A comprehensive Python-based security testing and automation tool for penetration testing and OSINT activities. Multiple attack vectors in one unified framework with full Docker containerization support.
🐳 Docker-Ready: Deploy instantly with Docker. See DOCKER.md for complete guide.
- Port Scanning: Identify open ports and services
- SSH Brute Force: Test SSH credentials
- HTTP Brute Force: Test web endpoints and credentials
- DNS Enumeration: Find subdomains
- Credential Stuffing: Test credentials across services
- SQL Injection Testing: Automated SQL injection detection
- Payload Testing: XSS and RCE payload testing
- API Testing: Discover and test API endpoints
- 🖥️ Dual Interface: Interactive menu + command-line arguments
- 📊 Export Results: JSON and CSV formats
- 🎨 Colored Output: Easy-to-read progress and results
- 🔒 Secure: Environment variables for credentials, no hardcoded secrets
- 📦 Containerized: Full Docker support with docker-compose
- 🔧 Modular: Easy to extend with new attack modules
- ⚡ Performance: Multi-threaded operations with progress tracking
# Clone the repository
git clone https://github.com/yourusername/stf.git
cd stf
# Build and run with Docker
docker build -t stf:latest .
docker run -it stf:latestOr with docker-compose:
docker-compose up -it stfSee DOCKER.md for detailed Docker setup and examples.
- Python 3.8+
- pip
# Clone or navigate to the project
cd stf
# Install dependencies
pip install -r requirements.txt
# Create config (optional - defaults provided)
cp config.json config.local.json- Docker
- Docker Compose (optional)
# Build the image
docker build -t stf:latest .
# Run interactively
docker run -it -v $(pwd)/results:/app/results stf:latest
# Or use docker-compose
docker-compose up -it stf# Port scanning in Docker
docker run -it stf:latest port-scan 192.168.1.1
# SSH brute force in Docker
docker run -it -v $(pwd)/wordlists:/app/wordlists stf:latest ssh-brute 192.168.1.1 --user admin --wordlist wordlists/passwords.txt
# Using docker-compose
docker-compose up stf # Interactive menuThe Docker setup mounts several volumes for persistent data:
/app/results- Attack results (JSON/CSV files)/app/logs- Application logs/app/wordlists- Wordlist files/app/config- Configuration files
For convenience:
# Linux/Mac
chmod +x docker-build.sh
./docker-build.sh
# Windows
docker-build.batFull Docker documentation: See DOCKER.md
python main.pyLaunches an interactive menu to select attack types.
# Port scanning
python main.py port-scan 192.168.1.1 --ports 22,80,443 --output results.json
# SSH brute force
python main.py ssh-brute 192.168.1.1 --user admin --wordlist wordlists/passwords.txt
# HTTP brute force
python main.py http-brute http://target.com --wordlist wordlists/paths.txt
# DNS enumeration
python main.py dns-enum target.com --wordlist wordlists/subdomains.txt
# Credential stuffing
python main.py cred-stuff 192.168.1.1 --credentials creds.txt --service ssh
# SQL injection testing
python main.py sql-inject "http://target.com/search.php?id=1" --param id
# Payload testing
python main.py payload-test http://target.com --type xss --param input
# API testing
python main.py api-test http://api.target.com/v1 --methods GET,POST,PUTEdit config.json to customize:
- Timeout values
- Thread counts
- Wordlist paths
- Output format (JSON/CSV)
For comprehensive Docker setup, deployment options, troubleshooting, and production recommendations, see DOCKER.md.
Quick reference:
- Build:
docker build -t stf:latest . - Run:
docker run -it stf:latest - Compose:
docker-compose up -it stf - Build Scripts:
./docker-build.sh(Linux/Mac) ordocker-build.bat(Windows)
stf/
├── Dockerfile # Multi-stage Docker image
├── docker-compose.yml # Container orchestration
├── .dockerignore # Docker build excludes
├── docker-build.sh # Linux/Mac build script
├── docker-build.bat # Windows build script
├── DOCKER.md # Complete Docker guide
├── main.py # Entry point (CLI + menu)
├── modules/ # 8 Attack modules
│ ├── port_scanner.py
│ ├── ssh_bruteforce.py
│ ├── http_bruteforce.py
│ ├── dns_enumeration.py
│ ├── credential_stuffing.py
│ ├── sql_injection.py
│ ├── payload_testing.py
│ ├── api_testing.py
│ └── base_attack.py
├── utils/ # Utility modules
│ ├── config.py
│ ├── logger.py
│ ├── validators.py
│ └── report.py
├── wordlists/ # Sample wordlists
├── templates/ # Payload templates
├── config.json # Configuration
├── requirements.txt # Python dependencies
├── README.md # This file
├── DOCKER.md # Docker guide
├── LICENSE # MIT License
├── CODE_OF_CONDUCT.md # Community guidelines
├── CONTRIBUTING.md # Contribution guide
├── SECURITY.md # Security policy
└── .github/ # GitHub templates
This tool is designed for authorized security testing only. Ensure you have proper authorization before testing any system. Unauthorized access is illegal.
Results are saved in:
- JSON format (default)
- CSV format (with --output flag)
- Console table (displayed in menu mode)
All results include timestamps and attack metadata.
- Multi-threaded operations for speed
- Configurable thread count
- Rate limiting to respect target systems
- Progress indicators for long-running attacks
- Create a new module in
modules/extendingBaseAttack - Implement
validate_input()andexecute()methods - Add CLI arguments in
main.py - Add menu option in
Menu.ATTACKS
The authors and contributors are not responsible for any misuse or damage caused by this tool.
This project is licensed under the MIT License - see the LICENSE file for details.
If you need help:
- Check the documentation
- Review existing issues
- Open a new issue
- See SECURITY.md for security-related concerns
Contributions are welcome! Please see CONTRIBUTING.md for guidelines.
This project adheres to the Contributor Covenant Code of Conduct.
Made with ❤️ by the Security Testing Framework Community