djedi/toolbelt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
toolbelt/README.md
rpriven fd0659d70c
Toolbelt v2.0 - Complete refactor with interactive menus and profiles 
Major rewrite from single-file script to modular architecture with comprehensive features:

## New Features
- Interactive 3-level menu system (Main → Categories → Tools)
- Pre-built profiles: Bug Bounty, CTF, Web App, Network, Full Pentest
- Distro detection with appropriate tool sets (Kali, Debian, Ubuntu)
- NO root requirement - runs as user, uses sudo selectively
- Comprehensive logging (console + ~/toolbelt-install.log)
- Fresh CLI tool integration and detection
- Smart tool detection (skips already-installed tools)

## Architecture Changes
- Modular design: utils.py, config.py, installer.py, toolbelt.py
- utils.py: Distro detection, logging setup, helper functions
- config.py: Tool definitions, profiles, category metadata
- installer.py: Installation logic for all tool categories
- toolbelt.py: Interactive menu system and main flow

## Improvements
- Fixed $HOME path resolution bug (no more /root issues)
- Added comprehensive error handling and reporting
- Category-based tool organization (APT, Go, /opt, Python, Docker, Scripts)
- Parallel Go tool installation with ThreadPoolExecutor
- Shell alias setup for Docker tools

## Documentation
- Complete README rewrite with usage examples
- Architecture diagrams and file structure
- Integration guide for fresh ecosystem
- Version history and changelog

## Archived Files
- toolbelt.sh → toolbelt.sh.old (legacy bash version)
- toolbelt.py → toolbelt_old.py (original Python v1.0)

Part of the Djedi security tooling ecosystem integration.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-31 23:17:41 -06:00

