CalvinBackup/AutoPentestX
1
0
Fork 0
mirror of https://github.com/Gowtham-Darkseid/AutoPentestX.git synced 2026-03-26 17:30:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

commit

Browse Source
This commit is contained in:
gowtham-darkseid
2025-11-30 15:04:37 +05:30
parent 3a753ab948
commit 1eda662772
2 changed files with 355 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

267
QUICKSTART.md
View File

@@ -1,177 +1,261 @@
# AutoPentestX - Quick Start Guide
```
██╗ ██╗ █████╗ ██████╗██╗ ██╗██╗███╗ ██╗ ██████╗
██║ ██║██╔══██╗██╔════╝██║ ██╔╝██║████╗ ██║██╔════╝
███████║███████║██║ █████╔╝ ██║██╔██╗ ██║██║ ███╗
██╔══██║██╔══██║██║ ██╔═██╗ ██║██║╚██╗██║██║ ██║
██║ ██║██║ ██║╚██████╗██║ ██╗██║██║ ╚████║╚██████╔╝
╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚═╝╚═╝ ╚═══╝ ╚═════╝
A U T O P E N T E S T X Q U I C K S T A R T
```
## 🚀 Get Started in 5 Minutes
> ⚡ **SYSTEM STATUS**: OPERATIONAL | **SECURITY LEVEL**: MAXIMUM
> 🎯 **MISSION**: Penetrate. Exploit. Dominate.
### Step 1: Installation (2 minutes)
---
## ⚡ [PHASE 1] DEPLOYMENT SEQUENCE
### [1.1] System Initialization
```bash
# Navigate to the project directory
# >> ENTERING SYSTEM DIRECTORY...
cd AutoPentestX
# Run the automated installer
# >> EXECUTING DEPLOYMENT PROTOCOL...
chmod +x install.sh
./install.sh
```
The installer will:
- ✅ Install Nmap, Nikto, SQLMap
- ✅ Set up Python virtual environment
- ✅ Install all Python dependencies
- ✅ Create necessary directories
- ✅ Test the installation
**INSTALLER SEQUENCE:**
```
[▓▓▓▓▓▓▓▓▓▓] Installing Nmap, Nikto, SQLMap...
[▓▓▓▓▓▓▓▓▓▓] Configuring Python virtual environment...
[▓▓▓▓▓▓▓▓▓▓] Loading Python dependencies...
[▓▓▓▓▓▓▓▓▓▓] Creating system directories...
[▓▓▓▓▓▓▓▓▓▓] Running system diagnostics...
[✓] DEPLOYMENT COMPLETE
```
### Step 2: Run Your First Scan (1 minute)
## ⚡ [PHASE 2] ATTACK INITIATION
### [2.1] System Activation
```bash
# Activate the virtual environment
# >> ACTIVATING VIRTUAL ENVIRONMENT...
source venv/bin/activate
# Run a basic scan (replace with your authorized target)
# >> LAUNCHING ATTACK VECTOR (authorized targets only)
python3 main.py -t 127.0.0.1
# Or use the wrapper script
# >> ALTERNATIVE: RAPID DEPLOYMENT
./autopentestx.sh 127.0.0.1
```
### Step 3: View Your Report
```
╔═══════════════════════════════════════════════════════╗
║ [ATTACK STATUS] ║
║ → Target Acquired: 127.0.0.1 ║
║ → Systems: ONLINE ║
║ → Exploit Engine: ARMED ║
║ → Stealth Mode: ACTIVE ║
╚═══════════════════════════════════════════════════════╝
```
## ⚡ [PHASE 3] INTEL EXTRACTION
### [3.1] Access Report Data
After the scan completes, find your report:
```bash
# Reports are saved in the reports/ directory
# >> ACCESSING CLASSIFIED REPORTS...
ls -lh reports/
# Open the PDF report
# >> DECRYPTING VULNERABILITY REPORT...
xdg-open reports/AutoPentestX_Report_*.pdf
```
---
## 📋 Common Commands
## 🎮 [COMMAND ARSENAL]
### Basic Scan
### [CMD-001] Full Spectrum Attack
```bash
# >> INITIATING COMPLETE PENETRATION SEQUENCE
python3 main.py -t 192.168.1.100
```
### Quick Scan (Skip Web Testing)
### [CMD-002] Rapid Recon Mode
```bash
# >> STEALTH SCAN - WEB PAYLOADS DISABLED
python3 main.py -t 192.168.1.100 --skip-web
```
### Fast Scan (Skip Web and Exploitation)
### [CMD-003] Lightning Strike
```bash
# >> SPEED MODE - RECON ONLY
python3 main.py -t 192.168.1.100 --skip-web --skip-exploit
```
### Custom Tester Name
### [CMD-004] Custom Operator ID
```bash
# >> REGISTERING OPERATOR CREDENTIALS
python3 main.py -t 192.168.1.100 -n "Your Name"
```
### Get Help
### [CMD-HELP] System Manual
```bash
# >> ACCESSING SYSTEM DOCUMENTATION
python3 main.py --help
```
---
## 🎯 What You Get
## 💾 [DATA EXTRACTION COMPLETE]
After each scan, AutoPentestX generates:
```
┌─────────────────────────────────────────────────────────┐
│ [CLASSIFIED] - INTELLIGENCE PACKAGE GENERATED │
└─────────────────────────────────────────────────────────┘
```
1. **PDF Report** (in `reports/`)
- Executive summary
- Detailed findings
- Risk assessment
- Security recommendations
### [OUTPUT-001] 📄 Vulnerability Dossier (`reports/`)
```
⚠ CLASSIFIED DOCUMENT ⚠
├─ Executive Threat Summary
├─ Vulnerability Database
├─ Risk Matrix Analysis
└─ Remediation Protocols
```
2. **Database** (in `database/`)
- All scan data stored in SQLite
- Query and analyze historical scans
### [OUTPUT-002] 🗄️ Intel Database (`database/`)
```
⚡ PERSISTENT STORAGE ACTIVE
├─ Complete scan data in SQLite
├─ Historical attack patterns
└─ Query interface enabled
```
3. **Logs** (in `logs/`)
- Detailed execution logs
- Debugging information
### [OUTPUT-003] 📊 Operation Logs (`logs/`)
```
📡 REAL-TIME MONITORING
├─ Execution timestamps
├─ System diagnostics
└─ Debug traces
```
4. **Exploit Scripts** (in `exploits/`)
