Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/wh1t3rh1n0/pentest-scripts
Miscellaneous scripts for pentesting
https://github.com/wh1t3rh1n0/pentest-scripts
Last synced: 3 months ago
JSON representation
Miscellaneous scripts for pentesting
- Host: GitHub
- URL: https://github.com/wh1t3rh1n0/pentest-scripts
- Owner: Wh1t3Rh1n0
- Created: 2015-01-31T03:10:31.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2018-03-22T15:55:50.000Z (over 6 years ago)
- Last Synced: 2024-01-22T08:35:03.590Z (10 months ago)
- Language: Shell
- Size: 149 KB
- Stars: 215
- Watchers: 10
- Forks: 43
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-collection - **43**星
README
Pentest Scripts
===============
Just a bunch of simple, miscellaneous scripts I've created while pentesting.
The rest of this readme was automatically generated with the following command:
for f in * ; do echo -en "## $f\n" ; echo -e "\n$(./$f --help | tail -n +2 | sed -E 's/^/ /g')" ; done >> README.md
## dim
dim - Dim the screen
--------------------
Usage: dim <= Dim the screen to the lowest setting.
dim <= Dim to a custom level.
## enable-forwarding
enable-forwarding
-----------------
A simple script to forward all incoming traffic out
whatever interface is currently connected to the Internet.
Usage: enable-forwarding [Internet-connected interface]
## extract-hashes-responder
extract-hashes-responder
------------------------
Extracts one hash per user from a Responder-Session.log file for easy
cracking with hashcat.
Usage: ./extract-hashes-responder [Result number]
## gnmap2ip
gnmap2ip
--------
Converts a .gnmap file to an list of colon separated IP and TCP port numbers.
Usage: gnmap2ip [GNMAP FILE]
## grep-cidr
grep-cidr
---------
Searches a target file for any IP addresses in the given range. Any range
format that is Nmap compatible *should work*, not just CIDR.
Usage: grep-cidr [Additional grep options]
## grip
grip
----
greps a file for common patterns.
Should accept most standard grep flags.
Example usage - IPv4 addresses only:
grep for IPv4 addresses only: grip
include CIDR notation: grip --cidr
grep for IP:Port: grip --port
Example usage - IPv6 addresses only:
grep for IPv6 addresses only: grip --6
include CIDR notation: grip --6cidr
Other supported patterns:
grep for emails: grip --email
grep for MAC addresses: grip --mac
## heartbleed
Usage: heartbleed
## heartbleed-parser
Usage: heartbleed-parser
## ip2dec.py
ip2dec.py
---------
Converts an IP address to its decimal equivalent.
Usage: ip2dec.py [IP Address]
## iplist2dirs
iplist2dirs
-----------
Reads an IP:Port list and creates the following directory structure for
each IP address:
./[OUTPUT DIR]/[PORT]/[IP Address]
Usage: iplist2dirs [Ports]
Example: iplist2dirs iplist.txt "80 443"
Use "all" in place of port numbers to create a directory for every port listed.
If ports are omitted, the default port list is used.
The defaul port list and output directory name can be changed in the settings
section of this script.
## iplist-detect_http.sh
iplist-detect_http
------------------
Retrieves HTTP headers from each server listed in a IP:Port formatted file.
Usage: iplist-detect_http [Maximum Connect Timeout]
## Kali_Linux_Extra_Tools2.sh
Kali Linux: Extra tools and customizations script
=================================================
Created by Wh1t3Rh1n0
This script adds a bunch of my favorite tools to Kali Linux.
Usage:
Install all tools: ./Kali_Linux_Extra_Tools2.sh install
Non-GUI tools only: ./Kali_Linux_Extra_Tools2.sh install nogui
## live-usb-tweaks.sh
live-usb-tweaks.sh
------------------
Install tweaks to increase performance when running
Kali from a LiveUSB with persistence.
Usage: ./live-usb-tweaks.sh install
## merge-hashcat.py
merge-hashcat.py
----------------
Matches passwords cracked with hashcat to their usernames.
Usage: merge-hashcat.py
Notes: The "hash:password" file is created by hashcat's -o option.
The "user:hash" file is easy to create using your original hashdump and
the "cut" command. An example of creating this file from hashes dumped
from a Windows domain controller follows:
cat raw_dump.txt | cut -d ':' -f 1,4 > dumped-users_hashes.txt
## ms15-034_check.py
Example: %s 'https://example.com:8443/'
## mv-screenshots
mv-screenshots
--------------
Moves screenshots from the current directory to a destination directory.
Removes colons from the filename for Windows compatibility.
Usage: mv-screenshots
## ncsv2ip
ncsv2ip
-------
Converts a Nessus exported CSV file to a colon-separated list of IPs and ports
Usage: ncsv2ip [CSV FILE]
Requires: grep, awk, sort
Limitations: Only outputs TCP ports. UDP ports are ignored.
## setup-x-limited.sh
----------------------------------
setup-x-limited.sh | by Wh1t3Rh1n0
----------------------------------
This script creates a script and a menu icon for executing a given program
as a regular, non-root user if you are logged in as root.
The following environment variables need to be set for it to run:
script_name - the filename that the created script will be saved as.
iw_user - the user that will be created for running the target program.
program_description - the name that will show on the icon.
command_line - the path of the target program to be run.
icon - the icon to display on the menu
categories - where the icon is placed within the applications menu.
Example execution:
------------------
script_name=firefox-nonroot iw_user=firefox-user \
program_description="Firefox (Non-Root)" command_line="/opt/firefox/firefox" \
icon="/opt/firefox/browser/icons/mozicon128.png" categories="Network;" \
./setup-x-limited.sh
Alternatively, you can provide a known binary location to accept default
options for that program.
Usage: ./setup-x-limited.sh [full path to binary]
Currently accepted binary paths:
/opt/firefox/firefox
## strip-colors
strip-colors
------------
Removes colors from output for easy grepping.
Usage: cat | strip-colors
## update-firefox.sh
Firefox Updater/Installer
-------------------------
Just a simple script to update or install Firefox on Kali Linux.
Installs to /opt/firefox
Run with no options to install or update.
## usb-armory
usb-armory
----------
A simple script to setup a connection to a USB armory with Kali installed.
Usage: usb-armory [Internet-connected interface]
## word-mutator
word-mutator 9000
-----------------
Generates a wordlist by running all of hashcat's built-in rules on a
single word (such as a company name) or small list of words.
Primarily intended for targeted, offline password cracking attacks.
Usage: bash ./word-mutator [optional output file] [optional input wordlist]
Because I'm being lazy, you must specify an output file name in order
to specify an input file. :P
*This script has only been tested with the legacy hashcat 2.00 binaries.*