Cybersecurity2024·2 months·Active — open source

Pentest Toolkit

A Python CLI tool that automatically scans, reports, and provides actionable recommendations for common security vulnerabilities in web applications, targeting the OWASP Top 10.

Problem

Bug bounty researchers manually repeat the same scanning steps for every target, creating both time waste and human error risk.

Solution

A customizable pipeline that runs recon, vulnerability scanning, and reporting with a single CLI command. Integrates Subfinder, httpx, nuclei, and custom Python modules.

Outcomes

✓

200+ stars on GitHub

✓

Contributed to detecting 3 critical vulnerabilities in bug bounty research

✓

Average scan time: manual 4 hours → automated 20 minutes

Technical Challenges

Smart throttling to handle rate limiting and IP banning mechanisms

Validation layer to minimize the false positive rate

Async Python architecture for parallel scanning

Tech Stack

Python 3.11

Core language

Click

CLI framework

asyncio + aiohttp

Parallel HTTP requests

Subfinder / httpx

Subdomain & endpoint discovery

Nuclei

Template-based scanning

Jinja2

HTML report generation

Other projects

Artificial Intelligence · 2024↗

AI Chatbot SaaS

GPT-4 powered white-label chatbot platform that automates customer service for small businesses.

Web Development · 2023↗

E-ticaret Dashboard

Full-stack e-commerce management panel with order management, inventory tracking, and sales analytics.