Tools and Scripts used for Pentesting like HackTheBox, tryhackme, and more (only white-hat stuff ofc :p)

Roman Hergenreder 2338077bd6 python webserver routes		3 months ago
autorecon_config	4c265dc683 GitHack 2 -> 3, crack hash, requirements	7 months ago
win	1a4d7821f8 Chisel + AccessChk	3 months ago
.gitignore	dc4babba88 pingscan	4 months ago
LinEnum.sh	a0476d4c17 Initial Commit	1 year ago
README.md	c9a51b8868 README	3 months ago
__init__.py	dba69dc704 xss_handler	3 months ago
autorecon.py	4c265dc683 GitHack 2 -> 3, crack hash, requirements	7 months ago
chisel	1a4d7821f8 Chisel + AccessChk	3 months ago
chisel64	1a4d7821f8 Chisel + AccessChk	3 months ago
crack_hash.py	269f4d280d Crack Hash: LM	3 months ago
deepce.sh	a872da3d4c deepce fix	4 months ago
fileserver.py	2338077bd6 python webserver routes	3 months ago
first_scan.sh	59a10ddead wfuzz -> ffuf	5 months ago
genRevShell.py	dc4babba88 pingscan	4 months ago
git-dumper.py	0b1c78ab56 git-dumper fix	7 months ago
gobuster.sh	a0476d4c17 Initial Commit	1 year ago
jsp-webshell.jsp	6172f68da8 update	3 months ago
linpeas.sh	5dcbdb5f86 LinPeas update	4 months ago
linux-exploit-suggester.sh	2338077bd6 python webserver routes	3 months ago
lse.sh	a0476d4c17 Initial Commit	1 year ago
p0wny-shell.php	a0476d4c17 Initial Commit	1 year ago
padBuster.pl	e3ad4d3e53 Powercat + Padbuster	9 months ago
php-reverse-shell.php	a0476d4c17 Initial Commit	1 year ago
pingscan.py	5046360a1d queue availability check	3 months ago
portscan.py	5046360a1d queue availability check	3 months ago
pspy64	a0476d4c17 Initial Commit	1 year ago
requirements.txt	4c265dc683 GitHack 2 -> 3, crack hash, requirements	7 months ago
sql.php	0c5e663943 sql query script	4 months ago
ssh-check-username.py	a0476d4c17 Initial Commit	1 year ago
startHttpServer.sh	eb9e62b70f winPEAS update	3 months ago
subdomainFuzz.sh	fcb562e6df https support for subdomain fuzzing	3 months ago
unix-privesc-check.sh	a0476d4c17 Initial Commit	1 year ago
upload_file.py	712b851f36 xss + utils	7 months ago
uptux.py	a0476d4c17 Initial Commit	1 year ago
util.py	a086ddeb42 Some more xss payloads	4 months ago
web_service_finder.py	31f0849e1c Joomla Version Finder	3 months ago
xss_handler.py	ffddd34e06 XSS	3 months ago

HackingScripts

This repository contains self-made and common scripts for information gathering, enumeration and more.

Enumeration: Initial Scans

first_scan.sh: Performs initial nmap scan
gobuster.sh: Performs gobuster dir scan with raft-large-words-lowercase.txt
ssh-check-username.py: Check if user enumeration works for ssh
git-dumper.py
autorecon.py
subdomainFuzz.sh: Fuzzes subdomains for a given domain

Enumeration: Privilege Escalation & Pivoting

LinEnum.sh
linpeas.sh
lse.sh
unix-privesc-check.sh
uptux.py
pspy64
portscan.py: small python script, which scans open TCP ports natively with multithread support. Can be deployed on victim machines to scan the intranet.
pingscan.py: small python script, which can detect internal hosts via ping probes natively. Can be deployed on victim machines to scan the intranet.
deepce.sh: Docker Privilege Escalation (e.g. exposed socket)

Reverse Shell: Payloads

genRevShell.py: Generates a reverse shell command (e.g. netcat, python, ...)
php-reverse-shell.php
p0wny-shell.php

Miscellaneous

upload_file.py: Starts a local tcp server, for netcat usage
xss_handler.py: Starts a local http server and generates xss payload to steal cookies
padBuster.pl
sql.php: Execute sql queries passed via GET/POST
util.py: Collection of some small functions
fileserver.py: Create a temporary http server serving in-memory files

Windows

nc.exe/nc64.exe: netcat standalone binary
mimikatz.exe
plink.exe: command line PuTTY client for port forwarding
powercat.ps1
winPEAS.bat
PowerView.ps1
SharpHound.exe: BloodHound Ingestor
windows-exploit-suggester.py
aspx-reverse-shell.aspx

README.md