Automate Your Penetration Testing Workflow with Redamon
Let's be honest: penetration testing can be a grind. The cycle of reconnaissance, scanning, exploitation, and post-exploitation involves juggling a dozen tools, manually feeding outputs from one into the next, and keeping track of it all. It's repetitive and ripe for automation. That's where Redamon comes in.
This open-source project aims to streamline the entire process, chaining together proven tools into a single, automated workflow. Think of it as a conductor for your security orchestra, letting you focus on strategy instead of manual tool execution.
What It Does
Redamon is an automated penetration testing framework written in Python. It takes a target (like a domain or IP address), runs it through a predefined pipeline of reconnaissance and attack tools, and consolidates the results. The workflow typically moves from discovering subdomains and open ports, to identifying vulnerabilities, and finally to post-exploitation activities—all with minimal manual intervention.
Why It's Cool
The real value isn't in the individual tools—many are well-known favorites like nmap, Amass, and SQLmap. The clever part is how Redamon stitches them together. It automates the boring, sequential parts of a test: taking the subdomains found in one phase and automatically feeding them into a port scanner, then taking open ports and running appropriate vulnerability scanners against them.
This approach reduces context-switching and human error. It also provides a consistent, repeatable process for engagements, which is great for documentation and for junior pentesters learning the ropes. The project structure is modular, so if you have a preferred tool for a certain task, you can likely integrate it without tearing the whole thing apart.
How to Try It
Getting started is straightforward. You'll need Python 3 and Git installed on your system (preferably a Linux-based one like Kali or Parrot OS for tool compatibility).
- Clone the repository:
git clone https://github.com/samugit83/redamon.git cd redamon - Install the required dependencies:
pip install -r requirements.txt - Make sure you have the underlying tools (like nmap) installed on your system.
- Run it against a target you have permission to test:
python3 redamon.py -t target-domain.com
Important: Only use this on systems and networks you own or have explicit, written permission to test. Unauthorized scanning is illegal.
Final Thoughts
Redamon is a solid step towards a more efficient pentesting workflow. It won't replace deep expertise or creative problem-solving—the critical thinking of a skilled tester is still irreplaceable. What it does do is handle the heavy lifting of running a standard methodology, freeing you up to interpret results and plan the next strategic move. For developers interested in security, it's also a great codebase to study to see how these tools can be orchestrated programmatically.
If you're tired of manually piecing together your security assessments, this project is definitely worth a look.
@githubprojects
Repository: https://github.com/samugit83/redamon