{"id":28701982,"url":"https://github.com/slayingripper/octapusprime","last_synced_at":"2025-08-26T14:13:03.491Z","repository":{"id":298250025,"uuid":"993929630","full_name":"Slayingripper/OctapusPrime","owner":"Slayingripper","description":"OctapusPrime One‐Touch Pentest Suite","archived":false,"fork":false,"pushed_at":"2025-07-07T12:02:15.000Z","size":16756,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-07T13:22:38.780Z","etag":null,"topics":["cybersecurity","cybersecurity-tools","raspberry-pi"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Slayingripper.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-31T20:36:38.000Z","updated_at":"2025-07-07T12:02:18.000Z","dependencies_parsed_at":"2025-06-10T06:42:54.975Z","dependency_job_id":null,"html_url":"https://github.com/Slayingripper/OctapusPrime","commit_stats":null,"previous_names":["slayingripper/octapusprime"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/Slayingripper/OctapusPrime","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Slayingripper%2FOctapusPrime","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Slayingripper%2FOctapusPrime/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Slayingripper%2FOctapusPrime/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Slayingripper%2FOctapusPrime/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Slayingripper","download_url":"https://codeload.github.com/Slayingripper/OctapusPrime/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Slayingripper%2FOctapusPrime/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272228046,"owners_count":24895731,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-26T02:00:07.904Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","cybersecurity-tools","raspberry-pi"],"created_at":"2025-06-14T12:09:04.800Z","updated_at":"2025-08-26T14:13:03.441Z","avatar_url":"https://github.com/Slayingripper.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OctapusPrime One‐Touch Pentest Suite \n\n![Octapus Logo](logo.png)\n\n**OctapusPrime** is a headless pentesting appliance designed to run on a small ARM‐based board (e.g., Neo Pi running DietPi or Debian). It combines a comprehensive suite of proven CLI tools with an advanced **IFTTT (If-This-Then-That) scenario builder** featuring intelligent conditional execution, dynamic variable extraction, and real-time automation.\n\n**Enhanced Features:**\n- **40+ Security Tools** organized by category (Network Discovery, Web Testing, Vulnerability Scanning, etc.)\n- **Advanced IFTTT Scenario Builder** with conditional logic and variable extraction\n- **Dynamic Variable System** with regex-based data extraction and substitution\n- **Enhanced Web Interface** with real-time scenario execution monitoring\n- **Example Scenarios Library** with pre-built penetration testing workflows\n- **Physical GPIO trigger** (push-button + LED) for remote scan execution\n- **Professional dark-mode interface** with octopus-themed design\n\nWith OctapusPrime, you can create sophisticated adaptive penetration testing workflows that intelligently respond to scan results and automatically adjust their behavior based on discovered services, open ports, and extracted data.\n\n---\n\n## 🎥 Visual Feature Overview\n\n### Main Landing Page\n![OctapusPrime Main Page](GIFS/Main.gif)\n*landing page with navigation to all features and modern octopus-themed design*\n\n### Enhanced Dashboard\n![Tool Dashboard](GIFS/dashboard.gif)\n*Access to 40+ categorized security tools with real-time execution monitoring*\n\n### Advanced IFTTT Scenario Builder\n![Scenario Builder](GIFS/scenario_builder.gif)\n*Visual workflow creation with conditional logic, variable extraction, and intelligent automation*\n\n### System Settings \u0026 Configuration\n![Settings Page](GIFS/settings.gif)\n*GPIO configuration, network settings, and platform-specific hardware setup*\n\n### Real-time Execution Logs\n![Live Logging](GIFS/logs.gif)\n*Watch tool execution in real-time with variable extraction and conditional logic decisions*\n\n---\n\n## Table of Contents\n\n- [OctapusPrime One‐Touch Pentest Suite](#octapusprime-onetouch-pentest-suite)\n  - [🎥 Visual Feature Overview](#-visual-feature-overview)\n    - [Main Landing Page](#main-landing-page)\n    - [Enhanced Dashboard](#enhanced-dashboard)\n    - [Advanced IFTTT Scenario Builder](#advanced-ifttt-scenario-builder)\n    - [System Settings \\\u0026 Configuration](#system-settings--configuration)\n    - [Real-time Execution Logs](#real-time-execution-logs)\n  - [Table of Contents](#table-of-contents)\n  - [Features](#features)\n  - [Architecture Overview](#architecture-overview)\n    - [Key Components:](#key-components)\n  - [Prerequisites](#prerequisites)\n    - [1. Operating System](#1-operating-system)\n    - [2. Complete Security Tools Installation](#2-complete-security-tools-installation)\n    - [3. GPIO Libraries (for physical button - optional)](#3-gpio-libraries-for-physical-button---optional)\n    - [4. ZeroTier (for remote access - optional)](#4-zerotier-for-remote-access---optional)\n    - [5. Python Dependencies](#5-python-dependencies)\n    - [6. Network Configuration](#6-network-configuration)\n  - [Installation](#installation)\n    - [1. System-Level Dependencies](#1-system-level-dependencies)\n    - [2. Complete Security Tools Installation](#2-complete-security-tools-installation-1)\n    - [3. Specialized Tools Installation](#3-specialized-tools-installation)\n    - [4. Cloning \\\u0026 Directory Layout](#4-cloning--directory-layout)\n    - [5. Python Virtual Environment \\\u0026 Packages](#5-python-virtual-environment--packages)\n    - [6. Systemd Services](#6-systemd-services)\n  - [Usage](#usage)\n    - [Enhanced Scenario Builder](#enhanced-scenario-builder)\n    - [IFTTT Logic System](#ifttt-logic-system)\n    - [Variable System](#variable-system)\n    - [Physical Button Mode](#physical-button-mode)\n    - [Web UI Mode](#web-ui-mode)\n      - [Dashboard Features:](#dashboard-features)\n      - [Interactive Features:](#interactive-features)\n    - [Viewing Logs \\\u0026 Outputs](#viewing-logs--outputs)\n  - [Folder Structure](#folder-structure)\n  - [Security Tools Reference](#security-tools-reference)\n  - [Customizing \\\u0026 Troubleshooting](#customizing--troubleshooting)\n    - [Adding New Tools](#adding-new-tools)\n    - [Common Issues](#common-issues)\n    - [Performance Tuning](#performance-tuning)\n    - [Debugging](#debugging)\n  - [Contributing](#contributing)\n  - [License](#license)\n  - [Disclaimer](#disclaimer)\n\n---\n\n## Features\n\n- **Comprehensive 40+ Security Tools Suite**  \n  - **Network Discovery:** Nmap, Masscan, Zmap, Amass, Subfinder\n  - **Web Application Testing:** Gobuster, FFuF, Feroxbuster, Nikto, WhatWeb, SQLMap, Nuclei\n  - **Vulnerability Scanning:** Nuclei, Trivy, TestSSL\n  - **Credential Attacks:** Hydra, John the Ripper, Hashcat\n  - **Information Gathering:** TheHarvester, Amass, Subfinder, Shodan\n  - **Enumeration:** Enum4linux, NBTScan, LDAP Search, SNMP Check, SMB Client\n  - **Specialized Tools:** EyeWitness, GitLeaks, and more\n\n- **Advanced IFTTT Scenario Builder**  \n  - **Conditional Logic:** IF-THEN execution based on previous step results\n  - **Variable Extraction:** Regex-based data capture from tool outputs\n  - **Dynamic Substitution:** Real-time variable replacement in arguments\n  - **Example Scenarios:** Pre-built workflows for common penetration testing methodologies\n  - **Scenario Management:** Save, load, and share complex testing workflows\n  - **Validation System:** Real-time argument and variable validation\n\n![IFTTT Workflow Example](GIFS/scenario_builder.gif)\n*Create intelligent workflows that adapt based on scan results*\n\n- **Enhanced Web Interface**  \n  - **Modern Dark Theme:** Professional security-focused design\n  - **Tool Categories:** Organized tool selection with descriptions\n  - **Real-time Execution:** Live progress monitoring and log streaming\n  - **Variable Picker:** Visual variable selection and management\n  - **Keyboard Shortcuts:** Productivity enhancements for power users\n  - **Responsive Design:** Works on desktop, tablet, and mobile devices\n\n![Dashboard Overview](GIFS/dashboard.gif)\n*Comprehensive tool dashboard with categorized security tools*\n\n- **Professional Backend Architecture**  \n  - **Thread-safe Execution:** Parallel tool execution with proper resource management\n  - **WebSocket Communication:** Real-time bidirectional communication\n  - **RESTful API:** Complete API for automation and integration\n  - **Error Handling:** Comprehensive error recovery and reporting\n  - **Logging System:** Detailed execution logs and debugging information\n\n![Real-time Logging](GIFS/logs.gif)\n*Watch execution progress with real-time variable extraction and logging*\n\n---\n\n## Architecture Overview\n\n```\n┌──────────────┐          ┌───────────────────────┐          ┌──────────────────┐\n│  Physical    │          │                       │          │  40+ CLI Tools   │\n│  Button      │── GPIO ─▶│  Enhanced Controller  │── Thread ▶│ Network Discovery│\n│ (GPIO 17)    │          │  \u0026 IFTTT Engine       │          │ Web Testing     │\n└──────────────┘          │                       │          │ Vuln Scanning   │\n                          │  Variable Extraction  │          │ Credential Attacks│\n                          │  Conditional Logic    │          │ Info Gathering  │\n                          └─────────┬─────────────┘          │ Enumeration     │\n                                    │                        └──────────────────┘\n                                    │ WebSocket + REST API\n                                    ▼\n                          ┌───────────────────────┐       ┌─────────────────────┐\n                          │   Enhanced Server     │◀───┐  │   Enhanced Web UI   │\n                          │ (Flask + SocketIO)    │    │  │ ┌─────────────────┐ │\n                          │   Scenario Builder    │    │  │ │ IFTTT Builder   │ │\n                          │   Variable System     │    │  │ │ Variable System │ │\n                          │   Example Library     │    │  │ └─────────────────┘ │\n                          │   Real-time Execution │    │  │ ┌─────────────────┐ │\n                          │   /api/run_scenario   │    └──▶ │ Live Monitoring │ │\n                          │   /load_scenario      │       │ │ Progress Tracking│ │\n                          │   /list_scenarios     │       │ └─────────────────┘ │\n                          └───────────────────────┘       └─────────────────────┘\n```\n\n### Key Components:\n\n1. **Enhanced Scenario Builder**\n   - IFTTT conditional logic system\n   - Variable extraction with regex patterns\n   - Tool templates and argument validation\n   - Example scenario library\n\n2. **Variable System**\n   - Dynamic parameter substitution\n   - Regex-based data extraction\n   - Built-in and custom variables\n   - Real-time variable validation\n\n3. **Advanced Tool Integration**\n   - 40+ categorized security tools\n   - Tool-specific templates and examples\n   - Intelligent argument completion\n   - Performance optimization\n\n---\n\n## Prerequisites\n\nBefore installing OctapusPrime, ensure your system meets the following requirements:\n\n### 1. Operating System\n- **DietPi (Debian-based)**, **Debian 12**, **Ubuntu 22.04/24.04**, or **Kali Linux**\n- Root/sudo privileges for package installation and systemd configuration\n- At least 4GB RAM recommended for large scans\n- 20GB+ storage for tools and scan results\n\n### 2. Complete Security Tools