A comprehensive desktop application built with Python and PyQt6 to streamline web security reconnaissance and automate the detection of common vulnerabilities. This toolkit saves valuable time by integrating scanning and enumeration tools into a single, user-friendly interface.
This toolkit combines reconnaissance and active scanning capabilities to provide a holistic view of a target's security posture.
Domain Intelligence: Fetches WHOIS registration data to gather information about a domain owner. Subdomain Discovery: Enumerates subdomains using sources like crt.sh to map the target's attack surface. Port & Service Scanning: Scans for open TCP/UDP ports to identify active services and potential points of entry. Availability Check: Performs a quick ICMP ping to verify if a target is online and responsive.
SQL Injection (SQLi): Tests input fields against a variety of common SQLi payloads to uncover database vulnerabilities. Cross-Site Scripting (XSS): Deploys payloads designed to detect both reflected and stored XSS flaws. HTML Injection: Assesses if application inputs are susceptible to malicious HTML code injection.
Backend: Python Graphical User Interface: PyQt6 Web & Network: Requests, BeautifulSoup4, dnspython, python-whois, pycrtsh Database Connector: psycopg2 (for PostgreSQL) Packaging: PyInstaller
Follow these instructions to get a local copy up and running for development or use.
Prerequisites Python 3.8 or newer Git for cloning the repository
Clone the repository: git clone https://github.com/ekagrazi/RedTeamToolkit.git cd ekagrazi
Create a virtual environment (recommended): python -m venv venv .\venv\Scripts\activate
The requirements.txt file contains all necessary packages. pip install -r requirements.txt
Once the installation is complete, you can run the application from the root directory: python main.py
This tool is intended for educational purposes and authorized security testing only.