- Wordlists - Comprises of password lists, username lists and subdomains
- Web Service finder - Finds web services of a list of IPs and also returns any URL rewrites
- Gpprefdecrypt.* - Decrypt the password of local users added via Windows 2008 Group Policy Preferences.
- rdns.sh - Runs through a file of line seperated IPs and prints if there is a reverse DNS set or not.
- grouppolicypwn.sh - Enter domain user creds (doesnt need to be priv) and wil lcommunicated with the domain controllers and pull any stored CPASS from group policies and decode to plain text. Useful for instant Domain Admin!
- privchecker.sh - Very young script that simply checks DCenum to a list of users to find their group access, indicated any privilaged users, this list can be edited.
- NessusParserSummary.py - Parses Nessus results to give a summary breakdown of findings plus a host count next to each.
- NessusParserBreakdown.py- Parses Nessus results to give a host based breakdown of findings plus the port(protocol) and CVSS rating.
- NmapParser.py - Parses raw NMAP results (or .nmap) and will create individual .csv files for each host with a breakdown of ports, service version, protocol and port status.
- NmapPortCount.py - Parses raw NMAP results (or .nmap) and will generate a single CSV with a list of Hosts, a count of how many open/closed/filtered ports it has, the OS detection and ICMP response.
- Plesk-creds-gatherer.sh - Used on older versions of plesk (before the encription came in) that allows you to pull out all the credentials form the databases using a nice Bash menu
- BashScriptTemplate.sh - Handy boiler plate template fro use in new scripts.
- PythonScriptTemplate.py - Handy boiler plate template fro use in new scripts.
- ipexplode.pl - Simply expands CIDRs and prints the ips in a list, handy for when you need a list of IPs and not a CIDR
- LinEsc.sh - Linux escilation script. This will test common methods of gaining root access or show potential areas such as sticky perms that can allow manual testing for root escilation
- gxfr.py - GXFR replicates dns zone transfers by enumerating subdomains using advanced search engine queries and conducting dns lookups.
- knock.sh - Simple script used to test/perform port knocking.
- sslscan-split-file.py - Used to split a large SSLScan results file into individual SSLScan results.
- TestSSLServer.jar - Similar tool to SSLScan but with different output.
- wiffy.sh - Wiffy hacking tool, encapsulated in a single Bash script.
Wednesday, January 6, 2016
PentestPackage - A Package of Multiple Pentest Scripts
Search
Categories
Popular Posts
-
dotenv loads .env files into process.env for Node.js projects, making it useful for configuration hygiene checks, secret-handling review...
-
In this post, we will explore a Python script designed to parse logs containing url:user:pass data. These logs are instrumental in executin...
-
New bug bounty(vulnerabilities) collector Requirements Chrome with GUI (If you encounter trouble with script execution, check the stat...
-
x64dbg is a Windows user-mode debugger for controlled runtime inspection, breakpoint logic, trace collection and patch validation in autho...
-
As cyber threats evolve, so must our strategies to combat them. The deepdarkCTI project serves as a crucial resource, offering access to a c...
-
GTFOcli it's a Command Line Interface for easy binaries search commands that can be used to bypass local security restrictions in mis...
-
As mobile applications become more integral to our daily lives, ensuring their security is paramount. Vulnerabilities in mobile apps can exp...
-
social-analyzer provides API, CLI, and web interfaces for finding and analyzing public profiles across more than 1000 social media and web...
-
Remote adminitration tool for android Features Notifications listener SMS listener Phone call recording Image capturing and sc...
-
RepoReaper is a precision tool designed to automate the identification of exposed .git repositories across a list of domains and subdomai...
