InfoSecBulletin Cybersecurity for mankind
AutoPentestX is an open-source toolkit for automated penetration testing on Linux, allowing security assessments from one command. Created by Gowtham Darkseid and released in November 2025, it produces professional PDF reports and focuses on safe, non-destructive testing.
AutoPentestX automates OS detection, port scanning, service enumeration, and vulnerability checks for Kali Linux, Ubuntu, and Debian-based distributions.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
It integrates Nmap for network scans, Nikto and SQLMap for web testing, and CVE lookups for risk scoring using CVSS metrics. Results are stored in an SQLite database, and it supports Metasploit RC scripts for safe manual exploitation review.
Integrated Tools and Capabilities:
| Tool | Purpose | Integration Method |
|---|---|---|
| Nmap | Port/OS scanning, service enum | python-nmap library |
| Nikto | Web server vulnerabilities | Subprocess execution |
| SQLMap | SQL injection detection | Subprocess execution |
| Metasploit | Exploit simulation | RC script generation |
| CVE CIRCL | Vulnerability database queries | REST API calls |
| ReportLab | PDF report generation | Python library |
This table shows the modular design, allowing for skips during web scans or exploits using command flags.
Installation requires Python 3.8+, root access, and tools like Nmap. Users clone the repo, run ./install.sh for dependencies, or opt for manual venv setup with pip install -r requirements.txt.
Usage is simple: ./autopentestx.sh <target_IP> launches full scans, outputting to reports/, logs/, and database/ directories.
Options include –no-safe-mode (not recommended), –skip-web, and custom tester names. Scans take 5-30 minutes, producing PDFs with executive summaries, risk classifications (CRITICAL: CVSS 9.0+), and remediation advice.
Reports include open ports, CVE details, and scores based on exploitability. Data is stored for historical analysis and can be exported in JSON format for integration. Safe mode prevents disruptions and logs all actions for auditing.