Installation\n\n**Core System Packages:**\n```bash\nsudo apt update \u0026\u0026 sudo apt upgrade -y\nsudo apt install -y \\\n  python3 \\\n  python3-pip \\\n  python3-venv \\\n  python3-dev \\\n  git \\\n  curl \\\n  wget \\\n  build-essential \\\n  libssl-dev \\\n  libffi-dev \\\n  software-properties-common \\\n  apt-transport-https \\\n  ca-certificates \\\n  gnupg \\\n  lsb-release\n```\n\n### 3. GPIO Libraries (for physical button - optional)\n```bash\n# For Raspberry Pi/compatible boards\nsudo apt install -y python3-rpi.gpio python3-gpiozero\n\n# Alternative GPIO libraries\nsudo apt install -y python3-lgpio\n```\n\n### 4. ZeroTier (for remote access - optional)\n```bash\ncurl -s https://install.zerotier.com | sudo bash\nsudo zerotier-cli join \u003cYOUR_NETWORK_ID\u003e\n```\n\n### 5. Python Dependencies\nWill be installed in virtual environment during setup:\n```bash\n# Core requirements (from requirements.txt)\nFlask\nFlask-SocketIO\neventlet\npython-socketio\npython-engineio\naiohttp\ngpiozero\nlgpio\nrequests\n```\n\n### 6. Network Configuration\n- Static IP or discoverable hostname recommended\n- Port 8080 accessible for web interface\n- GPIO pins 17 (button) and 27 (LED) available if using hardware features\n- Internet access for tool updates and vulnerability databases\n\n---\n\n## Installation\n\n### 1. System-Level Dependencies\n```bash\n# Update system and install core packages\nsudo apt update \u0026\u0026 sudo apt upgrade -y\n\n# Install essential build tools and libraries\nsudo apt install -y \\\n  python3 python3-pip python3-venv python3-dev \\\n  git curl wget build-essential \\\n  libssl-dev libffi-dev libxml2-dev libxslt1-dev \\\n  zlib1g-dev libjpeg-dev libpng-dev \\\n  software-properties-common apt-transport-https \\\n  ca-certificates gnupg lsb-release\n```\n\n### 2. Complete Security Tools Installation\n\n**Network Discovery \u0026 Scanning:**\n```bash\n# Core network tools\nsudo apt install -y nmap masscan zmap\n\n# Advanced discovery tools\nsudo apt install -y amass subfinder theharvester\n\n# DNS enumeration\nsudo apt install -y dnsutils dnsenum fierce\n```\n\n**Web Application Testing:**\n```bash\n# Directory/file enumeration\nsudo apt install -y gobuster dirb dirsearch\n\n# Web fuzzers\nsudo apt install -y ffuf feroxbuster\n\n# Web vulnerability scanners\nsudo apt install -y nikto whatweb sqlmap\n\n# Template-based scanner\ngo install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest\n```\n\n**Vulnerability \u0026 SSL Testing:**\n```bash\n# SSL/TLS testing\nsudo apt install -y testssl.sh sslscan\n\n# Container vulnerability scanning\nsudo apt install -y trivy\n\n# General vulnerability scanning\nsudo apt install -y openvas-scanner\n```\n\n**Credential Attacks:**\n```bash\n# Brute force tools\nsudo apt install -y hydra medusa patator\n\n# Password cracking\nsudo apt install -y john hashcat\n```\n\n**Information Gathering:**\n```bash\n# OSINT tools\nsudo apt install -y theharvester maltego-teeth\n\n# Social engineering\nsudo apt install -y set\n\n# Shodan CLI\npip3 install shodan\n```\n\n**Enumeration Tools:**\n```bash\n# SMB/NetBIOS enumeration\nsudo apt install -y enum4linux nbtscan smbclient\n\n# LDAP enumeration\nsudo apt install -y ldap-utils\n\n# SNMP enumeration\nsudo apt install -y snmp snmp-mibs-downloader\n\n# Database tools\nsudo apt install -y postgresql-client mysql-client\n```\n\n### 3. Specialized Tools Installation\n\n**Go-based Tools:**\n```bash\n# Install Go if not present\nsudo apt install -y golang-go\n\n# Install Go-based security tools\ngo install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest\ngo install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest\ngo install -v github.com/projectdiscovery/httpx/cmd/httpx@latest\ngo install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest\ngo install -v github.com/tomnomnom/gf@latest\ngo