#payload #networking #tool #protocols #penetration #port #ip

bin+lib pentest

A zero dependency network penetration test tool

1 unstable release

0.1.0 Apr 12, 2023

#2 in #penetration

MIT license

10KB
164 lines

Network Penetration Test Tool

GitHub Workflow Status GitHub release (latest SemVer including pre-releases) Crates.io GitHub top language GitHub repo size

This zerodeps Rust-based command-line tool allows you to perform a soft penetration test on a target IP address and port. It sends a predefined number of packets using either the TCP or UDP protocol to test the network's capability.

Features

  • Support for both TCP and UDP protocols
  • Customizable packet payload
  • Adjustable packet count
  • Configurable concurrency level (number of threads)
  • Debug output for monitoring progress

Usage

  1. Clone the repository:
git clone https://github.com/ca333/pentest
cd pentest
  1. Build the project:
cargo build --release
  1. Run the penetration test tool with the desired parameters:
./target/release/pentest [IP_ADDRESS] [PORT] [COUNTER] [PROTOCOL] [PAYLOAD] [CONCURRENCY]

Replace the parameters as needed:

  • IP_ADDRESS: Target IP address (e.g., 127.0.0.1)
  • PORT: Target port number (e.g., 7777)
  • COUNTER: Number of packets to send (e.g., 1000)
  • PROTOCOL: Protocol to use: TCP or UDP
  • PAYLOAD: Packet payload as a string (e.g., "Test payload")
  • CONCURRENCY: Number of threads for concurrent packet sending (e.g., 5)

Example

To test a local server listening on IP address 127.0.0.1, port 7777, sending 1000 packets using the TCP protocol, with a payload of "Test payload" and using 5 threads, run the following command:

./target/release/pentest 127.0.0.1 7777 1000 TCP "Test payload" 5

TODO

  • Improve error handling
  • Modularize the code
  • Add unit tests and integration tests
  • Implement CI/CD
  • Implement command-line argument parsing using clap or structopt
  • Add/Enhance documentation
  • Allow configuration via a file
  • Integrate a logging library
  • Implement clusterization via containers
  • Support additional protocols (e.g., ICMP, HTTP)
  • Add "automagic" port scanning feature
  • Implement customizable packet options
  • Introduce fingerprinting capabilities
  • Integrate automagic vulnerability scanning
  • Provide traffic analysis and reporting features

License

This project is licensed under the MIT License. See the LICENSE file for details.

Disclaimer

This tool is intended for educational purposes and legal penetration testing only. The author is not responsible for any misuse or damage caused by this tool. Use it at your own risk.

Please note that this project is in an early stage of development and is being used as a personal playground to explore the networking stack using Rust. As a result, it might not be suitable for production use or for critical security testing. The tool is provided "as is," and no guarantees are given regarding its stability, correctness, or effectiveness.

Always obtain proper authorization before conducting penetration tests on any systems or networks.

Contributors

No runtime deps