pentesting-cookbook

░▒▓ pentesting-cookbook ▓▒░ A set of recipes useful in fast-paced pentesting / red teaming scenarios

Description

╭───────────────────────────────────────────────────────╮
│ Snippets, code samples and hints used in penetration  │░
│ tests stored in a single repository so it can be      │░
│ quickly accessed and searched during assessments.     │░
│ Some of these were collected around the Web, some     │░
│ developed. Feel free to contribute!                   │░
│                                                       │░
│ https://github.com/tasooshi/pentesting-cookbook       │░
╰───────────────────────────────────────────────────────╯░
 ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

Notes

Since this handbook was not originally intended to be shared some parts may miss their original sources. I'll do my best to give proper credits and I hope you can help me with that.
Formatting may seem quite exotic at first but this is the way I prefer to read. Thanks to indentation I can instantly see hierarchy and quickly scan interesting sections.
This documentation structure gives best results with quick open, multi-line editing and full-text search options available in some popular text editors (like Sublime Text or VS Code).

Structure

bin Handy utilities to be run locally
bootstrap Scripts for setting up local environment
snippets All things useful to be run remotely

Bootstraping scripts

Fast and easy way to set up a hardened pentesting environment (currently Kali only) both for x86 and arm (Raspberry PI):

$ ./bootstrap/run.kali.x86.sh

More information in bootstrap/README.md.

Important note, guess everyone should know that already but... DO NOT TRUST ANY OF THESE SCRIPTS! Read them through and understand what changes will be applied to your (hopefully virtual) machine.

Formatting / structure rules