c/pimp-my-termux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
pimp-my-termux/install-infosec.sh
Christian Nennemann e3438d2cc4 Initial commit: AI agents + infosec installer scripts for Termux 
Adds two standalone setup scripts:
- install-ai-agents.sh: Claude Code, Gemini CLI, GitHub Copilot CLI, Aider
- install-infosec.sh: categorized pentesting/infosec tools (recon, web, network,
  passwords, forensics, reversing, utils) with SecLists wordlist fetch
2026-02-22 20:21:38 +01:00

390 lines
13 KiB
Bash
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/usr/bin/env bash
# =============================================================================
# pimp-my-termux — Infosec / Pentesting Tools Installer
# For security researchers on Termux/Android
#
# Usage:
# bash install-infosec.sh
# bash install-infosec.sh --skip-update
# bash install-infosec.sh --category recon # install one category only
#
# Categories: recon | web | network | passwords | forensics | reversing | utils
# =============================================================================
# --- Colors ------------------------------------------------------------------
R='\033[0;31m' G='\033[0;32m' Y='\033[1;33m'
B='\033[0;34m' C='\033[0;36m' M='\033[0;35m'
BOLD='\033[1m' DIM='\033[2m' NC='\033[0m'
info() { echo -e "${C}[·]${NC} $*"; }
success() { echo -e "${G}[✓]${NC} $*"; }
warn() { echo -e "${Y}[!]${NC} $*"; }
error() { echo -e "${R}[✗]${NC} $*"; }
header() { echo -e "\n${BOLD}${B}━━━ $* ${NC}"; }
note() { echo -e " ${DIM}$*${NC}"; }
skip() { echo -e " ${DIM}[] $* (already installed)${NC}"; }
FAILED=()
SKIP_UPDATE=false
ONLY_CATEGORY=""
for arg in "$@"; do
[[ "$arg" == "--skip-update" ]] && SKIP_UPDATE=true
[[ "$arg" == "--category" ]] && shift && ONLY_CATEGORY="$1"
done
# --- Termux guard ------------------------------------------------------------
[[ -z "${PREFIX:-}" || ! -d "/data/data/com.termux" ]] && {
error "Must be run inside Termux on Android."; exit 1; }
# --- Banner ------------------------------------------------------------------
echo -e "${R}${BOLD}"
echo " ╔═════════════════════════════════════════════╗"
echo " ║ pimp-my-termux · Infosec Edition ║"
echo " ║ Recon · Web · Network · Pwn · Forensics ║"
echo " ╚═════════════════════════════════════════════╝"
echo -e "${NC}"
echo -e " ${DIM}For authorized security research and CTF use only.${NC}\n"
# --- Helpers -----------------------------------------------------------------
run_category() {
local cat="$1"
[[ -n "$ONLY_CATEGORY" && "$ONLY_CATEGORY" != "$cat" ]] && return
}
pkg_install() {
# Install a pkg package; skip gracefully if already present
local pkg="$1"
local label="${2:-$pkg}"
if pkg list-installed 2>/dev/null | grep -q "^${pkg}/"; then
skip "$label"
else
info "Installing $label"
if pkg install -y "$pkg" 2>/dev/null; then
success "$label"
else
error "$label — pkg install failed"
FAILED+=("$label")
fi
fi
}
pip_install() {
local pkg="$1"
local label="${2:-$pkg}"
info "pip: $label"
if python -m pip install --upgrade --quiet "$pkg"; then
success "$label"
else
error "$label — pip install failed"
FAILED+=("$label")
fi
}
go_install() {
local module="$1"
local binary="$2"
local label="${3:-$binary}"
if command -v "$binary" &>/dev/null; then
skip "$label"
return
fi
info "go install: $label"
if go install "$module" 2>/dev/null; then
success "$label"
else
error "$label — go install failed"
FAILED+=("$label")
fi
}
# --- Update ------------------------------------------------------------------
if ! $SKIP_UPDATE; then
header "Package Update"
pkg update -y && pkg upgrade -y
success "Packages up to date"
fi
# --- Base dependencies -------------------------------------------------------
header "Base Dependencies"
pkg_install python "Python 3"
pkg_install golang "Go (for Go-based tools)"
pkg_install git "git"
pkg_install curl "curl"
pkg_install wget "wget"
