#!/usr/bin/env bash # ============================================================================= # pimp-my-termux — Infosec / Pentesting Tools Installer # For security researchers on Termux/Android # # Usage: # bash install-infosec.sh # bash install-infosec.sh --skip-update # bash install-infosec.sh --category recon # install one category only # # Categories: recon | web | network | passwords | forensics | reversing | utils # ============================================================================= # --- Colors ------------------------------------------------------------------ R='\033[0;31m' G='\033[0;32m' Y='\033[1;33m' B='\033[0;34m' C='\033[0;36m' M='\033[0;35m' BOLD='\033[1m' DIM='\033[2m' NC='\033[0m' info() { echo -e "${C}[·]${NC} $*"; } success() { echo -e "${G}[✓]${NC} $*"; } warn() { echo -e "${Y}[!]${NC} $*"; } error() { echo -e "${R}[✗]${NC} $*"; } header() { echo -e "\n${BOLD}${B}━━━ $* ${NC}"; } note() { echo -e " ${DIM}$*${NC}"; } skip() { echo -e " ${DIM}[–] $* (already installed)${NC}"; } FAILED=() SKIP_UPDATE=false ONLY_CATEGORY="" for arg in "$@"; do [[ "$arg" == "--skip-update" ]] && SKIP_UPDATE=true [[ "$arg" == "--category" ]] && shift && ONLY_CATEGORY="$1" done # --- Termux guard ------------------------------------------------------------ [[ -z "${PREFIX:-}" || ! -d "/data/data/com.termux" ]] && { error "Must be run inside Termux on Android."; exit 1; } # --- Banner ------------------------------------------------------------------ echo -e "${R}${BOLD}" echo " ╔═════════════════════════════════════════════╗" echo " ║ pimp-my-termux · Infosec Edition ║" echo " ║ Recon · Web · Network · Pwn · Forensics ║" echo " ╚═════════════════════════════════════════════╝" echo -e "${NC}" echo -e " ${DIM}For authorized security research and CTF use only.${NC}\n" # --- Helpers ----------------------------------------------------------------- run_category() { local cat="$1" [[ -n "$ONLY_CATEGORY" && "$ONLY_CATEGORY" != "$cat" ]] && return } pkg_install() { # Install a pkg package; skip gracefully if already present local pkg="$1" local label="${2:-$pkg}" if pkg list-installed 2>/dev/null | grep -q "^${pkg}/"; then skip "$label" else info "Installing $label…" if pkg install -y "$pkg" 2>/dev/null; then success "$label" else error "$label — pkg install failed" FAILED+=("$label") fi fi } pip_install() { local pkg="$1" local label="${2:-$pkg}" info "pip: $label…" if python -m pip install --upgrade --quiet "$pkg"; then success "$label" else error "$label — pip install failed" FAILED+=("$label") fi } go_install() { local module="$1" local binary="$2" local label="${3:-$binary}" if command -v "$binary" &>/dev/null; then skip "$label" return fi info "go install: $label…" if go install "$module" 2>/dev/null; then success "$label" else error "$label — go install failed" FAILED+=("$label") fi } # --- Update ------------------------------------------------------------------ if ! $SKIP_UPDATE; then header "Package Update" pkg update -y && pkg upgrade -y success "Packages up to date" fi # --- Base dependencies ------------------------------------------------------- header "Base Dependencies" pkg_install python "Python 3" pkg_install golang "Go (for Go-based tools)" pkg_install git "git" pkg_install curl "curl" pkg_install wget "wget" pkg_install openssl-tool "openssl" pkg_install libssl "libssl" python -m pip install --upgrade pip --quiet success "pip up to date" # ============================================================================= # CATEGORY 1 — RECONNAISSANCE # ============================================================================= if run_category recon; then header "Reconnaissance" pkg_install nmap "nmap (port scanner)" pkg_install whois "whois" pkg_install dnsutils "dig / nslookup" pkg_install traceroute "traceroute" pkg_install mtr "mtr (traceroute + ping)" pkg_install masscan "masscan (fast port scanner)" # theHarvester — OSINT / email & subdomain harvester pip_install theHarvester "theHarvester (OSINT harvester)" # Shodan CLI pip_install shodan "shodan-cli" note "shodan init → https://account.shodan.io" # subfinder — subdomain discovery (Go) go_install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest \ subfinder "subfinder (subdomain enum)" # httpx — fast HTTP prober (Go) go_install github.com/projectdiscovery/httpx/cmd/httpx@latest \ httpx "httpx (HTTP prober)" # dnsx — DNS toolkit (Go) go_install github.com/projectdiscovery/dnsx/cmd/dnsx@latest \ dnsx "dnsx (DNS recon)" # amass — in-depth attack surface mapper (Go) go_install github.com/owasp-amass/amass/v4/...@master \ amass "amass (attack surface mapper)" fi # recon # ============================================================================= # CATEGORY 2 — WEB TESTING # ============================================================================= if run_category web; then header "Web Testing" pkg_install nikto "nikto (web vuln scanner)" pkg_install sqlmap "sqlmap (SQL injection)" # httpie — user-friendly curl alternative pip_install httpie "httpie (http client)" # ffuf — web fuzzer (Go) go_install github.com/ffuf/ffuf/v2@latest \ ffuf "ffuf (web fuzzer)" # gobuster — dir/subdomain brute force (Go) go_install github.com/OJ/gobuster/v3@latest \ gobuster "gobuster (dir/sub brute force)" # nuclei — template-based vulnerability scanner (Go) go_install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest \ nuclei "nuclei (vuln scanner)" note "nuclei -update-templates ← run after install" # wfuzz — web fuzzer (Python) pip_install wfuzz "wfuzz (web fuzzer)" # jwt-tool — JWT attack toolkit pip_install jwt_tool "jwt-tool (JWT attacks)" fi # web # ============================================================================= # CATEGORY 3 — NETWORK # ============================================================================= if run_category network; then header "Network Tools" pkg_install netcat-openbsd "netcat (nc)" pkg_install ncat "ncat (nmap's netcat)" pkg_install socat "socat (relay / reverse shells)" pkg_install tcpdump "tcpdump" pkg_install tshark "tshark (Wireshark CLI)" pkg_install iproute2 "ip / ss commands" pkg_install bind-utils "host / dig" pkg_install openssh "ssh / scp / sftp" # impacket — Windows/SMB protocol suite (Python) pip_install impacket "impacket (SMB/AD tools)" # scapy — packet crafting (Python) pip_install scapy "scapy (packet crafting)" warn "tcpdump / tshark require root for live capture on Android." warn "Use them with pcap files (offline analysis) without root." fi # network # ============================================================================= # CATEGORY 4 — PASSWORDS & AUTH # ============================================================================= if run_category passwords; then header "Passwords & Authentication" pkg_install hydra "hydra (network brute force)" pkg_install john "john (John the Ripper)" pkg_install hashcat "hashcat (GPU hash cracker)" pkg_install medusa "medusa (parallel brute force)" # CrackMapExec / netexec (Python) pip_install netexec "netexec / CrackMapExec" warn "hashcat GPU mode is limited on Android; CPU mode (-D 1) works fine." note "Common wordlists can be fetched with:" note " wget https://github.com/danielmiessler/SecLists/raw/master/Passwords/Common-Credentials/10-million-password-list-top-1000.txt" fi # passwords # ============================================================================= # CATEGORY 5 — FORENSICS # ============================================================================= if run_category forensics; then header "Forensics" pkg_install binwalk "binwalk (firmware analysis)" pkg_install exiftool "exiftool (metadata)" pkg_install steghide "steghide (steganography)" pkg_install foremost "foremost (file carving)" pkg_install sleuthkit "sleuthkit / fls / fsstat" pkg_install hexedit "hexedit" pkg_install xxd "xxd (hex dump)" # volatility3 — memory forensics (Python) pip_install volatility3 "volatility3 (memory forensics)" # oletools — Office/OLE malware analysis (Python) pip_install oletools "oletools (Office/OLE analysis)" # pdfminer — PDF analysis pip_install pdfminer.six "pdfminer (PDF parser)" # python-magic — file type detection pip_install python-magic "python-magic (file ID)" fi # forensics # ============================================================================= # CATEGORY 6 — REVERSING & EXPLOITATION # ============================================================================= if run_category reversing; then header "Reversing & Exploitation" pkg_install gdb "gdb (debugger)" pkg_install radare2 "radare2 (r2 framework)" pkg_install ltrace "ltrace (library call tracer)" pkg_install strace "strace (syscall tracer)" pkg_install nasm "nasm (assembler)" pkg_install binutils "binutils (objdump, nm, strings…)" # pwntools — CTF/exploit dev (Python) pip_install pwntools "pwntools (exploit dev)" # ROPgadget pip_install ROPgadget "ROPgadget (ROP chain builder)" # angr — binary analysis framework (heavy) pip_install angr "angr (binary analysis)" note "angr is large (~500 MB). Skip if disk space is limited." fi # reversing # ============================================================================= # CATEGORY 7 — UTILITIES # ============================================================================= if run_category utils; then header "General Utilities" pkg_install jq "jq (JSON processor)" pkg_install tmux "tmux (terminal multiplexer)" pkg_install vim "vim" pkg_install zsh "zsh" pkg_install fzf "fzf (fuzzy finder)" pkg_install bat "bat (cat with syntax highlighting)" pkg_install lsd "lsd (ls with icons)" pkg_install ripgrep "ripgrep (fast grep)" pkg_install fd "fd (fast find)" pkg_install tree "tree" pkg_install zip "zip / unzip" pkg_install p7zip "7zip" pkg_install termux-api "termux-api (Android integration)" # CyberChef CLI alternative — python cyberchef pip_install pycipher "pycipher (classical ciphers)" pip_install pycryptodome "pycryptodome (crypto library)" fi # utils # ============================================================================= # WORDLISTS # ============================================================================= header "Wordlists" WORDLISTS_DIR="$HOME/wordlists" mkdir -p "$WORDLISTS_DIR" info "Cloning SecLists (this may take a while — ~1.3 GB)…" if [[ -d "$WORDLISTS_DIR/SecLists/.git" ]]; then skip "SecLists (already cloned)" else if git clone --depth 1 https://github.com/danielmiessler/SecLists.git \ "$WORDLISTS_DIR/SecLists"; then success "SecLists → $WORDLISTS_DIR/SecLists" else warn "SecLists clone failed (network issue or low storage)" FAILED+=("SecLists") fi fi note "For a smaller download use --depth 1 and only the subdirs you need." note "rockyou.txt is inside SecLists/Passwords/Leaked-Databases/" # ============================================================================= # ROOT-LIMITED TOOLS NOTE # ============================================================================= header "Root-Limited Tools" echo -e " The following tools ${Y}work better (or only) with root${NC}: ${DIM}•${NC} tcpdump / tshark — live packet capture needs CAP_NET_RAW ${DIM}•${NC} aircrack-ng — needs monitor mode wifi (rare on Android) ${DIM}•${NC} hashcat — GPU acceleration (OpenCL) not available on Termux ${DIM}•${NC} arp-scan — raw socket ARP requires root ${G}Tip:${NC} If you have a rooted device, install ${BOLD}tsu${NC} for sudo-like access: ${DIM}pkg install tsu && tsu${NC} " # ============================================================================= # SUMMARY # ============================================================================= header "Summary" TOOLS=(nmap masscan nikto sqlmap hydra john hashcat gobuster ffuf nuclei subfinder httpx netcat socat tshark gdb radare2 binwalk exiftool steghide) for t in "${TOOLS[@]}"; do if command -v "$t" &>/dev/null; then success "$t" else warn "$t — not in PATH yet (reopen Termux)" fi done if [[ ${#FAILED[@]} -gt 0 ]]; then echo "" error "Failed installs:" for f in "${FAILED[@]}"; do echo -e " ${R}•${NC} $f" done echo "" warn "Re-run with --skip-update, or install individually:" warn " pkg install OR pip install " fi echo "" echo -e " ${G}${BOLD}Done.${NC} Reopen Termux or run: ${BOLD}source ~/.bashrc${NC}" echo -e " ${DIM}Wordlists: ~/wordlists/SecLists/${NC}" echo ""