PentestKit is a professional penetration testing toolkit available in both Python and Bash versions. Designed for security professionals and bug bounty hunters, it automates comprehensive security assessments with detailed reporting.
π Python Version Python UI |
π» Bash Version Bash interactive UI |
Advanced toolkit with extensive features and PDF report generation.
Lightweight, native Linux toolkit with beautiful terminal UI and interactive menus.
| Feature | Python Version | Bash Version |
|---|---|---|
| Reconnaissance | β | β |
| Subdomain Enumeration | β | β |
| Port Scanning | β | β |
| SSL/TLS Analysis | β | β |
| Web Vulnerability Scanning | β | β |
| SQL Injection Testing | β | β |
| XSS Detection | β | β |
| HTML Report | β | β |
| PDF Report | β | β |
| JSON Report | β | β |
| Interactive Menu | β | β |
| Scan Profiles | β | β (Quick/Normal/Deep) |
| Progress Bars | β | β |
| Colored Output | β | β |
| Configuration File | β | β |
| Parallel Processing | β | β |
# Update system
sudo apt update
# Install core tools
sudo apt install -y \
python3 python3-pip \
nmap masscan nikto sqlmap gobuster \
whois dnsutils curl git jq bc \
sslscan wafw00f whatweb traceroute
# Install subfinder
GO111MODULE=on go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
# Python only: PDF generation
sudo apt install wkhtmltopdf
# Python dependencies
pip3 install requests jqgit clone https://github.com/therealilyas/pentest-toolkit.git
cd pentestkit
chmod +x pentestkit.py pentestkit.sh# Basic scan
python3 pentestkit.py https://example.com
# Custom output directory
python3 pentestkit.py https://example.com -o /path/to/output
# Verbose mode
python3 pentestkit.py https://example.com -v
# Help
python3 pentestkit.py --help# Run toolkit (interactive menu)
sudo ./pentestkit.sh
# Menu Navigation:
# 1. Set Target
# 2. Select Scan Profile (Quick/Normal/Deep)
# 3. Run Full Scan
# 4. Run Custom Scan (individual modules)
# 5. View Results
# 6. Generate Report
# 7. Check Tools
# 8. Configuration
# 9. About
# 0. Exitusage: pentestkit.py [-h] [-o OUTPUT] [-v] [--version] target
positional arguments:
target Target URL (http:// or https://)
optional arguments:
-h, --help Show help message
-o OUTPUT Custom output directory
-v, --verbose Enable verbose output
--version Show version number
# Interactive mode (recommended)
./pentestkit.sh
# Configuration file: ~/.pentest_toolkit.confpentestkit_example.com_20250103_120000/
βββ reconnaissance/
β βββ subdomains.txt
β βββ dns_info.txt
β βββ whois_info.txt
βββ port_scanning/
β βββ nmap_detailed.txt
β βββ nmap_quick.txt
βββ enumeration/
β βββ directories.txt
β βββ api_endpoints.txt
βββ vulnerabilities/
β βββ nikto_scan.txt
β βββ sqlmap.txt
β βββ ssl_scan.txt
βββ reports/
βββ security_report.html
βββ security_report.pdf
βββ scan_report.json
βββ executive_summary.txt
pentest_example.com_20250103_120000/
βββ whois.txt
βββ dns_*.txt
βββ subdomains_*.txt
βββ nmap_scan.txt
βββ open_ports.txt
βββ ssl_analysis.txt
βββ nikto_scan.txt
βββ http_headers.txt
βββ geolocation.json
βββ report.html
βββ results.txt
βββ scan.log
| Profile | Duration | Description |
|---|---|---|
| Quick | ~5 min | Fast reconnaissance, top 100 ports |
| Normal | ~15 min | Standard assessment, top 1000 ports |
| Deep | ~45 min | Comprehensive analysis, all ports |
- HTML report with modern design
- PDF report (print-ready)
- JSON data (machine-readable)
- Executive summary (text)
- CVSS scoring
- Detailed remediation steps
- Interactive HTML report with Tailwind CSS
- Risk scoring system (0-100)
- Color-coded severity levels
- Text summary report
- Real-time progress indicators
- Comprehensive logging
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β ββββββββββββ ββββββ βββ ββββββ ββββ βββ βββββββββββββββ β
β βββββββββββββ ββββββ ββββββββββββββββ βββββββββββββββββββ β
β ββββββ ββββββ βββββββββββββββββββββββββ ββββββ ββββββ β
β ββββββ βββββββββββββββββββββββββββββββββββββββ ββββββ β
β βββββββββββ βββββββββ ββββββ ββββββ ββββββββββββββββββββββ β
β βββββββββββ ββββββββ ββββββ ββββββ βββββ βββββββββββββββ β
β β
β Enhanced Bash Penetration Testing Toolkit v3.0 β
β Professional Security Assessment Suite β
β β
β Author: Ilyas Sultanov β
β GitHub: github.com/therealilyas β
β Email: ilyas.sultanov@accesa.uz β
β LinkedIn: linkedin.com/in/ilyas-sultanov β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
#!/bin/bash
targets=(
"https://example1.com"
"https://example2.com"
)
for target in "${targets[@]}"; do
python3 pentestkit.py "$target"
done# Run only specific modules
./pentestkit.sh
# Then select: 4. Run Custom Scan
# Choose individual modules: 1-6Edit ~/.pentest_toolkit.conf:
MAX_PARALLEL_JOBS=5
QUICK_SCAN_TIMEOUT=300
NORMAL_SCAN_TIMEOUT=600
DEEP_SCAN_TIMEOUT=1800| Level | CVSS | Color | Action |
|---|---|---|---|
| Critical | 9.0-10.0 | π΄ | Immediate |
| High | 7.0-8.9 | π | High Priority |
| Medium | 4.0-6.9 | π‘ | Medium Priority |
| Low | 0.1-3.9 | π’ | Low Priority |
| Info | 0.0 | π΅ | Informational |
This tool is for authorized security testing only.
β Allowed:
- Testing systems you own
- Testing with written permission
- Authorized penetration testing
- Educational purposes
β Prohibited:
- Unauthorized access
- Malicious activities
- Illegal testing
- Violation of laws
By using this tool, you agree to:
- Only conduct authorized testing
- Obtain proper permissions
- Follow responsible disclosure
- Comply with all laws
The author assumes no liability for misuse.
Contributions welcome!
- Fork the repository
- Create feature branch:
git checkout -b feature/NewFeature - Commit changes:
git commit -m 'Add NewFeature' - Push branch:
git push origin feature/NewFeature - Open Pull Request
Open an issue with:
- Description
- Steps to reproduce
- Expected vs actual behavior
- System information
- WordPress scanning
- Authenticated scans
- Docker support
- API endpoint
- Multi-threading (Python)
- Real-time notifications
- Metasploit integration
- Custom payloads
Tools Used:
- Nmap - Network scanning
- Masscan - Fast port scanner
- Subfinder - Subdomain discovery
- Gobuster - Directory brute-forcing
- Nikto - Web server scanner
- SQLMap - SQL injection
- SSLScan - SSL/TLS scanner
Learning:
MIT License - See LICENSE file
Copyright (c) 2025 Ilyas Sultanov
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND.
Ilyas Sultanov
- GitHub: @therealilyas
- Email: ilyas.sultanov@accesa.uz
- LinkedIn: ilyas-sultanov
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Email: ilyas.sultanov@accesa.uz
If you find this tool useful, please consider giving it a star! β
Made by Ilyas Sultanov (Security Research Team)
Back to top