Blog Archive
-
►
2026
(3)
- ► 05/24 - 05/31 (3)
-
►
2024
(42)
- ► 05/26 - 06/02 (1)
- ► 05/12 - 05/19 (1)
- ► 05/05 - 05/12 (5)
- ► 03/10 - 03/17 (3)
- ► 02/18 - 02/25 (32)
-
►
2022
(20)
- ► 02/06 - 02/13 (18)
- ► 01/30 - 02/06 (2)
-
►
2018
(69)
- ► 10/14 - 10/21 (4)
- ► 08/26 - 09/02 (7)
- ► 08/12 - 08/19 (4)
- ► 07/15 - 07/22 (2)
- ► 07/08 - 07/15 (6)
- ► 07/01 - 07/08 (3)
- ► 06/17 - 06/24 (2)
- ► 03/04 - 03/11 (2)
- ► 02/18 - 02/25 (1)
- ► 02/04 - 02/11 (3)
- ► 01/28 - 02/04 (7)
- ► 01/21 - 01/28 (6)
- ► 01/14 - 01/21 (12)
- ► 01/07 - 01/14 (10)
-
►
2017
(72)
- ► 12/31 - 01/07 (2)
- ► 12/03 - 12/10 (1)
- ► 11/19 - 11/26 (1)
- ► 11/12 - 11/19 (1)
- ► 10/22 - 10/29 (3)
- ► 10/01 - 10/08 (2)
- ► 09/17 - 09/24 (6)
- ► 09/10 - 09/17 (2)
- ► 09/03 - 09/10 (2)
- ► 08/27 - 09/03 (4)
- ► 07/23 - 07/30 (5)
- ► 07/16 - 07/23 (3)
- ► 06/25 - 07/02 (1)
- ► 06/18 - 06/25 (4)
- ► 05/21 - 05/28 (7)
- ► 05/14 - 05/21 (1)
- ► 05/07 - 05/14 (2)
- ► 04/30 - 05/07 (2)
- ► 04/23 - 04/30 (2)
- ► 04/16 - 04/23 (2)
- ► 03/19 - 03/26 (4)
- ► 01/22 - 01/29 (2)
- ► 01/15 - 01/22 (1)
- ► 01/08 - 01/15 (8)
- ► 01/01 - 01/08 (4)
-
▼
2016
(648)
- ► 12/25 - 01/01 (1)
- ► 12/18 - 12/25 (2)
- ► 12/11 - 12/18 (6)
- ► 12/04 - 12/11 (4)
- ► 11/27 - 12/04 (5)
- ► 11/13 - 11/20 (1)
- ► 11/06 - 11/13 (1)
- ► 10/30 - 11/06 (5)
- ► 10/23 - 10/30 (1)
- ► 10/16 - 10/23 (2)
- ► 10/09 - 10/16 (5)
- ► 10/02 - 10/09 (3)
- ► 09/25 - 10/02 (2)
- ► 09/18 - 09/25 (6)
- ► 09/11 - 09/18 (6)
- ► 09/04 - 09/11 (4)
- ► 08/28 - 09/04 (7)
- ► 08/21 - 08/28 (5)
- ► 08/14 - 08/21 (4)
- ► 08/07 - 08/14 (2)
- ► 07/31 - 08/07 (2)
- ► 07/24 - 07/31 (5)
- ► 07/17 - 07/24 (2)
- ► 07/10 - 07/17 (3)
- ► 07/03 - 07/10 (6)
- ► 06/26 - 07/03 (11)
- ► 06/12 - 06/19 (4)
- ► 06/05 - 06/12 (1)
- ► 05/29 - 06/05 (1)
- ► 05/08 - 05/15 (4)
- ► 04/24 - 05/01 (8)
- ► 04/17 - 04/24 (5)
- ► 04/10 - 04/17 (1)
- ► 04/03 - 04/10 (8)
- ► 03/27 - 04/03 (1)
- ► 03/20 - 03/27 (5)
- ► 03/13 - 03/20 (1)
- ► 03/06 - 03/13 (12)
- ► 02/28 - 03/06 (14)
- ► 02/21 - 02/28 (11)
- ► 02/14 - 02/21 (12)
- ► 02/07 - 02/14 (13)
- ► 01/31 - 02/07 (121)
- ► 01/24 - 01/31 (34)
- ► 01/17 - 01/24 (58)
- ► 01/10 - 01/17 (59)
-
▼
01/03 - 01/10
(174)
- New World Order - Como a Nova Ordem Mundial quer n...