pkg_install openssl-tool "openssl"
pkg_install libssl "libssl"
python -m pip install --upgrade pip --quiet
success "pip up to date"
# =============================================================================
# CATEGORY 1 — RECONNAISSANCE
# =============================================================================
if run_category recon; then
header "Reconnaissance"
pkg_install nmap "nmap (port scanner)"
pkg_install whois "whois"
pkg_install dnsutils "dig / nslookup"
pkg_install traceroute "traceroute"
pkg_install mtr "mtr (traceroute + ping)"
pkg_install masscan "masscan (fast port scanner)"
# theHarvester — OSINT / email & subdomain harvester
pip_install theHarvester "theHarvester (OSINT harvester)"
# Shodan CLI
pip_install shodan "shodan-cli"
note "shodan init <YOUR_API_KEY> → https://account.shodan.io"
# subfinder — subdomain discovery (Go)
go_install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest \
subfinder "subfinder (subdomain enum)"
# httpx — fast HTTP prober (Go)
go_install github.com/projectdiscovery/httpx/cmd/httpx@latest \
httpx "httpx (HTTP prober)"
# dnsx — DNS toolkit (Go)
go_install github.com/projectdiscovery/dnsx/cmd/dnsx@latest \
dnsx "dnsx (DNS recon)"
# amass — in-depth attack surface mapper (Go)
go_install github.com/owasp-amass/amass/v4/...@master \
amass "amass (attack surface mapper)"
fi # recon
# =============================================================================
# CATEGORY 2 — WEB TESTING
# =============================================================================
if run_category web; then
header "Web Testing"
pkg_install nikto "nikto (web vuln scanner)"
pkg_install sqlmap "sqlmap (SQL injection)"
# httpie — user-friendly curl alternative
pip_install httpie "httpie (http client)"
# ffuf — web fuzzer (Go)
go_install github.com/ffuf/ffuf/v2@latest \
ffuf "ffuf (web fuzzer)"
# gobuster — dir/subdomain brute force (Go)
go_install github.com/OJ/gobuster/v3@latest \
gobuster "gobuster (dir/sub brute force)"
# nuclei — template-based vulnerability scanner (Go)
go_install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest \
nuclei "nuclei (vuln scanner)"
note "nuclei -update-templates ← run after install"
# wfuzz — web fuzzer (Python)
pip_install wfuzz "wfuzz (web fuzzer)"
# jwt-tool — JWT attack toolkit
pip_install jwt_tool "jwt-tool (JWT attacks)"
fi # web
# =============================================================================
# CATEGORY 3 — NETWORK
# =============================================================================
if run_category network; then
header "Network Tools"
pkg_install netcat-openbsd "netcat (nc)"
pkg_install ncat "ncat (nmap's netcat)"
pkg_install socat "socat (relay / reverse shells)"
pkg_install tcpdump "tcpdump"
pkg_install tshark "tshark (Wireshark CLI)"
pkg_install iproute2 "ip / ss commands"
pkg_install bind-utils "host / dig"
pkg_install openssh "ssh / scp / sftp"
# impacket — Windows/SMB protocol suite (Python)
pip_install impacket "impacket (SMB/AD tools)"
# scapy — packet crafting (Python)
pip_install scapy "scapy (packet crafting)"
warn "tcpdump / tshark require root for live capture on Android."
warn "Use them with pcap files (offline analysis) without root."
fi # network
# =============================================================================
# CATEGORY 4 — PASSWORDS & AUTH
# =============================================================================
if run_category passwords; then
header "Passwords & Authentication"
pkg_install hydra "hydra (network brute force)"
pkg_install john "john (John the Ripper)"
pkg_install hashcat "hashcat (GPU hash cracker)"
pkg_install medusa "medusa (parallel brute force)"
# CrackMapExec / netexec (Python)
pip_install netexec "netexec / CrackMapExec"
warn "hashcat GPU mode is limited on Android; CPU mode (-D 1) works fine."
