A collection of Python scripts for penetration testing and ethical hacking.
This toolkit includes practical tools for common tasks such as subdomain and directory enumeration, scanning, brute forcing, and more.
| Script | Description |
|---|---|
subdomain_enum.py |
Enumerate subdomains for a target domain. |
directory_enum.py |
Brute force directories and files on a web server. |
network_scanner.py |
Discover live hosts on a given network range. |
port_scanner.py |
Scan for open TCP ports on a target. |
file_downloader.py |
Download files from a list of URLs. |
hash_cracker.py |
Crack hashes using a wordlist (MD5, SHA1, SHA256). |
keylogger.py |
Simple keylogger for demonstration purposes. |
ssh_bruteforce.py |
SSH brute forcer using a wordlist. |
1️⃣ Clone this repo:
git clone https://github.com/yourusername/pentest-toolkit.git
cd pentest-toolkit2️⃣ Install dependencies (use a virtual environment if you like):
pip install -r requirements.txtEach script has its own CLI flags. Here are some quick examples:
python scripts/subdomain_enum.py --domain example.com --wordlist wordlist.txtpython scripts/directory_enum.py --url http://example.com --wordlist wordlist.txtpython scripts/network_scanner.py --network 192.168.1.0/24python scripts/port_scanner.py --target example.com --ports 1-1024python scripts/file_downloader.py --urls urls.txt --output ./downloadspython scripts/hash_cracker.py --hash <HASH> --mode md5 --wordlist wordlist.txtpython scripts/keylogger.pypython scripts/ssh_bruteforce.py --host 192.168.1.10 --user root --wordlist passwords.txt🔑 Tip: Use -h or --help for full usage options.
The toolkit now uses rich for clean, modern console output instead of large ASCII banners. Links are clickable in supported terminals.
This toolkit is for educational and authorized security testing only. The author does not take responsibility for misuse or illegal activities.
Farhad Anwari
This project is licensed under the MIT License.
Pull requests are welcome — feel free to submit improvements or new scripts!