {"type": "httpx", "url": "https://api.example.com", "status": 200}
]

HTML and PDF reports contain the same data in a user friendly format. See the output/ directory for examples.

Webhooks & Notifications

Use --notify slack or --notify teams to push findings. Payloads contain the JSON above and links to reports.

Docker Usage

docker run --rm -e PENTEST_TOOLKIT_PLUGIN_DIR=/plugins psychevus/pentest-toolkit target.com

AWS Lambda Support

Upload the repo with lambda_function.py as the entrypoint. Grant the function network permissions and set the timeout high enough for scanning.

Contributing

  1. Install deps with pip install -r requirements.txt -r requirements-dev.txt
  2. Run ruff check . and pytest -q
  3. Open a pull request explaining your changes

License

This project is licensed under the MIT license.

Credits / Maintainers

Maintained by psychevus. Consider sponsoring development if you find it useful.

About

Offensive toolkit for automated recon, fingerprinting, and target triage.

Topics

toolkit pentesting recon pentest-tool

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages