Tools and Scripts used for Pentesting like HackTheBox, tryhackme, and more (only white-hat stuff ofc :p)
Roman Hergenreder
a86fff1b36
update fix
|
3 months ago | |
|---|---|---|
| win | 3 months ago | |
| .gitignore | 1 year ago | |
| LinEnum.sh | 1 year ago | |
| README.md | 8 months ago | |
| __init__.py | 5 months ago | |
| chisel | 3 months ago | |
| chisel64 | 4 months ago | |
| crack_hash.py | 5 months ago | |
| crawl_urls.py | 5 months ago | |
| deepce.sh | 4 months ago | |
| dnsserver.py | 3 months ago | |
| fileserver.py | 3 months ago | |
| find_git_commit.py | 4 months ago | |
| first_scan.sh | 1 year ago | |
| git-dumper.py | 3 months ago | |
| gobuster.sh | 10 months ago | |
| jsp-webshell.jsp | 1 year ago | |
| linpeas.sh | 3 months ago | |
| linux-exploit-suggester.sh | 4 months ago | |
| lse.sh | 3 months ago | |
| ncat | 8 months ago | |
| p0wny-shell.php | 1 year ago | |
| padBuster.pl | 8 months ago | |
| php-reverse-shell.php | 2 years ago | |
| phpinfo-analyzer.py | 4 months ago | |
| pingscan.py | 1 year ago | |
| portscan.py | 1 year ago | |
| pspy | 1 year ago | |
| pspy64 | 2 years ago | |
| requirements.txt | 5 months ago | |
| rev_shell.py | 5 months ago | |
| socat | 11 months ago | |
| sql.php | 7 months ago | |
| ssh-check-username.py | 11 months ago | |
| subdomainFuzz.sh | 5 months ago | |
| template.py | 4 months ago | |
| test_ciphers.sh | 1 year ago | |
| unix-privesc-check.sh | 1 year ago | |
| update.sh | 3 months ago | |
| upload_file.py | 2 years ago | |
| uptux.py | 2 years ago | |
| util.py | 4 months ago | |
| web_service_finder.py | 1 year ago | |
| xp_cmdshell.py | 7 months ago | |
| xss_handler.py | 1 year ago |
README.md
HackingScripts
This repository contains self-made and common scripts for information gathering, enumeration and more.
Enumeration: Initial Scans
- first_scan.sh: Performs initial nmap scan
- gobuster.sh: Performs gobuster dir scan with raft-large-words-lowercase.txt
- ssh-check-username.py: Check if user enumeration works for ssh
- git-dumper.py
- subdomainFuzz.sh: Fuzzes subdomains for a given domain
Enumeration: Privilege Escalation & Pivoting
- LinEnum.sh
- linpeas.sh
- lse.sh
- unix-privesc-check.sh
- uptux.py
- pspy64
- portscan.py: small python script, which scans open TCP ports natively with multithread support. Can be deployed on victim machines to scan the intranet.
- pingscan.py: small python script, which can detect internal hosts via ping probes natively. Can be deployed on victim machines to scan the intranet.
- deepce.sh: Docker Privilege Escalation (e.g. exposed socket)
Reverse Shell: Payloads
- genRevShell.py: Generates a reverse shell command (e.g. netcat, python, ...)
- php-reverse-shell.php
- p0wny-shell.php
- aspx-reverse-shell.aspx
- jsp-webshell.jsp: webshell for Java servlets
Miscellaneous
- upload_file.py: Starts a local tcp server, for netcat usage
- xss_handler.py: Starts a local http server and generates xss payload to steal cookies
- padBuster.pl
- sql.php: Execute sql queries passed via GET/POST
- util.py: Collection of some small functions
- fileserver.py: Create a temporary http server serving in-memory files
- dnsserver.py: Create a temporary dns server responding dynamically to basic DNS requests (in-memory)
Windows
- nc.exe/nc64.exe: netcat standalone binary
- mimikatz.exe
- plink.exe: command line PuTTY client for port forwarding
- powercat.ps1
- winPEAS.bat
- PowerView.ps1
- SharpHound.exe: BloodHound Ingestor
- windows-exploit-suggester.py
- aspx-reverse-shell.aspx
- xp_cmdshell.py (thanks to @alwayslucky)