Skip to content

5afagy/OmniPentest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
omni360
omni360
 
 
omnipentest
omnipentest
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
OmniPentest.py
OmniPentest.py
 
 
OmniPentest_V2.py
OmniPentest_V2.py
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

📦 requirements.txt

This file lists all the Python dependencies required to run OmniPentest. Users can install all dependencies in one command using pip.

rich
requests

📄 README.md

A straightforward README file that includes essential information about OmniPentest, installation instructions, usage examples, and other relevant details.

# OmniPentest 🛡🔍

**OmniPentest** is an enhanced all-in-one penetration testing tool designed to streamline network security assessments. It integrates subnet scanning, service and OS detection, misconfiguration checks, brute-forcing, sensitive data detection, and comprehensive reporting.

## 🔧 **Features**

- **Subnet Scanning and Host Discovery**
- **Service and OS Detection** using Nmap with vulnerability scripts
- **Misconfiguration Checks** for SMB, FTP, NFS, HTTP(S)
- **Brute-Forcing Credentials** using Hydra
- **Sensitive Data Detection**
- **Reporting** in JSON and CSV formats
- **Rich Console Output**

## 🛠 **Installation**

### 1. **Clone the Repository**

```bash
git clone https://github.com/yourusername/OmniPentest.git
cd OmniPentest

2. Install Python Dependencies

Ensure you have Python 3.6 or higher installed.

pip install -r requirements.txt

3. Install External Tools

OmniPentest relies on several external tools. Install them as follows:

For Debian/Ubuntu-based Systems:

sudo apt-get update
sudo apt-get install -y nmap hydra smbclient nfs-common telnet

For macOS (Using Homebrew):

brew install nmap hydra smbclient

For Windows:

  1. Nmap: Download and install from nmap.org
  2. Hydra: Download from Hydra GitHub and follow installation instructions.
  3. smbclient: Available as part of Samba for Windows
  4. telnet: Enable via Control Panel > Programs > Turn Windows features on or off > Telnet Client

Note: Some tools like showmount and telnet might require additional setup or alternative tools on macOS.

4. Prepare Username and Password Files

Create two files named usernames.txt and passwords.txt in the project directory.

Example usernames.txt:

admin
user
guest
test
root

Example passwords.txt:

password123
admin123
guest
123456
letmein
qwerty

Security Note: Ensure these files are stored securely and have appropriate permissions to prevent unauthorized access.

🖥 Usage

Run the tool with required arguments:

sudo python3 OmniPentest.py <subnet> --json-report --csv-report --threads 100 --userlist usernames.txt --passlist passwords.txt

Example:

sudo python3 OmniPentest.py 192.168.1.0/24 --json-report --csv-report --threads 100 --userlist usernames.txt --passlist passwords.txt

Options:

  • <subnet>: Target subnet in CIDR notation (e.g., 192.168.1.0/24)
  • --json-report: Generate JSON report
  • --csv-report: Generate CSV report
  • --threads: Number of parallel threads (default: 100)
  • --userlist: Path to username list for brute-forcing
  • --passlist: Path to password list for brute-forcing
  • --vulners-key: (Optional) Vulners API key for enhanced vulnerability scanning
  • --no-brute: (Optional) Skip brute-forcing

📊 Reporting

OmniPentest provides comprehensive reports in both JSON and CSV formats, detailing live hosts, detected services and operating systems, misconfigurations, brute-forcing results, and sensitive data findings.

  • JSON Report: report.json
  • CSV Report: report.csv

📚 Dependencies

OmniPentest relies on the following Python packages:

  • Rich: For enhanced console output with colors and styles.
  • Requests: For handling HTTP requests.

All dependencies can be installed using the provided requirements.txt file.

🔧 External Tools

Ensure the following external tools are installed and accessible in your system's PATH:

  • Nmap: Network scanning and OS detection.
  • Hydra: Password brute-forcing tool.
  • smbclient: SMB/CIFS client.
  • showmount: Lists NFS exports (part of nfs-common on many Linux distributions).
  • telnet: For FTP misconfiguration checks.

Refer to the Installation section for detailed installation instructions.

📝 Usage Notes

  • Run with Elevated Privileges: To ensure accurate OS detection and comprehensive scanning, run the tool with elevated privileges (e.g., using sudo on Unix/Linux systems).

    sudo python3 OmniPentest.py [OPTIONS] <SUBNET>

  • Brute-Forcing Phase: Brute-forcing can be resource-intensive and may trigger security alerts. Use the --no-brute flag to skip this phase if desired.

  • Vulners API Key: For enhanced vulnerability scanning, obtain an API key from Vulners and use the --vulners-key argument.

📜 License

MIT License. See LICENSE for details.

👤 Author

Khafagy

Email: Ali5afagy@gmail.com

Linkedin: Linkedin.com/in/khafagy

📚 Resources

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages