pentest-kit
skill
Fail
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in install-local.sh
- rm -rf — Recursive force deletion command in install-remote.sh
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This project is a tool-orchestrated penetration testing framework for Claude Code. It acts as an interface to run and chain various free external security tools (like Nmap, SQLmap, and Semgrep) inside a Docker container, rather than crafting and executing attack payloads directly.
Security Assessment
The framework explicitly executes shell commands and makes network requests to run external security tools and scans. It does not request explicitly dangerous host permissions, but there are significant risks in its setup process. The installation scripts contain `rm -rf` recursive force deletion commands. Additionally, the primary installation method relies on a remote `curl | bash` script, which can be inherently risky if the external domain is ever compromised. Because the tool is designed to orchestrate active vulnerability scanning and exploitation commands against target networks, the overall risk is rated as High.
Quality Assessment
The codebase uses the permissive MIT license and the author is actively maintaining it, as evidenced by a repository push within the last day. However, it suffers from extremely low community visibility. With only 5 stars on GitHub, the project has not been widely peer-reviewed or battle-tested by the broader security community, making it difficult to gauge its true reliability or safety.
Verdict
Use with extreme caution: while actively maintained and conceptually sound, the low community trust, destructive file deletion commands in the installation scripts, and the high-risk nature of automated penetration testing make this unsuitable for production environments without a thorough manual code review.
This project is a tool-orchestrated penetration testing framework for Claude Code. It acts as an interface to run and chain various free external security tools (like Nmap, SQLmap, and Semgrep) inside a Docker container, rather than crafting and executing attack payloads directly.
Security Assessment
The framework explicitly executes shell commands and makes network requests to run external security tools and scans. It does not request explicitly dangerous host permissions, but there are significant risks in its setup process. The installation scripts contain `rm -rf` recursive force deletion commands. Additionally, the primary installation method relies on a remote `curl | bash` script, which can be inherently risky if the external domain is ever compromised. Because the tool is designed to orchestrate active vulnerability scanning and exploitation commands against target networks, the overall risk is rated as High.
Quality Assessment
The codebase uses the permissive MIT license and the author is actively maintaining it, as evidenced by a repository push within the last day. However, it suffers from extremely low community visibility. With only 5 stars on GitHub, the project has not been widely peer-reviewed or battle-tested by the broader security community, making it difficult to gauge its true reliability or safety.
Verdict
Use with extreme caution: while actively maintained and conceptually sound, the low community trust, destructive file deletion commands in the installation scripts, and the high-risk nature of automated penetration testing make this unsuitable for production environments without a thorough manual code review.
Tool-orchestrated penetration testing framework for Claude Code. DAST + SAST + SCA in a hardened Docker container.
README.md
pentest-kit
Tool-orchestrated penetration testing framework for Claude Code. Executors never attack directly — they run free external tools, parse output, and chain results.
Install
curl -sSL https://get.nunenuh.me/pentest-kit | bash
Or clone manually:
git clone https://github.com/nunenuh/pentest-kit.git
cd pentest-kit
./install-local.sh --symlink # symlinks into ~/.pentest-kit, supports multi-Claude-home
Workspace is created at ~/.pentest-kit/ for remote installs, or symlinked for local clones.
