Nina-Run is a professional and modular penetration testing (pentest) tool developed in Python. Designed to facilitate security testing and infrastructure reconnaissance, it offers an interactive interface inspired by Metasploit with a complete set of modules for analyzing and testing networks and web applications.
Get up and running in 5 minutes:
# Clone the repository
git clone https://github.com/davimoreira0/Nina-Run.git
cd nina-run
# Create and activate virtual environment
python3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install Python dependencies
pip install --upgrade pip
pip install colorama
# Install system tools (Linux/Ubuntu/Debian)
chmod +x install.sh
sudo ./install.sh
# Run Nina-Run
python3 setup.pyโ Done! The interactive interface will start.
Before installing Nina-Run, ensure your system meets the following requirements:
- Operating System: Linux (Ubuntu, Debian, or similar distributions)
- Python: Version 3.7 or higher
- Security Tools: Required tools will be installed automatically (nmap, dirb, whois, etc.)
- Administrator Privileges: Required to install system dependencies
Verify your Python version:
python3 --versiongit clone https://github.com/davimoreira0/nina-run.git
cd nina-runpython3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activatepip install --upgrade pip
pip install coloramachmod +x install.sh
sudo ./install.shNote: The script will ask for your administrator password to install the necessary security tools.
python3 setup.pyReady! The interactive interface of Nina-Run will be initialized.
Nina-Run's interface works similarly to Metasploit. Here are the basic commands:
| Command | Description |
|---|---|
modules |
List all available modules |
use <module> |
Load a specific module |
show options |
Display options of the active module |
set <param> <value> |
Configure a parameter |
run |
Execute the module with configured settings |
back |
Return to main menu |
help |
Display help |
exit |
Exit the tool |
# 1. List available modules
modules
# 2. Select a module
use nmap
# 3. View module options
show options
# 4. Configure required parameters
set rhost 192.168.1.1
# 5. Execute the module
run
# 6. Return to main menu
back| Module | Tool | Description |
|---|---|---|
nmap |
nmap | Port and service scanning |
dirb |
dirb | Web directory discovery |
whois |
whois | Domain information |
whatweb |
whatweb | Technology identification |
host |
host | DNS resolution |
traceroute |
traceroute | Route tracing |
medusa |
medusa | SSH brute force attack |
hping3 |
hping3 | Packet crafting |
lbd |
lbd | Load balancer detection |
skipfish |
skipfish | Web scanner |
sslscan |
sslscan | SSL/TLS analysis |
sqlinjection |
sqlmap | SQL Injection testing |
sublist3r |
sublist3r | Subdomain enumeration |
theharvester |
theHarvester | Email harvesting |
nikto |
nikto | Web vulnerability scanner |
cewl |
cewl | Wordlist generator |
ssh |
ssh | SSH connection |
metagoofil |
metagoofil | Metadata extraction |
netdiscover |
netdiscover | Host discovery |
use nmap
set rhost 192.168.1.100
runThis example performs a complete port and service scan on the target.
use dirb
set url http://target.com
runDiscovers hidden directories and files on the web server.
use medusa
set host 192.168.1.50
set username admin
set wordlist /usr/share/wordlists/rockyou.txt
runAttempts SSH authentication with different passwords from the wordlist.
use nikto
set url http://target.com
runPerforms common vulnerability scanning on web applications.
- Lines of Code: ~3000+ (in development)
- Implemented Modules: 19
- Main Classes: 19 (NmapModule, DirbModule, WhoisModule, WhatwebModule, HostModule, TracerouteModule, MedusaModule, Hping3Module, LbdModule, SkipfishModule, SslscanModule, SqlinjectionModule, Sublist3rModule, TheharvesterModule, NiktoModule, CewlModule, SshModule, MetagoofilModule, NetdiscoverModule)
- Interface Functions: 20+
- External Tools: 18+ tools
- Python Dependencies: 1 (colorama)
Nina-Run is an educational tool intended ONLY for authorized security testing. Use on systems without explicit authorization is ILLEGAL.
- โ Use ONLY on systems you own or have explicit permission to test
- โ Obtain written authorization before any security testing
- โ Respect local laws and data protection regulations
- โ Document all security findings responsibly
- โ Report vulnerabilities through appropriate channels
- โ Do not use on unauthorized systems
- โ Do not access third-party data
- โ Do not execute destructive attacks
- โ Do not publish exploits without responsible disclosure
- โ Do not violate data protection or privacy laws
The authors of Nina-Run ARE NOT RESPONSIBLE for:
- Damage caused by misuse of the tool
- Legal violations resulting from its use
- Data loss or affected systems
- Any malicious activity
Use at your own risk. You are responsible for your actions.
Davi Moreira - @davimoreira0
Email: moreiradavi336@gmail.com
This project is licensed under the MIT License.
Thank you for using Nina-Run! For questions, suggestions, or bug reports, please contact us via GitHub Issues.
Happy Hacking! ๐๐ก๏ธ
