Skip to content
/ automated-pentest Public
forked from vishnudxb/automated-pentest

Minimal docker container of Parrot OS for running an automated scan & pentest report.

License

Apache-2.0 license
1 star 42 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

amazingkyoto/automated-pentest

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pentest.sh
pentest.sh
 
 
volume.sh
volume.sh
 
 

Repository files navigation

automated-pentest

Creating a minimal docker container of Parrot OS for running an automated scan report.

This docker container can be used for auditing all standard security assessment for you.

There are more than 20 Modules has been Integrated with in the container which can be used for automated pentest.

Number Of Modules

  • Whois domain analyzer
  • Nslookup
  • Nmap
  • Uniscan
  • TheHarvester
  • Metagoofil
  • Dirb
  • DNSRecon
  • DNSmap
  • Wafw00f
  • Nikto
  • XssPy
  • XSStrike
  • WhatWeb
  • Wapiti
  • WPscan
  • Joomscan
  • Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
  • SSLScan
  • SSLyze
  • A2SV
  • WFuzz

Features

  • Intel-Gathering
  • Vulnerability Analysis
  • Security Auditing
  • OSINT
  • System Enumeration
  • Fuzzing
  • CMS Auditing
  • SSL Security Auditing
  • WAF Auditing
  • Intel-Gathering
  • On top of that, you can install your own packages, please check this repo

How to run it

Create a docker volume to store your automated pentest reports


▶ docker volume create pentest-reports

Download it from Dockerhub and run it on your system


▶ docker run -d --name pentest -d -v pentest-reports:/src vishnunair/pentest:latest

Or run the below commands if you want to play around with docker container in your local machine:



▶ git clone https://github.com/vishnudxb/automated-pentest.git && cd automated-pentest &&
  docker build -t=localhost/pentest . &&
  docker run -d --name pentest -d -v pentest-reports:/src -it localhost/pentest

Execute the pentest script inside the container like below:

▶ docker exec -it pentest bash

┌─[root@299c024d07ef]─[/src]
└──╼ #./pentest.sh --help

Usage: sh pentest.sh [OPTION]...
  -d, --domain   Provide your DOMAIN domain.
  -h, --help     Display help file

┌─[root@299c024d07ef]─[/src]
└──╼ #./pentest.sh -d example.com

All the reports can be seen in /src inside the container however you can also access it from your local machine.

If your docker host is Linux, you can find Docker volumes by /var/lib/docker/volumes path.


▶ docker volume inspect pentest-reports

However if you're using MacOs. Try to cd /var/lib/docker/volumes from your MacOS terminal, and you'll get nothing. You see, your Mac machine isn't a real Docker host.

So execute the below script to access the reports from your local machine path ~/Documents/ and you can use any browser to view the reports:


▶ bash ./volume.sh

Check your ~/Documents/src folder for the reports

Legal disclaimer:

Usage of this automated pentest for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes.

About

Minimal docker container of Parrot OS for running an automated scan & pentest report.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 94.4%
  • Dockerfile 5.6%