PA-Pentest_Automation is a comprehensive Bash script designed to automate various security checks and penetration testing tasks. This tool is build to save companies time and effort by automating the detection of common vulnerabilities and security misconfigurations in web applications.
- Checks if HTTP port 80 is open or closed.
- Tests for Host Header Injection on ports 80 and 443.
- Identifies potential Broken Link Hijacking vulnerabilities.
- Scans for backup files using the BFAC tool.
- Evaluates SSL security using sslscan.
- Searches JavaScript files for secrets and sensitive information.
- Performs HTTP Request Smuggling attacks.
- Generates detailed output reports for each check.
Run the below commands to install all the important packages:
git clone https://github.com/yourusername/PA-Pentest_Automation.git
cd PA-Pentest_Automation
chmod +x PA-Pentest_Automation.sh
sudo apt-get update; sudo apt-get install sslscan; pip3 install -r requirements.txt
./PA-Pentest_Automation.sh <target-url>
Example:
./PA-Pentest_Automation.sh example.com
This script is provided for educational purposes only. Unauthorized access to computer systems is illegal and unethical. Use this script only on systems you own or have explicit permission to test.
If you have any improvements or suggestions, feel free to submit a pull request or open an issue.