Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
file-formats First Feb 2, 2018
linux First Feb 2, 2018
networks Added RoutingAttackKit.py Feb 19, 2019
others
red-teaming Merge branch 'master' of github.com:mgeeky/Penetration-Testing-Tools Jan 29, 2019
web Update webshell.aspx Feb 5, 2019
windows Added Simulate-DNSTunnel.ps1 Feb 19, 2019
.gitmodules Readme. Jan 29, 2019
README.md Readme. Jan 29, 2019

README.md

Penetration Testing Tools, Scripts, CheatSheets

This is a collection of many tools, scripts, cheatsheets and other loots that I've been developing over years for penetration testing and IT Security audits purposes. Many of them actually had been used during real-world assignments, some of them are a collection gathered from various sources (waiting to be used someday).

Notice: In order to clone it properly - use --recurse-submodules option:

bash$ git clone --recurse-submodules https://github.com/mgeeky/Penetration-Testing-Tools

This repository does not contain actual exploits. These I will release under separate repository in some point in future.

Most of these files actually comes straight from my Gists - I've decided to move them into separated repository as managmenet of this number of scripts became tough nut to crack.

This repository is divided further onto following directories:

  • file-formats - Contains various file-format related utilities, fuzzers and so on.
  • linux - Contains linux-based scripts for various purposes.
  • networks - Network devices & services Penetration Testing and auditing scripts
  • others - Others related somehow to penetration tests & Audits
  • red-teaming - Powershell, Visual Basic, js, phishings and other alike candys
  • web - Web-Application auditing, pentesting, fuzzing related.
  • windows - Windows utilities, scripts, exploits.

Of course these tools do not contain any customer/client related sensitive informations and there are no assignment-specific tools developed as PoCs.