🎯 Modern pentest command launcher written in Go!
Inspired by arsenal, rewritten from scratch with a focus on simplicity, speed and developer experience.
go install -v github.com/halilkirazkaya/arsenal-ng/cmd/arsenal-ng@latestRequires Go 1.24.0 Ensure
$(go env GOPATH)/binis in your$PATH.
git clone https://github.com/halilkirazkaya/arsenal-ng.git
cd arsenal-ng
make build
./bin/arsenal-ngYou can create an alias for quick access (e.g., a):
Zsh:
echo "alias a='arsenal-ng'" >> ~/.zshrc
source ~/.zshrcBash:
echo "alias a='arsenal-ng'" >> ~/.bashrc
source ~/.bashrc| Platform | Status | Notes |
|---|---|---|
| Linux | ✅ Fully Supported | Requires kernel 6.2+ configuration for terminal prefill (see Troubleshooting) |
| macOS | ✅ Fully Supported | Works out of the box, no additional configuration needed |
| Windows | Native (CMD/PowerShell) is unsupported. Use via WSL. |
| Feature | Description |
|---|---|
| ⚡ Instant Startup | Single binary, no dependencies, launches in milliseconds |
| 🔍 Smart Search | Multi-word fuzzy search across tool names, titles, tags, descriptions, and commands |
| 🎨 Syntax Highlighting | Commands are color-coded with syntax highlighting for better readability |
| 🏷️ Colored Tags | Each tag has a consistent, distinct color based on hash for quick visual identification |
| 📝 Simple YAML Format | Easy to maintain and extend cheatsheets |
| 🔧 Argument System | Support for {{arg}} and {{arg|default}} placeholders with auto-completion |
| 🌐 Global Variables | Set once, use everywhere - variables auto-fill in all commands |
| 📊 Tools View | Browse all available tools with command counts in a paginated table |
| 💡 Command Hints | Interactive hints for special commands (set, unset, variables, tools) |
| ❓ Built-in Help | Press ? for comprehensive help screen with all shortcuts |
| 🖥️ Terminal Integration | Commands are written to terminal input buffer for easy editing before execution |
# Launch the application
arsenal-ng
# The TUI will open with all available commands
# Use arrow keys to navigate, type to search, Enter to selectThe selected command will appear in your terminal input buffer, ready to edit and execute.
- Search for a command: Type keywords (e.g.,
nmap scan,ffuf) - Navigate results: Use arrow keys to browse matching commands
- Select command: Press Enter on the desired command
- Fill arguments: If the command has
{{placeholders}}, fill them in - Execute: Press Enter to write the command to your terminal
# 1. Launch arsenal-ng
arsenal-ng
# 2. Set global variables (type in search box)
set target=10.10.10.10
# 3. Search for nmap commands
nmap
# 4. Select "nmap - syn stealth scan"
# The {{target}} placeholder is auto-filled with 10.10.10.10!
# 5. Command appears in terminal:
nmap -sS 10.10.10.10
# 6. Edit if needed, then press Enter to execute| Key | Action |
|---|---|
↑ / ↓ |
Navigate up/down in the list |
Ctrl+P / Ctrl+N |
Navigate list (vim-style) |
PgUp / PgDown |
Jump one page up/down |
Enter |
Select highlighted command or execute special command |
Esc / Ctrl+C |
Exit application |
? |
Show help screen |
q |
Quit (in some views) |
| Key | Action |
|---|---|
Tab / ↓ |
Move to next argument field |
Shift+Tab / ↑ |
Move to previous argument field |
Enter |
Execute command with filled arguments |
Esc |
Go back to search view |
| Key | Action |
|---|---|
↑ / ↓ |
Navigate table rows |
← / → or h / l |
Change page (previous/next) |
Enter / Esc |
Go back to search view |
| Key | Action |
|---|---|
Enter / Esc |
Go back to search view |
Set variables once and reuse them across all commands in your session. Variables automatically pre-fill argument fields in commands.
