npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

pentest-tool-lite

v3.9.3

Published

Check your website ( or any other website ) for common vulnerabilities.

Downloads

119

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

juffalowjuffalow

Keywords

pentest-toolpentestingpenetration-testanalyzeranalyser

Readme

Pentest Tool LITE

License Lint and test codecov

Check your website ( or any other website ) for common vulnerabilities.

Usage

Install

yarn global add pentest-tool-lite

# of if you use npm

npm i -g pentest-tool-lite

Basic

pentest-tool-lite <URL> # http(s)://....

Example

pentest-tool-lite https://juffalow.com

pentest

Options

Available options:

  • -V, --version output the version number
  • --grep only run tests matching tests separated by comma
  • --exclude exclude tests matching tests separated by comma
  • --logger
  • --report
  • -h, --help output usage information

help

$ pentest-tool-lite --help

grep

Grep is checking every test if it contains any string from the grep argument.

To check just https and hsts type:

pentest-tool-lite https://juffalow.com --grep https,hsts

To list all available tests:

pentest-tool-lite tests

exclude

If you do not want to run specific tests, you can ignore them with exclude argument.

To exclude javascript, css and image tests:

pentest-tool-lite https://juffalow.com --exclude javascript,css,image

reportType

Default report is short, which will show just test titles. If you want to see also description, change it to FULL report with:

pentest-tool-lite https://juffalow.com --reportType FULL

reportFormat

pentest-tool-lite https://juffalow.com --reportFormat JSON

Sub Commands

Sitemap

List all URLs in sitemap. If it is sitemap index (sitemap that contains URLs to other sitemaps) it loads every sitemap and shows URLs from all of them.

pentest-tool-lite sitemap https://example.com/sitemap.xml

Random

Reads from standard input and outputs lines based on some probability. This can be used for testing just random urls. For example, you can run sitemap sub-command, but you don't want to run the pentest on all of listed urls, so you can use pipes and pick random urls.

pentest-tool-lite sitemap https://example.com/sitemap.xml | pentest-tool-lite random | xargs -n1 pentest-tool-lite

Contributing

Use GitHub issues if you have suggestion for new check(s) or you found a bug in existing one.

And I'll be thankful for every pull request ;-)

How to run project locally

# install node modules
yarn
# run
yarn start https://juffalow.com

# or if you use npm

# install node modules
npm i
# run
npm start -- https://juffalow.com

Debugging and Logging

Log everything:

pentest-tool-lite https://juffalow.com --logger=DEBUG

Log everything that has at least WARNING level:

pentest-tool-lite https://juffalow.com --logger=WARNING

Tests

npm test

License

MIT license