- Rogue Wi-Fi - Access Point Attack WiFi-Pumpkin
- Maltrail - Malicious Traffic Detection System
- Winpayloads - Undetectable Windows Payload Generation
- Kali Linux - Wireless Penetration Testing Beginner...
- Metasploit - The Penetration Tester’s Guide
- Hacker’s Playbook - Practical Guide for Ethical Ha...
- Estrutura - Diretórios do Linux
- Hackers - Causam o primeiro corte de electricidade...
- UFONet - is a tool designed to launch DDoS attacks
- NASA: Algo está prestes a acontecer! O grande segr...
- The Wind - Man In The Middle (MITM) Attack Tool
- Milhões de pessoas não sabem o que usa!
- LEAVE THE MATRIX
- SCRYPTmail
- PenBox
- COMO FUNCIONA A MANIPULAÇÃO DA MÍDIA
- PT propõe fim do dinheiro em espécie - até que só ...
- Teoria da conspiração - Obama usou pomada especia...
- Farsa Criança Esperança - Rede Esgoto fica com 90%...
- Kali NetHunter 3.0 - Android Mobile Penetration Te...
- ParanoicScan - Vulnerability Scanner
- IPTV Brute-Force - Search And Brute Force Illegal ...
- Sawef - Send Attack Web Forms
- Vuvuzela - Private Messaging System That Hides Met...
- Phpsploit - Stealth Post-Exploitation Framework
- Blade - A Webshell Connection Tool With Customized...
- Sublist3R - Fast Subdomains Enumeration Tool For P...
- Nipe - Script To Redirect All Traffic From The Mac...
- jSQL Injection v0.73 - Java Tool For Automatic SQL...
- CenoCipher - Easy-To-Use, End-To-End Encrypted Com...
- JexBoss - Jboss Verify And Exploitation Tool
- Faraday 1.0.16 - Collaborative Penetration Test an...
- PentestPackage - A Package of Multiple Pentest Scr...
- Phan - Static Analyzer For PHP
- Domi-Owned - Tool Used for Compromising IBM/Lotus ...
- Ares - Python Botnet and Backdoor
- credmap - The Credential Mapper
- ATSCAN - Server, Site and Dork Scanner
- Pyersinia - Network Attack Tool
- Collection Of Awesome Honeypots
- Flashlight - Automated Information Gathering Tool ...
- Mosca - Static Analysis Tool To Find Bugs
- Joomlavs - A Black Box, Joomla Vulnerability Scanner
- MassBleed - Mass SSL Vulnerability Scanner
- Tor Messenger - Chat over Tor, Easily
- Xiaopan OS - Pentesting Distribution for Wireless ...
- Waldo - Multithreaded Directory and Subdomain Brut...
- oclHashcat v2.01 - Worlds Fastest Password Cracker
- 0d1n - Tool For Automating Customized Attacks Agai...
- SpiderFoot v2.6.1 - Open Source Intelligence Autom...
- Katana - Framework for Hackers, Professional Secur...
- Xplico v1.1.1 - Open Source Network Forensic Analy...
- Bohatei - Flexible and Elastic DDoS Defense
- REXT - Router Exploitation Toolkit
- Aircrack-ng 1.2 RC 3 - WEP and WPA-PSK Keys Cracki...
- Hsecscan - A Security Scanner For HTTP Response He...
- Nmap 7 - Security Scanner For Network Exploration ...
- GetHead - HTTP Header Analysis Vulnerability Tool
- Beurk - Experimental Unix Rootkit
- Codetainer - A Docker Container In Your Browser
- LiME - Linux Memory Extractor
- WAP - Web Application Protection
- Bluto - DNS Recon, DNS Zone Transfer, and Email En...
- Wireshark v2.0 - The World’s Foremost Network Prot...
- Toxy - Hackable Http Proxy To Simulate Server Fail...
- Tails 1.7 - The Amnesic Incognito Live System
- Security Onion - Linux Distro For Intrusion Detect...