note "Common wordlists can be fetched with:"
note " wget https://github.com/danielmiessler/SecLists/raw/master/Passwords/Common-Credentials/10-million-password-list-top-1000.txt"
fi # passwords
# =============================================================================
# CATEGORY 5 — FORENSICS
# =============================================================================
if run_category forensics; then
header "Forensics"
pkg_install binwalk "binwalk (firmware analysis)"
pkg_install exiftool "exiftool (metadata)"
pkg_install steghide "steghide (steganography)"
pkg_install foremost "foremost (file carving)"
pkg_install sleuthkit "sleuthkit / fls / fsstat"
pkg_install hexedit "hexedit"
pkg_install xxd "xxd (hex dump)"
# volatility3 — memory forensics (Python)
pip_install volatility3 "volatility3 (memory forensics)"
# oletools — Office/OLE malware analysis (Python)
pip_install oletools "oletools (Office/OLE analysis)"
# pdfminer — PDF analysis
pip_install pdfminer.six "pdfminer (PDF parser)"
# python-magic — file type detection
pip_install python-magic "python-magic (file ID)"
fi # forensics
# =============================================================================
# CATEGORY 6 — REVERSING & EXPLOITATION
# =============================================================================
if run_category reversing; then
header "Reversing & Exploitation"
pkg_install gdb "gdb (debugger)"
pkg_install radare2 "radare2 (r2 framework)"
pkg_install ltrace "ltrace (library call tracer)"
pkg_install strace "strace (syscall tracer)"
pkg_install nasm "nasm (assembler)"
pkg_install binutils "binutils (objdump, nm, strings…)"
# pwntools — CTF/exploit dev (Python)
pip_install pwntools "pwntools (exploit dev)"
# ROPgadget
pip_install ROPgadget "ROPgadget (ROP chain builder)"
# angr — binary analysis framework (heavy)
pip_install angr "angr (binary analysis)"
note "angr is large (~500 MB). Skip if disk space is limited."
fi # reversing
# =============================================================================
# CATEGORY 7 — UTILITIES
# =============================================================================
if run_category utils; then
header "General Utilities"
pkg_install jq "jq (JSON processor)"
pkg_install tmux "tmux (terminal multiplexer)"
pkg_install vim "vim"
pkg_install zsh "zsh"
pkg_install fzf "fzf (fuzzy finder)"
pkg_install bat "bat (cat with syntax highlighting)"
pkg_install lsd "lsd (ls with icons)"
pkg_install ripgrep "ripgrep (fast grep)"
pkg_install fd "fd (fast find)"
pkg_install tree "tree"
pkg_install zip "zip / unzip"
pkg_install p7zip "7zip"
pkg_install termux-api "termux-api (Android integration)"
# CyberChef CLI alternative — python cyberchef
pip_install pycipher "pycipher (classical ciphers)"
pip_install pycryptodome "pycryptodome (crypto library)"
fi # utils
# =============================================================================
# WORDLISTS
# =============================================================================
header "Wordlists"
WORDLISTS_DIR="$HOME/wordlists"
mkdir -p "$WORDLISTS_DIR"
info "Cloning SecLists (this may take a while — ~1.3 GB)…"
if [[ -d "$WORDLISTS_DIR/SecLists/.git" ]]; then
skip "SecLists (already cloned)"
else
if git clone --depth 1 https://github.com/danielmiessler/SecLists.git \
"$WORDLISTS_DIR/SecLists"; then
success "SecLists → $WORDLISTS_DIR/SecLists"
else
warn "SecLists clone failed (network issue or low storage)"
FAILED+=("SecLists")
fi
fi
note "For a smaller download use --depth 1 and only the subdirs you need."
note "rockyou.txt is inside SecLists/Passwords/Leaked-Databases/"
# =============================================================================
# ROOT-LIMITED TOOLS NOTE
# =============================================================================
header "Root-Limited Tools"
echo -e " The following tools ${Y}work better (or only) with root${NC}:
${DIM}${NC} tcpdump / tshark — live packet capture needs CAP_NET_RAW
${DIM}${NC} aircrack-ng — needs monitor mode wifi (rare on Android)
${DIM}${NC} hashcat — GPU acceleration (OpenCL) not available on Termux
${DIM}${NC} arp-scan — raw socket ARP requires root
${G}Tip:${NC} If you have a rooted device, install ${BOLD}tsu${NC} for sudo-like access:
${DIM}pkg install tsu && tsu${NC}
"
# =============================================================================
# SUMMARY
# =============================================================================
header "Summary"
TOOLS=(nmap masscan nikto sqlmap hydra john hashcat
gobuster ffuf nuclei subfinder httpx
netcat socat tshark gdb radare2
binwalk exiftool steghide)
for t in "${TOOLS[@]}"; do
if command -v "$t" &>/dev/null; then
success "$t"
else
warn "$t — not in PATH yet (reopen Termux)"
fi
done
if [[ ${#FAILED[@]} -gt 0 ]]; then
echo ""
error "Failed installs:"
for f in "${FAILED[@]}"; do
echo -e " ${R}${NC} $f"
done
echo ""
warn "Re-run with --skip-update, or install individually:"
warn " pkg install <tool> OR pip install <tool>"
fi
echo ""
echo -e " ${G}${BOLD}Done.${NC} Reopen Termux or run: ${BOLD}source ~/.bashrc${NC}"
echo -e " ${DIM}Wordlists: ~/wordlists/SecLists/${NC}"
echo ""
Reference in New Issue View Git Blame Copy Permalink