Tools and Scripts used for Pentesting and CTFs like HackTheBox, tryhackme, and more
Go to file
2023-09-10 11:15:10 +02:00
win project update 2023-01-02 05:43:57 -05:00
__init__.py Abstract SQLi Interface 2022-12-10 14:24:13 +01:00
.gitignore pingscan 2020-08-28 23:04:41 +02:00
chisel Update 2022-03-01 14:23:45 +01:00
chisel64 Project Update 2022-02-16 14:18:54 +01:00
crack_hash.py windows binaries + Name The Hash 2022-01-03 15:00:43 +01:00
crawl_urls.py Update 2022-12-09 14:54:06 +01:00
deepce.sh Project Update 2022-02-16 14:18:54 +01:00
dnsserver.py Update 2022-03-01 14:23:45 +01:00
fileserver.py assertions 2023-09-07 06:09:09 -04:00
find_git_commit.py chmod +x 2022-01-30 20:47:22 +01:00
first_scan.sh wfuzz -> ffuf 2020-08-09 16:49:02 +02:00
git-dumper.py Update 2022-03-01 14:23:45 +01:00
gobuster.sh Update 2021-08-28 13:41:46 +02:00
jsp-webshell.jsp update 2020-10-12 19:21:41 +02:00
LinEnum.sh Project Update 2021-05-03 22:35:31 +02:00
linpeas.sh project update 2023-01-02 05:43:57 -05:00
linux-exploit-suggester.sh Project Update 2022-12-05 10:09:01 +01:00
lse.sh Project Update 2022-12-05 10:09:01 +01:00
ncat Added ncat + background shell listener 2021-10-27 13:08:14 +02:00
p0wny-shell.php Project Update 2022-12-05 10:09:01 +01:00
padBuster.pl Update 2021-10-25 17:25:49 +02:00
pcap-file-extract.py Update 2022-12-09 14:54:06 +01:00
php-reverse-shell.php Initial Commit 2020-01-28 22:15:42 +01:00
phpinfo-analyzer.py chmod +x 2022-01-30 20:47:22 +01:00
pingscan.py Update 2022-12-09 14:54:06 +01:00
portscan.py Ping/Portscan update, git-dumper fix, genRevShell trigger shell 2021-05-14 16:49:49 +02:00
pspy Windows Binaries + MSSQL hash type 2020-11-07 12:54:18 +01:00
pspy64 Initial Commit 2020-01-28 22:15:42 +01:00
README.md Project Update / removed AutoRecon 2021-10-05 21:55:08 +02:00
requirements.txt project update 2023-01-02 05:43:57 -05:00
rev_shell.py Project re-structuring (python naming conventions) 2022-01-23 22:09:12 +01:00
socat Update 2021-06-30 20:44:38 +02:00
sql.php some windows binaries, git commit finder 2021-11-14 15:24:24 +01:00
sqli.py Abstract SQLi Interface 2022-12-10 14:24:13 +01:00
ssh-check-username.py Update 2021-06-30 20:44:38 +02:00
subdomainFuzz.sh subdomain fuzzing adjustment 2023-09-10 11:15:10 +02:00
template.py chmod +x 2022-01-30 20:47:22 +01:00
unix-privesc-check.sh Project Update 2021-05-03 22:35:31 +02:00
update.sh update fix 2022-03-01 14:24:18 +01:00
upload_file.py Update 2022-12-09 14:54:06 +01:00
uptux.py Initial Commit 2020-01-28 22:15:42 +01:00
util.py assertions 2023-09-07 06:09:09 -04:00
web_service_finder.py Project Update 2022-12-05 10:09:01 +01:00
xp_cmdshell.py Update 2022-12-09 14:54:06 +01:00
xss_handler.py Update 2022-12-09 14:54:06 +01:00

HackingScripts

This repository contains self-made and common scripts for information gathering, enumeration and more.

Enumeration: Initial Scans

  • first_scan.sh: Performs initial nmap scan
  • gobuster.sh: Performs gobuster dir scan with raft-large-words-lowercase.txt
  • ssh-check-username.py: Check if user enumeration works for ssh
  • git-dumper.py
  • subdomainFuzz.sh: Fuzzes subdomains for a given domain

Enumeration: Privilege Escalation & Pivoting

  • LinEnum.sh
  • linpeas.sh
  • lse.sh
  • unix-privesc-check.sh
  • uptux.py
  • pspy64
  • portscan.py: small python script, which scans open TCP ports natively with multithread support. Can be deployed on victim machines to scan the intranet.
  • pingscan.py: small python script, which can detect internal hosts via ping probes natively. Can be deployed on victim machines to scan the intranet.
  • deepce.sh: Docker Privilege Escalation (e.g. exposed socket)

Reverse Shell: Payloads

Miscellaneous

  • upload_file.py: Starts a local tcp server, for netcat usage
  • xss_handler.py: Starts a local http server and generates xss payload to steal cookies
  • padBuster.pl
  • sql.php: Execute sql queries passed via GET/POST
  • util.py: Collection of some small functions
  • fileserver.py: Create a temporary http server serving in-memory files
  • dnsserver.py: Create a temporary dns server responding dynamically to basic DNS requests (in-memory)

Windows