- ARDT - Akamai Reflective DDoS Tool
- Infernal-Twin - This Is Evil Twin Attack Automated...
- LMD - Linux Malware Detect
- XPL-SEARCH - Search Exploits In Multiple Exploit D...
- MobSF (Mobile Security Framework) - Mobile (Androi...
- Gping - Ping, But With A Graph
- CSRFT - Cross Site Request Forgeries (Exploitation...
- Burpkit - Next-Gen Burpsuite Penetration Testing Tool
- Rubocop - A Ruby Static Code Analyzer, Based On Th...
- Btproxy - Man In The Middle Analysis Tool For Blue...
- TheFuck - Magnificent App Which Corrects Your Prev...
- B374K - PHP Webshell with handy features
- Twittor - A fully featured backdoor that uses Twit...
- Faraday 1.0.15 - Collaborative Penetration Test an...
- ZeroNet - Decentralized websites using Bitcoin cry...
- Weeman - HTTP Server for Phishing
- Heartbleed Vulnerability Scanner - Network Scanner...
- Gryffin - Large Scale Web Security Scanning Platform
- Pupy - Multi-Platform Remote Administration Tool
- DNSteal - DNS Exfiltration tool for stealthily sen...
- Tiger - The Unix security audit and intrusion dete...
- PEInjector - MITM PE file infector
- MALHEUR - Automatic Analysis of Malware Behavior
- CrackMapExec - A swiss army knife for pentesting W...
- Speedtest - Command Line Interface for Testing Int...
- Pentoo 2015 - Security-Focused Livecd based on Gentoo
- ZAP 2.4.2 - Penetration Testing Tool for Testing W...
- Wfuzz - The Web Application Bruteforcer
- Sn1per - Automated Pentest Recon Scanner
- Droopescan - Scanner to identify issues with sever...
- Discover - Custom bash scripts used to automate va...
- SparkyLinux - Lightweight & fast Debian-based Linu...
- Burp Suite Professional 1.6.26 - The Leading Toolk...
- Sonar.js - Framework for identifying and launching...
- AutoBrowser - Create Report and Screenshots of HTT...
- TestDisk - Partition Recovery and File Undelete fo...
- Intrigue - Intelligence Gathering Framework
- FruityWifi v2.2 - Wireless Network Auditing Tool
- NetRipper - Smart Traffic Sniffing for Penetration...
- Wifresti - Find your wireless network password fro...
- SubDomain Analyzer - Get detailed information of a...
- SQLChop - SQL Injection Detection Engine
- CredCrack - Fast and Stealthy Credential Harvester
- Geotweet - Social engineering tool for human hacking
- Katoolin - Automatically install all Kali Linux tools
- Whonix v11 - Anonymous Operating System
- SPF - SpeedPhish Framework
- OWASP ZSC Shellcoder - Generate Customized Shellcodes
- Metasploit AV Evasion - Metasploit payload generat...
- HTTPie - a CLI, cURL-like tool for humans
- A Cidade Mais Perigosa da Internet
- PortDog - Simple Python Script to Detect Port Scan...
- MPC - Msfvenom Payload Creator
- OWASP ZAP 2.4.1 - Penetration Testing Tool for Tes...
- PEframe - Tool to perform static analysis on Porta...
- Burp Suite Professional v1.6.23 - The Leading Tool...
- BWA - OWASP Broken Web Applications Project
- SET v6.5 - The Social-Engineer Toolkit “Mr Robot”
- IVRE - A Python network recon framework, based on ...
- Passgen - Random Character Generator Crunch to Cra...
-
►
2015
(26)
- ► 12/27 - 01/03 (1)
- ► 08/30 - 09/06 (8)
- ► 08/23 - 08/30 (16)
- ► 08/16 - 08/23 (1)
Home
Privacy Center
Data Protection
Community
Digital Policy
Security Tools
Online Utilities
Resources
Search Operators
Library

0 comentários:
Post a Comment
Note: Only a member of this blog may post a comment.