| Command | Description |
|---|---|
set key=value |
Set a global variable (e.g., set ip=10.10.10.10) |
unset key |
Remove a global variable |
variables |
List all currently set variables |
tools |
Show all available tools with command counts |
help |
Display comprehensive help screen |
- Type
set ip=10.10.10.10and press Enter - Select any command with
{{ip}}placeholder - The
ipfield will be pre-filled automatically with10.10.10.10 - You can still edit the pre-filled value if needed
- Variables persist throughout your session until you exit or unset them
# Set common variables at the start of your session
set ip=10.10.10.10
set domain=corp.local
set user=administrator
# Now select any command - arguments will auto-fill!
# Before: nmap -sV {{ip}}
# After: nmap -sV 10.10.10.10 (auto-filled!)
# View all variables
variables
# Remove a variable when done
unset ip| Variable | Description |
|---|---|
ip |
Target IP address |
domain |
Target domain |
user |
Username |
pass |
Password |
hash |
NTLM hash |
url |
Target URL |
port |
Port number |
lhost |
Local host (your IP) |
lport |
Local port |
wordlist |
Wordlist path |
output |
Output file name |
Add your own commands by creating YAML files in internal/loader/cheat-files/:
tool: mytool
tags: [recon, web, custom]
actions:
- title: mytool - basic scan
desc: Performs a basic scan against the target
command: "mytool scan {{target}}"
- title: mytool - scan with multiple arguments
desc: Advanced scan with IP, port, and output file
command: "mytool scan -t {{ip}} -p {{port|443}} -o {{output|scan.log}}"| Syntax | Description | Example |
|---|---|---|
{{arg}} |
Required argument (user must fill) | {{ip}} |
{{arg|default}} |
Argument with default value (can be edited) | {{port|8080}} |
- tool: Tool name (e.g.,
nmap,ffuf,gobuster) - tags: Array of tags for categorization (e.g.,
[recon, scan, network]) - actions: List of command entries
- title: Display name shown in the list
- desc: Optional description (shown in info box)
- command: Command template with
{{placeholders}}
- Use descriptive titles that make it easy to find commands
- Add relevant tags for better searchability
- Use default values for commonly used options
- Global variables will auto-fill matching argument names
- Go 1.24.0 or higher
- Make (optional, for using Makefile)
git clone https://github.com/halilkirazkaya/arsenal-ng.git
cd arsenal-ng
make build
# Binary will be in ./bin/arsenal-ngOr build directly with Go:
go build -o bin/arsenal-ng ./cmd/arsenal-ng- Create a new YAML file in
internal/loader/cheat-files/ - Follow the format above (see Cheat File Format)
- Rebuild:
make build
After making changes, rebuild and test:
make build
./bin/arsenal-ng- Follow Go code style conventions
- Keep YAML files organized and well-documented
- Add descriptive titles and tags to commands
- Test your changes before submitting PRs
The TIOCSTI ioctl is disabled by default in newer Linux kernels for security reasons. Enable it:
# Temporary (current session only)
sudo sysctl -w dev.tty.legacy_tiocsti=1
# Permanent (survives reboot)
echo "dev.tty.legacy_tiocsti=1" | sudo tee /etc/sysctl.d/99-tiocsti.conf
sudo sysctl --systemThis project is open source and contributions are welcome!
- 🔧 Add a tool: Create a YAML file in
internal/loader/cheat-files/and submit a PR - 🐛 Report bugs: Open an issue with details about the problem
- 💡 Suggest features: Share your ideas for improvements
- 📝 Improve documentation: Help make the README and code comments better
- ⭐ Star the project: Show your support!
The easiest way to contribute is by adding new cheat sheet YAML files:
- Fork the repository
- Add your YAML file(s) to
internal/loader/cheat-files/ - Follow the existing format and style
- Test your changes locally
- Submit a pull request
See Cheat File Format for details.
Made with ❤️ and Bubble Tea