The Pollenisator is a tool that aims to help pentesters and bug hunters automate the use of certain tools / scripts and monitor them.
- Written in python 3
- Provides pentest tools for Hosts, Ports, Command, Tools etc.
- The tools / scripts are divided into 4 categories: wave, Network / domain, IP, Port
- Objects are stored on a NoSQL DB (Mongo)
- Keep links between them to allow queries
- Objects can be created through a parser / manual import program
- Business logic can be applied (automatic violent reporting, data activations, etc.)
- Many tools cmmovements scripts are available to avoid overloading the target or scanner.
- A tcl / tk based GUI
Specifications
- Enter your own tools
- Add command line options to base data your
- Create your own light plugin to analyze the output of your tool
- Use the Models objects to add, update, or delete objects in the pentest media of plugins
- Limit the number of noisy / heavy tools running at the same time
- Define an identification / capture process with custom tools
- Select a period to start and stop the tools
- Define your range with IP network domains and areas.
- Custom settings to include new servers in the scope
- Save the results of all files created through tool execution
- Start this connection program to apply many tools for LAN and Web pentest
- Collaborative pentests
- Separate the task between your machines by starting a task from the computer you want to use
- Ip tags or tools to show your co-workers that you have completed a task
- Take notes on each item to keep track of your discoveries
- Live monitor the status of the tools
- Search all the properties of your objects with the filter bar
- have a quick overview of all the servers and their open ports and check if some are pwned
- Report
- Create security vulnerabilities in IPs and ports
- Make your additions create immediate flaws
- Create a Word report for security vulnerabilities found. You can use your own template with extra work
- Generate a Powerpoint report for security vulnerabilities detected. You can use your own template with extra work
- Currently built-in tools
- IP / Port Identification: Nmap (Quick nmaps followed by thorough scanning)
- Domain listing: Knockpy, Sublist3r, dig reverse, crtsh
- Web: WhatWeb, Nikto, http methods, Dirsearch
- LAN: crackmapexec, foreverblue και bluekeep scan, smbmap, anonymous ftp, enum4linux
- Unknown ports: scripts amap, nmap
- Miscellaneous: ikescan, ssh_scan, openrelay
Information about the installation and what use of the program, you will find here.