pentest-tools
My collection of custom tools I use daily.
I don't believe in licenses.
You can do whatever you want with this program.
However, there is a way to support :)
arpa.sh
A script that will convert address in "arpa" format to classical format.
crtsh.php
A script that grab subdomains of a given domain from https://crt.sh
detect-vnc-rdp.sh
A script that test port of a given IP range with netcat, by default: 3389 and 5900.
dnsenum-brute.sh
A script that perform brute force through wordlist to find subdomains.
dnsenum-bruten.sh
A script that perform brute force through numeric variation to find subdomains.
dnsenum-reverse.sh
A script that apply reverse DNS technic on a given IP range to find subdomains.
dnsenum-reverserange.sh
Same thing but IP ranges are read from an input file.
dnsenum-zonetransfer.sh
A script that test Zone Transfer of a given domain.
extract-endpoints.php
A script that try to extract endpoints from Javascript files, thanks to ZSeano
extract_links.php
A script that try to extract links from a given HTML file.
finddl.sh
???
gdorks.php
A script that simply creates Google dorks for a given domain (the search are not performed).
gg-extract-links.php
???
ip-converter.php
A script that convert a given IP address to different format, thanks to Nicolas Grégoire
ip-listing.php
A script that generates IP address from the start to the end.
mass_axfr.sh
A script that test Zone Transfer on a given list of domains using Fierce.
mass-smtp-user-enum-bruteforce.sh
A script that perform SMTP user enumeration on a given list of IP address using smtp-user-enum
mass-smtp-user-enum-check.sh
A script that simply test if SMTP user enumeration is possible on a given list of IP address using smtp-user-enum
nrpe.sh
A script that test the Nagios Remote Plugin Executor Arbitrary Command Execution using Metasploit.
pass-permut.php
A script that creates words permutation with different separators and output the hashes.
ping-sweep-nc.sh
A script that try to determine what IP are alive in a given range of IP address using Netcat.
ping-sweep-nmap.sh
A script that try to determine what IP are alive in a given range of IP address using Nmap.
ping-sweep-ping.sh
A script that try to determine what IP are alive in a given range of IP address using Ping.
portscan-nc.sh
A script that try to determine the open ports of a given IP address using Netcat.
screensite.sh
A script that take a screenshot of a given url+port using Xvfb.
srv_reco.sh
A script that perform a very small test of a given IP address.
ssh-timing-b4-pass.sh
???
ssrf-generate-ip.php
A script that generate random IP address inside private network range.
subdomains_finder.sh
A script that find subdomains using other well known programs (TheHarvester, DNSrecon...)
subthreat.php
A script that grab subdomains of a given domain from https://www.threatcrowd.org
testhttp.php
A script that test if an url (subdomain+port) is a web thing.
testhttp2.php
Same same but different.
test-ip-wordlist.sh
???
testnc.sh
A script that fuzz a given IP address with Netcat.
wayback-analyzer.php
A script that try to nicely display waybackurls.py output.
webdav-bruteforce.sh
A script that perform brute force on a given url that use WebDav using Davtest