install -v github.com/tomnomnom/waybackurls@latest\n\n# Add Go bin to PATH\necho 'export PATH=$PATH:~/go/bin' \u003e\u003e ~/.bashrc\nsource ~/.bashrc\n```\n\n**Python-based Tools:**\n```bash\n# Install additional Python tools\npip3 install --user \\\n  shodan \\\n  truffleHog \\\n  gitpython \\\n  requests \\\n  beautifulsoup4 \\\n  selenium \\\n  pycryptodome\n\n# EyeWitness dependencies\nsudo apt install -y chromium-browser\ngit clone https://github.com/FortyNorthSecurity/EyeWitness.git /opt/EyeWitness\ncd /opt/EyeWitness/Python/setup\nsudo ./setup.sh\n```\n\n**Additional Specialized Tools:**\n```bash\n# GitLeaks for secret detection\nsudo wget -O /usr/local/bin/gitleaks \\\n  https://github.com/zricethezav/gitleaks/releases/latest/download/gitleaks_linux_amd64\nsudo chmod +x /usr/local/bin/gitleaks\n\n# Feroxbuster (if not in repos)\ncurl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash\n\n# Ensure all tools are in PATH\nsudo ln -sf ~/go/bin/* /usr/local/bin/ 2\u003e/dev/null || true\n```\n\n**Tool Verification:**\n```bash\n# Verify installation of key tools\necho \"Verifying tool installation...\"\nfor tool in nmap masscan gobuster ffuf nikto sqlmap hydra john hashcat \\\n            amass subfinder nuclei testssl.sh trivy gitleaks feroxbuster \\\n            enum4linux nbtscan theharvester whatweb; do\n  if command -v $tool \u003e/dev/null 2\u003e\u00261; then\n    echo \"✓ $tool installed\"\n  else\n    echo \"✗ $tool missing\"\n  fi\ndone\n```\n\n### 4. Cloning \u0026 Directory Layout\n```bash\n# Clone the repository\ngit clone https://github.com/slayingripper/OctapusPrime.git\ncd OctapusPrime\n\n# Create necessary directories\nmkdir -p scenarios logs outputs\n\n# Set appropriate permissions\nchmod +x bin/octapus_controller.py\nchmod +x bin/webapp/server.py\n\n# Verify directory structure\nls -la\n# Should show: bin/, scenarios/, logs/, README.md, requirements.txt, etc.\n```\n\n### 5. Python Virtual Environment \u0026 Packages\n```bash\n# Create and activate virtual environment\npython3 -m venv venv\nsource venv/bin/activate\n\n# Upgrade pip and install dependencies\npip install --upgrade pip\npip install -r requirements.txt\n\n# Install additional packages for enhanced features\npip install \\\n  jsonschema \\\n  python-dateutil \\\n  psutil \\\n  netifaces\n\n# If using GPIO features\npip install RPi.GPIO gpiozero lgpio\n\n# Verify installation\npython3 -c \"\nimport flask, flask_socketio, requests\nprint('✓ Core dependencies installed successfully')\n\"\n```\n\n### 6. Systemd Services\n```bash\n# Create systemd service files\nsudo tee /etc/systemd/system/octapus-controller.service \u003e /dev/null \u003c\u003cEOF\n[Unit]\nDescription=OctapusPrime Controller Service\nAfter=network.target\n\n[Service]\nType=simple\nUser=root\nWorkingDirectory=$(pwd)\nEnvironment=PATH=$(pwd)/venv/bin\nExecStart=$(pwd)/venv/bin/python bin/octapus_controller.py\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\nsudo tee /etc/systemd/system/octapus-web.service \u003e /dev/null \u003c\u003cEOF\n[Unit]\nDescription=OctapusPrime Web Service\nAfter=network.target\n\n[Service]\nType=simple\nUser=root\nWorkingDirectory=$(pwd)\nEnvironment=PATH=$(pwd)/venv/bin\nExecStart=$(pwd)/venv/bin/python bin/webapp/server.py\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\n# Reload systemd and enable services\nsudo systemctl daemon-reload\nsudo systemctl enable octapus-controller.service\nsudo systemctl enable octapus-web.service\n\n# Start services\nsudo systemctl start octapus-controller.service\nsudo systemctl start octapus-web.service\n\n# Check status\nsudo systemctl status octapus-controller.service\nsudo systemctl status octapus-web.service\n```\n\n**Alternative: Running Without Systemd Services**\n\nFor development, testing, or temporary usage, you can run OctapusPrime directly without installing systemd services:\n\n```bash\n# Activate virtual environment\nsource venv/bin/activate\n\n# Run web server directly (will start on http://localhost:8080)\npython3 bin/webapp/server.py\n\n# In another terminal, run the GPIO controller (optional)\nsource venv/bin/activate\npython3 bin/octapus_controller.py\n```\n\n**Benefits of direct execution:**\n- **Quick Testing**: Immediate startup without service configuration\n- **Development Mode**: Easy debugging with direct console output\n- **Temporary Usage**: No permanent system changes\n- **Custom Configuration**: Easy to modify startup parameters\n\n**Note**: Running directly will only be active while your terminal session is open. For production deployments, systemd services are recommended for automatic startup and proper daemon management.\n\n---\n\n## Usage\n\n![OctapusPrime Interface Overview](GIFS/mainpage.gif)\n\n### Enhanced Scenario Builder\n1. **Access Builder**: Navigate to `/scenario` from the main interface\n2. **Create Scenarios**: Use the visual IFTTT builder to create complex workflows\n3. **Add Steps**: Select tools from categorized dropdown menus\n4. **Configure Logic**: Set IF-THEN conditions for adaptive execution\n5. **Extract Variables**: Use regex patterns to capture data from tool outputs\n6. **Save \u0026 Load**: Manage reusable scenario libraries\n\n![Scenario Builder Demo](GIFS/scenario_builder.gif)\n*Build intelligent workflows with conditional logic and variable extraction*\n\n### IFTTT Logic System\n**Condition Types:**\n- **Always Execute**: Runs unconditionally\n- **Previous Step Contains**: Execute if output contains specific text\n- **Previous Step Matches Regex**: Execute if output matches regex pattern\n- **Variable Exists**: Execute if a variable has been set\n- **Variable Equals**: Execute if variable equals specific value\n- **Previous Step Success/Failure**: Execute based on exit status\n\n**Example Workflow:**\n```\nStep 1: Nmap port scan (Always)\n        → Extract web_ports: (\\d+)/tcp\\s+open\\s+http\n\nStep 2: Gobuster directory scan (IF web_ports exists)\n        → Use discovered ports for targeted scanning\n\nStep 3: Nuclei vulnerability scan (IF directories found)\n        → Focus on discovered web applications\n```\n\n### Variable System\n**Built-in Variables:**\n- `{target}`: Primary scan target\n- `{network}`: Network range\n- `{timestamp}`: Current timestamp\n- `{scan_id}`: Unique scan identifier\n\n**Custom Variables:**\n- Extract using regex patterns from tool output\n- Use in subsequent tool arguments\n- Real-time substitution and validation\n\n### Physical Button Mode\n1. **Hardware Setup**: Connect momentary button to GPIO 17, GPIO 23 ,LED to GPIO 27\n2. **Default Scan**: Press button to trigger preconfigured scan sequence\n3. **Machanger**: Press the button to located at the GPIO 23 to easily change the MAC address\n4. **LED Feedback**: Visual indication of scan progress and completion\n\n![Settings Configuration](GIFS/settings.gif)\n*Configure GPIO pins and hardware settings for physical button integration*\n\n### Web UI Mode\n1. **Landing Page**: Navigate to `http://[device-ip]:8080`\n2. **Enhanced Dashboard**: Access full tool suite and scenario builder\n3. **Real-time Monitoring**: Watch execution progress and extract variables\n\n![Dashboard Features](GIFS/dashboard.gif)\n\n#### Dashboard Features:\n- **40+ Categorized Tools**: Organized by function and use case\n- **IFTTT Scenario Builder**: Visual workflow creation\n- **Variable Management**: Dynamic parameter system\n- **Example Scenarios**: Pre-built penetration testing workflows\n- **Real-time Execution**: Live progress monitoring and log streaming\n\n#### Interactive Features:\n- **Tool Templates**: Pre-configured argument sets for common tasks\n- **Variable Picker**: Visual variable selection and management\n- **Condition Builder**: Drag-and-drop IF-THEN logic creation\n- **Regex