README.md

💥

TL;DR

⛳ When you want to load all shortcuts within shell just tap bang

Update installation script & shortcut with: bang.conf.update

Quickstart

➲ Let your environment be ready

# prerequisites
git clone https://github.com/ariary/bang.git && cd bang && ./prerequisite.sh
# zsh theme
./install/configure-zsh.sh
# load bang shortcut
export SH=zsh && echo "export PATH=$PATH:$HOME/.local/bin/" >> ~/.${SH}rc && echo "source ~/.bang/bang_conf" >> ~/.${SH}rc && echo "source ~/.bang/install/.aliases" >> ~/.${SH}rc && source ~/.${SH}rc

(Alternatively, if you want to automaticaly have them in every shell, add source ~/.bang/bang in your ~/.${SH}rc)

(We assume that you have already install zsh, otherwise replace SH envvar by bash)

You can now install tools needed by bang shortcuts!

Install tools

➲ Ease tools installation

• bang.conf.install-ariary: install all ariary tools useful for pentesting in ~/.local/bin/
• bang.conf.install: install other useful tools for pentesting in ~/.local/bin/

These tools are used in bang shortcuts then.

To update the installation scripts used by these commands: bang.conf.update

1. bang.conf.install.include golang docker
2. bang.conf.install-ariary
3. bang.conf.install.exclude golang docker

Bang !

➲ Configure your pentest

⛳ When you want to load all shortcuts within shell just tap bang

Set attacker and target info: bang.conf.pentest

You could alternatively configure each item:

• attacker addr: cAA=[ATTACKER_IP] & attacker port: cAP=[ATTACKER_PORT]
• target addr: cTA=[TARGET_IP] & target port: cTP=[TARGET_PORT]

You could see the pentest configuration then with bang.conf.pentest.map

Shortcut Examples

➲ List of useful bang shortcuts

List all shortcut with bang.ls

gitar (pentest easy file sharing)

• Share file with remote machine
• Share file with remote machine safely
• Expose local file on internet (ngrok) (Attacker ⇠ Internet ⇠ Target)

fileless-xec (stealth execution of binary on a remote machine)

• Exec local binary exposing it trough http (Attacker ⇠ Target)
• Copy line to run fileless-xec on remote
• Send local binary on remote & execute it using fileless-xec (Attacker ⇢ Target)

Queensono( Use ICMP protocol for data exchange)

• Send trough ICMP
  • File
    • Copy line to send file
  • Message
    • Copy line to send message
• Receive trough ICMP
  • File
    • Copy line to receive file
  • Message
    • Copy line to receive message

jse( Extract js code from HTML page)

• Extract js code for html page from curl
• Find DOM XSS with fsource and fsink

httpcustomhouse

• Search for HTTP request smuggling with httpecho

console.sh

• Execute shell commands from browser JS console

cfuzz

• Fuzz command line

Others

• Persistence on target (even in internal network!)
  • Reverse shell
  • Webshell
• Start a webdav server
• Intercept HTTP request from command line
• Perform nmap scan
• Perform web indexing
• Deploy local app with trusted cert
• Launch a bomb within current directory
• Copy a line to exit vim
• Launch background process
• Get weather for a given city
• bang helpers