An open API service indexing awesome lists of open source software.

https://github.com/jeremylaratro/purplesploit

Purplesploit - a framework for ultimate pentesting workflow efficiency
https://github.com/jeremylaratro/purplesploit

cyber offensive offsec pentesting purple purpleteam purpleteaming redteam security

Last synced: about 2 months ago
JSON representation

Purplesploit - a framework for ultimate pentesting workflow efficiency

Awesome Lists containing this project

README

          

# PurpleSploit Framework v6.8.1

```
╔═══════════════════════════════════════════════════════════════════════════════╗
║ ║
██▓███ █ ██ ██▀███ ██▓███ ██▓ ▓█████ ██████ ██▓███ ██▓ ▒█████ ██▓▄▄▄█████▓
▓██░ ██▒ ██ ▓██▒▓██ ▒ ██▒▓██░ ██▒▓██▒ ▓█ ▀ ▒██ ▒ ▓██░ ██▒▓██▒ ▒██▒ ██▒▓██▒▓ ██▒ ▓▒
▓██░ ██▓▒▓██ ▒██░▓██ ░▄█ ▒▓██░ ██▓▒▒██░ ▒███ ░ ▓██▄ ▓██░ ██▓▒▒██░ ▒██░ ██▒▒██▒▒ ▓██░ ▒░
▒██▄█▓▒ ▒▓▓█ ░██░▒██▀▀█▄ ▒██▄█▓▒ ▒▒██░ ▒▓█ ▄ ▒ ██▒▒██▄█▓▒ ▒▒██░ ▒██ ██░░██░░ ▓██▓ ░
▒██▒ ░ ░▒▒█████▓ ░██▓ ▒██▒▒██▒ ░ ░░██████▒░▒████▒▒██████▒▒▒██▒ ░ ░░██████▒░ ████▓▒░░██░ ▒██▒ ░
▒▓▒░ ░ ░░▒▓▒ ▒ ▒ ░ ▒▓ ░▒▓░▒▓▒░ ░ ░░ ▒░▓ ░░░ ▒░ ░▒ ▒▓▒ ▒ ░▒▓▒░ ░ ░░ ▒░▓ ░░ ▒░▒░▒░ ░▓ ▒ ░░
░▒ ░ ░░▒░ ░ ░ ░▒ ░ ▒░░▒ ░ ░ ░ ▒ ░ ░ ░ ░░ ░▒ ░ ░░▒ ░ ░ ░ ▒ ░ ░ ▒ ▒░ ▒ ░ ░
░░ ░░░ ░ ░ ░░ ░ ░░ ░ ░ ░ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ▒ ▒ ░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
║ ║
║ Automation Framework with Dual Interface ║
║ By d0sf3t ║
║ Search. Select. Exploit. ║
║ ║
╚═══════════════════════════════════════════════════════════════════════════════╝
```

**Pure Python pentesting framework for tool/workflow efficiency, with an emphasis on usability**

[Quick Start](#-quick-start) • [Key Features](#-key-features) • [Installation](#-installation) • [Wiki](wiki/)


> What it does TL;DR
- makes workflow efficient - no typing commands, credential application across all tools, auto analysis of scans
# PurpleSploit Walkthrough

## Overview

> PurpleSploit is a modular offensive security framework with both CLI and a web interface, largely modeled off metasploit framework, with many similar, common/shared commands for ease of use and familiarity.

## Example workflow

Given targets and/or credentials:
```
Step A. Add targeting:
1. `targets select` --> `creds select`
2. `targets add` --> `creds add`
Step B. Select a command to run:
3. `module select` -> `run op#`
4. `search {object}` --> `use {module}` --> `run op#`
```
From 0-point (no targets, no creds):
```
Step A. Target Discovery: `module select` --> type `nmap` --> select scan & run
Step B. Target Selection: `services` --> pick a target from scan results --> `targets select`
Step C. Target Enumeration: `module select` -> `run op#` OR `search {object}` --> `use {module}` --> `run op#`
```
---
# Menu Items
### Search and Select

module_search

**Key Commands**
Like metasploit, but with fzf for interactive select menus. To search for and select modules, you can use the traditional msf method, or use the interactive menu by adding select at the end of the command:

---
## Context Management
Add and manage targets, credentials, and wordlists. The context manager is made up of a series of sqlite databases that manages the context for the entire framework. No more "set RHOST" per modules. Select a target, select a credential, and **it will be applied to all modules automatically**.

targets creds
servicewordlist

Context items can be added, modified, selected, and cleared. For example:

Simply type ```{command} clear``` to clear the database.

----
## Credential and Target Management
Credentials and targets can be added, modified, listed, and selected interactively by appending the command after (ex. creds modify, targets select, etc.)

creds

**Add Targets or Credentials:**

```bash
purplesploit > creds add username password domain

purplesploit > targets add IP_addr
```

**Modify Target or Credential:**

```bash
purplesploit > creds/targets modify

```

**List Targets or Credentials:**

```bash
purplesploit > creds/targets list
```

---
## Interactive Selection
Targets, credentials, and modules can be selected interactively with fzf. This feature includes type search, so you can either select by navigating with keyboard/mouse or by typing keywords:

typingselect

module_select

creds_select

targetselect

Use arrow keys to navigate, Enter to select.

