📌 Pentest AI Automation Script

Automate your pentesting tasks with the help of AI! This script uses advanced language models to optimize tool selection, generate commands, execute these commands, and intelligently analyze the results.

Some texts or comments are still in French but it's about to change :)

---

🚀 Description

The Pentest AI Automation Script is a tool designed to automate pentesting tasks using AI. It leverages APIs to interact with advanced language models to simplify and speed up pentesting processes, particularly repetitive tasks and result analysis. Use this script to improve the efficiency of your security tests while benefiting from flexible configuration.

---

🛠 Classic Installation

Prerequisites

• Kali Linux : Recommended to have most of the necessary tools.

• Python 3.8+ : Make sure you have a compatible version of Python.

• pip : Used to manage Python dependencies.

• Gemini API Key : Get your key here.

Installing Dependencies

Install all necessary libraries using:

pip install -r requirements.txt

Necessary Files

• config/tools/authorized_tools.txt : List of authorized tools for security testing.

• config/tools/tool_priority.txt : List of preferred tools for certain tasks. (Deprecated, you can modify the code in the command function located in task_execution.py if necessary.)

---

⚙️ Configuration

Use the --auto mode or specify at least the -ip, -c, and -key parameters.

options:
  -h, --help            Show help message and exit.
  -ip TARGET, --target TARGET
                        IP address to scan.
  -c CONTEXT, --context CONTEXT
                        Testing context.
  -p PRIORITY_TOOL, --priority-tool PRIORITY_TOOL
                        Path to the priority tools file.
  -s SAFE_TOOL, --safe-tool SAFE_TOOL
                        Path to the authorized tools file.
  -v PROMPT_VERSION, --prompt-version PROMPT_VERSION
                        Prompt version.
  -api API_TYPE, --api-type API_TYPE
                        API type.
  -key API_KEY, --api-key API_KEY
                        API key.
  --auto                Enable auto mode for manual input of values.

🖥️ Usage

Running the Script

To run the script, execute the following command:

With classic installation

sudo python main.py -key "your_api_key" -ip "target_ip" -c "context"

Note : Administrator rights may be required for some commands.

Main Features

• Initialization : The script starts by initializing AI sessions.

• Target Information Input : Enter the target IP address and/or the test context.

• Task Tree : Generates a task tree based on the information provided and AI models.

• Task Selection and Execution : Automatic selection of appropriate tasks, generation, and execution of commands.

• Analysis and Reporting : Analyzes the results of each command and generates a final report in Markdown and PDF formats.

Interrupting the Script

To interrupt the script at any time, use Ctrl+C. A final report will be generated automatically.

---

📁 Project Structure

• config/ : Contains configuration files for AI sessions.

• prompts/ : Prompt files used to communicate with the AI.

• tasks/ : Scripts related to specific tasks such as report creation, installation verification, etc.

• outputs/ : Folder where output files, including analysis reports, are stored.

• logs/ : Contains logs of commands and prompts.

---

⚠️ Limitations

• This script is designed to be used in a controlled environment with specific tools listed in authorized_tools.txt.

• A valid Gemini API key is required to interact with AI services.

• The AI may sometimes generate suboptimal or superficial responses.

---

👤 Contributor

• Elouan TEISSERE - Project Creator