This is an interactive application that can be used as a quick reference, & help automate certain phases of an engagement & align it to the PTES methodology (database support coming soon if I have time).
You *MUST install the rainbow gem for the pretty colorized output seen above:
gem install rainbow
require 'rainbow'
./ptes.rb
- Shell / Commandline (CLI) application allowing:
- The creation/tracking of new engagements via flat-file (.txt). Database support coming soon (time permits).
- Helps automate certain phases of the PTES methodology.
- Can be used as a local reference for PTES. Most information is stored locally in the application.
- Pre-engagement Interactions
- Intelligence Gathering
- Threat Modeling
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
- The creation/tracking of new engagements via flat-file (.txt). Database support coming soon (time permits).
- Tested on ruby version/s:
-
ruby 2.0.0p0 (2013-02-24 revision 39474)
-
ruby 1.9.3
-
- 09/25/2013 - Simple code updates
- 09/25/2013 - Updated README.md
- Update Pre-engagement Interactions phase (validate IP ranges, and domains / integrated whois).
- Update the adding/listing engagements process (make it prettier).
- Possible Rails UI in the future.
- Automate repetitive aspects of the Intelligence Gathering phase via OSINT (External/Active footprinting, Internal footprinting/Passive Recon)!
- Automate repetitive aspects of the Threat Modeling phase!
- Automate repetitive aspects of the Vulnerability Analysis phase!
- Automate repetitive aspects of the Exploitation phase!
- Automate repetitive aspects of the Post Exploitation phase!
- Automate the entire reporting process of the Reporting phase (Rails application upgrade)!
- Export Pen Test report to the following file formats: word, xml, and pdf.
- Rick Flores (nanotechz9l) -- 0xnanoquetz9l[--at--]gmail.com
This code is free software; you can redistribute it and/or modify it under the terms of the new BSD License.