pentest-tools
A collection of custom security tools for quick needs.
arpa.sh
Converts IP address in arpa
format to classical format.
bbhost.sh
Performs host
command on a given hosts list using parallel
to make it fast.
codeshare.php
Performs a string search on codeshare.io.
cors.py
Test CORS issue on a given list of hosts.
crlf.py
Test CRLF issue on a given list of hosts.
crtsh.php
Grabs subdomains of a given domain from crt.sh.
detect-vnc-rdp.sh
Tests if ports 3389
and 5900
are open on a given IP range using netcat
.
dnsenum-brute.sh
Performs brute force through wordlist to find subdomains.
dnsenum-bruten.sh
Performs brute force through numeric variation to find subdomains.
dnsenum-reverse.sh
Apply reverse DNS method on a given IP range to find subdomains.
dnsenum-reverserange.sh
Same thing but IP ranges are read from an input file.
dnsenum-zonetransfer.sh
Tests Zone Transfer of a given domain.
dnsreq-alltypes.sh
Performs all types of DNS requests for a given (sub)domain.
extract-domains.py
Extracts domain of a given URL or a list of URLs.
extract_links.php
Extracts links from a given HTML file.
filterurls.py
Classifies and displays URLs by vulnerability types.
flash-regexp.sh
Performs regexps listed in flash-regexp.txt
for Flash apps testing purpose.
gdorks.php
Generates Google dorks for a given domain (searches are not performed).
hashall.php
Uses about 40 algorithms to hash a given string.
ip-converter.php
Converts a given IP address to different format, see Nicolas Grégoire presentation.
ip-listing.php
Generates a list of IPs addresses from the given start to the given end, range and mask supported.
mass_axfr.sh
Mass test zone transfer on a given list of domains.
mass-smtp-user-enum-bruteforce.sh
Performs SMTP user enumeration on a given list of IP address using smtp-user-enum.
mass-smtp-user-enum-check.sh
Tests if SMTP user enumeration is possible on a given list of IP address using smtp-user-enum.
mput.py
Test PUT method issue on a given list of hosts.
node-uuid.js
Encode/Decode UUID using base36.
nrpe.sh
Test Nagios Remote Plugin Executor Arbitrary Command Execution on a given host using Metasploit.
openredirect.py
Test Open Redirect issue on a given list of hosts.
pass-permut.php
Creates words permutation with different separators and output the hashes using about 40 algorithms.
ping-sweep-nc.sh
A script that try to determine what IP are alive in a given range of IP address using Netcat.
ping-sweep-nmap.sh
A script that try to determine what IP are alive in a given range of IP address using Nmap.
ping-sweep-ping.sh
A script that try to determine what IP are alive in a given range of IP address using Ping.
portscan-nc.sh
A script that try to determine the open ports of a given IP address using Netcat.
screensite.sh
A script that take a screenshot of a given url+port using Xvfb.
srv_reco.sh
A script that perform a very small test of a given IP address.
ssh-timing-b4-pass.sh
???
ssrf-generate-ip.php
A script that generate random IP address inside private network range.
subdomains_finder.sh
A script that find subdomains using other well known programs (TheHarvester, DNSrecon...)
subthreat.php
A script that grab subdomains of a given domain from https://www.threatcrowd.org
testhttp.php
A script that test if an url (subdomain+port) is a web thing.
testhttp2.php
Same same but different.
test-ip-wordlist.sh
???
testnc.sh
A script that fuzz a given IP address with Netcat.
wayback-analyzer.php
A script that try to nicely display waybackurls.py output.
webdav-bruteforce.sh
A script that perform brute force on a given url that use WebDav using Davtest