Some scripts and PoCs I'm using in pentesting.
☆49Dec 10, 2020Updated 5 years ago
Alternatives and similar repositories for pentest-scripts
Users that are interested in pentest-scripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BlackArch configuration for the bash shell.☆13Jan 11, 2021Updated 5 years ago
- Script to scan OpenSSH host key and known_hosts files for shared keys from server hoster Hetzner☆19Jan 1, 2016Updated 10 years ago
- Searchsploit alternative. It differs in that it uses searchengines, can run unattended in the background, plays well with nmap and is abl…☆17Jul 9, 2020Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Apr 13, 2017Updated 9 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆11Jun 3, 2017Updated 8 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- It's an RSA-cracker, that uses Fermat's factorization method to get p and q.☆15Dec 19, 2015Updated 10 years ago
- Enumerate wordpress users in 1 second.☆15Jan 23, 2018Updated 8 years ago
- A vulnerable web application to explain and illustrate deserialization of untrusted data with Pickle.☆13Sep 23, 2017Updated 8 years ago
- A collection of curated Java Deserialization Exploits☆11May 22, 2018Updated 7 years ago
- ☆13Aug 11, 2018Updated 7 years ago
- Simple Linux RootKit written in python☆10Dec 10, 2017Updated 8 years ago
- A collection of pen-testing/hacking scripts. Various uses.☆13Oct 24, 2020Updated 5 years ago
- An accurated list of things to test while pentesting☆11Jan 2, 2021Updated 5 years ago
- Bulk hostname lookup using shodan☆14Jun 1, 2022Updated 3 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Android FakeID Exploit☆21Aug 7, 2014Updated 11 years ago
- Windows Monitoring Scripts based on Monitis API☆16Dec 8, 2016Updated 9 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆10Jan 27, 2014Updated 12 years ago
- Client of Richkware-Manager-Server, that obtains list of all hosts and is able to send commands to do at each of them.☆13Dec 28, 2025Updated 3 months ago
- A modified version of Mike Czumak's enumeration scanner☆19Nov 9, 2018Updated 7 years ago
- Web-app to identify the different types of hashes☆20Aug 26, 2023Updated 2 years ago
- Breaching physical security, and generally causing mayhem, with wireless signals☆15Mar 19, 2017Updated 9 years ago
- A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc☆15Feb 9, 2020Updated 6 years ago
- Tool to brute-force the passphrase of a RSA private key in PEM format.☆12Dec 11, 2014Updated 11 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆11Sep 14, 2020Updated 5 years ago
- Various fuzzers written in Python. Currently has a TCP server for fuzzing client software, and a CLI fuzzer to use against programs ran f…☆11Feb 14, 2018Updated 8 years ago
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆18Oct 27, 2019Updated 6 years ago
- Scripts to automate Open Source Intelligence (OSINT)☆15Mar 27, 2019Updated 7 years ago
- ☆24Mar 30, 2026Updated 2 weeks ago
- Exploits Oracle 9i XDB ftp password buffer overflow vulnerability☆11Jun 27, 2015Updated 10 years ago
- Bug Bounty Monitor☆15Nov 23, 2020Updated 5 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆18Jun 1, 2024Updated last year
- Ffuf output browser☆39Feb 25, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Socks proxy server using powershell. Supports local and reverse connections for pivoting.☆11Oct 7, 2020Updated 5 years ago
- Various scripts I've built for CTFs, hacking challenges, and for learning how various existing tools work☆16Mar 21, 2023Updated 3 years ago
- This repo contains Automation scripts which can be used in CTFs and Real world.☆20Jun 5, 2021Updated 4 years ago
- Certificate Export Utility☆26May 1, 2020Updated 5 years ago
- OSIF gathers sensitive Facebook account information even with full privacy.☆10Nov 26, 2022Updated 3 years ago
- Cfm Shell v3.0 edition☆13Jun 16, 2013Updated 12 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year