Application server penetration testing tool (Penterep tool)
Project description
PTSRVTESTER - Server Penetration Testing Tool
Installation
pip install ptsrvtester
Adding to PATH
If you're unable to invoke the script from your terminal, it's likely because it's not included in your PATH. You can resolve this issue by executing the following commands, depending on the shell you're using:
For Bash Users
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.bashrc
source ~/.bashrc
For ZSH Users
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.zshrc
source ~/.zshrc
Usage examples
ptsrvtester snmp detection --ip 192.168.1.1
ptsrvtester dns whois -d example.com
ptsrvtester ldap banner -ip 192.168.1.1
ptsrvtester <module> -h for help for module use
Available Modules:
<module> Select module to use
snmp SNMP testing module
dns DNS testing module
ldap LDAP testing module
msrpc MSRPC testing module
ftp FTP testing module
ssh SSH testing module
smtp SMTP testing module
pop3 POP3 testing module
imap IMAP testing module
-v --version Show script version and exit
-h --help Show this help message and exit
-j --json Output in JSON format
--debug Enable debug messages
Module Descriptions:
SNMP Module
- Version detection (SNMPv1, SNMPv2c, SNMPv3)
- SNMPv2 community string brute-force
- SNMPv3 user enumeration and credential brute-force
- Write permission testing
- MIB walking (SNMPv2/SNMPv3)
DNS Module
- DNS server information retrieval
- Reverse DNS lookup
- Zone transfer attempts
- DNS record lookup
- WHOIS queries
- Subdomain brute-forcing
- DNSSEC verification
- Zone walking (NSEC/NSEC3)
LDAP Module
- Server banner retrieval
- LDAP search queries
- User enumeration
- Credential brute-force
- Write permission testing
MSRPC Module
- Endpoint mapper enumeration
- MGMT interface enumeration
- Named pipe brute-force
- SMB/TCP/HTTP credential brute-force
- Anonymous SMB access testing
- Named pipe enumeration
FTP Module
- Banner grabbing
- Anonymous authentication testing
- Read/write access testing
- Credential brute-force
- FTP bounce attack testing
SSH Module
- Banner and host key retrieval
- Authentication method detection
- Bad public key detection
- SSH audit (CVE identification)
- Credential and private key brute-force
SMTP Module
- Server information gathering
- User enumeration (VRFY, EXPN, RCPT)
- NTLM information disclosure
- Open relay testing
- Credential brute-force
- Blacklist testing
POP3 Module
- Banner and capabilities retrieval
- Anonymous authentication testing
- NTLM authentication inspection
- Credential brute-force
IMAP Module
- Banner and capabilities retrieval
- Anonymous authentication testing
- NTLM authentication inspection
- Credential brute-force
## Dependencies
cryptography>=42.0.8 dnspython>=2.7.0 impacket>=0.12.0 ldap3>=2.9.1 ptlibs>=1.0.20,<2 pysnmp>=7.1.20 python-whois>=0.9.5 paramiko beautifulsoup4 httpx h2 lxml ssh_audit ntlm-auth
## License
Copyright (c) 2024 Penterep Security s.r.o.
ptsrvtester is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
ptsrvtester is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with ptsrvtester. If not, see https://www.gnu.org/licenses/.
## Warning
You are only allowed to run the tool against the servers and systems which
you have been given permission to pentest. We do not accept any
responsibility for any damage/harm that this application causes to your
computer, or your network. Penterep is not responsible for any illegal
or malicious use of this code. Be Ethical!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
ptsrvtester-1.0.1.tar.gz
(75.9 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ptsrvtester-1.0.1.tar.gz.
File metadata
- Download URL: ptsrvtester-1.0.1.tar.gz
- Upload date:
- Size: 75.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a0492132a4104c6701c9fe1d023fa0d37e7faf98a36c68ae6da85b6a7c4346b9
|
|
| MD5 |
7e0043049439435bc79cb08c898e449e
|
|
| BLAKE2b-256 |
4fbed808d492ea47b5360e67280ce4deb2786469e7722bf967ff427dd5ca7921
|
File details
Details for the file ptsrvtester-1.0.1-py3-none-any.whl.
File metadata
- Download URL: ptsrvtester-1.0.1-py3-none-any.whl
- Upload date:
- Size: 85.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
da68e358d330f62cc3783622fa9f27453a867deb9f0edebe40e407d7ed334707
|
|
| MD5 |
b24bd78a6457725c9cb5702d2c082997
|
|
| BLAKE2b-256 |
85c6879353f3118868a8f50071ad7c192f080e9c4aa5cfe92ccfdca2d24c5c4a
|
