CalvinBackup/PentestPilot
1
0
Fork 0
mirror of https://github.com/0xMarcio/PentestPilot.git synced 2026-02-13 05:22:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
PentestPilot/bin/ai/orchestrate_web.py
PentestPilot Bot 461c14d676 feat: bootstrap PentestPilot toolkit, docs, and orchestrators 
Initial commit of PentestPilot — AI‑assisted pentest recon and orchestration toolkit.\n\nHighlights:\n- Resumeable pipelines (full_pipeline) with manifest state and elapsed timings\n- Rich dashboard (colors, severity bars, durations, compact/json modes)\n- Web helpers: httpx→nuclei auto, tech routing + quick scanners\n- Agents: multi‑task orchestrator (web/full/ad/notes/post) with resume\n- AD/SMB, password utils, shells, transfer, privesc, tunnels\n- QoL scripts: proxy toggle, cleanup, tmux init, URL extractor\n- Docs: README (Quick Start + Docs Index), HOWTO (deep guide), TOOLKIT (catalog with examples)\n\nStructure:\n- bin/automation: pipelines, dashboard, manifest, resume, tech_actions\n- bin/web: routing, scanners, helpers\n- bin/ai: orchestrators + robust AI utils\n- bin/ad, bin/passwords, bin/shells, bin/transfer, bin/privesc, bin/misc, bin/dns, bin/scan, bin/windows, bin/hashes\n- HOWTO.md and TOOLKIT.md cross‑linked with examples\n\nUse:\n- settarget <target>; agent full <domain|hosts.txt>; dashboard --compact\n- See HOWTO.md for setup, semantics, and examples.
2025-10-08 16:00:22 +02:00

39 lines
1.6 KiB
Python
Executable File
Raw Permalink Blame History

#!/usr/bin/env python3
import os, sys, json, subprocess, tempfile
from _ai_utils import ai_complete
HELP = """Usage: orchestrate_web.py <hosts.txt>
Reads hosts, probes with httpx (if present), proposes recon plan via AI, and emits suggested commands.
Env: OPENAI_API_KEY or OLLAMA_HOST; models via OPENAI_MODEL/OLLAMA_MODEL.
"""
def run(cmd):
try:
out = subprocess.check_output(cmd, stderr=subprocess.STDOUT, timeout=120)
return out.decode(errors='ignore')
except Exception as e:
return ''
if len(sys.argv) < 2:
print(HELP, file=sys.stderr); sys.exit(1)
hosts_file = sys.argv[1]
if not os.path.isfile(hosts_file):
print('[!] hosts file missing', file=sys.stderr); sys.exit(2)
httpx_out = ''
urls_file = None
if shutil := __import__('shutil') and shutil.which('httpx'):
httpx_out = run(['httpx','-silent','-l',hosts_file,'-ports','80,81,88,443,3000,5000,7001,7002,8000,8008,8080,8081,8088,8443,8888,9000','-status-code','-title','-tech-detect','-asn','-ip','-hash','-server'])
tf = tempfile.NamedTemporaryFile(delete=False, mode='w'); urls_file = tf.name
for line in httpx_out.splitlines():
parts = line.split(' ')
if parts:
tf.write(parts[0]+'\n')
tf.close()
context = f"HTTPX OUTPUT:\n{httpx_out}\n\nInstructions: Generate a prioritized web recon plan with concrete commands using provided toolkit scripts (bin/... wrappers). Keep it concise, bash-ready, and safe."
plan = ai_complete(context, system='You are a seasoned web pentest copilot.') or 'httpx not available; run web_recon.sh <host> manually.'
print(plan.strip())
Reference in New Issue View Git Blame Copy Permalink