BadHand
Modular pentest framework//30+ tools//One CLI
A no-bloat penetration testing framework written in pure Python. Drop in a module, call it from the menu, get results. Built because every existing toolchain made me install three GBs of dependencies to scan one port.
/overview
BadHand is a single-entry CLI that loads pentest modules on demand. No GUI, no telemetry, no dependency hell — just Python, a clean menu, and 30 tools that do exactly what they say.
Most pentest distros bundle hundreds of utilities you'll never use. BadHand inverts that: start with a small core, then bring in only the modules you need for the engagement. Each module is a single file with a documented entry point, so dropping in a new technique takes minutes, not hours.
It exists because I was tired of switching between five different CLIs to chain a recon → exploit → post workflow. BadHand keeps the workflow inside one terminal session and one logfile. If a module misbehaves, you read the source — it's never more than 200 lines.
/features
- TCP / UDP port scanning with banner grab
- Subdomain enumeration (passive + bruteforce)
- XSS payload fuzzer with reflection detection
- SQL injection probe (boolean + time-based)
- SSH credential bruteforce with rate-limit handling
- FTP credential bruteforce + anonymous check
- HTTP directory and file fuzzing
- Wi-Fi deauth attacks (monitor mode required)
- DNS zone-transfer + record harvesting
- WHOIS / RDAP lookup with caching
- Hash identification + offline cracker hand-off
- Live session logging with timestamped artifacts
/stack
/install
# clone, install deps, run $ git clone https://github.com/BitJacker/BadHand.git $ cd BadHand $ pip install -r requirements.txt $ python3 badhand.py
# launch a single module directly $ python3 badhand.py --module portscan --target 10.0.0.0/24 $ python3 badhand.py --module sqli --url "https://target.tld/?id=1" $ python3 badhand.py --module subenum --domain target.tld --wordlist big.txt