License: MIT Python 3.8+ Code style: pep8 Docker Support
A comprehensive Python-based security testing and automation tool for penetration testing and OSINT activities. Multiple attack vectors in one unified framework with full Docker containerization support.
π³ Docker-Ready: Deploy instantly with Docker. See DOCKER.md for complete guide.
- Port Scanning: Identify open ports and services
- SSH Brute Force: Test SSH credentials
- HTTP Brute Force: Test web endpoints and credentials
- DNS Enumeration: Find subdomains
- Credential Stuffing: Test credentials across services
- SQL Injection Testing: Automated SQL injection detection
- Payload Testing: XSS and RCE payload testing
- API Testing: Discover and test API endpoints
- π₯οΈ Dual Interface: Interactive menu + command-line arguments
- π Export Results: JSON and CSV formats
- π¨ Colored Output: Easy-to-read progress and results
- π Secure: Environment variables for credentials, no hardcoded secrets
- π¦ Containerized: Full Docker support with docker-compose
- π§ Modular: Easy to extend with new attack modules
- β‘ Performance: Multi-threaded operations with progress tracking
# Clone the repository git clone https://github.com/yourusername/stf.git cd stf # Build and run with Docker docker build -t stf:latest . docker run -it stf:latest
Or with docker-compose:
docker-compose up -it stf
See DOCKER.md for detailed Docker setup and examples.
- Python 3.8+
- pip
# Clone or navigate to the project cd stf # Install dependencies pip install -r requirements.txt # Create config (optional - defaults provided) cp config.json config.local.json
- Docker
- Docker Compose (optional)
# Build the image docker build -t stf:latest . # Run interactively docker run -it -v $(pwd)/results:/app/results stf:latest # Or use docker-compose docker-compose up -it stf
# Port scanning in Docker docker run -it stf:latest port-scan 192.168.1.1 # SSH brute force in Docker docker run -it -v $(pwd)/wordlists:/app/wordlists stf:latest ssh-brute 192.168.1.1 --user admin --wordlist wordlists/passwords.txt # Using docker-compose docker-compose up stf # Interactive menu
The Docker setup mounts several volumes for persistent data:
/app/results- Attack results (JSON/CSV files)/app/logs- Application logs/app/wordlists- Wordlist files/app/config- Configuration files
For convenience:
# Linux/Mac chmod +x docker-build.sh ./docker-build.sh # Windows docker-build.bat
Full Docker documentation: See DOCKER.md
python main.py
Launches an interactive menu to select attack types.
# Port scanning python main.py port-scan 192.168.1.1 --ports 22,80,443 --output results.json # SSH brute force python main.py ssh-brute 192.168.1.1 --user admin --wordlist wordlists/passwords.txt # HTTP brute force python main.py http-brute http://target.com --wordlist wordlists/paths.txt # DNS enumeration python main.py dns-enum target.com --wordlist wordlists/subdomains.txt # Credential stuffing python main.py cred-stuff 192.168.1.1 --credentials creds.txt --service ssh # SQL injection testing python main.py sql-inject "http://target.com/search.php?id=1" --param id # Payload testing python main.py payload-test http://target.com --type xss --param input # API testing python main.py api-test http://api.target.com/v1 --methods GET,POST,PUT
Edit config.json to customize:
- Timeout values
- Thread counts
- Wordlist paths
- Output format (JSON/CSV)
For comprehensive Docker setup, deployment options, troubleshooting, and production recommendations, see DOCKER.md .
Quick reference:
- Build:
docker build -t stf:latest . - Run:
docker run -it stf:latest - Compose:
docker-compose up -it stf - Build Scripts:
./docker-build.sh(Linux/Mac) ordocker-build.bat(Windows)
stf/
βββ Dockerfile # Multi-stage Docker image
βββ docker-compose.yml # Container orchestration
βββ .dockerignore # Docker build excludes
βββ docker-build.sh # Linux/Mac build script
βββ docker-build.bat # Windows build script
βββ DOCKER.md # Complete Docker guide
βββ main.py # Entry point (CLI + menu)
βββ modules/ # 8 Attack modules
β βββ port_scanner.py
β βββ ssh_bruteforce.py
β βββ http_bruteforce.py
β βββ dns_enumeration.py
β βββ credential_stuffing.py
β βββ sql_injection.py
β βββ payload_testing.py
β βββ api_testing.py
β βββ base_attack.py
βββ utils/ # Utility modules
β βββ config.py
β βββ logger.py
β βββ validators.py
β βββ report.py
βββ wordlists/ # Sample wordlists
βββ templates/ # Payload templates
βββ config.json # Configuration
βββ requirements.txt # Python dependencies
βββ README.md # This file
βββ DOCKER.md # Docker guide
βββ LICENSE # MIT License
βββ CODE_OF_CONDUCT.md # Community guidelines
βββ CONTRIBUTING.md # Contribution guide
βββ SECURITY.md # Security policy
βββ .github/ # GitHub templates
This tool is designed for authorized security testing only. Ensure you have proper authorization before testing any system. Unauthorized access is illegal.
Results are saved in:
- JSON format (default)
- CSV format (with --output flag)
- Console table (displayed in menu mode)
All results include timestamps and attack metadata.
- Multi-threaded operations for speed
- Configurable thread count
- Rate limiting to respect target systems
- Progress indicators for long-running attacks
- Create a new module in
modules/extendingBaseAttack - Implement
validate_input()andexecute()methods - Add CLI arguments in
main.py - Add menu option in
Menu.ATTACKS
The authors and contributors are not responsible for any misuse or damage caused by this tool.
This project is licensed under the MIT License - see the LICENSE file for details.
If you need help:
- Check the documentation
- Review existing issues
- Open a new issue
- See SECURITY.md for security-related concerns
Contributions are welcome! Please see CONTRIBUTING.md for guidelines.
This project adheres to the Contributor Covenant Code of Conduct.
Made with β€οΈ by the Security Testing Framework Community