• Stars
    star
    2,971
  • Rank 15,235 (Top 0.4 %)
  • Language
    Python
  • Created about 9 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of custom security tools for quick needs.

pentest-tools

A collection of custom security tools for quick needs.

bash badge python badge php badge MIT license badge twitter badge


Important note

‼ A big clean occured in 2022-11 ‼

Some useless/not working scripts have been archived and some others have been moved to their own repository to get more visibility, feel free to check them:


Install

git clone https://github.com/gwen001/pentest-tools
cd pentest-tools
pip3 install -r requirements.txt

arpa.sh

Converts IP address in arpa format to classical format.

bbhost.sh

Performs host command on a given hosts list using parallel to make it fast.

codeshare.php

Performs a string search on codeshare.io.

cors.py

Test CORS issue on a given list of hosts.

crlf.py

Test CRLF issue on a given list of hosts.

crtsh.php

Grabs subdomains of a given domain from crt.sh.

detect-vnc-rdp.sh

Tests if ports 3389 and 5900 are open on a given IP range using netcat.

dnsenum-brute.sh

Performs brute force through wordlist to find subdomains.

dnsenum-bruten.sh

Performs brute force through numeric variation to find subdomains.

dnsenum-reverse.sh

Apply reverse DNS method on a given IP range to find subdomains.

dnsenum-reverserange.sh

Same thing but IP ranges are read from an input file.

dnsenum-zonetransfer.sh

Tests Zone Transfer of a given domain.

dnsreq-alltypes.sh

Performs all types of DNS requests for a given (sub)domain.

extract-domains.py

Extracts domain of a given URL or a list of URLs.

extract_links.php

Extracts links from a given HTML file.

filterurls.py

Classifies and displays URLs by vulnerability types.

flash-regexp.sh

Performs regexps listed in flash-regexp.txt for Flash apps testing purpose.

gdorks.php

Generates Google dorks for a given domain (searches are not performed).

hashall.php

Uses about 40 algorithms to hash a given string.

ip-converter.php

Converts a given IP address to different format, see Nicolas Grégoire presentation.

ip-listing.php

Generates a list of IPs addresses from the given start to the given end, range and mask supported.

mass_axfr.sh

Mass test zone transfer on a given list of domains.

mass-smtp-user-enum-bruteforce.sh

Performs SMTP user enumeration on a given list of IP address using smtp-user-enum.

mass-smtp-user-enum-check.sh

Tests if SMTP user enumeration is possible on a given list of IP address using smtp-user-enum.

myutils.sh

Just few common Bash functions.

node-uuid.js

Encode/Decode UUID using base36.

nrpe.sh

Test Nagios Remote Plugin Executor Arbitrary Command Execution on a given host using Metasploit.

openredirect.py

Test Open Redirect issue on a given list of hosts.

pass-permut.php

Creates words permutation with different separators and output the hashes using about 40 algorithms.

pastebin.php

Performs a string search on pastebin.com.

phantom-xss.js

See xss.py.

ping-sweep-nc.sh

Determines what IPs are alive in a given range of IPs addresses using netcat.

ping-sweep-nmap.sh

Determines what IPs are alive in a given range of IPs addresses using nmap.

ping-sweep-ping.sh

Determines what IPs are alive in a given range of IPs addresses using ping.

portscan-nc.sh

Determines the open ports of a given IP address using netcat.

quick-hits.php

Tests a given list of path on a given list of hosts.

quickhits.py

Same but the Python version. Tests a given list of path on a given list of hosts.

rce.py

Test RCE issue on a given list of hosts.

resolve.py

Resolves a give list of hosts to check which ones are alive and which ones are dead.

screensite.sh

Takes screenshots of a given url+port using xvfb.

shodan.php

Performs searches on Shodan using their API.

smuggler.py

Test HTTP request smuggling issue on a given list of hosts.

srv_reco.sh

Perform very small tests of a given IP address.

ssh-timing-b4-pass.sh

Tries to guess SSH users using timing attack.

ssrf-generate-ip.php

Generate random IP address:port inside private network range for SSRF scans.

subalt.py

Generates subdomains alterations and permutations.

test-ip-wordlist.sh

Brute force a wordlist on IPs range and ports list.

testhttp.php

Tries to determine if an url (subdomain+port) is a web thing.

testnc.sh

Performs fuzzing on a given IP address+port using netcat.

Utils.php

Just few common PHP functions.

webdav-bruteforce.sh

Perform brute force on a given url that use WebDav using Davtest.

xss.py

Test XSS issue on a given list of hosts using phantomjs.


