Pollenisator - Collaborative Pentest Tool With Highly Customizable Tools

Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of them.

Written in python 3 Provides a modelisation of "pentest objects" : Scope, Hosts, Ports, Commands, Tools etc. Tools/scripts are separated into 4 categories : wave, Network/domain, IP, Port Objects are stored in a NoSQL DB (Mongo) Keep links between them to allow queries Objects can be created through parsers / manual input Business logic can be implemented (auto vuln referencing, item triggers, etc.) Many tools/scripts launch conditions are availiable to avoid overloading the target or the scanner. A GUI based on tcl/tk

Documentation

Everything is the wiki, including installation

Features

Register your own tools

Add command line options in your database. Create your own light plugin to parse your tool output. Use the objects Models to add, update or delete objects to the pentest inside plugins. Limit the number of parallel execution of noisy/heavy tools

Define a recon/fingerprinting procedure with custom tools

Choose a period to start and stop the tools Define your scope with domains and network IP ranges. Custom settings to include new hosts in the scope Keep results of all files generated through tools executions Start the given docker to implement numerous tools for LAN and Web pentest

Collaborative pentests

Split the work between your machines by starting one worker by computer you want to use. Tags ip or tools to show your team mates that you powned it. Take notes on every object to keep trace of your discoveries Follow tools status live Search in all your objects properties with the fitler bar. have a quick summary of all hosts and their open ports and check if some are powned.

Reporting

Create security defects on IPs and ports Make your plugins create defects directly so you don't have to Generate a Word report of security defects found. You can use your own template with extra work. Generate a Powerpoint report of security defects found. You can use your own template with extra work.

Currently integrated tools

IP / port recon : Nmap (Quick nmaps followed by thorough scan) Domain enumeration : Knockpy, Sublist3r, dig reverse, crtsh Web : WhatWeb, Nikto, http methods, Dirsearch LAN : Crackmapexec, eternalblue and bluekeep scan, smbmap, anonymous ftp, enum4linux Unknown ports : amap, nmap scripts Misc : ikescan, ssh_scan, openrelay

Roadmap

Change the architecture to an API based one Get rid of Celery Add flexibity for commands Improve UX Add more plugin and improve existing ones Add real support for users / authenticated commands