{"id":35117127,"url":"https://github.com/jeremylaratro/purplesploit","last_synced_at":"2026-05-21T19:38:13.751Z","repository":{"id":323398281,"uuid":"1085355404","full_name":"jeremylaratro/purplesploit","owner":"jeremylaratro","description":"Purplesploit - a framework for ultimate pentesting workflow efficiency","archived":false,"fork":false,"pushed_at":"2026-05-11T23:42:33.000Z","size":2688,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-12T01:08:52.658Z","etag":null,"topics":["cyber","offensive","offsec","pentesting","purple","purpleteam","purpleteaming","redteam","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jeremylaratro.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-28T23:38:31.000Z","updated_at":"2026-05-11T23:42:31.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/jeremylaratro/purplesploit","commit_stats":null,"previous_names":["jeremylaratro/purplesploit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jeremylaratro/purplesploit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremylaratro%2Fpurplesploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremylaratro%2Fpurplesploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremylaratro%2Fpurplesploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremylaratro%2Fpurplesploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jeremylaratro","download_url":"https://codeload.github.com/jeremylaratro/purplesploit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremylaratro%2Fpurplesploit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33311957,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-21T12:23:38.849Z","status":"ssl_error","status_checked_at":"2026-05-21T12:22:11.673Z","response_time":62,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber","offensive","offsec","pentesting","purple","purpleteam","purpleteaming","redteam","security"],"created_at":"2025-12-27T21:08:39.984Z","updated_at":"2026-05-21T19:38:13.741Z","avatar_url":"https://github.com/jeremylaratro.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# PurpleSploit Framework v6.8.1\n\n\u003cdiv align=\"center\"\u003e\n\n```\n    ╔═══════════════════════════════════════════════════════════════════════════════╗\n    ║                                                                               ║\n ██▓███   █    ██  ██▀███   ██▓███   ██▓    ▓█████   ██████  ██▓███   ██▓     ▒█████   ██▓▄▄▄█████▓\n▓██░  ██▒ ██  ▓██▒▓██ ▒ ██▒▓██░  ██▒▓██▒    ▓█   ▀ ▒██    ▒ ▓██░  ██▒▓██▒    ▒██▒  ██▒▓██▒▓  ██▒ ▓▒\n▓██░ ██▓▒▓██  ▒██░▓██ ░▄█ ▒▓██░ ██▓▒▒██░    ▒███   ░ ▓██▄   ▓██░ ██▓▒▒██░    ▒██░  ██▒▒██▒▒ ▓██░ ▒░\n▒██▄█▓▒ ▒▓▓█  ░██░▒██▀▀█▄  ▒██▄█▓▒ ▒▒██░    ▒▓█  ▄   ▒   ██▒▒██▄█▓▒ ▒▒██░    ▒██   ██░░██░░ ▓██▓ ░ \n▒██▒ ░  ░▒▒█████▓ ░██▓ ▒██▒▒██▒ ░  ░░██████▒░▒████▒▒██████▒▒▒██▒ ░  ░░██████▒░ ████▓▒░░██░  ▒██▒ ░ \n▒▓▒░ ░  ░░▒▓▒ ▒ ▒ ░ ▒▓ ░▒▓░▒▓▒░ ░  ░░ ▒░▓  ░░░ ▒░ ░▒ ▒▓▒ ▒ ░▒▓▒░ ░  ░░ ▒░▓  ░░ ▒░▒░▒░ ░▓    ▒ ░░   \n░▒ ░     ░░▒░ ░ ░   ░▒ ░ ▒░░▒ ░     ░ ░ ▒  ░ ░ ░  ░░ ░▒  ░ ░░▒ ░     ░ ░ ▒  ░  ░ ▒ ▒░  ▒ ░    ░    \n░░        ░░░ ░ ░   ░░   ░ ░░         ░ ░      ░   ░  ░  ░  ░░         ░ ░   ░ ░ ░ ▒   ▒ ░  ░      \n            ░        ░                  ░  ░   ░  ░      ░               ░  ░    ░ ░   ░          \n    ║                                                                               ║\n    ║                  Automation Framework with Dual Interface                     ║\n    ║                                 By d0sf3t                                     ║\n    ║                          Search. Select. Exploit.                             ║\n    ║                                                                               ║\n    ╚═══════════════════════════════════════════════════════════════════════════════╝\n```\n\n**Pure Python pentesting framework for tool/workflow efficiency, with an emphasis on usability**\n\n[Quick Start](#-quick-start) • [Key Features](#-key-features) • [Installation](#-installation) • [Wiki](wiki/)\n\n\u003c/div\u003e\n\u003e What it does TL;DR\n- makes workflow efficient - no typing commands, credential application across all tools, auto analysis of scans\n# PurpleSploit Walkthrough\n\n## Overview\n\n\u003e PurpleSploit is a modular offensive security framework with both CLI and a web interface, largely modeled off metasploit framework, with many similar, common/shared commands for ease of use and familiarity. \n\n## Example workflow\n\nGiven targets and/or credentials:\n```\nStep A. Add targeting:\n\t1. `targets select` --\u003e `creds select` \n\t2. `targets add` --\u003e `creds add` \nStep B. Select a command to run:\n\t3. `module select` -\u003e `run op#`\n\t4. `search {object}` --\u003e `use {module}` --\u003e `run op#`\n```\nFrom 0-point (no targets, no creds):\n```\nStep A. Target Discovery: `module select` --\u003e type `nmap` --\u003e select scan \u0026 run\n\tStep B. Target Selection: `services` --\u003e pick a target from scan results --\u003e `targets select`\n\t\tStep C. Target Enumeration: `module select` -\u003e `run op#` OR `search {object}` --\u003e `use {module}` --\u003e `run op#`\n```\n---\n# Menu Items\n### Search and Select\n\n\u003cimg width=\"926\" height=\"580\" alt=\"module_search\" src=\"https://github.com/user-attachments/assets/2a6e08db-6454-4d7e-9585-c6e8d17242e3\" /\u003e\n\n**Key Commands**\nLike metasploit, but with fzf for interactive select menus. To search for and select modules, you can use the traditional msf method, or use the interactive menu by adding select at the end of the command:\n\n---\n## Context Management\nAdd and manage targets, credentials, and wordlists. The context manager is made up of a series of sqlite databases that manages the context for the entire framework. No more \"set RHOST\" per modules. Select a target, select a credential, and **it will be applied to all modules automatically**. \n\n\u003cimg width=\"1020\" height=\"334\" alt=\"targets creds\" src=\"https://github.com/user-attachments/assets/678b3766-c63f-42ff-b748-6dda23912519\" /\u003e\n\u003cimg width=\"1001\" height=\"245\" alt=\"servicewordlist\" src=\"https://github.com/user-attachments/assets/59e89fda-ea4e-4141-b9a8-b15832931124\" /\u003e\n\n\nContext items can be added, modified, selected, and cleared. For example:\n\nSimply type ```{command} clear``` to clear the database. \n\n----\n## Credential and Target Management\nCredentials and targets can be added, modified, listed, and selected interactively by appending the command after (ex. creds modify, targets select, etc.)\n\n\u003cimg width=\"882\" height=\"226\" alt=\"creds\" src=\"https://github.com/user-attachments/assets/28ea190f-478d-4895-9041-80ca891607e8\" /\u003e\n\n**Add Targets or Credentials:**\n\n```bash\npurplesploit \u003e creds add username password domain\n\npurplesploit \u003e targets add IP_addr\n```\n\n**Modify Target or Credential:**\n\n```bash\npurplesploit \u003e creds/targets modify\n\n```\n\n**List Targets or Credentials:**\n\n```bash\npurplesploit \u003e creds/targets list\n```\n\n\n---\n## Interactive Selection\nTargets, credentials, and modules can be selected interactively with fzf. This feature includes type search, so you can either select by navigating with keyboard/mouse or by typing keywords:\n\n\u003cimg width=\"527\" height=\"314\" alt=\"typingselect\" src=\"https://github.com/user-attachments/assets/9ec797ce-3f23-4df2-a0c0-385bb93363e6\" /\u003e\n\n\u003cimg width=\"1231\" height=\"473\" alt=\"module_select\" src=\"https://github.com/user-attachments/assets/f03137ae-db86-4c35-84ff-5cee3372a110\" /\u003e\n\n\u003cimg width=\"919\" height=\"429\" alt=\"creds_select\" src=\"https://github.com/user-attachments/assets/2a868c08-6515-4257-a180-0d017b4d99c0\" /\u003e\n\n\u003cimg width=\"638\" height=\"244\" alt=\"targetselect\" src=\"https://github.com/user-attachments/assets/b9bc0ac0-c11a-4704-873f-3cdb508d13e5\" /\u003e\n\nUse