EAGLE: GUI-Based Penetration Testing Tool for Scanning and Enumeration

Penetration testing is a security exercise that is carried out by penetration testers to identify and exploit vulnerabilities in a system. Many penetration testing tools are available in Command Line Interface (CLI) and this requires familiarization of commands. Beginner penetration testers might struggle to understand and choose the most suitable tools. This paper presents a Graphical User Interface (GUI)-Based Penetration Testing Tool for Scanning and Enumeration named as EAGLE. It is developed to assist beginner penetration testers. EAGLE integrates features from several scanning and enumeration tools such as Nmap, Gobuster, Hydra, Nikto, Enum4Linux and Whatweb. The tool's functions include port scanning, web server enumeration, website screenshot, service brute force and service enumeration. Users or beginner penetration testers are only required to provide an IP Address of the target system as the input. This eliminates the familiarization of extensive commands used in multiple tools. The tool displays the results in a convenient manner with a filtering feature so that it is easier to read and understand the scan results. The novelty of this work is done by comparing the output / results obtained using the CLI-based tools separately with the integrated results produced using EAGLE.