βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
ββββββ β ββ ββββββ ββββββ βββ ββββββ ββββββ ββββββ βββ ββββββ ββββββββββββ
ββββ βββ ββ βββββββ β βββββββ βββββββ ββ β βββ β ββββ βββββββ ββββ ββββββββ βββ ββ
ββββ βββββββ βββββββ βββ βββββ ββββββββ ββββ β ββββ ββββ ββββββββ ββββ ββββββββ ββββ ββ
βββββββ ββββ βββββββββββ βββββββ βββββ βββ β β ββββββββββ βββββ βββ ββββββββ ββββ β
ββββ β βββββββββ ββββ ββββββββ β βββββββββββββββββββββββββββββ β ββββββββββ βββββββββββ ββββ β
ββββ β βββββ β β β ββ ββββββββ β ββ βββ βββ ββ ββ βββ β βββββ β ββ βββ ββ ββββββ ββ β ββ
ββ β ββββ β β ββ β ββββ β β β β β β β ββ ββ β βββ β β β β β β β ββ β β β
ββ βββ β β ββ β ββ β β β β β β ββ β β β β β β β β β
β β β β β β β β β β β β
β β
β Automation Framework with Dual Interface β
β By d0sf3t β
β Search. Select. Exploit. β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Pure Python pentesting framework for tool/workflow efficiency, with an emphasis on usability
Quick Start β’ Key Features β’ Installation β’ Wiki
PurpleSploit is a modular offensive security framework with both CLI and a web interface, largely modeled off metasploit framework, with many similar, common/shared commands for ease of use and familiarity.
Given targets and/or credentials:
Step A. Add targeting:
1. `targets select` --> `creds select`
2. `targets add` --> `creds add`
Step B. Select a command to run:
3. `module select` -> `run op#`
4. `search {object}` --> `use {module}` --> `run op#`
From 0-point (no targets, no creds):
Step A. Target Discovery: `module select` --> type `nmap` --> select scan & run
Step B. Target Selection: `services` --> pick a target from scan results --> `targets select`
Step C. Target Enumeration: `module select` -> `run op#` OR `search {object}` --> `use {module}` --> `run op#`
Key Commands Like metasploit, but with fzf for interactive select menus. To search for and select modules, you can use the traditional msf method, or use the interactive menu by adding select at the end of the command:
Add and manage targets, credentials, and wordlists. The context manager is made up of a series of sqlite databases that manages the context for the entire framework. No more "set RHOST" per modules. Select a target, select a credential, and it will be applied to all modules automatically.
Context items can be added, modified, selected, and cleared. For example:
Simply type {command} clear to clear the database.
Credentials and targets can be added, modified, listed, and selected interactively by appending the command after (ex. creds modify, targets select, etc.)
Add Targets or Credentials:
purplesploit > creds add username password domain
purplesploit > targets add IP_addrModify Target or Credential:
purplesploit > creds/targets modify
List Targets or Credentials:
purplesploit > creds/targets listTargets, credentials, and modules can be selected interactively with fzf. This feature includes type search, so you can either select by navigating with keyboard/mouse or by typing keywords:
Use arrow keys to navigate, Enter to select.
Available Commands:
clear- Clear screenhistory- Command historystats- Framework statisticsdefaults <cmd>- Manage default optionsdeploy- Show deployment modulesdeploy <type>- Load specific deploymentwebserver start/stop/status- Web portal controlligolo- Launch ligolo-ng (Ctrl+D to return)shell- Local shell (Ctrl+D to return)
Deployment Utility The deployment utility offers an automated method of deploying C2 beacons, ligolo agents, and scripts (ex. LinPEAS, WinPEAS, etc.).
Ligolo
Typing ligolo will drop you into a ligolo proxy shell. Press CTRL+D to go back to purplesploit cli.
Purplesploit diverges from metasploit by using a two-tier structure with modules and operations. Modules represent the broader category, while operations are the switch-level differences within similar commands (ex. nxc_ssh module, individual ssh command differences are operations). Purplesploit was architected in this way to declutter while providing the largest amount of options.
Context Awareness If a search results in only one result, that result is automatically selected as the current module.
Workflows:
- Search for module or operation-->
use module--> ops -->run op# module select--> type term --> scroll --> Enter --> ops -->run op#
Usage To select modules:
use module_name
use {# of module}Then:
run {# of operation}Searching can be performed at the operation level as well, by typing:
ops {term}
ops smb authOperations will be shown when selecting a module, but can shown again by typing ops
Execute with: run <number> or run <operation_name>
All context objects can be listed by running show {command} - ex. show modules:
and growing!
Purplesploit features an automated nmap parsing and detection capability. After running a scan, the results are parsed and added to purplesploit's database as targets and services.
IPs with open ports will automatically be added to the targets list, and services will be logged and viewable by typing:
show services
Full terminal interface accessible via browser, showing same CLI commands and workflow.
Quick module loading:
purplesploit > quick <module>All-in-one workflow:
purplesploit > go <tgt> <cred>Show statistics:
purplesploit > statsDisplays counts for modules, categories, targets, and credentials.
- Web Portal & API Server: Comprehensive web interface with real-time target visualization at
http://localhost:5000 - Webserver Command: Launch web portal in background with
webserver start- continue using CLI while server runs - Real-time Database Sync: Changes in CLI instantly appear in web portal and vice versa
- Dropdown Auto-Completion: Context-aware command suggestions with enhanced dropdown menu
- Pure Python: Completely rewritten in Python for better performance and maintainability
- Dynamic Completions: Auto-complete includes modules, targets, and common operations
- Ligolo Integration: Seamless proxy tunneling with
ligolocommand - Shell Access: Quick localhost shell access with
shellcommand
# Core dependencies
apt install fzf ripgrep python3
# Pentesting tools - recommended use with kali or parrot. Tools used include:
```bash
netexec
wfuzz
sqlmap
feroxbuster
nmap
impacket
httpx| Feature | Description |
|---|---|
| Auto-Completion | Enhanced dropdown menu with context-aware suggestions |
| Navigation | Type commands or use interactive selectors with {} |
| Speed | Instant command execution with fuzzy search |
| Scripting | Full Python API for automation |
| Search | search, ops, {} for finding anything |
| History | Command history with suggestions from past commands |
π Wiki - Complete Documentation
- Commands Reference - All commands with tables
- Framework Guide - Architecture and concepts
- Web Portal Guide - Web interface and API
- Quick Start - Get started in 5 minutes
- Contributing - Add your own modules
- Changelog - Version history
- Disclaimer - Legal and authorized use
See Contributing Guide for full module development guide.
We welcome contributions! See CONTRIBUTING.md for:
- Adding new tools and modules
- Improving existing operations
- Documentation updates
- Bug reports and features
CC BY-NC-SA 4.0 (Non-Commercial) - See LICENSE for details.
Free to use, modify, and share for non-commercial purposes. Commercial use requires permission.
Built with excellent open-source tools:
- FZF - Fuzzy finder magic
- NetExec - Network execution
- Impacket - Protocol implementations
- And many more!
Report Issue β’ Documentation β’ Discussions