Web pentesting CLI - scan ports, fuzz directories, hunt headers, and probe for vulns

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Ianon from gravatar.com Ianon

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: yal212
  • Tags security , pentesting , web , reconnaissance , scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

██████╗ ██╗   ██╗███╗   ██╗███████╗ ██████╗ ██████╗
██╔══██╗╚██╗ ██╔╝████╗  ██║╚══███╔╝██╔═══██╗██╔══██╗
██████╔╝ ╚████╔╝ ██╔██╗ ██║  ███╔╝ ██║   ██║██████╔╝
██╔═══╝   ╚██╔╝  ██║╚██╗██║ ███╔╝  ██║   ██║██╔══██╗
██║        ██║   ██║ ╚████║███████╗╚██████╔╝██║  ██║
╚═╝        ╚═╝   ╚═╝  ╚═══╝╚══════╝ ╚═════╝ ╚═╝  ╚═╝

Web pentesting, sharpened.

PyPI version Python License: MIT GitHub Stars

Scan ports · Fuzz directories · Hunt headers · Probe for SQLi & XSS · Enumerate subdomains

Demo · Install · Usage · Commands · Download

Demo

Watch the demo on YouTube

Features

  • One command, full scan — run every module against a target in a single invocation
  • Modular architecture — each technique is an isolated Python module, easy to extend
  • Rich terminal output — color-coded severity levels, live spinners, clean layout
  • JSON & HTML reports — export results for sharing or archiving
  • Async HTTP enginehttpx-powered parallel requests for speed
  • Bundled wordlists — works out of the box, no setup required
  • Fully testedpytest test suite with async support

Install

pip (recommended)

pip install Pynzor

From source

git clone https://github.com/yal212/Pynzor.git
cd Pynzor
pip install -e .

uv

uv sync
uv run Pynzor --help

Download

No Python required — grab a prebuilt binary from GitHub Releases:

Platform File Run
Windows Pynzor.exe Pynzor.exe --help
macOS Pynzor-macos chmod +x Pynzor-macos && ./Pynzor-macos --help
Linux Pynzor-linux chmod +x Pynzor-linux && ./Pynzor-linux --help

macOS note: If blocked by Gatekeeper, run xattr -d com.apple.quarantine ./Pynzor-macos or allow it via System Settings → Privacy & Security.

Usage

Full scan with HTML report

Pynzor scan -t https://example.com -f html

Directory fuzzing

Pynzor fuzz -t https://example.com --wordlist ./mylist.txt --threads 30

Security header analysis

Pynzor headers -t https://example.com

Subdomain enumeration

Pynzor subdomain -t https://example.com

SQL injection probe

Pynzor sqli -t "https://example.com/item?id=1"

XSS detection

Pynzor xss -t https://example.com -v

Commands

Command Description
scan Full scan — run all modules
fuzz Directory & file fuzzing
headers Security header analysis
sqli SQL injection probe
xss Reflected XSS detection
subdomain Subdomain enumeration
report Re-generate report from JSON

Configuration

Source installs include a config.yaml for fine-tuning:

  • HTTP timeout, retries, user-agent string
  • Rate limiting and redirect behavior
  • Output format and directory
  • Port lists, wordlist paths, thread counts

Disclaimer

Pynzor is for authorized testing only. Only use it on systems you own or have explicit written permission to test. Unauthorized use is illegal and unethical.

MIT License — see LICENSE · Made by yal212

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Ianon from gravatar.com Ianon

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: yal212
  • Tags security , pentesting , web , reconnaissance , scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

1.0.6

1.0.4

1.0.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pynzor-1.0.6.tar.gz (33.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pynzor-1.0.6-py3-none-any.whl (41.4 kB view details)

Uploaded Python 3

File details

Details for the file pynzor-1.0.6.tar.gz.

File metadata

  • Download URL: pynzor-1.0.6.tar.gz
  • Upload date:
  • Size: 33.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for pynzor-1.0.6.tar.gz
Algorithm Hash digest
SHA256 5b83f68464fbd40e70aff13dc24c7dab52fd8aa3080ea484b353866bc2e94c4b
MD5 5800bebb247fc542e3c6007bd636db25
BLAKE2b-256 363db72f1e2c156fa22ded9f0bf5fb4c064a7c2aee7ddcd88283ab738ba174a5

See more details on using hashes here.

Provenance

The following attestation bundles were made for pynzor-1.0.6.tar.gz:

Publisher: release.yml on yal212/Pynzor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file pynzor-1.0.6-py3-none-any.whl.

File metadata

  • Download URL: pynzor-1.0.6-py3-none-any.whl
  • Upload date:
  • Size: 41.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for pynzor-1.0.6-py3-none-any.whl
Algorithm Hash digest
SHA256 9a3df6bee1596bedd037e16f6c738d84ffdc9d7c8c81c8927a710ded149f4846
MD5 417dbddf9f4cd2decb0726551fd9dc9a
BLAKE2b-256 de4fb010892ed04c6ec31c0ecb83e2838ca2312ff3db2524abf9c8d9dd278fc7

See more details on using hashes here.

Provenance

The following attestation bundles were made for pynzor-1.0.6-py3-none-any.whl:

Publisher: release.yml on yal212/Pynzor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page