PhantomStrike is a modular Red Team recon and pentest semi-automation framework. It integrates Nmap, Shodan, Metasploit RPC, SSH brute force, DNS recon, FTP probing, and a full CVE/EDB/MSF VulnDB into a single terminal-driven interface built for authorized engagements.
Forked from penta, security-audited and rebuilt by krypthane — Red Team Operator from Mexico 🇲🇽.
╔══════════════════════════════════════════════════════════════════╗
║ PhantomStrike v1.0 — Module Map ║
╠══════════════════════════════════╦═══════════════════════════════╣
║ RED TEAM RECON ║ VULNDB ║
╠══════════════════════════════════╬═══════════════════════════════╣
║ [01] Port Scan ║ [01] Daily Report ║
║ [02] Nmap Deep Scan + Scripts ║ [02] View Saved Reports ║
║ [03] HTTP Options Audit ║ [03] Fetch CVEs (NVD) ║
║ [04] DNS Recon (WHOIS + records)║ [04] Fetch Exploits (EDB) ║
║ [05] Shodan Intelligence ║ [05] Fetch MSF Modules ║
║ [06] FTP Anonymous Login Test ║ [06] Database Query ║
║ [07] SSH Brute Force ╚═══════════════════════════════╣
║ [08] Metasploit RPC ║ ║
║ [09] Change Target ║ ║
╚══════════════════════════════════╩═══════════════════════════════╝
Full security audit and patch by krypthane
| ID | File | Bug | Severity | Fix |
|---|---|---|---|---|
| BUG-01 | scan_ftp.py |
self.nmsc → NameError crash |
🔴 HIGH | Fixed → self.nm |
| BUG-02 | penta.py |
str.strip('http://') removes chars, not prefix |
🟡 MED | Fixed → str.removeprefix() |
| BUG-03 | penta.py |
ip_menu() / report_menu() infinite recursion |
🔴 HIGH | Fixed → while loops |
| BUG-04 | scan_nmap.py scan_dns.py |
logging.warn() deprecated since Python 3.2 |
🟢 LOW | Fixed → logging.warning() |
| BUG-05 | scan_ssh.py |
ProcessPoolExecutor — paramiko not picklable |
🔴 HIGH | Fixed → ThreadPoolExecutor |
| BUG-06 | scan_nmap.py |
is_online() KeyError has no return False |
🟡 MED | Fixed → explicit return False |
| BUG-07 | utils.py |
get_local_ip() hardcoded wlan0, Linux-only |
🟡 MED | Fixed → cross-platform socket method |
| BUG-08 | config.py |
yaml.BaseLoader allows arbitrary objects |
🟡 MED | Fixed → yaml.SafeLoader |
| BUG-09 | penta.py |
os.system('clear') |
🟢 LOW | Fixed → subprocess.run() |
| BUG-10 | scan_shodan.py |
Crash on init if config.yaml missing |
🟡 MED | Fixed → graceful fallback |
git clone https://github.com/wavegxz-design/PhantomStrike
cd PhantomStrike
pip install -r requirements.txt
cp config_example.yaml config.yaml
# Fill in your API keys in config.yaml
python penta/phantomstrike.py -vv# config.yaml — never commit this file
SHODAN_API_KEY: "your_key_here" # shodan.io
GITHUB_TOKEN: "your_token_here" # GitHub API
METASPLOIT:
MODULE_PATH: "/usr/share/metasploit-framework"
MSGRPC_PASS: "your_msfrpc_password"
MYSQL:
USER: "root"
PASS: "yourpassword"
HOST: "localhost"
DB_NAME: "phantomstrike"
config.yamlis in.gitignore— it will never be committed.
# Standard
python penta/phantomstrike.py -vv
# Verbose debug
python penta/phantomstrike.py -vvv
# With proxy
python penta/phantomstrike.py -vv --proxy 127.0.0.1:8080 ██████╗ ██╗ ██╗ █████╗ ███╗ ██╗████████╗ ██████╗ ███╗ ███╗
██╔══██╗██║ ██║██╔══██╗████╗ ██║╚══██╔══╝██╔═══██╗████╗ ████║
...
╔══ PHANTOMSTRIKE — MAIN MENU ════════════════════╗
> [01] IP-based Recon & Attack Modules
[02] VulnDB — CVE / Exploits / Metasploit
[00] Exit
PhantomStrike/
├── penta/
│ ├── phantomstrike.py ← Main launcher (rebuilt)
│ ├── config.py ← Config loader (SafeLoader fix)
│ ├── fetch/ ← CVE / EDB / MSF fetchers
│ ├── lib/
│ │ ├── utils.py ← Cross-platform utils (fixed)
│ │ ├── menu.py ← Arrow-key interactive menu
│ │ ├── db.py ← SQLAlchemy VulnDB
│ │ └── models.py ← DB models
│ └── modules/
│ ├── scan_nmap.py ← Nmap scanner (fixed)
│ ├── scan_ssh.py ← SSH brute force (ThreadPool fix)
│ ├── scan_ftp.py ← FTP anonymous (NameError fix)
│ ├── scan_dns.py ← DNS recon (warn fix)
│ ├── scan_shodan.py ← Shodan intel (graceful init)
│ ├── scan_msf.py ← Metasploit RPC
│ ├── inspector.py ← HTTP options checker
│ └── report_vuln.py ← Vulnerability reporter
├── data/
│ ├── dict/ ← SSH/FTP wordlists
│ ├── msf/ ← MSF module DB
│ └── shodan/ ← Shodan queries
├── config_example.yaml ← Template (copy → config.yaml)
└── requirements.txt
git checkout -b feat/module-name
git commit -m "feat: [module] — description"
git push origin feat/module-nameBefore PR:
- No hardcoded API keys
- No
shell=Truewith user input - No infinite recursion in menu loops
- Tested on Linux
For AUTHORIZED security research and penetration testing ONLY.
✅ Authorized engagements (signed scope)
✅ CTF competitions
✅ Bug bounty programs (within scope)
✅ Personal lab environments
❌ Unauthorized scanning or exploitation
❌ Any illegal activity under local or international law
The author assumes NO responsibility for misuse.
 |
krypthane — Red Team Operator & Open Source Developer 📍 Mexico 🇲🇽 UTC-6 "Know the attack to build the defense." |
