Getting Started

p0ckit is a Bash-based framework that helps you manage and run security modules/scripts. It comes with some core modules but you're free to add and modify as you want. This guide will walk you through installation and basic usage.

⚠️ Note: If you're serious about cybersecurity on Windows, consider using a Linux VM or Docker. For the best experience, run p0ckit natively on Linux.

Installation

Prerequisites

  • Git installed (for cloning the repository)
  • Bash shell
  • Linux/Unix environment (or Docker on Windows)

Linux Installation

bash
$ git clone https://github.com/p0ckit/p0ckit.git
$ cd p0ckit
$ bash p0ckit.sh

Windows (Docker)

Install Docker Desktop, then:

bash
$ docker build -t p0ckit .
$ docker run -i -t p0ckit

The Docker image includes Debian with: bash, git, python3, nmap, npm, curl, and jq.

Windows Alternative

If you have a .zip file or didn't use git clone, you can extract and run directly. However, you won't have the .git folder, which means you won't be able to use the built-in update commands.

Basic Usage

Once p0ckit is running, you'll see the framework prompt:

1. View Help

bash
fw()# help
fw()# help a/-a # Advanced help menu

2. Load a Module

bash
fw()# use core/ntscan
fw(core/ntscan)#

3. View Module Info & Options

bash
fw(core/ntscan)# show info
#str_info
# This is a script that runs nmap -sV with the given ip and port
#end_info

fw(core/ntscan)# show options
#str_op
# rhost (required)
# port (optional)
#end_op

4. Set Options

bash
fw(core/ntscan)# set rhost 192.168.1.1
Set: rhost => 192.168.1.1
fw(core/ntscan)# set port 80
Set: port => 80

5. Run the Module

bash
fw(core/ntscan)# run
Starting Nmap 7.98 ( https://nmap.org ) at 2026-04-04 22:02
Nmap scan report for 192.168.1.1
Host is up (0.0012s latency).

PORT STATE SERVICE
80/tcp open http
...

Common Examples

Available Modules

Core Modules

ntscan

A Bash wrapper for nmap. Takes an IP/hostname and optionally a port, then runs nmap -sV.

Options: rhost (required), port (optional)

wifi_attack

A comprehensive wrapper for the aircrack-ng suite. Chains reconnaissance, handshake capture, and cracking in one module.

Options: interface (required), attack_type (required), plus specific arguments based on attack type

web_fuzzer

A Python-based web fuzzer for scanning URLs and endpoints. Supports:

  • Single or multiple URL scanning
  • Endpoint fuzzing
  • Status code filtering
  • Configurable worker threads

sub_enum

Subdomain enumeration tool written in Python. Similar to web_fuzzer but for discovering subdomains.

  • Single or multiple domain scanning
  • Output filtering
  • Configurable worker threads

sok_scan

Port scanner built in Python3 using only built-in modules (no external dependencies needed).

  • CIDR range support (e.g., 192.168.1.0/24)
  • Normal range support (e.g., 192.168.1.1-192.168.1.123)
  • Individual IP scanning

Creating Custom Modules

You can create your own modules in any language! Each module needs three key components:

1. Options Definition

Format
#str_op
# option1
# option2
# etc
#end_op

2. Module Description

Format
#str_info
# Description line 1
# Description line 2
# etc
#end_info

3. Execution Model

Choose one based on your language's requirements:

For languages that run first, then receive variables
#t first
For languages that need variables set before execution
#t last

Example Module

You can write modules in Bash, Python, Go, or any language you prefer. Place them in the modules directory and use them with use module-name.

Updating & Maintenance

Linux Update

Update p0ckit using the built-in command:

bash
fw()# update

Or manually with git:

bash
$ git pull origin main

Windows (Docker) Update

Run the update.bat file (which will ask if you want to rebuild the Docker container).

Note: Don't use update/fix commands inside Docker since changes aren't persistent.

Contributing Modules

p0ckit welcomes community contributions! You can:

  • Create new modules in any language
  • Improve existing modules
  • Report bugs and issues
  • Submit pull requests on GitHub

Disclaimer

⚠️ Legal Notice: This tool is made for educational and ethical hacking purposes only. The creators are not liable for misuse by end users. Always ensure you have permission before conducting security assessments on any system

For detailed API documentation, see the GitHub repository.

Contributing

p0ckit is open source and welcomes contributions from the security community!

How to Contribute

  • Fork the repository on GitHub
  • Create a feature branch for your changes
  • Make your improvements
  • Submit a pull request with a clear description

All contributions are welcome. Check the GitHub repository for current issues and feature requests.