Build Status

automated-pentest

Creating a minimal docker container of Parrot OS for running an automated scan report.

This docker container can be used for auditing all standard security assessment for you.

There are more than 20 Modules has been Integrated with in the container which can be used for automated pentest.

Number Of Modules

Whois domain analyzer
Nslookup
Nmap
Uniscan
TheHarvester
Metagoofil
Dirb
DNSRecon
DNSmap
Wafw00f
Nikto
XssPy
XSStrike
WhatWeb
Wapiti
WPscan
Joomscan
Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
SSLScan
SSLyze
A2SV
WFuzz

Features

Intel-Gathering
Vulnerability Analysis
Security Auditing
OSINT
System Enumeration
Fuzzing
CMS Auditing
SSL Security Auditing
WAF Auditing
Intel-Gathering
On top of that, you can install your own packages, please check this repo

How to run it

Create a docker volume to store your automated pentest reports


▶ docker volume create pentest-reports

Download it from Dockerhub and run it on your system


▶ docker run -d --name pentest -d -v pentest-reports:/src vishnunair/pentest:latest

Or run the below commands if you want to play around with docker container in your local machine:



▶ git clone https://github.com/vishnudxb/automated-pentest.git && cd automated-pentest &&
  docker build -t=localhost/pentest . &&
  docker run -d --name pentest -d -v pentest-reports:/src -it localhost/pentest

Execute the pentest script inside the container like below:


▶ docker exec -it pentest bash

┌─[[email protected]]─[/src]
└──╼ #./pentest.sh --help

Usage: sh pentest.sh [OPTION]...
  -d, --domain   Provide your DOMAIN domain.
  -h, --help     Display help file

┌─[[email protected]]─[/src]
└──╼ #./pentest.sh -d example.com

All the reports can be seen in /src inside the container however you can also access it from your local machine.

If your docker host is Linux, you can find Docker volumes by /var/lib/docker/volumes path.


▶ docker volume inspect pentest-reports

However if you're using MacOs. Try to cd /var/lib/docker/volumes from your MacOS terminal, and you'll get nothing. You see, your Mac machine isn't a real Docker host.

So execute the below script to access the reports from your local machine path `~/Documents/` and you can use any browser to view the reports:


▶ bash ./volume.sh

Check your ~/Documents/src folder for the reports

Legal disclaimer:

Usage of this automated pentest for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes.

Project Name	Stars	Most Recent Commit	Total Releases	Latest Release	Open Issues	License	Language
Docker	5,818	2 days ago			40	mit	Dockerfile
Docker official jenkins repo
Docker Gc	5,108	2 years ago			23	apache-2.0	Shell
INACTIVE: Docker garbage collection of containers and images
Kubernetes Handbook	4,980	3 days ago				other	Makefile
Kubernetes Handbook （Kubernetes指南） https://kubernetes.feisky.xyz
Docker	4,597	18 hours ago			395	agpl-3.0	Shell
⛴ Docker image of Nextcloud
Docker Airflow	3,589	2 months ago			269	apache-2.0	Shell
Docker Apache Airflow
Docker Openldap	3,176	a year ago			302	mit	Shell
A docker image to run OpenLDAP 🐳
Dockercheatsheet	3,031	3 years ago				mit
🐋 Docker Cheat Sheet 🐋
Dry	2,674	23 days ago	13	November 19, 2021	31	mit	Go
dry - A Docker manager for the terminal @
Swarmpit	2,602	7 days ago			150	epl-1.0	Clojure
Lightweight mobile-friendly Docker Swarm management UI
Docui	2,227	a year ago	1	March 03, 2021	11	mit	Go
TUI Client for Docker

Automated Pentest