Pollenisator: A collection of tools for Penetration Testers

The Pollenizer is a tool that aims to help pentesters and their bug hunters automate the use of certain tools / scripts and monitor them.

• Written in python 3
• Provides pentest tools for Hosts, Ports, Command, Tools etc.
• The tools / scripts are divided into 4 categories: wave, Network / domain, IP, Port
• Objects are stored on a NoSQL DB (Mongo)
• Keep links between them to allow queries
• Objects can be created via an analysis / manual import program
• Business logic can be applied (automatic violent reporting, data activations, etc.)
• Many scripting tools are available to prevent the target or scanner from overloading.
• A tcl / tk based GUI

Characteristics

• Enter your own tools
  • Add command line options to your database
  • Create your own light plugin to analyze the output of your tool
  • Use Models objects to add, update or delete objects in the pentest media of plugins
  • Limit the number of parallel performances of noisy / heavy tools
• Define an identification / capture process with custom tools
  • Select a period to start and stop the tools
  • Define your range with IP network domains and areas.
  • Custom settings to include new servers in the scope
  • Save the results of all files created through tool execution
  • Start this connection program to apply many LAN and Web pentest tools
• Collaborative pentests
  • Separate the task between your machines by starting a task from the computer you want to use
  • Ip tags or tools to show your co-workers that you have completed a task
  • Take notes on each item to keep track of your discoveries
  • Follow the status of the tools live
  • Search all the properties of your objects with the filter bar
  • have a quick overview of all servers and their open ports and check if some are pwned
• Report
  • Create security vulnerabilities in IPs and ports
  • Make your additions create immediate flaws
  • Create a Word report for security vulnerabilities found. You can use your own template with extra work
  • Generate a Powerpoint report for detected security vulnerabilities. You can use your own template with extra work
• Currently built-in tools
  • IP / Port Identification: Nmap (Quick nmaps followed by thorough scanning)
  • Domain listing: Knockpy, Sublist3r, dig reverse, crtsh
  • Web: WhatWeb, Nikto, http methods, Dirsearch
  • LAN: Crackmapexec, foreverblue and bluekeep scan, smbmap, anonymous ftp, enum4linux
  • Unknown ports: scripts amap, nmap
  • Miscellaneous: ikescan, ssh_scan, openrelay

Information on the installation and what use of the program, you will find here.