Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/gwen001/pentest-tools

A collection of custom security tools for quick needs.
https://github.com/gwen001/pentest-tools

audit bash bugbounty bugbountytips enumeration hacking nmap pentesting php python recon sectools security security-tools

Last synced: 3 months ago
JSON representation

A collection of custom security tools for quick needs.

Host: GitHub
URL: https://github.com/gwen001/pentest-tools
Owner: gwen001
Created: 2015-11-02T09:04:53.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2023-05-01T20:40:26.000Z (about 1 year ago)
Last Synced: 2024-01-21T02:45:50.756Z (5 months ago)
Topics: audit, bash, bugbounty, bugbountytips, enumeration, hacking, nmap, pentesting, php, python, recon, sectools, security, security-tools
Language: Python
Homepage:
Size: 3.72 MB
Stars: 2,992
Watchers: 108
Forks: 793
Open Issues: 2
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml

Lists

awesome-csirt - pentest-tools
awesome-security-collection - **685**星
awesome-csirt - pentest-tools
WebHackersWeapons - pentest-tools - tools?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| (Weapons / Tools)
awesome-cyber-security - **685**星
awesome-from-stars - gwen001/pentest-tools
awesome-cyber-security - **414**星
awesome-hacking-lists - gwen001/pentest-tools - A collection of custom security tools for quick needs. (Python)
my-awesome-list - pentest-tools - Custom pentesting tools (Security / Web)
awesome-hacking-lists - pentest-tools - Custom pentesting tools (Python (1887))
awesome-hacking-lists - pentest-tools - Custom pentesting tools (Python)
awesome-stars - gwen001/pentest-tools - `★3069` A collection of custom security tools for quick needs. (Python)
awesome-stars - gwen001/pentest-tools - `★3069` A collection of custom security tools for quick needs. (Python)

README

pentest-tools

A collection of custom security tools for quick needs.

---

## Important note

‼ A big clean occured in 2022-11 ‼

Some useless/not working scripts have been archived and some others have been moved to their own repository to get more visibility, feel free to check them:
- [apk-analyzer](https://github.com/gwen001/apk-analyzer)
- [cloudflare-origin-ip](https://github.com/gwen001/cloudflare-origin-ip)
- [csp-analyzer](https://github.com/gwen001/csp-analyzer)
- [detectify-cves](https://github.com/gwen001/detectify-cves)
- [extract-endpoints](https://github.com/gwen001/extract-endpoints)
- [favicon-hashtrick](https://github.com/gwen001/favicon-hashtrick)
- [google-search](https://github.com/gwen001/google-search)
- [graphql-introspection-analyzer](https://github.com/gwen001/graphql-introspection-analyzer)
- [keyhacks.sh](https://github.com/gwen001/keyhacks.sh)
- [related-domains](https://github.com/gwen001/related-domains)

---

## Install

```
git clone https://github.com/gwen001/pentest-tools
cd pentest-tools
pip3 install -r requirements.txt
```

---

## arpa.sh
Converts IP address in `arpa` format to classical format.

## bbhost.sh
Performs `host` command on a given hosts list using `parallel` to make it fast.

## codeshare.php
Performs a string search on [codeshare.io](https://codeshare.io/).

## cors.py
Test CORS issue on a given list of hosts.

## crlf.py
Test CRLF issue on a given list of hosts.

## crtsh.php
Grabs subdomains of a given domain from [crt.sh](https://crt.sh).

## detect-vnc-rdp.sh
Tests if ports `3389` and `5900` are open on a given IP range using `netcat`.

## dnsenum-brute.sh
Performs brute force through wordlist to find subdomains.

## dnsenum-bruten.sh
Performs brute force through numeric variation to find subdomains.

## dnsenum-reverse.sh
Apply reverse DNS method on a given IP range to find subdomains.

## dnsenum-reverserange.sh
Same thing but IP ranges are read from an input file.

## dnsenum-zonetransfer.sh
Tests Zone Transfer of a given domain.

## dnsreq-alltypes.sh
Performs all types of DNS requests for a given (sub)domain.

## extract-domains.py
Extracts domain of a given URL or a list of URLs.

## extract_links.php
Extracts links from a given HTML file.

## filterurls.py
Classifies and displays URLs by vulnerability types.

## flash-regexp.sh
Performs regexps listed in `flash-regexp.txt` for Flash apps testing purpose.

## gdorks.php
Generates Google dorks for a given domain (searches are not performed).

## hashall.php
Uses about 40 algorithms to hash a given string.

## ip-converter.php
Converts a given IP address to different format, see [Nicolas Grégoire presentation](https://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf).

## ip-listing.php
Generates a list of IPs addresses from the given start to the given end, range and mask supported.

## mass_axfr.sh
Mass test zone transfer on a given list of domains.

## mass-smtp-user-enum-bruteforce.sh
Performs SMTP user enumeration on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum).

## mass-smtp-user-enum-check.sh
Tests if SMTP user enumeration is possible on a given list of IP address using [smtp-user-enum](https://github.com/pentestmonkey/smtp-user-enum).

## myutils.sh
Just few common Bash functions.

## node-uuid.js
Encode/Decode UUID using base36.

## nrpe.sh
Test Nagios Remote Plugin Executor Arbitrary Command Execution on a given host using Metasploit.

## openredirect.py
Test Open Redirect issue on a given list of hosts.

## pass-permut.php
Creates words permutation with different separators and output the hashes using about 40 algorithms.

## pastebin.php
Performs a string search on [pastebin.com](https://pastebin.com/).

## phantom-xss.js
See `xss.py`.

## ping-sweep-nc.sh
Determines what IPs are alive in a given range of IPs addresses using `netcat`.

## ping-sweep-nmap.sh
Determines what IPs are alive in a given range of IPs addresses using `nmap`.

## ping-sweep-ping.sh
Determines what IPs are alive in a given range of IPs addresses using `ping`.

## portscan-nc.sh
Determines the open ports of a given IP address using `netcat`.

## quick-hits.php
Tests a given list of path on a given list of hosts.

## quickhits.py
Same but the Python version. Tests a given list of path on a given list of hosts.

## rce.py
Test RCE issue on a given list of hosts.

## resolve.py
Resolves a give list of hosts to check which ones are alive and which ones are dead.

## screensite.sh
Takes screenshots of a given url+port using `xvfb`.

## shodan.php
Performs searches on Shodan using their API.

## smuggler.py
Test HTTP request smuggling issue on a given list of hosts.

## srv_reco.sh
Perform very small tests of a given IP address.

## ssh-timing-b4-pass.sh
Tries to guess SSH users using timing attack.

## ssrf-generate-ip.php
Generate random IP address:port inside private network range for SSRF scans.

## subalt.py
Generates subdomains alterations and permutations.

## test-ip-wordlist.sh
Brute force a wordlist on IPs range and ports list.

## testhttp.php
Tries to determine if an url (subdomain+port) is a web thing.

## testnc.sh
Performs fuzzing on a given IP address+port using `netcat`.

## Utils.php
Just few common PHP functions.

## webdav-bruteforce.sh
Perform brute force on a given url that use `WebDav` using [Davtest](https://github.com/cldrn/davtest).

## xss.py
Test XSS issue on a given list of hosts using `phantomjs`.

---

Feel free to [open an issue](/../../issues/) if you have any problem with the script.