Neptune's Potato Monsters

    pentest-tool-lite

    3.6.3 • Public • Published

    Pentest Tool LITE

    License Lint and test codecov

    Check your website ( or any other website ) for common vulnerabilities.

    Usage

    Install

    yarn global add pentest-tool-lite
    
    # of if you use npm
    
    npm i -g pentest-tool-lite

    Basic

    pentest-tool-lite <URL> # http(s)://....

    Example

    pentest-tool-lite https://juffalow.com

    pentest

    Options

    Available options:

    • -V, --version output the version number
    • --grep only run tests matching tests separated by comma
    • --exclude exclude tests matching tests separated by comma
    • --logger
    • --report
    • -h, --help output usage information

    help

    $ pentest-tool-lite --help

    grep

    Grep is checking every test if it contains any string from the grep argument.

    To check just https and hsts type:

    pentest-tool-lite https://juffalow.com --grep https,hsts

    To list all available tests:

    pentest-tool-lite tests

    exclude

    If you do not want to run specific tests, you can ignore them with exclude argument.

    To exclude javascript, css and image tests:

    pentest-tool-lite https://juffalow.com --exclude javascript,css,image

    reportType

    Default report is short, which will show just test titles. If you want to see also description, change it to FULL report with:

    pentest-tool-lite https://juffalow.com --reportType FULL

    reportFormat

    pentest-tool-lite https://juffalow.com --reportFormat JSON

    Sub Commands

    Sitemap

    List all URLs in sitemap. If it is sitemap index (sitemap that contains URLs to other sitemaps) it loads every sitemap and shows URLs from all of them.

    pentest-tool-lite sitemap https://example.com/sitemap.xml

    Random

    Reads from standard input and outputs lines based on some probability. This can be used for testing just random urls. For example, you can run sitemap sub-command, but you don't want to run the pentest on all of listed urls, so you can use pipes and pick random urls.

    pentest-tool-lite sitemap https://example.com/sitemap.xml | pentest-tool-lite random | xargs -n1 pentest-tool-lite

    Contributing

    Use GitHub issues if you have suggestion for new check(s) or you found a bug in existing one.

    And I'll be thankful for every pull request ;-)

    How to run project locally

    # install node modules
    yarn
    # run
    yarn start https://juffalow.com
    
    # or if you use npm
    
    # install node modules
    npm i
    # run
    npm start -- https://juffalow.com

    Debugging and Logging

    Log everything:

    pentest-tool-lite https://juffalow.com --logger=DEBUG

    Log everything that has at least WARNING level:

    pentest-tool-lite https://juffalow.com --logger=WARNING

    Tests

    npm test

    License

    MIT license

    Install

    npm i pentest-tool-lite

    DownloadsWeekly Downloads

    4

    Version

    3.6.3

    License

    MIT

    Unpacked Size

    141 kB

    Total Files

    142

    Last publish

    Collaborators

    • juffalow