░▒▓ pentesting-cookbook ▓▒░ A set of recipes useful in fast-paced pentesting / red teaming scenarios
╭───────────────────────────────────────────────────────╮ │ Snippets, code samples and hints used in penetration │░ │ tests stored in a single repository so it can be │░ │ quickly accessed and searched during assessments. │░ │ Some of these were collected around the Web, some │░ │ developed. Feel free to contribute! │░ │ │░ │ https://github.com/tasooshi/pentesting-cookbook │░ ╰───────────────────────────────────────────────────────╯░ ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
- Since this handbook was not originally intended to be shared some parts may miss their original sources. I'll do my best to give proper credits and I hope you can help me with that.
- Formatting may seem quite exotic at first but this is the way I prefer to read. Thanks to indentation I can instantly see hierarchy and quickly scan interesting sections.
- This documentation structure gives best results with quick open, multi-line editing and full-text search options available in some popular text editors (like Sublime Text or VS Code).
binHandy utilities to be run locally
bootstrapScripts for setting up local environment
snippetsAll things useful to be run remotely
Fast and easy way to set up a hardened pentesting environment (currently Kali only) both for x86 and arm (Raspberry PI):
More information in
Important note, guess everyone should know that already but... DO NOT TRUST ANY OF THESE SCRIPTS! Read them through and understand what changes will be applied to your (hopefully virtual) machine.
Formatting / structure rules
- If there are more than three levels of hierarchy the file needs to be split.
- Sources (scripts) are located in the
snippetsdirectory (referenced by
--comments (above the commented line)
- OS specific commands:
~#(Linux - root required)
- Shell specific commands: