Skip to content

Automatically exported from code.google.com/p/yaptest

License

GPL-2.0, Unknown licenses found

Licenses found

GPL-2.0
COPYING
Unknown
COPYING.YAPTEST
Notifications You must be signed in to change notification settings

pentestmonkey/yaptest

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

A penetration testing framework that helps automate the boring parts of pentests

=== Yet Another PenTEST... ===

Work in progress: This project has not yet been moved to google code. See also the [http://pentestmonkey.net/projects/yaptest/yaptest-overview/ official homepage] and [http://thegreyhats.blogspot.co.uk/2012/03/getting-yaptest-to-run-under-ubuntu.html freakyclown's install notes].

At times pentesting is one of the most fun jobs around. Other times, though it's dull. When you're having to manually check for the same issues on the next host and the next host and the next... testing can get kinda tedious.

Vulnerability scanners (nessus and the like) have their place, but no scanner is going to test for everything that you're interested in. Yaptest aims to make it easy for a pentester to automate parts of testing on the fly. This is particularly useful when testing very large networks. Below are some examples of tasks which would be easy to automate using yaptest:

* Run nikto on anything nmap thinks is an HTTP service
* Run hydra on every host with TCP port 21 open
* Attempt upload a file to any TFTP servers found
* Run onesixtyone on all hosts that are up
* Try metasploit's solaris_kcms_readfile exploit against any hosts running kcmsd

Yaptest is the glue between your favourite tools and the knowledge base gathered during your pentest. It handles all the mundane stuff that can easily be automated and leaves you free to get on with owning boxes demonstrating risk using techniques that yaptest doesn't know about yet.

About

Automatically exported from code.google.com/p/yaptest

Resources

License

GPL-2.0, Unknown licenses found

Licenses found

GPL-2.0
COPYING
Unknown
COPYING.YAPTEST

Stars

Watchers

Forks

Packages

No packages published