{"id":26455047,"url":"https://github.com/penetration-testing-toolkit/ptt","last_synced_at":"2025-03-18T20:29:47.069Z","repository":{"id":282101365,"uuid":"947453577","full_name":"Penetration-Testing-Toolkit/ptt","owner":"Penetration-Testing-Toolkit","description":"Collaborative and easy-to-use penetration testing toolkit featuring plugin-based modules.","archived":false,"fork":false,"pushed_at":"2025-03-12T19:26:50.000Z","size":58,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-03-12T20:27:46.889Z","etag":null,"topics":["alpinejs","go","golang","penetration-testing","penetration-testing-tools","plugins","tailwindcss","webapp"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Penetration-Testing-Toolkit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-12T17:56:52.000Z","updated_at":"2025-03-12T19:27:48.000Z","dependencies_parsed_at":"2025-03-12T20:38:40.302Z","dependency_job_id":null,"html_url":"https://github.com/Penetration-Testing-Toolkit/ptt","commit_stats":null,"previous_names":["penetration-testing-toolkit/ptt"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Penetration-Testing-Toolkit%2Fptt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Penetration-Testing-Toolkit%2Fptt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Penetration-Testing-Toolkit%2Fptt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Penetration-Testing-Toolkit%2Fptt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Penetration-Testing-Toolkit","download_url":"https://codeload.github.com/Penetration-Testing-Toolkit/ptt/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244300925,"owners_count":20430839,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alpinejs","go","golang","penetration-testing","penetration-testing-tools","plugins","tailwindcss","webapp"],"created_at":"2025-03-18T20:29:46.389Z","updated_at":"2025-03-18T20:29:47.060Z","avatar_url":"https://github.com/Penetration-Testing-Toolkit.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PTT (Penetration Testing Toolkit)\n\nPTT is a collaborative and easy-to-use penetration testing toolkit featuring plugin-based modules.\nIt provides a web interface for users to interact with pentest tools.\n\n\n## Status: In Development\n\n## Features\n\n- Plugin system.\n  - Dynamic plugin loading.\n  - HTTP request proxying.\n  - SSE support.\n  - Example plugin.\n- Web interface.\n  - No need to memorize CLI pentest tools!\n- Self-hostable binary.\n  - Only a single binary file needed to get started!\n\n\n## TODO\n- User accounts.\n- Admin portal.\n- SQLite database.\n- Project contexts.\n\n\n## How PTT Works\n\nPTT runs as a single binary file and loads plugins from any `./plugins` directory in the current environment\n(if this directory does not exist, PTT will create one). Plugin executables must be placed into this directory and\ncontain `.plugin` in its filename (ex. `example_plugin.plugin`). PTT will then try to dynamically launch and register\nthe plugins it finds. Note that **the user does not launch plugins directly**, they will be launched and managed by PTT.\n\n\n## Plugin System\n\nPTT uses [Hashicorp's go-plugin](https://github.com/hashicorp/go-plugin) library to interact with plugins over a local\ngRPC connection.\nWhen a request is made to the plugin's URL, PTT will proxy this request (over gRPC) to the associated plugin.\nThe plugin must then respond (back to PTT over gRPC) with the HTML that will be rendered and sent to the frontend HTML body.\n\n\n## Plugin Development\n\n- Go is recommended, but any language that supports gRPC should work (not yet tested).\n- When using Go, import `\"github.com/Penetration-Testing-Toolkit/ptt/shared\"`\n- See the `example_plugin` directory for an example of a module plugin.\n  - Note: the only internal package used in the example is the `templates` package.\n    This is to simplify PTT's build process.\n    When creating your own plugin, you must create your own templating and build process.\n- See the `shared` package for the `Module` interface that a module plugin must implement, and other plugin documentation.\n- See [hashicorp/go-plugin](https://github.com/hashicorp/go-plugin) for more information on the plugin system.\n- The frontend comes with [Alpine.js](https://alpinejs.dev/) and [Alpine AJAX](https://alpine-ajax.js.org/) preloaded.\n\n\n## Running PTT\n\nTo run PTT, build (`make build`) then run the executable in a terminal (`./build/ptt`) and access the web interface hosted on\nport 8080 (http://localhost:8080). Alternatively, run `make dev` for a live reloading environment.\nSee [Options](#options) for information on launch options.\nMake sure plugins are placed in the `./plugins` directory and PTT automatically discover\nand attempt to run them.\n\n\n## Options\n\n- Use Environment Variables before running PTT to use these options.\n- `JSON=FALSE`\n  - Disables logging as JSON.\n- `LOG_LEVEL=2`\n  - Sets logging level (1-5).\n  - See: `hclog.Level`.\n- `ENV=DEV` (EXPERIMENTAL)\n  - Switches to dev environment.\n    - Hosts static assets from the file system instead of the binary's embedded file system.\n\n\n## Development Requirements\n\n- [Go](https://go.dev/) \u003e= 1.24\n- [Node.JS](https://nodejs.org/en) (LTS)\n  - JS runtime for pnpm \u0026 tailwindcss.\n- [pnpm](https://pnpm.io/)\n  - JS package manager.\n- [tailwindcss](https://tailwindcss.com/) CLI \u003e= 4.0\n  - CSS framework.\n  - Requires Node.JS.\n  - Install Tailwind CLI via pnpm.\n- [templ](https://github.com/a-h/templ)\n  - Template engine for Go.\n- [air](https://github.com/air-verse/air)\n  - Code live reloading.\n- make\n  - Build automation.\n- [gRPC](https://grpc.io/) \u0026 [protoc-compiler](https://protobuf.dev/installation/)\n  - rpc communication handler.\n  - Used for communication between PTT \u0026 plugins.\n\n\n## Development Commands\n\n- Build project:\n```bash\nmake build\n```\n- Run development (code live reloading) environment:\n```bash\nmake dev\n```\n- Delete temporary directories:\n```bash\nmake clean\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpenetration-testing-toolkit%2Fptt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpenetration-testing-toolkit%2Fptt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpenetration-testing-toolkit%2Fptt/lists"}