2020-02-06 21:27:00 +01:00
|
|
|
# HackingScripts
|
|
|
|
|
|
|
|
|
|
This repository contains self-made and common scripts for information gathering, enumeration and more.
|
|
|
|
|
|
|
|
|
|
### Enumeration: Initial Scans
|
2020-06-08 14:28:22 +02:00
|
|
|
- first_scan.sh: Performs initial nmap scan
|
2020-02-06 21:28:27 +01:00
|
|
|
- gobuster.sh: Performs gobuster dir scan with raft-large-words-lowercase.txt
|
2020-02-06 21:27:00 +01:00
|
|
|
- ssh-check-username.py: Check if user enumeration works for ssh
|
2020-06-08 14:28:22 +02:00
|
|
|
- [git-dumper.py](https://github.com/arthaud/git-dumper)
|
2020-02-23 12:33:34 +01:00
|
|
|
- [autorecon.py](https://github.com/Tib3rius/AutoRecon)
|
2020-06-02 15:35:03 +02:00
|
|
|
- subdomainFuzz.sh: Fuzzes subdomains for a given domain
|
2020-02-06 21:27:00 +01:00
|
|
|
|
2020-09-16 17:27:58 +02:00
|
|
|
### Enumeration: Privilege Escalation & Pivoting
|
2020-02-23 12:33:34 +01:00
|
|
|
- [LinEnum.sh](https://github.com/rebootuser/LinEnum)
|
|
|
|
|
- [linpeas.sh](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite)
|
2020-02-06 21:27:00 +01:00
|
|
|
- lse.sh
|
|
|
|
|
- unix-privesc-check.sh
|
2020-02-23 12:33:34 +01:00
|
|
|
- [uptux.py](https://github.com/initstring/uptux)
|
|
|
|
|
- [pspy64](https://github.com/DominicBreuker/pspy)
|
2020-09-16 17:27:58 +02:00
|
|
|
- portscan.py: small python script, which scans open TCP ports natively with multithread support.
|
|
|
|
|
Can be deployed on victim machines to scan the intranet.
|
|
|
|
|
- pingscan.py: small python script, which can detect internal hosts via ping probes natively.
|
|
|
|
|
Can be deployed on victim machines to scan the intranet.
|
|
|
|
|
- [deepce.sh](https://github.com/stealthcopter/deepce): Docker Privilege Escalation (e.g. exposed socket)
|
2020-02-06 21:27:00 +01:00
|
|
|
|
|
|
|
|
### Reverse Shell: Payloads
|
|
|
|
|
- genRevShell.py: Generates a reverse shell command (e.g. netcat, python, ...)
|
2020-02-23 12:33:34 +01:00
|
|
|
- [php-reverse-shell.php](https://github.com/pentestmonkey/php-reverse-shell)
|
|
|
|
|
- [p0wny-shell.php](https://github.com/flozz/p0wny-shell)
|
2020-02-06 21:27:00 +01:00
|
|
|
|
|
|
|
|
### Miscellaneous
|
|
|
|
|
- upload_file.py: Starts a local tcp server, for netcat usage
|
2020-06-02 15:35:03 +02:00
|
|
|
- xss_handler.py: Starts a local http server and generates xss payload to steal cookies
|
2020-04-09 16:06:08 +02:00
|
|
|
- [padBuster.pl](https://github.com/AonCyberLabs/PadBuster)
|
2020-09-16 17:27:58 +02:00
|
|
|
- sql.php: Execute sql queries passed via GET/POST
|
|
|
|
|
- util.py: Collection of some small functions
|
2020-09-27 15:18:48 +02:00
|
|
|
- fileserver.py: Create a temporary http server serving in-memory files
|
2020-09-16 17:27:58 +02:00
|
|
|
|
|
|
|
|
### Windows
|
2020-09-27 15:18:48 +02:00
|
|
|
- nc.exe/nc64.exe: netcat standalone binary
|
|
|
|
|
- [mimikatz.exe](https://github.com/gentilkiwi/mimikatz)
|
|
|
|
|
- [plink.exe](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html): command line PuTTY client for port forwarding
|
|
|
|
|
- [powercat.ps1](https://github.com/besimorhino/powercat)
|
|
|
|
|
- [winPEAS.bat](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite)
|
|
|
|
|
- PowerView.ps1
|
|
|
|
|
- [SharpHound.exe](https://github.com/BloodHoundAD/SharpHound3): BloodHound Ingestor
|
|
|
|
|
- [windows-exploit-suggester.py](https://github.com/AonCyberLabs/Windows-Exploit-Suggester)
|
|
|
|
|
- [aspx-reverse-shell.aspx](https://github.com/borjmz/aspx-reverse-shell)
|
