pentest-tools
A collection of custom security tools for quick needs.
arpa.sh
Converts IP address in arpa
format to classical format.
bbhost.sh
Performs host
command on a given hosts list using parallel
to make it fast.
codeshare.php
Performs a string search on codeshare.io.
cors.py
Test CORS issue on a given list of hosts.
crlf.py
Test CRLF issue on a given list of hosts.
crtsh.php
Grabs subdomains of a given domain from crt.sh.
detect-vnc-rdp.sh
Tests if ports 3389
and 5900
are open on a given IP range using netcat
.
dnsenum-brute.sh
Performs brute force through wordlist to find subdomains.
dnsenum-bruten.sh
Performs brute force through numeric variation to find subdomains.
dnsenum-reverse.sh
Apply reverse DNS method on a given IP range to find subdomains.
dnsenum-reverserange.sh
Same thing but IP ranges are read from an input file.
dnsenum-zonetransfer.sh
Tests Zone Transfer of a given domain.
dnsreq-alltypes.sh
Performs all types of DNS requests for a given (sub)domain.
extract-domains.py
Extracts domain of a given URL or a list of URLs.
extract_links.php
Extracts links from a given HTML file.
filterurls.py
Classifies and displays URLs by vulnerability types.
flash-regexp.sh
Performs regexps listed in flash-regexp.txt
for Flash apps testing purpose.
gdorks.php
Generates Google dorks for a given domain (searches are not performed).
hashall.php
Uses about 40 algoritmes to hash a given string.
ip-converter.php
Converts a given IP address to different format, see Nicolas Grégoire presentation.
ip-listing.php
A script that generates IP address from the start to the end.
mass_axfr.sh
A script that test Zone Transfer on a given list of domains using Fierce.
mass-smtp-user-enum-bruteforce.sh
A script that perform SMTP user enumeration on a given list of IP address using smtp-user-enum
mass-smtp-user-enum-check.sh
A script that simply test if SMTP user enumeration is possible on a given list of IP address using smtp-user-enum
nrpe.sh
A script that test the Nagios Remote Plugin Executor Arbitrary Command Execution using Metasploit.
pass-permut.php
A script that creates words permutation with different separators and output the hashes.
ping-sweep-nc.sh
A script that try to determine what IP are alive in a given range of IP address using Netcat.
ping-sweep-nmap.sh
A script that try to determine what IP are alive in a given range of IP address using Nmap.
ping-sweep-ping.sh
A script that try to determine what IP are alive in a given range of IP address using Ping.
portscan-nc.sh
A script that try to determine the open ports of a given IP address using Netcat.
screensite.sh
A script that take a screenshot of a given url+port using Xvfb.
srv_reco.sh
A script that perform a very small test of a given IP address.
ssh-timing-b4-pass.sh
???
ssrf-generate-ip.php
A script that generate random IP address inside private network range.
subdomains_finder.sh
A script that find subdomains using other well known programs (TheHarvester, DNSrecon...)
subthreat.php
A script that grab subdomains of a given domain from https://www.threatcrowd.org
testhttp.php
A script that test if an url (subdomain+port) is a web thing.
testhttp2.php
Same same but different.
test-ip-wordlist.sh
???
testnc.sh
A script that fuzz a given IP address with Netcat.
wayback-analyzer.php
A script that try to nicely display waybackurls.py output.
webdav-bruteforce.sh
A script that perform brute force on a given url that use WebDav using Davtest