There are no reviews yet. Be the first to send feedback to the community and the maintainers!
sslscanalyzer
Shell script for converting an input file containing one or more sslscan results into HTML tables.check-smb-signing
Shell script to automate running the Nmap smb-security-mode.nse or RunFinger.py by lgandx and parse results into counts and lists of hosts that have message signing disabled, supported, and required.ike-trans
A variation of the IKE-SCAN user guide's transforms discovery script, adding a few features. Handshakes can be done in Main or Aggressive Modes. For Aggresive Mode, a custom group ID can be given. Targets can be specified as a single IP, or an input file of multiple IPs.nmaparse
Revised shell script for parsing .gnmap, .xml, or .nmap port scan results files to a CSV list, lists of IPs per port, web urls, and a summary table.find-reused-ntds-hashes
Shell script to check a file containing NTLM hashes for repeated hashes.cisco-config-check
Shell script to check Cisco config files, such as those downloaded with Smart Install, for sensitive information.nse-parse
Shell script for parsing vulnerable results from Nmap NSE scan output.xsltsslscan
XSLT for SSLScan 2.0 XML resultsrange-finder
Shell script to use Nmap host discovery scans to find IANA private ranges in use.msf-exploit-loop
Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.runas_system
Batch file that uses WinDbg's remote.exe to start a command prompt as SYSTEM.brute-probe
Shell script to loop aireplay-ng probe requests with a dictionary of possible (E)SSIDs.sleepscan
Shell script to queue up targeted and general port scans for external pentests.smb-anon-shares
Shell script for testing anonymous file share access with Smbclient. Input can be UNC paths, SMB URLs, or Metasploit smb_enumshares results.pass-survey
Have a list of passwords you cracked during a pentest or password audit? This shell script will give you analysis of reused passwords, reused password bases (4+ letter combinations), password length, and character type breakdown.login-loop
Metasploit resource script for looping time-delayed login attacks, such as owa_login.SiteSurvey
Customizable fake Android survey app for in-person social engineering.user-parse
Shell scripts for username parsing. Convert information gathering results into possible usernames, extract results from common user enumeration tools, and modify a list of base usernames by prepending, inserting, or appending a fixed string, or a generated range of letters or numbers.soc-eng-batches
Batch files to show dummy activity while gathering system info and trying to create users. Useful during social engineering, if a target will let you use their system, but watches you do so.exchange-find
Shell script to check a list of hostnames or IPs for HTTPS response codes, WWW-Authenticate headers, and 302 redirect Location headers for common Exchange URLs.Love Open Source and this site? Check out how you can help us