Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.

The goal is to save as much time as possible during network/web pentests by automating as many security tests as possible in order to quickly identify low-hanging fruits vulnerabilities, and then spend more time on more interesting and tricky stuff !

It is based upon the observation that there are many hacking open-source tools/scripts (from various sources) targeting common network services available out there, that allow to perform various tasks from fingerprinting to exploitation. Therefore, the idea of Jok3r is to combine those open-source tools in a smart way to get the more relevant results.


Pentest Toolbox management

  • Selection of Tools: Compilation of 50+ open-source tools & scripts, from various sources.
  • Docker-based: Application packaged in a Docker image running Kali OS, available on Docker Hub.
  • Ready-to-use: All tools and dependencies installed, just pull the Docker image and run a fresh container.
  • Updates made easy: Easily keep the whole toolbox up-to-date by running only one command.
  • Easy Customization: Easily add/remove tools from a simple configuration file.


IMPORTANT: The recommended way to use Jok3r is by pulling the Docker Image so you will not have to worry about dependencies issues and installing the various hacking tools of the toolbox. Everything is tested from the Docker container available on Docker Hub!

A Docker image is available on Docker Hub and automatically re-built at each update: It is initially based on official Kali Linux Docker image (kalilinux/kali-linux-docker).

Pull Jok3r Docker Image:

sudo docker pull koutto/jok3r

Run fresh Docker container:

sudo docker run -i -t --name jok3r-container -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g --net=host koutto/jok3r


  • -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix is required in order to be able to start GUI applicationfrom the Docker container (e.g. open web browser to read reports). It requires running xhost +local:root on the host.
  • --shm-size 2g is used to increase the size of the shared memory, it is required to avoid crashs of web browser when reading reports from the Docker container.
  • --net=host is required to share host’s interface. It is needed for reverse connections (e.g. Ping to container when testing for RCE, Getting a reverse shell)

To re-run a stopped container:

sudo docker start -i jok3r-container

To open multiple shells inside the container:

sudo docker exec -it jok3r-container bash


In order to update, just pull the latest Docker Image from Docker Hub and run a fresh container from this new image:

sudo docker pull koutto/jok3r
sudo docker run -i -t --name jok3r-container-updated -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g --net=host koutto/jok3r

Note: Of course, you can retrieve your local database local.db (with your saved missions, targets…) from an old container by using the command sudo docker cp.

Quick usage examples


Main page: