Pentest-Tools.com Vulnerability Scanners Library
Project description
Command-Line Interface and Python bindings for https://Pentest-Tools.com.
Installing
PentestTools Python module is delivered through PyPI, so it can be installed directly via pip:
pip install pentesttools
Usage
The pentesttools package provides a command line interface through the ptt utility. Right
now it supports the Website Scanner service.
Example for the simplest scan:
ptt run website_scanner <url>
This runs a freemium Website Scanner scan on the <url>. Unlike in the platform itself, you can omit the schema part from the url.
Global arguments, like a suitable key for a deep scan, have to be passed straight to ptt. Tool arguments have to be passed to the tool.
ptt --key <key> run website_scanner --scan_type deep <url>
If you want the command to fail if the report contains vulnerabilities with a higher risk than some value, you can use the --fail argument.
ptt --fail high run website_scanner <url>
You can also run ptt using docker. The docker image has ptt as an entrypoint, so you don't have to type it anymore. Note that the old ptt-scan name is still used on docker.
docker run pentesttoolscom/ptt-scan:latest run website_scanner <url>
Development installation
If you want to easily modify the sources and your modifications:
pip install --edit .
Uninstalling
pip uninstall pentesttools
Testing and Coverage
You can run the tests and make coverage reports like this:
python3 -m pytest src/tests
coverage run -m pytest src/tests
coverage report -m
MCP
There is an optional MCP server provided in this package.
Installation:
pip install "pentesttools[mcp]"
Usage
There is a hosted endpoint at https://mcp.pentest-tools.com:9001/mcp.
Example config:
"ptt-mcp-http": {
"type": "http",
"url": "https://mcp.pentest-tools.com:9001/mcp/",
"headers": {
"PTT_API_KEY": "<ptt-api-key>"
}
}
You can also self-host the MCP server. This command will open an MCP server locally on port 9000.
ptt --key <ptt-api-key> mcp --mcp_method stdio
Connect with your favorite LLM client.
"ptt-mcp-remote": {
"type": "stdio",
"command": "ptt",
"args": ["mcp", "--mcp_method", "stdio"],
"env": {
"PTT_API_KEY": "<ptt-api-key>"
}
}
The MCP server also supports the HTTP method, which is also the default.
ptt mcp
In this case, you have to pass the API key as a header, called PTT_API_KEY.
Example config:
"ptt-mcp-http": {
"type": "http",
"url": "http://localhost:9000/mcp",
"headers": {
"PTT_API_KEY": "<ptt-api-key>"
}
}
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pentesttools-0.1.13.tar.gz.
File metadata
- Download URL: pentesttools-0.1.13.tar.gz
- Upload date:
- Size: 48.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b3efd049f1c26e0a2b79853b90896bbc492060e8d8c881a19c7a7cf6a92d18a6
|
|
| MD5 |
3f762e06e669e02df30e3010ce02f621
|
|
| BLAKE2b-256 |
92c08deeda6c36849ade2249b261a919bea33e44c845c3622ea1571069f23b98
|
File details
Details for the file pentesttools-0.1.13-py3-none-any.whl.
File metadata
- Download URL: pentesttools-0.1.13-py3-none-any.whl
- Upload date:
- Size: 49.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9e7d3ea5af202858d5f9bc250f5f6b5b5eb27c3e4a93881ff2e32121404761c3
|
|
| MD5 |
afca0c73176f95448613dd36eb0fdf7b
|
|
| BLAKE2b-256 |
c23c9ef60790edf576815c861ed4b4fb242ea18dfd296536628c0c278333d523
|