- Metasploit RC scripts for manual testing
### [OUTPUT-004] 💣 Exploit Arsenal (`exploits/`)
```
⚔️ WEAPONIZED PAYLOADS
├─ Metasploit RC scripts
├─ Manual exploitation tools
└─ Attack vector documentation
```
---
## ⚡ Performance Tips
## 🚀 [PERFORMANCE OPTIMIZATION]
### Fast Scan (5-10 minutes)
```
╔══════════════════════════════════════════════════════╗
║ ATTACK SPEED CONFIGURATIONS ║
╚══════════════════════════════════════════════════════╝
```
### [MODE-01] ⚡ LIGHTNING STRIKE (5-10 min)
```bash
# >> RECON ONLY - MAXIMUM SPEED
python3 main.py -t TARGET --skip-web --skip-exploit
```
**STATUS**: Rapid reconnaissance | Minimal footprint
### Standard Scan (10-20 minutes)
### [MODE-02] 🔥 TACTICAL ASSAULT (10-20 min)
```bash
# >> STANDARD PENETRATION - BALANCED APPROACH
python3 main.py -t TARGET --skip-exploit
```
**STATUS**: Full scan + web vulnerabilities | No exploitation
### Full Scan (20-30 minutes)
### [MODE-03] 💥 TOTAL ANNIHILATION (20-30 min)
```bash
# >> FULL SPECTRUM ATTACK - ALL SYSTEMS ENGAGED
python3 main.py -t TARGET
```
**STATUS**: Complete penetration testing | All modules active
---
## 🔧 Troubleshooting
## ⚠️ [SYSTEM DIAGNOSTICS]
### "Permission denied" errors
```
┌─────────────────────────────────────────────────┐
│ [ERROR HANDLER] - Common System Failures │
└─────────────────────────────────────────────────┘
```
### [ERROR-001] 🔐 ACCESS DENIED
```bash
# Some Nmap features require sudo
# >> ELEVATING PRIVILEGES...
sudo python3 main.py -t TARGET
```
**FIX**: Root access required for deep system penetration
### "Module not found" errors
### [ERROR-002] 🔌 MODULE FAILURE
```bash
# Ensure virtual environment is activated
# >> REACTIVATING VIRTUAL ENVIRONMENT...
source venv/bin/activate
# Reinstall dependencies
# >> REINSTALLING CORE MODULES...
pip install -r requirements.txt
```
**FIX**: Environment not properly initialized
### "Nikto not found"
### [ERROR-003] 🛠️ MISSING WEAPONS
```bash
# Install missing tools
# >> DOWNLOADING ATTACK TOOLS...
sudo apt-get install nikto sqlmap nmap
```
**FIX**: Essential penetration tools not found
### PDF Generation fails
### [ERROR-004] 📄 REPORT GENERATION FAILURE
```bash
# Install reportlab with all dependencies
# >> REPAIRING DOCUMENT GENERATOR...
pip install --upgrade reportlab pillow
```
**FIX**: PDF library corruption detected
---
## 📊 Example Workflow
## 🎯 [COMPLETE OPERATION SEQUENCE]
```bash
# 1. Navigate to project
# ┌─────────────────────────────────────────────────────┐
# │ [OPERATION PROTOCOL] - Full Attack Chain │
# └─────────────────────────────────────────────────────┘
# [STEP 1] >> ENTERING SYSTEM...
cd AutoPentestX
# 2. Activate environment
# [STEP 2] >> POWERING UP SYSTEMS...
source venv/bin/activate
# 3. Run scan on authorized target
# [STEP 3] >> LAUNCHING ATTACK SEQUENCE...
python3 main.py -t 192.168.1.100 -n "Security Auditor"
# 4. Wait for completion (10-30 minutes)
# ... scanning in progress ...
# [STEP 4] >> ATTACK IN PROGRESS...
# ▓▓▓▓▓▓▓░░░ 60% | ETA: 15 minutes
# [SCANNING] [EXPLOITING] [REPORTING]
# 5. View results
# [STEP 5] >> EXTRACTING INTELLIGENCE...
ls reports/
cat database/autopentestx.db | sqlite3
sqlite3 database/autopentestx.db
# 6. Open PDF report
# [STEP 6] >> DECRYPTING REPORT...
xdg-open reports/AutoPentestX_Report_*.pdf
# 7. Deactivate when done
# [STEP 7] >> SHUTTING DOWN SYSTEMS...
deactivate
# [✓] OPERATION COMPLETE - ALL SYSTEMS NOMINAL
```
---
@@ -230,38 +314,63 @@ deactivate
---
## 🎉 You're Ready!
## ⚔️ [SYSTEM ARMED AND READY]
You now have a powerful automated penetration testing toolkit.
```
╔═══════════════════════════════════════════════════════╗
║ ║
║ ██╗ ██╗ ██████╗ ██╗ ██╗██████╗ ║
║ ╚██╗ ██╔╝██╔═══██╗██║ ██║██╔══██╗ ║
║ ╚████╔╝ ██║ ██║██║ ██║██████╔╝ ║
║ ╚██╔╝ ██║ ██║██║ ██║██╔══██╗ ║
║ ██║ ╚██████╔╝╚██████╔╝██║ ██║ ║
║ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝ ║
║ ║
║ W E A P O N I S N O W O P E R A T I O N A L ║
║ ║
╚═══════════════════════════════════════════════════════╝
```
**Remember:**
- Always get authorization first
- Use ethically and legally
- Learn and improve security
- Share knowledge responsibly
**⚠️ OPERATOR PROTOCOLS:**
```
[✓] Authorization: MANDATORY before engagement
[✓] Ethics: White-hat operations ONLY
[✓] Knowledge: Continuous learning required
[✓] Responsibility: Handle intel with care
```
Happy hacking (ethically)! 🔒🎩
> 🎯 **MISSION STATUS**: Ready for deployment
> 💀 **WARNING**: Unauthorized access = Federal crime
> 🔓 **MOTTO**: Hack the planet... legally.
