# Executioner

> Open-source, self-hosted pentesting workflow automation platform.

Executioner lets security teams build visual scan pipelines using a drag-and-drop canvas, execute them inside a Kali Linux container, and stream output live to the browser. It is designed to replace manual, script-based recon workflows with a reproducible, visual alternative.

## How it works

1. Design a workflow on the React Flow canvas by dropping tool nodes and wiring their outputs together.
2. Hit run — the backend queues a Celery task on Redis.
3. The Kali Linux worker loads the graph, topologically sorts nodes, and executes each tool in order.
4. Per-node stdout/stderr streams in real time over WebSocket to the browser.
5. Parsed output is stored per-node and available to downstream nodes automatically.

## Built-in nodes

- nmap — port and service discovery
- amass — subdomain enumeration
- gobuster — directory and DNS brute-force
- nuclei — vulnerability scanning
- ffuf — web fuzzing
- httpx — HTTP probing
- shodan — OSINT via API
- censys — internet-wide scan data

Custom nodes take ~10 lines: subclass BaseToolNode, implement build_command(), add @register_node.

## Features

- Visual workflow builder (React Flow canvas)
- Kali Linux Celery workers with all tools pre-installed
- Real-time output streaming via Redis pub/sub → WebSocket
- Event-driven triggers: cron schedules and on-target-creation
- IF, LOOP, and STOP control-flow nodes
- Test mode: step through workflows node by node
- Target data store: ports, subdomains, technologies, findings persisted per target

## Install

/bin/bash -c "$(curl -fsSL executioner.sh/install)"

Requires Docker. Starts 6 containers: FastAPI backend, Celery workers on Kali, Redis, PostgreSQL, and the React frontend on localhost:5173.

## Links

- Website: https://executioner.sh
- GitHub: https://github.com/dbx0/executioner
- Install script: https://executioner.sh/install