This repository's purpose is to aid penetration testers in their pentest and reporting process. With functionality such as creating the initial report, adding paragraphs for OSINT and Reconnaissance, and outputting Nessus results into the report using Namicsoft.

Heads up: Python is fun and all, but I want access to a library which Java has, specifically for docx files. I want this program to be more independent (I'm talking about you, Namicsoft). In order to do that, I want to utilise a library in Clojure/Java which does what I want (I forgot what it is called). I found Clojure, which looks very promising. It's a platform that has access to Java libraries, and has access to Python's as well. Glorious? I know right. It will take about a week before an update is made to this project. If there is an update, it's probably the paragraphs I need to write up that I have been delaying...

My thought process is to import my scripts in this project (at least as many as I can), and then incorporate the java library I want to use. Over time, I will convert this whole project to Clojure, and voila. It's as simple as rewriting the main.py file to be more like a bunch of functions (which it basically is), and just adapt it so that Clojure calls it. From there I'll expand the project. I estimate about a week before I get anything done (I'm definitely overestimating myself). I'm covering a 40+ hour course by Eric Normand, so this is going to take a while.

(make sure you have installed the requirements.txt)

Setup the config dictionary in main.py under the main() function. Below are the sections that should be filled in. (I tried doing this in a config.json file, but it gave me issues)

# These comments are also within the main.py config dictionary.
"Author": "", # insert document author's name.
"Json File": "/Path/To/Pentest-Generator/data.json", # local path to the data.json file.
"Template File": "/Path/To/Pentest-Generator/PentestReport_Template.docx", # local path to the docx template.
"Output File": "/home/blah/GitHub/Pentest-Report-Generator-Private/result.docx", # local path to save/output file.
"Nessus Server": "127.0.0.1:8834", # server:port for nessus server.
"Nessus Username": "blah", # nessus username.
"Nessus Password": "halb", # nessus password.
"Nessus Web Policy": 13, # run "Scripts/NessusCaller.py -lp" to list the policy IDs you have. Create 2 if you haven't got any, 1 for web apps, the other for infrastructure. Insert the ID for the Web App policy.
"Nessus Infrastructure Policy": 56, # run "Scripts/NessusCaller.py -lp" to list the policy IDs you have. Create 2 if you haven't got any, 1 for web apps, the other for infrastructure. Insert the ID for the Infrastructure policy.
"Nessus File": "/Path/To/Nessus/File/{}".format(jsonData['nessusFile']), # path to Nessus file FOLDER. Leave the {} rather than naming the nessus file. It will add the name of the file automatically. You'll find this option added below the config file where it opens the data.json.
"Namicsoft Command": 'cd ~/; wine .wine/drive_c/Program\ Files\ \(x86\)/NamicSoft\ Scan\ Report\ Assistant/NamicSoftScanReportAssistant.exe', # This is the command to run Namisoft. If you're on linux, you'll have to keep in the "cd ~/; wine" before putting in the path.
"Namicsoft Report": "z:/Path/To/Namic/Report/Output/report.docx", #  Ensure you define the drive (for example: C:, Z:, etc). If you're in wine, check .wine/dosdevices for your linux system drive (mine was the 'z:' drive).
"Namicsoft Template": "z:/Path/To/Output/File/Above/result.docx" # The difference with 'Output File', and 'Namicsoft Template' is simply the defining the drive (z:). 

It should work on Python3 as a whole, but just in case, I've tested this on both Python 3.10 and 3.11.

The current options are as follows:

REPORT SECTION

1. Create Report
2. Add OSINT Sections
3. Add Recon Sections
4. Import Nessus Results [Namicsoft]

SCANNER SECTION

5. Start Nessus Scan
6. List Nessus Policies

As you can see, its not the most complex setup. You pick your option and will be presented with options. Option 1 is the only section which requests input from the user, such as the client's name, and the end date of the assessment. Option 1 also holds the premade executive summary paragraphs. If you select Web Application as your assessment, it will then insert the Web Application executive summary paragraph (ReportScripts/createReport.py)

Options 2 & 3 are programmed almost identically. The difference being, option 1 holds the premade paragraphs for OSINT (ReportScripts/intelligenceGatheringParagraphs.py), and option 2 holds premade paragraphs for Recon (ReportScripts/reconnaissanceParagraphs.py).

Option 4 requires you to have run Option 5. When option 5 runs, it will set the file name for the nessus scan results. If you want to use a scan you already ran, simply download it, store it in the same directory as the main.py script, rename the file in data.json, and then you're set for option 4.

This simply checks for the Nessus policy IDs. This is necessary for the config dictionary in main.py.

Currently there is a single example template under the 'Templates' folder. This template works with the script tags and Namicsoft to generate the report.

• {{Author}} : Replaces tag with author name. Applies to tables as well.
• {{Date}} : Replaces tag with today's date. Applies to tables as well.
• {{Client}} : Replaces tag with client Name. Applies to tables as well.
• {{Assess}} : Replaces tag with the assessment (Web Application, External Infrastructure, etc. Applies to tables as well.
• {{End_Date}} : Replaces the tag with the end date of the assessment. Applies to tables as well.
• {{Ref}} : Replaces tag with auto-generated reference ({{Client Initials}}/{{AssessmentShorthand}}/{{month/year}} Looks like B/WA/0422 which translates to Blah/Web Application/April 2022). Applies to tables as well.
• {{Scope}} : Replaces tag with scope. Applies to tables as well.
• {{OSINT}} : Searches for tag, inserts selected paragraphs above tag, then deletes tag.
• {{RECONNAISSANCE}} : Searches for tag, inserts selected paragraphs above tag, then deletes tag.

pip install python-docx argparse requests urllib3 # I think that's all of them...)

python3 main.py

• Migrate data storage such as config dictionary in main.py and data.json into an SQLite project.
• Integrate Nmap scans, which then create a reference in data.json to import the results. (refer to AutoRecon, which could be used to automate the scan part)
• Integrate Whatweb parser and import data to report.
• Integrate other tools to populate the report automatically.
• Python script that runs Autorecon and imports/exports .xml results.
• Create a second repository for functioning the same way as this one, just for general use.

• Add comments to the Python functions to make it easier to understand.
• Create documentation on how this works for easy reference.
• Improve and add paragraphs in both OSINT, recon, and exec summary.
• Create a GUI for convenience.

• None that I can find.

List of scripts to refer to when integrating standalone parsers:

• https://github.com/happyc0ding/vulnscan-parser
• https://github.com/stevecoward/whatweb-parser

I don't have a lot of Python experience. I have made this by googling a ton and created it over a weekend. I plan on improving it to make MY life easier, and of course, I want to aid other testers too; but I'm making this for myself and my convenience. An example is prioritising the Namicsoft (a proprietary, paid for tool) plugin over the Nmap.