How It Works
| Direct Pentest | pentest-kit | |
|---|---|---|
| Executor action | Crafts payloads, sends requests | Runs nmap/nuclei/sqlmap via Bash |
| XSS testing | Injects <script>alert(1)</script> |
Runs dalfox url "..." --format json |
| SQL injection | Sends ' OR '1'='1 |
Runs sqlmap -u "..." --batch |
| Port scanning | curl/netcat | Runs nmap -sV --top-ports 1000 |
| Source code analysis | — | Runs semgrep --config auto |
| Dependency scanning | — | Runs trivy fs |
| Manual testing | Playwright clicks through app | User uses Caido, exports → tools process |
Modes
| Mode | Command | How It Works |
|---|---|---|
| Auto | /pentest-kit |
Fully automated — run pipelines, tools, generate report |
| Assist | /pentest-kit assist |
You test in Caido → agent processes your exports |
| Copilot | /pentest-kit copilot |
Agent drives Playwright + mitmproxy, you direct (4 primitives: browser, http, shell, note; auth.yaml, transcript/resume) |
38 Tools (100% Free)
| Category | Tools |
|---|---|
| Recon | subfinder, dnsx, httpx, nmap |
| Crawling | katana, gau, waybackurls |
| Discovery | ffuf, feroxbuster, gobuster, arjun, paramspider |
| Scanning | nuclei, OWASP ZAP, nikto, wapiti |
| Injection | sqlmap, dalfox, commix, tplmap |
| Auth/Creds | jwt_tool, hydra |
| SAST | semgrep (multi-lang), bandit (Python) |
| SCA | trivy (deps, containers, IaC), grype |
| Secrets | gitleaks, trufflehog |
| SSL/TLS | testssl.sh |
| Proxy | Caido (host), mitmproxy (container) |
| Browser | Playwright MCP (copilot mode) |
| Wordlists | SecLists (6000+ files) |
| Reporting | pandoc (DOCX/PDF) |
Quick Start
# Install CLI + pull Docker image
curl -sSL https://get.nunenuh.me/pentest-kit | bash
# Bootstrap engagement — starts container, runs preflight, creates result dirs
pentest-kit init acme-2026q1 --target https://acme.example.com --source /path/to/code
# Run scan pipelines
pentest-kit scan recon --target acme.example.com
pentest-kit scan sast
pentest-kit scan sca
# Generate report from findings
pentest-kit report generate acme-2026q1
# Check status anytime
pentest-kit status
pentest-kit engage list
Go CLI
The pentest-kit binary is the primary interface. It wraps Docker, engagement tracking, and reporting.
| Command | Description |
|---|---|
pentest-kit init <name> -t <url> [-s <path>] |
Bootstrap engagement — container + preflight + dirs |
pentest-kit scan <pipeline> -t <url> [-e <name>] |
Run a pipeline (recon, webapp-scan, injection, auth, sast, sca, ssl, cve) |
pentest-kit exec <command...> |
Run any command inside the container |
pentest-kit preflight [--deep] [--save] |
Check tool availability and health |
pentest-kit report generate [engagement] |
Generate report from findings.json via templates |
pentest-kit report status [engagement] |
Show which report sections exist |
pentest-kit engage list |
List all engagements |
pentest-kit engage status [engagement] |
Show engagement progress, pipelines, findings |
pentest-kit proxy tor|socks5|http|preset|chain|off|status|list |
Configure outbound proxy (tor, presets, chains) |
pentest-kit copilot start|stop|status|turn|resume|replay |
Copilot mode (browser-driven, LLM-reasoned) |
pentest-kit up / down |
Start/stop the container |
pentest-kit shell |
Interactive bash inside the container |
pentest-kit status |
Container status + active engagement |
pentest-kit logs [engagement] |
Show activity logs |
Pipelines
9 predefined tool chains:
| Pipeline | Tools | Trigger |
|---|---|---|
| recon | subfinder → httpx → nmap → katana → gau → ffuf → nuclei | Every engagement |
| webapp-scan | ZAP + nuclei + dalfox + nikto | Web app found |
| injection | arjun + ffuf + sqlmap + commix + tplmap | Parameters found |
| auth | jwt_tool + hydra + ffuf + Playwright | Auth endpoints |
| caido-loop | Caido export → nuclei + sqlmap + dalfox | Manual testing |
| cve | nuclei + nmap --script vuln | Tech versions found |
| sast | semgrep + bandit | Source code available |
| sca | trivy + grype + gitleaks + trufflehog | Dependencies/secrets |
| ssl | testssl.sh | HTTPS endpoints |
Report Generation
findings.json → 16 templates → reports/raw/*.md → reports/final/*.md → pandoc → .docx
The report system uses 16 templates in reference/templates/ (executive summary, findings, remediation, threat model, compliance mapping, evidence log, etc.). Sections are dynamically numbered based on what the engagement produces.
Key features: verified-only findings, copy-paste PoCs, severity x difficulty heatmap, vulnerabilities vs observations split, de-duplicated results.
Engagement Tracking
Each engagement gets a state.json that tracks phase, pipeline status, and findings counts. The CLI updates it automatically as scans run.
pentest-kit engage status acme-2026q1
# Engagement: acme-2026q1
# Target: https://acme.example.com
# Phase: scanning
# Findings: 2 Critical, 5 High, 12 Medium, 3 Low
# Pipelines:
# ✓ recon: complete (7 findings)
# ▶ webapp-scan: running
# ○ injection: pending
Copilot Mode
Browser-driven, LLM-reasoned pentesting. The agent drives Playwright and mitmproxy while you direct the testing.
