Pentest Assistant

A comprehensive automated security testing tool that helps identify potential security vulnerabilities and misconfigurations in web applications.

🚀 Quick Start

# Clone the repository
git clone https://github.com/narasimhauppala/automate-pentesting-app.git

# Navigate to directory
cd pentest-assistant

# Install requirements
pip install -r requirements.txt

# Run the tool
python pentest_assistant.py -t example.com

Features

1. Reconnaissance

• Subdomain Enumeration

  • DNS bruteforce with multiple resolvers
  • Zone transfer checks
  • Certificate Transparency logs
  • Search engine discovery
  • Wildcard detection
  • CNAME chain following
  • Multiple data sources (VirusTotal, ThreatCrowd, DNSDumpster)

• Port Scanning

  • Service detection
  • Version identification
  • Common port checks
  • SYN scan support
  • Banner grabbing

• DNS Analysis

  • Record enumeration (A, AAAA, MX, TXT, etc.)
  • Zone transfer attempts
  • SPF and DMARC validation
  • DNS security checks

• WHOIS Information

  • Registration details
  • Nameservers
  • Contact information
  • Expiration dates

• Employee Information

  • LinkedIn profile discovery
  • Email pattern identification
  • Job titles and roles
  • Social media presence

• Technology Detection

  • Web technologies
  • Framework identification
  • CMS detection
  • Server software
  • Cloud services (AWS, Azure, GCP)

2. Web Analysis

• Header Analysis

  • Security header checks
  • Information disclosure
  • Cookie security
  • Server fingerprinting

• Directory Scanning

  • Common directories
  • Backup files
  • Sensitive files
  • Configuration files

• Security Headers

  • HSTS
  • CSP
  • X-Frame-Options
  • XSS Protection
  • CORS policies

3. Vulnerability Assessment

• SSL/TLS Analysis

  • Certificate validation
  • Protocol versions
  • Cipher suites
  • Common vulnerabilities

• WAF Detection

  • Firewall fingerprinting
  • Protection mechanisms
  • Bypass possibilities

• CORS Checks

  • Misconfiguration detection
  • Security policy assessment
  • Origin validation

• HTTP Methods

  • Dangerous method detection
  • Method enumeration
  • Security impact assessment

4. Additional Features

• Historical Data

  • Wayback Machine integration
  • Old content discovery
  • Backup file finding
  • Domain history

• Screenshot Capture

  • Visual site documentation
  • Error page detection
  • UI analysis

• Email Security

  • SPF record validation
  • DMARC configuration
  • Email pattern discovery

Configuration

The tool uses a configuration file (modules/utils/config.py) for customizing:

• Scanning timeouts
• Thread counts
• Wordlists
• API keys (Shodan, VirusTotal)
• Request headers
• File patterns
• Security checks

Output Format

• Color-coded findings by severity
• Progress bars for real-time status
• Organized results by category
• Detailed vulnerability descriptions
• Summary reports
• JSON export support

Dependencies

• python-whois
• shodan
• dnspython
• requests
• beautifulsoup4
• builtwith
• colorama
• python-nmap
• pyOpenSSL
• selenium
• webdriver-manager
• lxml
• tqdm
• waybackpy

Security Notes

• Always obtain proper authorization before scanning
• Some features may trigger security controls
• Use responsibly and ethically
• Follow local security testing regulations
• Some tests may be blocked by WAFs
• Rate limiting may apply to certain checks

Error Handling

• SSL certificate verification options
• Configurable timeouts
• Failed module isolation
• Detailed error messages
• Retry mechanisms

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Development Guidelines

• Follow PEP 8 style guide
• Add docstrings to new modules
• Include error handling
• Update the config file if needed
• Add tests for new features

License

This project is licensed under the MIT License - see the LICENSE file for details.

Disclaimer

This tool is for educational purposes only. Users are responsible for complying with applicable laws and regulations.