---
**Quick Reference Card**
## 📟 [QUICK REFERENCE TERMINAL]
```bash
# Installation
┌──────────────────────────────────────────────────────┐
[CHEAT CODES] - Rapid Command Access │
└──────────────────────────────────────────────────────┘
# >> SYSTEM DEPLOYMENT
./install.sh
# Basic usage
# >> LAUNCH ATTACK
python3 main.py -t <target>
# With options
# >> ADVANCED OPTIONS
python3 main.py -t <target> -n "Your Name" --skip-web
# View reports
# >> ACCESS REPORTS
ls reports/
# Check database
# >> QUERY DATABASE
sqlite3 database/autopentestx.db "SELECT * FROM scans;"
# Help
# >> HELP SYSTEM
python3 main.py --help
┌──────────────────────────────────────────────────────┐
[STATUS] System ready | Awaiting orders... │
└──────────────────────────────────────────────────────┘
```

246
main.py
View File

@@ -49,39 +49,67 @@ class AutoPentestX:
# Initialize database
self.db = Database()
print("\n" + "="*70)
print(" "*20 + "AutoPentestX v1.0")
print(" "*10 + "Automated Penetration Testing & Vulnerability Assessment")
print("="*70)
print(f"\n[*] Target: {self.target}")
print(f"[*] Tester: {self.tester_name}")
print(f"[*] Safe Mode: {'ENABLED' if self.safe_mode else 'DISABLED'}")
print(f"[*] Timestamp: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
print("\n" + "="*70 + "\n")
RED = '\033[91m'
GREEN = '\033[92m'
CYAN = '\033[96m'
YELLOW = '\033[93m'
BOLD = '\033[1m'
RESET = '\033[0m'
print(f"\n{CYAN}╔════════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{RED}▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓{RESET} {YELLOW}AutoPentestX v1.0{RESET} {RED}▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓{RESET} {CYAN}{RESET}")
print(f"{CYAN}{RESET} {GREEN}Automated Penetration Testing & Vulnerability Assessment{RESET} {CYAN}{RESET}")
print(f"{CYAN}╚════════════════════════════════════════════════════════════════════╝{RESET}")
print(f"\n{CYAN}┌────────────────────── [MISSION BRIEFING] ─────────────────────────┐{RESET}")
print(f"{CYAN}{RESET} {YELLOW}{RESET} Target IP/Domain: {GREEN}{self.target}{RESET}")
print(f"{CYAN}{RESET} {YELLOW}{RESET} Operator: {GREEN}{self.tester_name}{RESET}")
print(f"{CYAN}{RESET} {YELLOW}{RESET} Safe Mode: {GREEN if self.safe_mode else RED}{'[✓] ENABLED' if self.safe_mode else '[✗] DISABLED'}{RESET}")
print(f"{CYAN}{RESET} {YELLOW}{RESET} Timestamp: {GREEN}{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}{RESET}")
print(f"{CYAN}└───────────────────────────────────────────────────────────────────┘{RESET}\n")
def display_banner(self):
"""Display application banner"""
RED = '\033[91m'
GREEN = '\033[92m'
CYAN = '\033[96m'
YELLOW = '\033[93m'
MAGENTA = '\033[95m'
BOLD = '\033[1m'
RESET = '\033[0m'
banner = f"""
{RED}╔═══════════════════════════════════════════════════════════════════╗
{RED}{BOLD}╔═══════════════════════════════════════════════════════════════════╗
║ ║
║ █████╗ ██╗ ██╗████████╗ ██████╗ ██████╗ ███████╗███╗ ██╗ ║
║ ██╔══██╗██║ ██║╚══██╔══╝██╔═══██╗██╔══██╗██╔════╝████╗ ██║ ║
║ ███████║██║ ██║ ██║ ██║ ██║██████╔╝█████╗ ██╔██╗ ██║ ║
║ ██╔══██║██║ ██║ ██║ ██║ ██║██╔═══╝ ██╔══╝ ██║╚██╗██║ ║
║ ██║ ██║╚██████╔╝ ██║ ╚██████╔╝██║ ███████╗██║ ╚████║ ║
║ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═══╝ ║
║ ║{RESET}
{GREEN}║ T E S T X - Penetration Testing Toolkit
Author: Gowtham Darkseid {RESET}
║ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═══╝ ║{RESET}
{CYAN}║ ║
║ ████████╗███████╗███████╗████████╗██╗ ██╗
╚══██╔══╝██╔════╝██╔════╝╚══██╔══╝╚██╗██╔╝
║ ██║ █████╗ ███████╗ ██║ ╚███╔╝ ║
║ ██║ ██╔══╝ ╚════██║ ██║ ██╔██╗ ║
║ ██║ ███████╗███████║ ██║ ██╔╝ ██╗ ║
