afsh4ck/WSTG-Scan — reverse-engineered prompt

Build me a Python command line security testing tool based on the OWASP Web Security Testing Guide. I want it to feel interactive, with a simple menu where I enter a target website, optional login details, and then choose scans like recon, crawling, source code checks, port scanning, directory fuzzing, subdomain fuzzing, WordPress checks, API checks, and injection tests.

It should reuse the session after login, handle cookies and CSRF fields, crawl pages and forms, look for exposed secrets in HTML and JavaScript, run common tools like Nmap, Nuclei, ffuf, WPScan, Hydra, and fallback to built in methods when possible. Please include safety warnings so it’s clear this is only for sites I’m allowed to test.

At the end, generate clean reports in TXT, JSON, Markdown, and HTML, with findings grouped by severity and type. Make it practical for Kali Linux, easy to run with requirements installed, and include a reports folder for saved results.