Helper**: Pattern testing and validation tools\n- **Keyboard Shortcuts**: Power-user productivity features\n\n### Viewing Logs \u0026 Outputs\n- **Real-time Display**: Tool outputs stream live to web interface\n- **Variable Extraction**: Watch variables being captured from outputs\n- **Conditional Execution**: See IF-THEN logic decisions in real-time\n- **Historical Logs**: Access previous scan results and extracted data\n\n![Live Execution Monitoring](GIFS/logs.gif)\n*Monitor execution progress with real-time logging and variable extraction*\n\n---\n\n## Folder Structure\n\n```\nOctapusPrime/\n├── bin/\n│   ├── octapus_controller.py       # Enhanced GPIO controller\n│   └── webapp/\n│       ├── server.py               # Flask server with scenario API\n│       ├── static/\n│       │   ├── css/               # Enhanced styling\n│       │   └── js/                # IFTTT logic and variable system\n│       └── frontend/\n│           ├── landing.html        # Octopus-themed landing page\n│           ├── index.html          # Tool dashboard\n│           ├── scenario.html       # IFTTT scenario builder\n│           └── help.html           # Comprehensive documentation\n├── scenarios/                      # Saved IFTTT scenarios (JSON)\n│   ├── examples/                   # Pre-built example scenarios\n│   └── user/                       # User-created scenarios\n├── logs/                          # Execution logs and outputs\n├── outputs/                       # Tool-specific output files\n├── templates/                     # Tool argument templates\n├── systemd/                       # Enhanced service configurations\n├── docs/                          # Additional documentation\n├── GIFS/                          # Demo GIFs and screenshots\n├── venv/                          # Python virtual environment\n├── requirements.txt               # Python dependencies\n└── README.md                      # This comprehensive guide\n```\n\n---\n\n## Security Tools Reference\n\n**Network Discovery \u0026 Scanning (5 tools):**\n- `nmap` - Network exploration and security auditing\n- `masscan` - High-speed Internet-scale port scanner\n- `zmap` - Fast single-packet Internet scanner\n- `amass` - Attack surface mapping and asset discovery\n- `subfinder` - Passive subdomain discovery tool\n\n**Web Application Testing (7 tools):**\n- `gobuster` - Directory/file/DNS busting tool\n- `ffuf` - Fast web fuzzer\n- `feroxbuster` - Recursive content discovery\n- `nikto` - Web vulnerability scanner\n- `whatweb` - Web technology fingerprinting\n- `sqlmap` - SQL injection exploitation tool\n- `nuclei` - Fast vulnerability scanner with templates\n\n**Vulnerability \u0026 SSL Testing (3 tools):**\n- `nuclei` - Template-based vulnerability scanner\n- `trivy` - Container and dependency vulnerability scanner\n- `testssl.sh` - SSL/TLS security assessment tool\n\n**Credential \u0026 Authentication (3 tools):**\n- `hydra` - Network service brute-forcer\n- `john` - Password hash cracking tool\n- `hashcat` - Advanced password recovery tool\n\n**Information Gathering (3 tools):**\n- `theharvester` - Email and domain intelligence gathering\n- `amass` - Comprehensive asset discovery\n- `shodan` - Internet-connected device search engine\n\n**Enumeration (5 tools):**\n- `enum4linux` - SMB enumeration for Linux/Windows\n- `nbtscan` - NetBIOS name scanning\n- `ldapsearch` - LDAP directory enumeration\n- `snmp-check` - SNMP service enumeration\n- `smbclient` - SMB share access and enumeration\n\n**Specialized Tools (6 tools):**\n- `eyewitness` - Web application screenshot tool\n- `gitleaks` - Git repository secret detection\n- `dirsearch` - Web path scanner\n- `dirb` - Web content scanner\n- `wpscan` - WordPress vulnerability scanner\n- `feroxbuster` - Fast content discovery tool\n\n---\n\n## Customizing \u0026 Troubleshooting\n\n### Adding New