272 lines
7.1 KiB
Markdown
Raw Blame History

# Djedi Toolbelt v2.0
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
[![Python: 3.6+](https://img.shields.io/badge/Python-3.6+-blue.svg)](https://www.python.org/)
**Comprehensive security tool installer with interactive menus, pre-built profiles, and distro-specific support.**
---
## 🚀 What's New in v2.0
-**Interactive 3-Level Menu System** - Browse categories, select tools, install profiles
-**Pre-Built Profiles** - Bug Bounty, CTF, Web App, Network, Full Pentest
-**Distro Detection** - Kali, Debian, Ubuntu support with appropriate tool sets
-**No Root Requirement** - Runs as user, uses sudo only when needed
-**Comprehensive Logging** - Dual output (console + file)
-**Fresh Integration** - Detects and recommends modern CLI tools
-**Modular Architecture** - Clean, maintainable Python code
---
## 📋 Quick Start
```bash
# Clone the repository
git clone https://github.com/rpriven/toolbelt.git
cd toolbelt
# Run toolbelt (no sudo needed!)
python3 toolbelt.py
```
**Important:** Do NOT run as root/sudo. The script will use sudo for specific commands that require it.
---
## 🎯 Features
### Interactive Menu System
**Level 1 - Main Menu:**
- Quick Install Profiles
- Browse & Select Categories
- Install Prerequisites (fresh)
- View Installed Tools
**Level 2 - Categories:**
- 📦 APT Tools - Package manager tools
- 🔷 Go Tools - Security tools written in Go
- 🔧 /opt Tools - Tools cloned to /opt
- 🐍 Python Tools - Tools via pip3
- 🐳 Docker Tools - Containerized tools
- 📜 Useful Scripts - PEAS, PowerView, etc.
**Level 3 - Tool Selection:**
- Install all tools in category
- Individual tool selection (coming soon)
### Pre-Built Profiles
**Bug Bounty Hunter** - Web app testing and reconnaissance
- nmap, masscan, nikto, sqlmap, burpsuite
- nuclei, httpx, subfinder, katana, amass
- Sublist3r, wafw00f, XSStrike
- wfuzz, arjun, scripts collection
**CTF Player** - Capture The Flag tools
- nmap, burpsuite, sqlmap, wireshark
- Python tools: wfuzz, scrapy, requests
- Scripts collection
**Web Application Testing** - Web security focus
- nmap, nikto, sqlmap, burpsuite
- nuclei, httpx, katana
- wafw00f, XSStrike, Striker
- wfuzz, arjun, scrapy
**Network Pentesting** - Network recon and scanning
- nmap, masscan, wireshark
- naabu, amass, assetfinder, httprobe
- RustScan (Docker)
**Full Pentesting Arsenal** - Everything (5GB+)
- All APT tools
- All Go tools
- All /opt tools
- All Python tools
- All Docker tools
- All scripts
---
## 🛠️ Tool Categories
### APT Tools (via package manager)
**Kali Linux:**
nmap, masscan, naabu, nuclei, burpsuite, feroxbuster, nikto, gobuster, seclists, sqlmap, git, docker.io, docker-compose, golang-go, wireshark
**Debian/Ubuntu:**
nmap, masscan, nikto, sqlmap, git, docker.io, docker-compose, golang-go, wireshark, burpsuite
### Go Tools (via go install)
naabu, nuclei, katana, httpx, subfinder, amass, assetfinder, httprobe, gowitness, subjack, hakrawler, webanalyze
*All ProjectDiscovery tools included*
### /opt Tools (cloned to /opt)
- **pimpmykali** (Kali only) - Golang + Impacket setup
- **xnLinkFinder** - Link finder for bug bounty
- **Knockpy** - Subdomain enumeration
- **Sublist3r** - Subdomain discovery
- **Striker** - Web application scanner
- **wafw00f** - WAF detection
- **waymore** - Web archive scraper
- **XSStrike** - XSS detection suite
### Python Tools (via pip3)
wfuzz, arjun, scrapy, tld, requests, fuzzywuzzy
### Docker Tools
**RustScan** - Fast port scanner
- Includes alias setup for shell
### Useful Scripts (downloaded to ~/scripts)
- **linpeas.sh** - Linux privilege escalation
- **jaws-enum.ps1** - Windows enumeration
- **LinEnum.sh** - Linux enumeration
- **winPEASany_ofs.exe** - Windows privilege escalation
- **php-reverse-shell.php** - PHP reverse shell
- **linux-exploit-suggester.sh** - Linux exploit suggester
- **PowerView.ps1** - PowerShell AD enumeration
---
## 🔧 Requirements
- **OS:** Kali Linux, Debian, or Ubuntu
- **Python:** 3.6+
- **Package Manager:** apt
- **Privileges:** sudo access (script runs as user, not root)
---
## 📖 Usage Examples
### Install a Profile
```bash
python3 toolbelt.py
# Select: 1) Quick Install Profiles
# Choose: Bug Bounty Hunter
```
### Browse Categories
```bash
python3 toolbelt.py
# Select: 2) Browse & Select Categories
# Choose category (e.g., Go Tools)
# Install all or select specific tools
```
### Check Installed Tools
```bash
python3 toolbelt.py
# Select: 4) View Installed Tools
```
---
## 🔗 Integration with Fresh
Toolbelt integrates with [fresh](https://github.com/rpriven/fresh) for modern CLI productivity tools.
**Recommended Setup:**
1. **Install fresh first** - Modern CLI foundation (fzf, ripgrep, bat, etc.)
2. **Install toolbelt** - Security tools
3. **Install tmux-recon** (optional) - Pentesting automation
Fresh provides essential CLI tools that enhance the security workflow. Toolbelt will detect if fresh is installed and prompt you to install it if missing.
---
## 📂 Architecture
```
toolbelt/
├── toolbelt.py # Main entry point with interactive menus
├── utils.py # Distro detection, logging, helpers
├── config.py # Tool definitions, profiles, categories
├── installer.py # Installation logic for each category
├── toolbelt_old.py # Original v1.0 (reference)
└── toolbelt.sh.old # Legacy bash version (archived)
```
**Modular Design:**
- `utils.py` - System checks, logging setup, helper functions
- `config.py` - Tool lists, profile definitions, category metadata
- `installer.py` - Installation functions for each tool category
- `toolbelt.py` - Interactive menu system and main flow
---
## 🔐 Security Notes
- **No Root Execution**: Script runs as regular user, uses sudo only for specific commands
- **Logging**: All operations logged to `~/toolbelt-install.log`
- **Smart Detection**: Skips already-installed tools
- **Error Handling**: Comprehensive error checking and reporting
---
## 🐛 Known Issues
- Individual tool selection menu (Level 3) coming in next update
- Custom profile saving/loading planned for future release
---
## 🤝 Contributing
Contributions welcome! Please feel free to submit pull requests or open issues for:
- Additional tool suggestions
- New profiles
- Platform support improvements
- Bug fixes
---
## 📝 Version History
**v2.0.0** (2025-10-31)
- Complete rewrite with interactive menu system
- Pre-built profile support
- Distro detection (Kali, Debian, Ubuntu)
- Removed root requirement
- Added comprehensive logging
- Fresh integration
- Modular architecture
**v1.0** (2023)
- Original automated installer
- Bash and Python versions
- Root required
- No menu system
---
## 📜 License
This project is licensed under the MIT License - see the LICENSE file for details.
---
## 🙏 Acknowledgments
- Built for the pentesting and bug bounty community
- Integrates tools from ProjectDiscovery, OWASP, and many open source developers
- Inspired by the need for quick, consistent tool setup across environments
- Part of the Djedi security tooling ecosystem
---
**Djedi Toolbelt** - Because every pentester deserves a well-equipped toolbelt. 🔧
Reference in a new issue View git blame Copy permalink