Pentester Dashboard is a web dashboard for managing penetration testing projects in a structured format. It connects assets, ports, endpoints, features, and vulnerabilities while keeping evidence, remediation guidance, and reference links in one place. This makes project progress easier to understand and allows work to be transferred between teams through the project migration workflow.
git clone https://github.com/eZer-Net/pentester-dashboard.git
cd pentester-dashboard
docker compose -f infra/docker-compose.yml up -d --buildMain URLs:
- application:
http://localhost:5050; - Swagger:
http://localhost:5050/api/docs.
The published host port may differ depending on your local
./infra/docker-compose.ymlconfiguration. If the application is not available athttp://localhost:5050, check the port mapping and use the value configured in your environment.
The workflow follows the usual penetration testing sequence:
→ reconnaissance and collection of company assets
→ technology stack identification
→ decomposition of the testing scope into features
→ endpoint collection from application functionality and other sources
→ vulnerability registration
→ worklog and checklist maintenance
The quality of a penetration test depends directly on how its documentation is maintained. Without a clear structure, test coverage suffers. When I realized that I was missing vulnerabilities because of fragmented notes, I discussed the problem with colleagues, and they confirmed that they faced the same issue. This is how the project began.
Before Pentester Dashboard, I started with short notes in TXT files and later tried to reorganize them into Markdown for easier reading. As the notes grew, I split them into separate topics, the structure kept changing, and eventually there was no single format or clear visual understanding of what had already been tested and what remained.
Pentester Dashboard addresses this problem by combining targets, relationships, evidence, statuses, priorities, and an activity history in one workspace.
Documentation is available in two languages and covers functionality, architecture, API, and data migration:
The project is designed as a maintainable service rather than a standalone script with a UI. It uses a microservice architecture, separate database roles for services, Swagger/OpenAPI documentation, and a Gateway. The documentation is divided into focused sections to make the project easier to understand, maintain, and extend.
Contributions that add documentation in other languages are welcome when they help more people maintain and use the project comfortably.
preview.webm
The project was created with support from the Digital Shield community — https://digital-shield.tech
P.S. If the project is useful to you, we would greatly appreciate a GitHub star :)