║ ╚═╝ ╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝ ║{RESET}
{GREEN}║ ║
║ ▄▄▄▄▄▄▄ PENETRATION TESTING FRAMEWORK ▄▄▄▄▄▄▄ ║{RESET}
{YELLOW}║ [CODENAME: D A R K S E I D] ║{RESET}
{MAGENTA}║ Author: Gowtham Darkseid ║{RESET}
{RED}║ ║
║ ⚠️ WARNING: For AUTHORIZED testing and EDUCATIONAL use ONLY
║ Unauthorized access to computer systems is ILLEGAL!
║ ⚠️ [CLASSIFIED] FOR AUTHORIZED OPS & TRAINING ONLY ⚠️
>> Unauthorized system access = FEDERAL CRIME <<
║ ║
╚═══════════════════════════════════════════════════════════════════╝{RESET}
{CYAN}┌───────────────────────────────────────────────────────────────────┐
│ [SYSTEM STATUS] │
│ ├─ Exploit Engine: {GREEN}█████████{RESET} ARMED │
│ ├─ Scanner Array: {GREEN}█████████{RESET} ONLINE │
│ ├─ CVE Database: {GREEN}█████████{RESET} SYNCED │
│ └─ Neural Core: {GREEN}█████████{RESET} OPERATIONAL │
└───────────────────────────────────────────────────────────────────┘{RESET}
"""
print(banner)
@@ -94,22 +122,34 @@ class AutoPentestX:
self.display_banner()
# Step 1: Initialize scan in database
print("\n[STEP 1] Initializing scan...")
CYAN = '\033[96m'
GREEN = '\033[92m'
RED = '\033[91m'
YELLOW = '\033[93m'
BOLD = '\033[1m'
RESET = '\033[0m'
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 1]{RESET} {GREEN}{RESET} Initializing attack sequence... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
self.scan_id = self.db.insert_scan(self.target)
if not self.scan_id:
print("[✗] Failed to initialize scan in database")
print(f"{RED}[✗] CRITICAL ERROR: Database initialization failed{RESET}")
return False
print(f"[✓] Scan ID: {self.scan_id}")
print(f"{GREEN}[✓]{RESET} Mission ID: {YELLOW}{self.scan_id}{RESET} | Status: {GREEN}ACTIVE{RESET}")
# Step 2: Network scanning
print("\n[STEP 2] Network Scanning...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 2]{RESET} {GREEN}{RESET} Network reconnaissance in progress... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
scanner = Scanner(self.target)
self.scan_results = scanner.run_full_scan()
if not self.scan_results:
print("[✗] Network scan failed")
print(f"{RED}[✗] ABORT: Network reconnaissance failed{RESET}")
return False
print(f"{GREEN}[✓]{RESET} Phase 2 complete - {GREEN}{len(self.scan_results.get('ports', []))}{RESET} ports discovered")
# Update database with OS detection
self.db.update_scan(self.scan_id,
@@ -121,8 +161,10 @@ class AutoPentestX:
# Step 3: Vulnerability Scanning
if not self.skip_web:
print("\n[STEP 3] Vulnerability Scanning...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 3]{RESET} {GREEN}{RESET} Vulnerability analysis initiated... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
vuln_scanner = VulnerabilityScanner(
self.target,
self.scan_results.get('ports', [])
@@ -137,7 +179,7 @@ class AutoPentestX:
for web_vuln in self.vuln_results.get('web_vulnerabilities', []):
self.db.insert_web_vulnerability(self.scan_id, web_vuln)
else:
print("\n[STEP 3] Vulnerability Scanning... SKIPPED")
print(f"\n{YELLOW}[PHASE 3]{RESET} Vulnerability analysis... {YELLOW}[SKIPPED BY OPERATOR]{RESET}")
self.vuln_results = {
'vulnerabilities': [],
'web_vulnerabilities': [],
@@ -145,8 +187,10 @@ class AutoPentestX:
}
# Step 4: CVE Lookup
print("\n[STEP 4] CVE Database Lookup...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 4]{RESET} {GREEN}{RESET} Accessing CVE intelligence database... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
cve_lookup = CVELookup()
services = self.scan_results.get('services', [])
self.cve_results = cve_lookup.lookup_services(services)
