Penetration Testing Toolkit
Automated security testing scripts, vulnerability scanners, report templates, and methodology checklists.
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 28 files
📖 Documentation Preview README excerpt
Penetration Testing Toolkit (Defensive / Professional)
A complete, authorization-first workflow for running professional security
assessments of systems you own or are contractually permitted to test. It
gives you the methodology, the safety guardrails, the scoring, and the reporting
to do the job like a consultancy — without shipping a single weaponized payload.
This toolkit is deliberately defensive. It contains **no exploits, no malware,
and no attack code**. What it provides instead:
- A five-phase methodology (pre-engagement → recon → scan → analyze → report).
- Scope-enforcing, dry-run-by-default wrappers around standard tools (
nmap,
nikto, testssl.sh) that refuse to touch anything outside your written scope.
- A correct, standalone CVSS v3.1 calculator so every finding is scored
consistently.
- A report generator that turns a findings file into a clean Markdown report.
- Ready-to-fill Rules of Engagement, findings, and report templates.
- Engagement checklists that gate each phase.
Everything runs on Python 3.10+ standard library only — no pip install.
Table of Contents
1. [Who this is for](#who-this-is-for)
2. [The defensive promise](#the-defensive-promise)
3. [What's included](#whats-included)
4. [Quick start](#quick-start)
5. [The five-phase workflow](#the-five-phase-workflow)
6. [File-by-file guide](#file-by-file-guide)
7. [Safety & legal](#safety--legal)
8. [FAQ](#faq)
9. [License](#license)
10. [Support](#support)
Who this is for
- Security engineers / consultants who want a repeatable, professional process.
- Blue teams validating their own estate before an adversary does.
- Engineering leads who need to commission or interpret a pentest.
- Learners building disciplined, ethical testing habits with real artifacts.
Assumes comfort with the command line and basic networking. No prior offensive-
security experience required.
The defensive promise
This kit is safe to keep in a corporate repo. By design:
- No exploit code ships here. Validation of findings is manual and minimal.
- Scope is enforced in code. The wrappers call a scope guard
(src/scope_guard.py) and refuse to run against any target not listed in
your authorized scope file. "Deny wins."
- Dry-run is the default. Wrappers print the exact command they would run
and exit, until you pass both --run and --i-am-authorized.
... continues with setup instructions, usage examples, and more.