Skip to content
Minimal docker container of Parrot OS for running an automated scan & pentest report.
Branch: master
Clone or download
vishnudxb
vishnudxb automated pentest
Latest commit e4ba390 Mar 27, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore automated test Mar 26, 2019
Dockerfile
LICENSE
README.md automated pentest Mar 27, 2019
pentest.sh
volume.sh automated test Mar 26, 2019

README.md

automated-pentest

Creating a minimal docker container of Parrot OS for running an automated pentest.

This repo is for automated pentesting using parrot docker container.

This docker container can be used for auditing all standard security assessment for you.

There are more than 20 Modules has been Integrated with in the container which can be used for automated pentest.

Number Of Modules

  • Whois domain analyzer
  • Nslookup
  • Nmap
  • Uniscan
  • TheHarvester
  • Metagoofil
  • Dirb
  • DNSRecon
  • DNSmap
  • Wafw00f
  • Nikto
  • XssPy
  • XSStrike
  • WhatWeb
  • Wapiti
  • WPscan
  • Joomscan
  • Droopescan ( CMS Vulnerability Scanner WordPress, Joomla, Silverstripe, Drupal, And Moodle)
  • SSLScan
  • SSLyze
  • A2SV
  • WFuzz

Features

  • Intel-Gathering
  • Vulnerability Analysis
  • Security Auditing
  • OSINT
  • System Enumeration
  • Fuzzing
  • CMS Auditing
  • SSL Security Auditing
  • WAF Auditing
  • Intel-Gathering
  • On top of that, you can install your own packages, please check this repo

How to run it

Create a docker volume to store your automated pentest reports


▶ docker volume create pentest-reports

Now run the below commands if you want to play around with docker container in your local machine:



▶ git clone https://github.com/vishnudxb/automated-pentest.git && cd automated-pentest &&
  docker build -t=localhost/pentest . &&
  docker run -d --name pentest -d -v pentest-reports:/src -it localhost/pentest


Or download it from Dockerhub (Currently there are some issues with Dockerhub image build)


▶ docker run -d --name pentest -d -v pentest-reports:/src vishnunair/pentest:latest

Execute the pentest script inside the container like below:


▶ docker exec -it pentest bash

┌─[root@299c024d07ef]─[/src]
└──╼ #./pentest.sh -d example.com

All the reports can be seen in /src inside the container however you can also access it from your local machine.

If your docker host is Linux, you can find Docker volumes by /var/lib/docker/volumes path.


▶ docker volume inspect pentest-reports

However if you're using MacOs. Try to cd /var/lib/docker/volumes from your MacOS terminal, and you'll get nothing. You see, your Mac machine isn't a real Docker host.

So execute the below script to access the reports from your local machine path ~/Documents/ and you can use any browser to view the reports:


▶ bash ./volume.sh

Check your ~/Documents/src folder for the reports

You can’t perform that action at this time.