@@ -166,8 +210,10 @@ class AutoPentestX:
self.db.insert_vulnerability(self.scan_id, vuln_data)
# Step 5: Risk Assessment
print("\n[STEP 5] Risk Assessment...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 5]{RESET} {GREEN}{RESET} Computing threat matrix... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
risk_engine = RiskEngine()
self.risk_results = risk_engine.calculate_overall_risk(
self.scan_results,
@@ -189,8 +235,10 @@ class AutoPentestX:
# Step 6: Exploitation (Safe Mode)
if not self.skip_exploit:
print("\n[STEP 6] Exploitation Assessment (Safe Mode)...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 6]{RESET} {GREEN}{RESET} Exploit simulation {YELLOW}[SAFE MODE]{RESET}... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
exploit_engine = ExploitEngine(safe_mode=self.safe_mode)
# Match exploits
@@ -215,15 +263,17 @@ class AutoPentestX:
}
self.db.insert_exploit(self.scan_id, None, exploit_data)
else:
print("[*] No exploits matched")
print(f"{YELLOW}[*]{RESET} No exploits matched vulnerability profile")
self.exploit_results = []
else:
print("\n[STEP 6] Exploitation Assessment... SKIPPED")
print(f"\n{YELLOW}[PHASE 6]{RESET} Exploitation assessment... {YELLOW}[SKIPPED BY OPERATOR]{RESET}")
self.exploit_results = []
# Step 7: Generate PDF Report
print("\n[STEP 7] Generating PDF Report...")
print("-" * 70)
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}{YELLOW}[PHASE 7]{RESET} {GREEN}{RESET} Compiling classified intelligence report... {CYAN}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"{CYAN}{'' * 70}{RESET}")
pdf_generator = PDFReportGenerator(self.target, self.scan_id)
report_file = pdf_generator.generate_report(
self.scan_results,
@@ -237,7 +287,7 @@ class AutoPentestX:
)
if not report_file:
print("[!] PDF report generation failed, but scan completed successfully")
print(f"{YELLOW}[!]{RESET} Report generation failed, but mission data captured successfully")
# Calculate total time
self.end_time = time.time()
@@ -252,13 +302,18 @@ class AutoPentestX:
return True
except KeyboardInterrupt:
print("\n\n[!] Scan interrupted by user")
RED = '\033[91m'
YELLOW = '\033[93m'
RESET = '\033[0m'
print(f"\n\n{RED}[!] MISSION ABORT - Operator initiated shutdown{RESET}")
if self.scan_id:
self.db.update_scan(self.scan_id, status='interrupted')
return False
except Exception as e:
print(f"\n[✗] Critical error during assessment: {e}")
RED = '\033[91m'
RESET = '\033[0m'
print(f"\n{RED}[✗] CRITICAL SYSTEM ERROR: {e}{RESET}")
import traceback
traceback.print_exc()
if self.scan_id:
@@ -271,46 +326,67 @@ class AutoPentestX:
def display_final_summary(self, duration, report_file):
"""Display final assessment summary"""
print("\n\n" + "="*70)
print(" "*20 + "ASSESSMENT COMPLETE")
print("="*70)
print(f"\n[✓] Target: {self.target}")
print(f"[✓] Scan ID: {self.scan_id}")
print(f"[✓] Duration: {duration:.2f} seconds ({duration/60:.2f} minutes)")
print(f"[✓] Timestamp: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
RED = '\033[91m'
GREEN = '\033[92m'
CYAN = '\033[96m'
YELLOW = '\033[93m'
MAGENTA = '\033[95m'
BOLD = '\033[1m'
RESET = '\033[0m'
print("\n" + "-"*70)
print("RESULTS SUMMARY")
print("-"*70)
print(f"\n\n{GREEN}{''*70}{RESET}")
print(f"{BOLD}{GREEN}{'' * 18}{RESET} {YELLOW}MISSION COMPLETE{RESET} {GREEN}{'' * 18}{RESET}")
print(f"{GREEN}{''*70}{RESET}")
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}[OPERATION SUMMARY]{RESET} {CYAN}{RESET}")