arrow keys to navigate, Enter to select. \n\n----\n## Utilities\n\n\u003cimg width=\"991\" height=\"280\" alt=\"utilities\" src=\"https://github.com/user-attachments/assets/5dd4d462-d8b1-4e57-86e3-1d119e7edb45\" /\u003e\n\n**Available Commands:**\n\n- `clear` - Clear screen\n- `history` - Command history\n- `stats` - Framework statistics\n- `defaults \u003ccmd\u003e` - Manage default options\n- `deploy` - Show deployment modules\n- `deploy \u003ctype\u003e` - Load specific deployment\n- `webserver start/stop/status` - Web portal control\n- `ligolo` - Launch ligolo-ng (Ctrl+D to return)\n- `shell` - Local shell (Ctrl+D to return)\n\n### Key Features \n\n**Deployment Utility** \nThe deployment utility offers an automated method of deploying C2 beacons, ligolo agents, and scripts (ex. LinPEAS, WinPEAS, etc.).\n\n**Ligolo**\nTyping `ligolo` will drop you into a ligolo proxy shell. Press CTRL+D to go back to purplesploit cli. \n\n---\n# Modules \u0026 Operations\nPurplesploit diverges from metasploit by using a two-tier structure with modules and operations.  Modules represent the broader category, while operations are the switch-level differences within similar commands (ex. nxc_ssh module, individual ssh command differences are operations). Purplesploit was architected in this way to declutter while providing the largest amount of options.\n## Module Search \u0026 Usage\n\n\u003cimg width=\"693\" height=\"455\" alt=\"context_automation_ssh\" src=\"https://github.com/user-attachments/assets/f98238e0-bfd3-444c-aaec-b3cac4551638\" /\u003e\n\n**Context Awareness**\nIf a search results in only one result, that result is automatically selected as the current module. \n\n**Workflows**:\n1. Search for module or operation--\u003e `use module` --\u003e ops --\u003e `run op#` \n2. `module select` --\u003e type term --\u003e scroll --\u003e Enter --\u003e ops --\u003e `run op#`\n\n**Usage**\nTo select modules:\n```bash\nuse module_name\nuse {# of module}\n```\nThen:\n```bash\nrun {# of operation}\n```\n\nSearching can be performed at the operation level as well, by typing:\n```bash\nops {term}\nops smb auth\n```\n \n\n---\n## Module Operations\nOperations will be shown when selecting a module, but can shown again by typing `ops`\n\n\u003cimg width=\"476\" height=\"231\" alt=\"ops\" src=\"https://github.com/user-attachments/assets/514de91f-a096-475b-b915-8aa471747b06\" /\u003e\n\nExecute with: `run \u003cnumber\u003e` or `run \u003coperation_name\u003e`\n\n---\n## Show Categories\nAll context objects can be listed by running `show {command}` - ex. `show modules`:\n\n\u003cimg width=\"952\" height=\"972\" alt=\"modularity\" src=\"https://github.com/user-attachments/assets/da76fdff-c2dd-4767-835f-e07df882d12d\" /\u003e\n\nand growing!\n\n---\n## Service Detection\n### Detection and Parsing\nPurplesploit features an automated nmap parsing and detection capability. After running a scan, the results are parsed and added to purplesploit's database as targets and services.\n\n\u003cimg width=\"770\" height=\"926\" alt=\"services\" src=\"https://github.com/user-attachments/assets/bd0ce238-85b1-4739-96d7-bab2b77b1dea\" /\u003e\n\nIPs with open ports will automatically be added to the targets list, and services will be logged and viewable by typing:\n```bash\nshow services\n```\n\n\n---\n# Web Interface\n### Target Dashboard\n\n\u003cimg width=\"931\" height=\"860\" alt=\"webtargets\" src=\"https://github.com/user-attachments/assets/ae3eb004-891b-4873-ac92-0d451a62eb4d\" /\u003e\n\n### Detailed Service View\n\u003cimg width=\"688\" height=\"850\" alt=\"webtargets2\" src=\"https://github.com/user-attachments/assets/4f0160a3-4c72-4a80-b002-040cf4c46fce\" /\u003e\n\n### Credential Manager\n\n\u003cimg width=\"579\" height=\"488\" alt=\"webcredmanager\" src=\"https://github.com/user-attachments/assets/c9fae726-fa3a-46f1-bc98-6b87e69eb6b3\" /\u003e\n\n### Web Sidebar\n\u003cimg width=\"277\" height=\"875\" alt=\"websidebar\" src=\"https://github.com/user-attachments/assets/e3d7f97a-a7ac-4483-867f-061a7b4e8e26\" /\u003e\n\n### Web Terminal\n\u003cimg width=\"465\" height=\"769\" alt=\"webterminal\" src=\"https://github.com/user-attachments/assets/53a7a528-e065-4dd6-9760-36e3d09972e9\" /\u003e\n\nFull terminal interface accessible via browser, showing same CLI commands and workflow.