Collection of small security tools created mostly in Perl during CTFs, pentests and so on
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.github
bruteforce remove anotations of all scripts Jul 14, 2018
crypto
exploits
network
web
wordlists update wordlists/admin-pages.txt Mar 23, 2018
.gitigonore
LICENSE.md
README.md
setup.sh

README.md

Security spellbook

My collection of information security tricks/scripts

MIT

    [+] AUTOR:        Heitor Gouvêa
    [+] EMAIL:        hi@heitorgouvea.me
    [+] WEBSITE:      https://heitorgouvea.me
    [+] GITHUB:       https://github.com/GouveaHeitor
    [+] TWITTER:      @GouveaHeitor
Install
    git clone https://github.com/GouveaHeitor/security-spellbook
    cd security-spellbook
    ./setup.sh
Tricks
    # enumarate subdomains
    $~ for subdomain in $(cat wordlists/subdomains.txt);do perl network/check.pl ${subdomain}target.com; done

    # port scanning
    $~ for port in {1..65535}; do perl network/portscan.pl target.com $port; done

    # range scanning
    $~ for host in {21..25}; do perl network/portscan.pl 104.24.111.${host} 80; done

    # links extract
    $~ perl web/links.pl https://target.com

    # admin finder
    $~ perl web/adminfinder.pl https://target.com

    # backdoor access
    $~ perl network/backdoor.pl # agent
    $~ nc 127.0.0.1 21666       # client
Bugs
License
Contribution
Disclaimer

I do private jobs, if you are interesting send me an e-mail at: hi@heitorgouvea.me