print(f"{CYAN}╠══════════════════════════════════════════════════════════════════╣{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Target: {YELLOW}{self.target}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Mission ID: {YELLOW}{self.scan_id}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Duration: {YELLOW}{duration:.2f}s{RESET} ({YELLOW}{duration/60:.2f} min{RESET})")
print(f"{CYAN}{RESET} {GREEN}{RESET} Timestamp: {YELLOW}{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}[INTELLIGENCE GATHERED]{RESET} {CYAN}{RESET}")
print(f"{CYAN}╠══════════════════════════════════════════════════════════════════╣{RESET}")
if self.scan_results:
print(f"Open Ports: {len(self.scan_results.get('ports', []))}")
print(f"Services Detected: {len(self.scan_results.get('services', []))}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Open Ports: {YELLOW}{len(self.scan_results.get('ports', []))}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Services Detected: {YELLOW}{len(self.scan_results.get('services', []))}{RESET}")
if self.risk_results:
print(f"Total Vulnerabilities: {self.risk_results.get('total_vulnerabilities', 0)}")
print(f"Web Vulnerabilities: {self.risk_results.get('web_vulnerabilities', 0)}")
print(f"SQL Injection Points: {self.risk_results.get('sql_vulnerabilities', 0)}")
print(f"CVEs Identified: {len(self.cve_results) if self.cve_results else 0}")
print(f"Overall Risk Level: {self.risk_results.get('overall_risk_level', 'UNKNOWN')}")
print(f"Risk Score: {self.risk_results.get('total_risk_score', 0):.2f}")
vuln_count = self.risk_results.get('total_vulnerabilities', 0)
risk_level = self.risk_results.get('overall_risk_level', 'UNKNOWN')
risk_color = RED if risk_level in ['CRITICAL', 'HIGH'] else YELLOW if risk_level == 'MEDIUM' else GREEN
print(f"{CYAN}{RESET} {GREEN}{RESET} Total Vulnerabilities: {RED if vuln_count > 0 else GREEN}{vuln_count}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Web Vulnerabilities: {YELLOW}{self.risk_results.get('web_vulnerabilities', 0)}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} SQL Injection Points: {RED if self.risk_results.get('sql_vulnerabilities', 0) > 0 else GREEN}{self.risk_results.get('sql_vulnerabilities', 0)}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} CVEs Identified: {YELLOW}{len(self.cve_results) if self.cve_results else 0}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Overall Risk Level: {BOLD}{risk_color}{risk_level}{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Risk Score: {risk_color}{self.risk_results.get('total_risk_score', 0):.2f}{RESET}")
if self.exploit_results:
print(f"Exploits Matched: {len(self.exploit_results)}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Exploits Matched: {MAGENTA}{len(self.exploit_results)}{RESET}")
print("\n" + "-"*70)
print("OUTPUT FILES")
print("-"*70)
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print(f"\n{CYAN}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{CYAN}{RESET} {BOLD}[CLASSIFIED DATA STORAGE]{RESET} {CYAN}{RESET}")
print(f"{CYAN}╠══════════════════════════════════════════════════════════════════╣{RESET}")
if report_file and os.path.exists(report_file):
print(f"[✓] PDF Report: {report_file}")
print(f"{CYAN}{RESET} {GREEN}{RESET} PDF Report: {YELLOW}{report_file}{RESET}")
print(f"[✓] Database: database/autopentestx.db")
print(f"[✓] Logs: logs/")
print(f"{CYAN}{RESET} {GREEN}{RESET} Database: {YELLOW}database/autopentestx.db{RESET}")
print(f"{CYAN}{RESET} {GREEN}{RESET} Logs: {YELLOW}logs/{RESET}")
print(f"{CYAN}╚══════════════════════════════════════════════════════════════════╝{RESET}")
print("\n" + "="*70)
print("\n[i] Thank you for using AutoPentestX!")
