🗡️ Pentest Helper

$9.99

Ethical pentesting toolkit for authorized security assessments. Includes fuzzing helpers, curated SQLi/XSS/path traversal payloads, request replay with mutation, and a finding logger. Only use on systems you own or have written permission to test.

• SQLi payload library (error-based, blind, time-based)
• XSS payload sets (reflected, stored, DOM-based)
• Path traversal and LFI probe sequences
• HTTP request fuzzer with wordlist support
• Request replay and mutation (change headers, body, params)
• Finding logger with severity, notes, and evidence storage
• Rate-limited mode to stay under WAF thresholds

# Fuzz a login endpoint
python pentest.py fuzz --url https://target.local/login --wordlist common.txt

# Run SQLi probes against a param
python pentest.py sqli --url "https://target.local/item?id=1" --param id

# Replay and mutate a request
python pentest.py replay --request req.txt --mutate headers

Related tools