Miscellaneous scripts for pentesting
☆218Mar 22, 2018Updated 8 years ago
Alternatives and similar repositories for pentest-scripts
Users that are interested in pentest-scripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Jan 10, 2025Updated last year
- Pentest dropbox setup scripts for Kali Linux☆90Feb 15, 2016Updated 10 years ago
- Simply runs through a wordlist of default/common group IDs and parses each hash to a separate file. Then it runs through the hashes with …☆10Feb 15, 2017Updated 9 years ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆218Jan 30, 2026Updated 2 months ago
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆2,159Mar 8, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.☆549Jul 16, 2021Updated 4 years ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,261Mar 19, 2025Updated last year
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆483Jul 9, 2024Updated last year
- RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.☆1,900Oct 29, 2025Updated 5 months ago
- ☆412Dec 14, 2023Updated 2 years ago
- Harvis is designed to automate your C2 Infrastructure.☆107Jul 10, 2022Updated 3 years ago
- A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc☆321Aug 8, 2024Updated last year
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Ansible playbook to deploy a phishing engagement in the cloud.☆223May 19, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Tools & Interesting Things for RedTeam Ops☆2,265Feb 10, 2026Updated last month
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- PowerShell Obfuscation and Data Science☆183May 4, 2022Updated 3 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- ☆894Mar 25, 2026Updated 2 weeks ago
- A small project to bypass UAC in windows 10/8/7 using dll injection technique☆75Aug 17, 2020Updated 5 years ago
- Red Teaming & Pentesting checklists for various engagements☆2,650Jul 27, 2025Updated 8 months ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆817Oct 27, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access☆158Nov 1, 2022Updated 3 years ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,137Oct 21, 2024Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- Convert shellcode into different formats!☆357Jan 24, 2023Updated 3 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,377Mar 9, 2026Updated last month
- Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol☆263Sep 26, 2025Updated 6 months ago
- Send mail with handlebars like templates☆25Dec 2, 2019Updated 6 years ago
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆418May 29, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Aug 2, 2023Updated 2 years ago
- ☆1,714Aug 19, 2022Updated 3 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- Microsoft Office / COM Object DLL Planting☆15May 14, 2016Updated 9 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆415Mar 21, 2025Updated last year
- This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 …☆2,496Mar 14, 2026Updated 3 weeks ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago