0xprxdhx

0xprxdhx / rexa

Public

REXA - Interactive CLI penetration testing tool using Nmap, Nikto and Gobuster

github.com0xprxdhxrexa
10
3
100% credibility
Found Mar 27, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

rexa is an interactive command-line tool that guides users through a structured workflow for network reconnaissance, web vulnerability scanning, and directory enumeration, generating readable reports.

How It Works

1
πŸ” Discover rexa

You find this friendly guide for checking the security of websites and servers you own, right on a code-sharing site.

2
πŸ“₯ Bring it home

Download it to your computer and run a simple setup script that gets everything ready in minutes.

3
πŸš€ Launch the adventure

Open the tool, and it greets you with a cool banner and starts walking you through each part like a patient teacher.

4
🎯 Name your target

Type in the address of the site or server you're allowed to test, and feel confident it's all guided.

5
βš™οΈ Pick your preferences

Answer easy questions about how thorough to scan, speed, and what to focus on, no guessing needed.

6
πŸ”₯ Let it explore

Watch exciting progress as it uncovers open doors, weak spots, and hidden areas on your target.

πŸ“Š Treasure your findings

Get neat summary files and reports that make it simple to understand and share what was discovered.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is rexa?

Rexa is a Python-based interactive CLI penetration testing tool that chains Nmap for host and port discovery, Nikto for web vulnerability scans, and Gobuster for directory enumeration into a single guided workflow. It eliminates terminal juggling by prompting for scan profiles, speeds, ports, wordlists, and options, then spits out structured JSON, Markdown reports, and summaries in a results folder. Normal mode works anywhere; sudo unlocks SYN scans, OS detection, and traceroute for deeper recon.

Why is it gaining traction?

Unlike raw Nmap, Nikto, or Gobuster commands requiring flag memorization, Rexa offers Metasploit-style banners, beginner prompts, and root-aware fallbacks, delivering clean outputs without custom scripting. Preloaded wordlists from SecLists and Dirb, plus recursive Gobuster and status filtering, speed up web assessment. In a sea of rexago, rexal, rexalin, or rexaline-like tools, its focus on ethical hacking usability draws devs tired of fragmented CLI penetration testing.

Who should use this?

Junior ethical hackers ramping up recon skills, bug bounty hunters targeting web services for quick directory busting, or CTF players needing guided Nmap/Nikto/Gobuster runs with reports. Ideal for Linux users doing authorized pentests on single targets.

Verdict

With 10 stars and 1.0% credibility score, Rexa is immature but punches above its weight via polished docs and easy installβ€”try it for lightweight, interactive Python CLI testing if manual tools feel clunky. Pass if you need battle-tested scale.

(178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.