Tools\n1. **Update Tool Database**: Add new tool to categorized tool list in JavaScript\n2. **Create Templates**: Define argument templates and examples\n3. **Add Descriptions**: Include tool descriptions and usage examples\n4. **Test Integration**: Verify tool execution and output parsing\n\n### Common Issues\n- **Tool not found**: Verify installation and PATH configuration\n- **Permission errors**: Check user permissions for tool execution\n- **GPIO access denied**: Ensure proper GPIO permissions or run as root\n- **WebSocket connection fails**: Verify network configuration and firewall settings\n- **Scenario validation errors**: Check variable syntax and tool arguments\n\n### Performance Tuning\n- **Concurrent Execution**: Adjust thread limits for system capabilities\n- **Memory Management**: Monitor resource usage during large scans\n- **Network Optimization**: Configure rate limiting for network-intensive tools\n- **Storage Management**: Implement log rotation and output cleanup\n\n### Debugging\n```bash\n# Check service logs\nsudo journalctl -u octapus-web.service -f\nsudo journalctl -u octapus-controller.service -f\n\n# Test individual components\nsource venv/bin/activate\npython3 bin/webapp/server.py  # Test web server\npython3 bin/octapus_controller.py  # Test controller\n\n# Debug scenario execution\ncurl -X POST http://localhost:8080/api/run_scenario \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"name\": \"test\", \"steps\": [{\"tool\": \"nmap\", \"args\": [\"-sV\", \"127.0.0.1\"]}]}'\n\n# Verify tool installations\nwhich nmap gobuster sqlmap hydra nuclei\n\n# Test WebSocket connection\npython3 -c \"\nimport socketio\nsio = socketio.Client()\nsio.connect('http://localhost:8080')\nprint('WebSocket connection successful')\n\"\n\n# Docker Build\nsudo docker compose build\nsudo docker run --network host -it almalinux:9\n```\n\n---\n\n## Contributing\n\nOctapusPrime welcomes contributions to expand the security tool ecosystem:\n\n**Areas for Contribution:**\n- **New Tool Integration**: Add support for additional security tools\n- **Scenario Templates**: Create pre-built workflows for specific testing scenarios\n- **UI/UX Improvements**: Enhance the web interface and user experience\n- **Performance Optimization**: Improve execution speed and resource usage\n- **Documentation**: Expand guides, tutorials, and tool references\n- **Bug Fixes**: Address issues and improve stability\n\n**Development Process:**\n1. Fork the repository\n2. Create feature branch\n3. Follow existing code style\n4. Include comprehensive tests\n5. Update documentation\n6. Submit pull request\n\n---\n\n## License\n\nThis project is licensed under the MIT License - see the LICENSE file for details.\n\n---\n\n## Disclaimer\n\n**IMPORTANT LEGAL NOTICE:**\n\nOctapusPrime is designed for **authorized security testing and educational purposes only**. This tool should only be used against systems you own or have explicit written permission to test.\n\n**Prohibited Uses:**\n- Unauthorized access to computer systems\n- Testing systems without proper authorization\n- Any illegal or malicious activities\n\n**User Responsibilities:**\n- Obtain proper authorization before testing\n- Comply with applicable laws and regulations\n- Use responsibly and ethically\n- Respect privacy and data protection laws\n\n**No Warranty:**\nThe developers provide this software \"as is\" without any warranties. Users assume all responsibility and liability for the use of this software.\n\n**By using OctapusPrime, you agree to use it legally and ethically in accordance with all applicable laws and regulations.**","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslayingripper%2Foctapusprime","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fslayingripper%2Foctapusprime","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslayingripper%2Foctapusprime/lists"}