Web pentesting CLI - scan ports, fuzz directories, hunt headers, and probe for vulns

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Ianon from gravatar.com Ianon

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: yal212
  • Tags security , pentesting , web , reconnaissance , scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

Pynzor

Web pentesting, sharpened.

An open-source Python CLI - scan ports, fuzz directories, hunt headers, and probe for vulns, all from one tool. No setup headaches, just point it to a target and go.

Demo

Pynzor Demo

Key Features

  • Modular architecture - each technique is an isolated Python module
  • Rich terminal output with color-coded severity levels
  • Loading indicators - spinner feedback during every scan so you know it's working
  • JSON and HTML report export
  • Async HTTP engine via httpx for fast parallel requests
  • Bundled wordlists - works out of the box
  • Fully tested with pytest

Download

No Python required. Grab the latest binary from GitHub Releases:

Platform File
Windows Pynzor.exe
macOS Pynzor-macos
Linux Pynzor-linux

Windows:

Pynzor.exe --help

macOS:

chmod +x Pynzor-macos
./Pynzor-macos --help

Linux:

chmod +x Pynzor-linux
./Pynzor-linux --help

Install from Source

Requires Python 3.10+.

git clone https://github.com/yal212/Pynzor.git
cd Pynzor
pip install -e .

Or with uv (recommended):

uv sync
uv run Pynzor --help

Quick Usage

Full scan with HTML report

Pynzor scan -t https://example.com -f html

Directory fuzzing

Pynzor fuzz -t https://example.com --wordlist ./mylist.txt --threads 30

Security header analysis

Pynzor headers -t https://example.com

Subdomain enumeration

Pynzor subdomain -t https://example.com

SQL injection probe

Pynzor sqli -t "https://example.com/item?id=1"

XSS detection

Pynzor xss -t https://example.com -v

Commands

Command Description
scan Full scan - run all modules
fuzz Directory fuzzing
headers Security header analysis
sqli SQL injection probe
xss Reflected XSS detection
subdomain Subdomain enumeration
report Re-generate report from JSON

Configuration

Edit config.yaml to customize behavior (source installs only):

  • HTTP timeout, retries, user-agent
  • Rate limiting
  • Output format and directory
  • Port lists and wordlist paths
  • Thread counts

Disclaimer

For authorized testing only. Only use on systems you own or have explicit written permission to test.

MIT License - see LICENSE for details.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Ianon from gravatar.com Ianon

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: yal212
  • Tags security , pentesting , web , reconnaissance , scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

1.0.6

This version

1.0.4

1.0.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pynzor-1.0.4.tar.gz (29.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pynzor-1.0.4-py3-none-any.whl (36.7 kB view details)

Uploaded Python 3

File details

Details for the file pynzor-1.0.4.tar.gz.

File metadata

  • Download URL: pynzor-1.0.4.tar.gz
  • Upload date:
  • Size: 29.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for pynzor-1.0.4.tar.gz
Algorithm Hash digest
SHA256 9e9da6e73f76d0d44730459435370a2d1133269e7f87489b7976dab45f66d77a
MD5 930398e14c26451136389ddbaf4ecaba
BLAKE2b-256 6a901e0e225c355422b0caf41b3dc4ee48130152c99c978d4a63d8e3ae3043e2

See more details on using hashes here.

Provenance

The following attestation bundles were made for pynzor-1.0.4.tar.gz:

Publisher: release.yml on yal212/Pynzor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file pynzor-1.0.4-py3-none-any.whl.

File metadata

  • Download URL: pynzor-1.0.4-py3-none-any.whl
  • Upload date:
  • Size: 36.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for pynzor-1.0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 4f99cd719b8b54af5613bd2e364fdcf72429f14ec16c664514445f791e189c3b
MD5 e1a87b88f2d6de6bb639000db9508150
BLAKE2b-256 687b845a3c11324aaf1933b4f292826bf8f472b57d098ae70ab1f86191ce26e8

See more details on using hashes here.

Provenance

The following attestation bundles were made for pynzor-1.0.4-py3-none-any.whl:

Publisher: release.yml on yal212/Pynzor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page