| Primitive | What it does |
|---|---|
browser |
Playwright navigation, clicks, form fills |
http |
Raw HTTP requests via mitmproxy |
shell |
Container commands (nmap, sqlmap, etc.) |
note |
Record observations and findings |
Copilot uses auth.yaml for credential management and produces a transcript that supports resume (continue interrupted sessions) and replay (reproduce findings).
pentest-kit copilot start --target https://example.com
pentest-kit copilot turn "Log in and test the admin panel for IDOR"
pentest-kit copilot status
pentest-kit copilot resume
Docker Architecture
Your Laptop (HOST)
├── pentest-kit/
│ ├── targets/ ─────────────┐ mounted read-only
│ ├── results/ ─────────────┤ mounted writable
│ └── docker-compose.yml │
│ │
│ Caido (on host) │ ← manual proxy
│ │
└──────────────────────────────┘
│
Docker Container ──────────┘
├── root (inside container only)
├── nmap, nuclei, sqlmap, ffuf, ZAP ← DAST
├── semgrep, bandit ← SAST
├── trivy, grype, gitleaks ← SCA + Secrets
├── mitmproxy, testssl.sh ← proxy + SSL
├── httpx (Go), nikto, Playwright ← fixed in Dockerfile
├── /pentest-kit/targets (read-only) ← your code
└── /pentest-kit/results (writable) ← findings
Host isolation:
✅ Can't modify your source code (read-only mount)
✅ Can't escalate to host root (no-new-privileges)
✅ Isolated process/memory namespaces
⚠️ Shares host network (required for scanning)
Structure
pentest-kit/
├── pentest-kit-cli/ # Go CLI (primary interface)
│ ├── cmd/pentest-kit/main.go # 13 commands: init, up, down, shell, exec, preflight, report, engage, status, logs, scan, proxy, copilot
│ └── internal/ # docker, engage, pipeline, preflight, report
├── .claude/
│ ├── agents/ # orchestrator.md + executor.md
│ └── skills/pentest-kit/
│ ├── SKILL.md # Skill definition
│ ├── attacks/ # 178 attack docs (9 categories, WSTG 88% coverage)
│ └── reference/
│ └── templates/ # 16 report templates
├── tools/
│ ├── REGISTRY.md # 38 tool catalog (commands, parsers)
│ ├── PIPELINES.md # 9 tool chains
│ ├── preflight.sh # Tool checker
│ ├── kali/install.sh # CLI tool installer
│ ├── wrappers/ # Python output normalizers
│ ├── copilot/ # Interceptor + rules
│ └── addons/ # mitmproxy scripts
├── rules/ # semgrep, nuclei, bandit rules
├── rules.local/ # Org-specific rules (gitignored)
├── targets/ # Scan targets (read-only in container)
├── results/ # Per-engagement results
│ └── {engagement}/
│ ├── state.json # Engagement tracking
│ ├── findings.json # Machine-readable findings
│ ├── manifest.json # File tracking
│ ├── reports/raw/ # Generated markdown sections
│ ├── reports/final/ # Assembled report + DOCX
│ ├── scans/ # Raw tool output by category
│ ├── scripts/ # PoC scripts
│ ├── evidence/ # Per-finding evidence (FIND-001/)
│ ├── copilot/ # Traffic + findings NDJSON
│ └── activity/ # Pipeline execution logs
├── Dockerfile # Kali + 38 tools + Playwright + Chromium + mitmproxy
├── docker-compose.yml # Hardened config
├── install.sh # Local installer
├── install-local.sh # Local installer (--symlink, multi-Claude-home)
├── install-remote.sh # Remote installer (curl | bash)
└── uninstall.sh # Clean removal
Workflow
Phase 1: Init → pentest-kit init, start container, run preflight
Phase 2: Recon → pentest-kit scan recon
Phase 3: Planning → Analyze recon, select pipelines, get USER APPROVAL
Phase 4: Testing → pentest-kit scan {pipeline} in parallel
Phase 5: Aggregate → Merge tool outputs, deduplicate, score (CVSS)
Phase 6: Report → pentest-kit report generate
Uninstall
# If installed via clone
./uninstall.sh
# If installed via curl
rm -rf ~/.pentest-kit
rm -f ~/.claude/skills/pentest-kit
rm -f ~/.claude/agents/orchestrator.md ~/.claude/agents/executor.md
Credits
Taken from transilienceai/communitytools pentest framework and recreated for custom purpose: external tool orchestration with DAST+SAST+SCA coverage using free tools in a hardened Docker container.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found