Skip to content
a package of Pentest scripts I have made or commonly use
Shell Java Python Perl PHP Batchfile Other
Branch: master
Clone or download
Latest commit 0ffd133 Oct 9, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Windows_just_runs updated entire repo from private Jan 25, 2017
Wordlists updated entire repo from private Jan 25, 2017
web_shells updated entire repo from private Jan 25, 2017
.gitignore update Jan 25, 2017
Gpprefdecrypt.py updated entire repo from private Jan 25, 2017
LinEsc.sh updated entire repo from private Jan 25, 2017
NEssus_merger.py updated entire repo from private Jan 25, 2017
NessusParserBreakdown.py Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
NessusParserSummary.py updated entire repo from private Jan 25, 2017
NmapParser.py updated entire repo from private Jan 25, 2017
NmapPortCount.py Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
Parser_nmap.py Parse Nmap files May 23, 2017
PentestTool.sh Added Nessus plugin May 7, 2017
Plesk-creds-gatherer.sh updated entire repo from private Jan 25, 2017
README.md Update README.md Oct 9, 2018
TestSSLServer.jar
getips.sh updated entire repo from private Jan 25, 2017
gophish_positions_export.py Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
gppdecrypt.rb updated entire repo from private Jan 25, 2017
grouppolicypwn.sh updated entire repo from private Jan 25, 2017
gxfr.py Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
http_to_bb.pl Add files via upload Jan 25, 2017
ipexplode.pl Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
knock.sh Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
msteams.txt test file May 2, 2017
powermenu.bat Add files via upload Oct 9, 2018
privchecker.sh updated entire repo from private Jan 25, 2017
puttest.sh updated entire repo from private Jan 25, 2017
rdns.sh Create rdns.sh Dec 22, 2015
sslscan-split-file.py Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016
web-service-finder.sh updated entire repo from private Jan 25, 2017
whoisbyip.sh updated entire repo from private Jan 25, 2017
whoisbyip2.sh Add files via upload Oct 14, 2016
whoisoutv5.sh updated entire repo from private Jan 25, 2017
wiffy.sh Copying from personal github to ITG github. will nneed to clean these up Aug 18, 2016

README.md

pentestpackage

@leonteale
http://leonteale.co.uk
https://pentest.trianing

A package of Pentest scripts I have made or commonly use

Contents:

  • Wordlists - Comprises of password lists, username lists and subdomains

  • Web Service finder - Finds web services of a list of IPs and also returns any URL rewrites

  • Gpprefdecrypt.* - Decrypt the password of local users added via Windows 2008 Group Policy Preferences.

  • rdns.sh - Runs through a file of line seperated IPs and prints if there is a reverse DNS set or not.

  • grouppolicypwn.sh - Enter domain user creds (doesnt need to be priv) and wil lcommunicated with the domain controllers and pull any stored CPASS from group policies and decode to plain text. Useful for instant Domain Admin!

  • privchecker.sh - Very young script that simply checks DCenum to a list of users to find their group access, indicated any privilaged users, this list can be edited.

  • NessusParserSummary.py - Parses Nessus results to give a summary breakdown of findings plus a host count next to each.

  • NessusParserBreakdown.py- Parses Nessus results to give a host based breakdown of findings plus the port(protocol) and CVSS rating.

  • NmapParser.py - Parses raw NMAP results (or .nmap) and will create individual .csv files for each host with a breakdown of ports, service version, protocol and port status.

  • NmapPortCount.py - Parses raw NMAP results (or .nmap) and will generate a single CSV with a list of Hosts, a count of how many open/closed/filtered ports it has, the OS detection and ICMP response.

  • Plesk-creds-gatherer.sh - Used on older versions of plesk (before the encription came in) that allows you to pull out all the credentials form the databases using a nice Bash menu

  • BashScriptTemplate.sh - Handy boiler plate template fro use in new scripts.

  • PythonScriptTemplate.py - Handy boiler plate template fro use in new scripts.

  • ipexplode.pl - Simply expands CIDRs and prints the ips in a list, handy for when you need a list of IPs and not a CIDR

  • LinEsc.sh - Linux escilation script. This will test common methods of gaining root access or show potential areas such as sticky perms that can allow manual testing for root escilation

  • gxfr.py - GXFR replicates dns zone transfers by enumerating subdomains using advanced search engine queries and conducting dns lookups.

  • knock.sh - Simple script used to test/perform port knocking.

  • sslscan-split-file.py - Used to split a large SSLScan results file into individual SSLScan results.

  • TestSSLServer.jar - Similar tool to SSLScan but with different output.

  • wiffy.sh - Wiffy hacking tool, encapsulated in a single Bash script.

  • gophish_positions_export.py - A simple pythoin script for taking 'results.csv' and getting statistics based on positions in the company.

  • powermenu - This tool is custom made to work as a menu system for easily downloading or running attacks using powershell

You can’t perform that action at this time.