\n\n---\n## Quick Workflows\n\n**Quick module loading:**\n\n```bash\npurplesploit \u003e quick \u003cmodule\u003e\n```\n\n**All-in-one workflow:**\n\n```bash\npurplesploit \u003e go \u003ctgt\u003e \u003ccred\u003e\n```\n\n**Show statistics:**\n\n```bash\npurplesploit \u003e stats\n```\n\nDisplays counts for modules, categories, targets, and credentials.\n\n---\n\n### Enhanced Features (v6.2.0)\n- **Web Portal \u0026 API Server**: Comprehensive web interface with real-time target visualization at `http://localhost:5000`\n- **Webserver Command**: Launch web portal in background with `webserver start` - continue using CLI while server runs\n- **Real-time Database Sync**: Changes in CLI instantly appear in web portal and vice versa\n- **Dropdown Auto-Completion**: Context-aware command suggestions with enhanced dropdown menu\n- **Pure Python**: Completely rewritten in Python for better performance and maintainability\n- **Dynamic Completions**: Auto-complete includes modules, targets, and common operations\n- **Ligolo Integration**: Seamless proxy tunneling with `ligolo` command\n- **Shell Access**: Quick localhost shell access with `shell` command\n\n---\n\n## 📦 Installation\n\n### Prerequisites\n```bash\n# Core dependencies\napt install fzf ripgrep python3\n\n# Pentesting tools  - recommended use with kali or parrot. Tools used include:\n```bash\nnetexec\nwfuzz\nsqlmap\nferoxbuster\nnmap\nimpacket\nhttpx\n```\n---\n\n## 🎨 Interface Features\n| Feature | Description |\n|---------|-------------|\n| **Auto-Completion** | Enhanced dropdown menu with context-aware suggestions |\n| **Navigation** | Type commands or use interactive selectors with `{}` |\n| **Speed** | Instant command execution with fuzzy search |\n| **Scripting** | Full Python API for automation |\n| **Search** | `search`, `ops`, `{}` for finding anything |\n| **History** | Command history with suggestions from past commands |\n\n---\n\n## 📚 Documentation\n\n### Guides\n- **[Quick Start](QUICKSTART.md)** - Get started in 5 minutes\n- **[Contributing](docs/CONTRIBUTING.md)** - Add your own modules\n- **[Changelog](CHANGELOG.md)** - Version history\n- **[Disclaimer](docs/DISCLAIMER.md)** - Legal and authorized use\n\n---\n\nSee [Contributing Guide](docs/CONTRIBUTING.md) for full module development guide.\n\n---\n\n## Contributing\n\nWe welcome contributions! See [CONTRIBUTING.md](docs/CONTRIBUTING.md) for:\n- Adding new tools and modules\n- Improving existing operations\n- Documentation updates\n- Bug reports and features\n\n---\n\n## License\n\n**CC BY-NC-SA 4.0** (Non-Commercial) - See [LICENSE](LICENSE) for details.\n\nFree to use, modify, and share for non-commercial purposes. Commercial use requires permission.\n\n---\n\n## Credits\nBuilt with excellent open-source tools:\n- [FZF](https://github.com/junegunn/fzf) - Fuzzy finder magic\n- [NetExec](https://github.com/Pennyw0rth/NetExec) - Network execution\n- [Impacket](https://github.com/fortra/impacket) - Protocol implementations\n- And many more!\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n[Report Issue](https://github.com/jeremylaratro/purplesploit/issues) • [Documentation](docs/) • [Discussions](https://github.com/jeremylaratro/purplesploit/discussions)\n\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjeremylaratro%2Fpurplesploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjeremylaratro%2Fpurplesploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjeremylaratro%2Fpurplesploit/lists"}