----
## Utilities

utilities

**Available Commands:**

- `clear` - Clear screen
- `history` - Command history
- `stats` - Framework statistics
- `defaults ` - Manage default options
- `deploy` - Show deployment modules
- `deploy ` - Load specific deployment
- `webserver start/stop/status` - Web portal control
- `ligolo` - Launch ligolo-ng (Ctrl+D to return)
- `shell` - Local shell (Ctrl+D to return)

### Key Features

**Deployment Utility**
The deployment utility offers an automated method of deploying C2 beacons, ligolo agents, and scripts (ex. LinPEAS, WinPEAS, etc.).

**Ligolo**
Typing `ligolo` will drop you into a ligolo proxy shell. Press CTRL+D to go back to purplesploit cli.

---
# Modules & Operations
Purplesploit diverges from metasploit by using a two-tier structure with modules and operations. Modules represent the broader category, while operations are the switch-level differences within similar commands (ex. nxc_ssh module, individual ssh command differences are operations). Purplesploit was architected in this way to declutter while providing the largest amount of options.
## Module Search & Usage

context_automation_ssh

**Context Awareness**
If a search results in only one result, that result is automatically selected as the current module.

**Workflows**:
1. Search for module or operation--> `use module` --> ops --> `run op#`
2. `module select` --> type term --> scroll --> Enter --> ops --> `run op#`

**Usage**
To select modules:
```bash
use module_name
use {# of module}
```
Then:
```bash
run {# of operation}
```

Searching can be performed at the operation level as well, by typing:
```bash
ops {term}
ops smb auth
```

---
## Module Operations
Operations will be shown when selecting a module, but can shown again by typing `ops`

ops

Execute with: `run ` or `run `

---
## Show Categories
All context objects can be listed by running `show {command}` - ex. `show modules`:

modularity

and growing!

---
## Service Detection
### Detection and Parsing
Purplesploit features an automated nmap parsing and detection capability. After running a scan, the results are parsed and added to purplesploit's database as targets and services.

services

IPs with open ports will automatically be added to the targets list, and services will be logged and viewable by typing:
```bash
show services
```

---
# Web Interface
### Target Dashboard

webtargets

### Detailed Service View
webtargets2

### Credential Manager

webcredmanager

### Web Sidebar
websidebar

### Web Terminal
webterminal

Full terminal interface accessible via browser, showing same CLI commands and workflow.

---
## Quick Workflows

**Quick module loading:**

```bash
purplesploit > quick
```

**All-in-one workflow:**

```bash
purplesploit > go
```

**Show statistics:**

```bash
purplesploit > stats
```

Displays counts for modules, categories, targets, and credentials.

---

### Enhanced Features (v6.2.0)
- **Web Portal & API Server**: Comprehensive web interface with real-time target visualization at `http://localhost:5000`
- **Webserver Command**: Launch web portal in background with `webserver start` - continue using CLI while server runs
- **Real-time Database Sync**: Changes in CLI instantly appear in web portal and vice versa
- **Dropdown Auto-Completion**: Context-aware command suggestions with enhanced dropdown menu
- **Pure Python**: Completely rewritten in Python for better performance and maintainability
- **Dynamic Completions**: Auto-complete includes modules, targets, and common operations
- **Ligolo Integration**: Seamless proxy tunneling with `ligolo` command
- **Shell Access**: Quick localhost shell access with `shell` command

---

## 📦 Installation

### Prerequisites
```bash
# Core dependencies
apt install fzf ripgrep python3

# Pentesting tools - recommended use with kali or parrot. Tools used include:
```bash
netexec
wfuzz
sqlmap
feroxbuster
nmap
impacket
httpx
```
---

## 🎨 Interface Features
| Feature | Description |
|---------|-------------|
| **Auto-Completion** | Enhanced dropdown menu with context-aware suggestions |
| **Navigation** | Type commands or use interactive selectors with `{}` |
| **Speed** | Instant command execution with fuzzy search |
| **Scripting** | Full Python API for automation |
| **Search** | `search`, `ops`, `{}` for finding anything |
| **History** | Command history with suggestions from past commands |

---

## 📚 Documentation

### Guides
- **[Quick Start](QUICKSTART.md)** - Get started in 5 minutes
- **[Contributing](docs/CONTRIBUTING.md)** - Add your own modules
- **[Changelog](CHANGELOG.md)** - Version history
- **[Disclaimer](docs/DISCLAIMER.md)** - Legal and authorized use

---

See [Contributing Guide](docs/CONTRIBUTING.md) for full module development guide.

---

## Contributing

We welcome contributions! See [CONTRIBUTING.md](docs/CONTRIBUTING.md) for:
- Adding new tools and modules
- Improving existing operations
- Documentation updates
- Bug reports and features

---

## License

**CC BY-NC-SA 4.0** (Non-Commercial) - See [LICENSE](LICENSE) for details.

Free to use, modify, and share for non-commercial purposes. Commercial use requires permission.

---

## Credits
Built with excellent open-source tools:
- [FZF](https://github.com/junegunn/fzf) - Fuzzy finder magic
- [NetExec](https://github.com/Pennyw0rth/NetExec) - Network execution
- [Impacket](https://github.com/fortra/impacket) - Protocol implementations
- And many more!

---

[Report Issue](https://github.com/jeremylaratro/purplesploit/issues) • [Documentation](docs/) • [Discussions](https://github.com/jeremylaratro/purplesploit/discussions)