#pentesty_goodness
A repository of scripts that I use for my pentests. Hope that they help someone out there other than me :)
Repo is organized with one script (and support files if necessary) per folder.
NOTE: This should go without saying, but... This repository was set up to help pentesters conduct sanctioned security tests. The code is released under an MIT license (see LICENSE.txt for details). I will not be held responsible for reckless or unsanctioned use.
Index of scripts:
-
activate_wifi_snooping: This is a quick script to set yourself up for wifi snooping. I use it during mobile pentests to quickly enable/disable MITM conditions.
-
decompress_android_backup: Takes an android backup file created by 'adb backup' (i.e. backup.ab) and turn it into a tar that you can peruse.
-
steal_http_headers: Sets up a web server for the sole purpose of leaking a client's HTTP headers.
-
pull_apks_with_su: This script pulls multiple APK packages from an android phone, using su.
-
set_random_mac: Sets your MAC address to a randomly selected address in a pool of common OUI's.
-
pedafy: Pulls peda in local or remote machines, loads it up in gdb for your convenience.
-
r2_dangerous_functions: Run a check on a binary with radare2, cross-referencing it with a list of dangerous functions.
-
byte_distribution: analyzes the byte distribution of a file.
-
simplify_banner_grab: This script parses an nmap xml output into something a little easier to use in Excel. As the script indicates, it makes it easier to batch process nmap scans that have performed banner grabs.
-
password_quality_filter: Filter wordlists down to passwords that would meet basic password quality criteria.
-
ct_scan: Perform recon on domains using certificate transparency.
-
sctp_covert_tunnel: Test setting up a covert channel over SCTP.
-
xml_fuzzer: Fuzz XML files.
-
shodan_recon: Uses the Shodan API and ipcalc to facilitate searching for a range of IP addresses in Shodan.