jok3r v3.0 BETA 2 releases: Network & Web Hacking Arsenal Manager

Jok3r – Network and Web Pentest Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.

Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challenging stuff.

To achieve that, it combines open-source Hacking tools to run various security checks against all common network services.

Main features

Toolbox management:

  • Install automatically all the hacking tools used by Jok3r,
  • Keep the toolbox up-to-date,
  • Easily add new tools.

Attack automation:

  • Target most common network services (including web),
  • Run security checks by chaining hacking tools, following the standard process (Reconnaissance, Vulnerability scanning, Exploitation, Account bruteforce, (Basic) Post-exploitation).
  • Let Jok3r automatically choose the checks to run according to the context and knowledge about the target,

Mission management / Local database:

  • Organize targets by missions in the local database,
  • Fully manage missions and targets (hosts/services) via interactive shell (like msfconsole db),
  • Access results from security checks.


v3.0 BETA 2 2019-07-09

  • Fix several bugs after testings
  • Add/fix/improve matchstrings
  • Add/fix/improve checks
  • Changes in a database structure to store more info related to hosts (OS, device type, vendor)
  • Update on HTML reporting templates (more user-friendly)



git clone
cd jok3r/
pip install -r requirements.txt


sudo docker pull koutto/jok3r
sudo docker run -i -t --name jok3r-container -w /root/jok3r koutto/jok3r

Supported Services & Security Checks (Updated on 20/10/2018)

Lots of checks remain to be implemented and services must be added !! Work in progress …


python -h



Copyright (C) 2018 koutto