PenDocX is a modern, modular penetration testing documentation and reporting tool. It is designed to streamline the process of recording findings during a penetration test and generating professional reports in multiple formats.
- Mission Management: Initialize and manage penetration testing missions easily.
- Finding Tracking: Record findings with detailed descriptions, impacts, and remediations.
- CVSS v3.1 Scoring: Integrated CVSS calculation logic to automatically determine severity.
- Compliance Mapping: Map findings to industry standards like OWASP Top 10 (2021) and SANS Top 25 (CWE).
- Artifact Support: Attach artifacts like screenshots and logs to findings.
- Multi-format Premium Reporting: Generate reports in Word (
.docx), HTML, Markdown, and PDF. - Offline First: Designed to work in isolated networks without internet connectivity.
- Modern CLI & UX: Powered by Click and Rich for a beautiful, interactive terminal experience.
- Python 3.11 or higher
# Clone the repository
git clone https://github.com/ismailtsdln/PenDocX.git
cd PenDocX
# Create a virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install .pendocx initpendocx add-testpendocx list-findings# Premium PDF (default/recommended)
pendocx generate-report --format pdf
# Premium Word report
pendocx generate-report --format word
# Premium HTML report
pendocx generate-report --format htmlpendocx export-jsonpendocx/core: Logging, configuration, CVSS utils, and error handling.pendocx/models: Pydantic data models and storage logic.pendocx/reporter: Premium Word, HTML, PDF, and Markdown exporters.pendocx/cli: Command-line interface implementation.
- CLI: Click
- UI & UX: Rich
- Data Validation: Pydantic
- Templating: Jinja2
- Reports: python-docx, xhtml2pdf
- Security: cvss
This project is licensed under the MIT License.