A comprehensive, modular penetration testing framework for professional security assessments.
PenTest Toolkit is a professional-grade penetration testing framework combining port scanning, SSL/TLS analysis, HTTP security header auditing, and subdomain enumeration into a unified CLI tool with HTML and JSON reporting.
Built for security engineers who need fast, reliable, scriptable reconnaissance and vulnerability identification.
| Module | Description |
|---|---|
| 🔓 Port Scanner | Multi-threaded TCP port scanning with banner grabbing |
| 🔒 SSL/TLS Analyzer | Protocol version, cipher suite, and certificate expiry checks |
| 📋 Header Analyzer | Security header audit (HSTS, CSP, X-Frame-Options, etc.) |
| 🌐 Subdomain Enumerator | DNS-based subdomain discovery with 100+ wordlist |
| 📊 Report Generator | Professional HTML & JSON reports |
git clone https://github.com/securekamal/pentest-toolkit.git
cd pentest-toolkit
pip install -r requirements.txtNo external dependencies required for core functionality (pure Python 3.9+).
# Full scan with all modules
python pentest_toolkit.py example.com --all
# Port scan only (specific ports)
python pentest_toolkit.py 192.168.1.1 --ports 80 443 8080 22
# Full top-1000 port scan
python pentest_toolkit.py 192.168.1.1 --full-port-scan --threads 200
# SSL/TLS analysis only
python pentest_toolkit.py example.com --ssl
# HTTP header audit only
python pentest_toolkit.py example.com --headers
# Subdomain enumeration
python pentest_toolkit.py example.com --subdomains
# Custom output with JSON only
python pentest_toolkit.py example.com --all --output results/scan_20240115 --format json╔═══════════════════════════════════════════════════════════╗
║ PenTest Toolkit v2.1.0 - by securekamal ║
╚═══════════════════════════════════════════════════════════╝
[*] Scanning example.com (18 ports) with 100 threads...
[+] Found 3 open port(s)
22/tcp open SSH SSH-2.0-OpenSSH_8.9
80/tcp open HTTP Apache/2.4.52
443/tcp open HTTPS
[*] Analyzing SSL/TLS for example.com...
[+] SSL Score: A
[MEDIUM] Certificate expires in 21 days
[*] Analyzing HTTP security headers...
[+] Missing 3 security header(s)
[HIGH] Missing: Content-Security-Policy
[MEDIUM] Missing: X-Frame-Options
[LOW] Missing: Permissions-Policy
[+] HTML report saved: report.html
[+] JSON report saved: report.json
The HTML report provides a dark-themed professional output with:
- Open ports with banners
- SSL/TLS certificate details and cipher analysis
- Security header gaps with remediation guidance
- Discovered subdomains and IPs
- Concurrent TCP scanning via
ThreadPoolExecutor - Automatic service identification for 18 common services
- Banner grabbing for version fingerprinting
- Configurable thread count and timeout
- Detects deprecated protocol versions (TLS 1.0, 1.1, SSLv3)
- Identifies weak cipher suites (RC4, DES, NULL, EXPORT)
- Certificate expiry warning (30-day and 7-day thresholds)
- Subject Alternative Name extraction
- Checks for 7 critical security headers
- Flags information-disclosure headers (Server, X-Powered-By)
- Provides recommended header values for remediation
- DNS brute-force with 50+ security-focused subdomains
- Multi-threaded resolution
- Targets common DevOps/cloud infrastructure subdomains
⚠️ This tool is for authorized security testing only. Only use against systems you own or have explicit written permission to test. Unauthorized use may violate computer fraud and abuse laws.
securekamal — Product Security Engineer
MIT License — see LICENSE for details.