Educational Use Only - This framework is designed for authorized security testing and educational purposes. Always obtain proper authorization before testing any systems.
Overview
The Ethical Audit Framework is a powerful Python-based CLI tool that orchestrates multiple penetration testing attacks and generates professional security reports. It combines network scanning, SQL injection testing, WordPress vulnerability assessment, directory enumeration, and hash cracking into a unified, automated workflow.Key Features
Network Scanning
Discover hosts and enumerate services with Nmap integration
SQL Injection
Automated SQLMap testing against DVWA and custom endpoints
WordPress Testing
WPScan enumeration and brute-force attacks
Directory Enumeration
Discover hidden paths with Gobuster integration
Hash Cracking
Fast MD5 hash cracking with dictionary attacks
PDF Reports
Professional audit reports with risk analysis
Quick Start
Get up and running in minutes with the Ethical Audit Framework.Installation Guide
Install dependencies and set up your environment
Quick Start
Run your first security audit
Core Capabilities
The framework provides a rich interactive CLI with six attack modes:- Full Audit - Complete security assessment (DVWA + WordPress)
- Network Discovery - Auto-discover and attack multiple hosts
- Reconnaissance - Network scanning and directory enumeration
- SQL Injection - Targeted SQLMap attacks with hash cracking
- WordPress Brute-Force - WPScan with rockyou.txt wordlist
- Custom Target - Full audit against a manual IP address
Risk Analysis
Automatically calculates risk scores based on:- Critical vulnerabilities discovered
- Exposed dangerous ports
- HTTP services exposure
- Extracted credentials
Learn More
Architecture
Understand the framework’s modular design
Configuration
Customize targets, wordlists, and settings
API Reference
Explore the Python API for automation
GitHub Repository
View the source code and contribute