print("[i] Remember: Use this tool responsibly and ethically.\n")
print(f"\n{GREEN}{''*70}{RESET}")
print(f"\n{CYAN}[i]{RESET} {GREEN}Mission accomplished. Thank you for using AutoPentestX!{RESET}")
print(f"{CYAN}[i]{RESET} {YELLOW}Remember: Hack ethically. Hack legally. Hack responsibly.{RESET}")
print(f"{RED}[!]{RESET} {RED}Unauthorized access to systems = Federal prosecution{RESET}\n")
def main():
@@ -356,24 +432,36 @@ WARNING: This tool is for AUTHORIZED testing and EDUCATIONAL purposes ONLY.
args = parser.parse_args()
# Confirmation prompt
print("\n" + "="*70)
print("⚠️ LEGAL WARNING ⚠️")
print("="*70)
print("\nYou are about to run an automated penetration testing tool.")
print("This tool should ONLY be used on systems you own or have")
print("explicit written authorization to test.")
print("\nUnauthorized access to computer systems is ILLEGAL and may")
print("result in criminal prosecution.")
print("\nBy continuing, you confirm that you have proper authorization")
print("to perform security testing on the target system.")
print("="*70)
RED = '\033[91m'
YELLOW = '\033[93m'
CYAN = '\033[96m'
BOLD = '\033[1m'
RESET = '\033[0m'
confirmation = input("\nDo you have authorization to test this target? (yes/no): ")
print(f"\n{RED}{''*70}{RESET}")
print(f"{BOLD}{RED}⚠️ [LEGAL WARNING] - AUTHORIZATION REQUIRED ⚠️{RESET}")
print(f"{RED}{''*70}{RESET}")
print(f"\n{YELLOW}╔══════════════════════════════════════════════════════════════════╗{RESET}")
print(f"{YELLOW}{RESET} You are about to deploy an automated penetration testing tool. {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} This weapon should ONLY be used on: {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} • Systems you own {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} • Systems with explicit written authorization {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} {RED}Unauthorized system access = FEDERAL CRIME{RESET} {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} {RED}Punishment: Fines + Imprisonment{RESET} {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} {YELLOW}{RESET}")
print(f"{YELLOW}{RESET} By continuing, you confirm proper authorization to test. {YELLOW}{RESET}")
print(f"{YELLOW}╚══════════════════════════════════════════════════════════════════╝{RESET}")
confirmation = input(f"\n{CYAN}>{RESET} {BOLD}Do you have authorization to test this target?{RESET} {YELLOW}(yes/no):{RESET} ")
if confirmation.lower() not in ['yes', 'y']:
print("\n[!] Assessment cancelled. Authorization not confirmed.")
print(f"\n{RED}[!] MISSION ABORT - Authorization not confirmed.{RESET}")
print(f"{YELLOW}[*] Smart choice. Always obtain permission first.{RESET}\n")
sys.exit(0)
print(f"{CYAN}[*] Authorization confirmed. Proceeding with operation...{RESET}")
# Initialize and run assessment
safe_mode = not args.no_safe_mode