Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/highmeh/pentest_scripts
penetration testing scripts
https://github.com/highmeh/pentest_scripts
Last synced: 22 days ago
JSON representation
penetration testing scripts
- Host: GitHub
- URL: https://github.com/highmeh/pentest_scripts
- Owner: highmeh
- Created: 2017-04-11T01:13:25.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-09-13T19:21:36.000Z (about 5 years ago)
- Last Synced: 2024-08-05T17:39:59.758Z (4 months ago)
- Language: Python
- Size: 12.7 KB
- Stars: 137
- Watchers: 7
- Forks: 28
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - highmeh/pentest_scripts - penetration testing scripts (Python)
README
# pentest_scripts
Scripts I've put together to help during penetration tests.- generate_emails.py - takes a list of full names (as generated by TheHarvester or scrape_linkedin.py) and converts them into various common email conventions. Attempts to sanitize the names to a "Firstname Lastname" format.
- scrape_linkedin.py - using a google cse api key, use Google Dorks/Advanced Operators to retreive employee names from GitHub. Sanitize and dump to a list. [ Currently Deprecated ]
- retrieve_osxhash.py - converts the contents of an OSX .plist file to a crackable password hash. Use Hashcat mode 7100 with the --username flag to crack. Without the -u flag, it dumps all password hashes. Requires root or sudo.- postgresbrute.py - a simple postgres brute-forcing tool. Currently supports only a single username at a time.
- 200buster.py - a simple tool for directory brute-forcing when all requests return "200 OK". Excludes a range of response sizes and returns all others as valid path directories.
- 4to6.py - Uses arp to get the IPv6 address of an IPv6 host. Note that ICMP must be enabled for the tool to work.