Feel free to open an issue if you have any problem with the script.

More Repositories

1

github-search

A collection of tools to perform searches on GitHub.
Python
1,233
star
2

github-subdomains

Find subdomains on GitHub.
Go
663
star
3

s3-buckets-finder

Find AWS S3 buckets and test their permissions.
PHP
353
star
4

cloudflare-origin-ip

Try to find the origin IP of a webapp protected by Cloudflare.
Python
258
star
5

BB-datas

Tools and datas related to Bug Bounty.
PHP
225
star
6

github-endpoints

Find endpoints on GitHub.
Go
184
star
7

offsectools_www

A vast collection of security tools and resources curated by the community.
HTML
177
star
8

DataExtractor

A Burp Suite extension to extract datas from source code while browsing.
Python
136
star
9

related-domains

Find related domains of a given domain.
Python
84
star
10

dnspy

Find subdomains and takeovers.
Python
83
star
11

vhost-brute

A PHP tool to brute force vhost configured on a server.
PHP
78
star
12

actarus

Actarus is a custom tool for bug bounty
HTML
76
star
13

bugbountytips

Webapp to search tips on Twitter through #bugbountytips
CSS
67
star
14

github-regexp

Basically a regexp over a GitHub search.
Go
61
star
15

gitlab-subdomains

Find subdomains on GitLab.
Go
60
star
16

myrecon.py

My recon script
Python
52
star
17

keyhacks.sh

Automation of tokens/api keys testing.
Shell
48
star
18

google-search

Returns results from Google search.
Python
43
star
19

bxss

Alternative to XSS Hunter for blind XSS.
PHP
40
star
20

BBstats

Bug Bounty statistics tool.
PHP
30
star
21

BBvuln

A listing of the most common vuln that you can link in your PoCs
25
star
22

testxss

PHP tool to test XSS
PHP
22
star
23

favicon-hashtrick

Python script implementing the favicon hash trick to find subdomains.
Python
22
star
24

detectify-cves

Find CVEs that don't have a Detectify modules.
Python
20
star
25

csp-analyzer

Analyze Content-Security-Policy header of a given URL.
Python
15
star
26

gitgrep

Webapp to perform regexp search over GitHub search.
PHP
14
star
27

dnsexpire

Test domain expiration dates.
PHP
13
star
28

apk-analyzer

Analyze an APK archive.
Python
13
star
29

extract-endpoints

Extract endpoints from source files.
PHP
11
star
30

urlgrabber

PHP tool to grab urls of a specific site.
PHP
11
star
31

gitpillage

Extract data from a .git directory.
Python
10
star
32

shotTheWorld

PHP tool that takes screenshots of a given ips/ports combo list and then try to guess the service.
PHP
9
star
33

graphql-introspection-analyzer

Graphql introspection query analyzer.
Python
8
star
34

php-stegano-lsb

Hide file using Least Significant bits method.
PHP
7
star
35

testidor

PHP tool to test IDOR
PHP
6
star
36

dotfiles

me dotfiles
Shell
6
star
37

3rdparty-services

PHP tool to test 3rd party service validity
PHP
6
star
38

gwen001

6
star
39

autoknoxss

Custom PHP tool to automate calls to KNOXSS
PHP
6
star
40

act_custom

Custom scripts for Actarus
PHP
5
star
41

testcrlf

PHP tool to test CRLF
PHP
5
star
42

icmp-send-file

send file with ping
Shell
4
star
43

ipsites

PHP tool to find websites hosted by a given ip
PHP
4
star
44

thegarden

Vulnerable web application made with Laravel.
JavaScript
4
star
45

testcors

PHP tool to test CORS
PHP
3
star
46

testionion

PHP script to find onion websites
PHP
3
star
47

10degres.net_jenkins

http://10degres.net
HTML
3
star
48

testcsrf

PHP tool to test CSRF
PHP
3
star
49

ultimate-open-redirect

PHP tool to test open redirect
PHP
3
star
50

testssrf

PHP tool to test SSRF
PHP
3
star
51

MyPhpDirb

GoBuster like written in PHP
PHP
2
star
52

setricks

Small search engine tool usefull to find the position of a given website
PHP
2
star
53

gwen001.github.io

Silence is golden.
Go
2
star
54

testgo

my golang test
Go
1
star
55

poc_subto

JavaScript
1
star
56

github-stargizer

View stars evolution of GitHub repositories.
PHP
1
star