Pinned Repositories
check-smb-signing
Shell script to automate running the Nmap smb-security-mode.nse or RunFinger.py by lgandx and parse results into counts and lists of hosts that have message signing disabled, supported, and required.
cisco-config-check
Shell script to check Cisco config files, such as those downloaded with Smart Install, for sensitive information.
find-reused-ntds-hashes
Shell script to check a file containing NTLM hashes for repeated hashes.
ike-trans
A variation of the IKE-SCAN user guide's transforms discovery script, adding a few features. Handshakes can be done in Main or Aggressive Modes. For Aggresive Mode, a custom group ID can be given. Targets can be specified as a single IP, or an input file of multiple IPs.
msf-exploit-loop
Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.
nmap-grep
Comprehensive parsing script for grepable Nmap output files. Provides a summary table, split hosts files, and URLs for web and SMB hosts.
nmaparse
Revised shell script for parsing .gnmap, .xml, or .nmap port scan results files to a CSV list, lists of IPs per port, web urls, and a summary table.
nse-parse
Shell script for parsing vulnerable results from Nmap NSE scan output.
sslscanalyzer
Shell script for converting an input file containing one or more sslscan results into HTML tables.
xsltsslscan
XSLT for SSLScan 2.0 XML results
actuated's Repositories
actuated/nmap-grep
Comprehensive parsing script for grepable Nmap output files. Provides a summary table, split hosts files, and URLs for web and SMB hosts.
actuated/check-smb-signing
Shell script to automate running the Nmap smb-security-mode.nse or RunFinger.py by lgandx and parse results into counts and lists of hosts that have message signing disabled, supported, and required.
actuated/ike-trans
A variation of the IKE-SCAN user guide's transforms discovery script, adding a few features. Handshakes can be done in Main or Aggressive Modes. For Aggresive Mode, a custom group ID can be given. Targets can be specified as a single IP, or an input file of multiple IPs.
actuated/sslscanalyzer
Shell script for converting an input file containing one or more sslscan results into HTML tables.
actuated/nmaparse
Revised shell script for parsing .gnmap, .xml, or .nmap port scan results files to a CSV list, lists of IPs per port, web urls, and a summary table.
actuated/find-reused-ntds-hashes
Shell script to check a file containing NTLM hashes for repeated hashes.
actuated/cisco-config-check
Shell script to check Cisco config files, such as those downloaded with Smart Install, for sensitive information.
actuated/nse-parse
Shell script for parsing vulnerable results from Nmap NSE scan output.
actuated/xsltsslscan
XSLT for SSLScan 2.0 XML results
actuated/msf-exploit-loop
Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.
actuated/range-finder
Shell script to use Nmap host discovery scans to find IANA private ranges in use.
actuated/brute-probe
Shell script to loop aireplay-ng probe requests with a dictionary of possible (E)SSIDs.
actuated/runas_system
Batch file that uses WinDbg's remote.exe to start a command prompt as SYSTEM.
actuated/sleepscan
Shell script to queue up targeted and general port scans for external pentests.
actuated/smb-anon-shares
Shell script for testing anonymous file share access with Smbclient. Input can be UNC paths, SMB URLs, or Metasploit smb_enumshares results.
actuated/exchange-find
Shell script to check a list of hostnames or IPs for HTTPS response codes, WWW-Authenticate headers, and 302 redirect Location headers for common Exchange URLs.
actuated/login-loop
Metasploit resource script for looping time-delayed login attacks, such as owa_login.
actuated/SiteSurvey
Customizable fake Android survey app for in-person social engineering.
actuated/soc-eng-batches
Batch files to show dummy activity while gathering system info and trying to create users. Useful during social engineering, if a target will let you use their system, but watches you do so.
actuated/list-to-table
Shell script to convert an input list to a bare bones HTML table
actuated/metasploit-framework
Metasploit Framework
actuated/mousejack
MouseJack device discovery and research tools
actuated/name-maimer
Shell script for mangling first names, last names, and single strings into one or more common username formats.
actuated/nmap-script-parsers
Simple shell scripts for parsing results from Nmap scripts, including ssl-heartbleed and smb-security-mode.
actuated/pass-survey
Have a list of passwords you cracked during a pentest or password audit? This shell script will give you analysis of reused passwords, reused password bases (4+ letter combinations), password length, and character type breakdown.
actuated/rogue-robin
Rough script for looping through dummy APs with hostapd-wpe, for WIPS evasion.
actuated/teradata-login
Quick and dirty Windows batch login scanner for Teradata databases.
actuated/tr-github-reconcile
Shell script for reconciling a destination directory with my github repositories. Written so that it could be easily modified for other github users.
actuated/user-enum-demo-pages
PHP pages to demonstrate user enumeration via HTTP responses.
actuated/wgexifloop
Shell script to read a list of URLs, wget each document, and retrieve name metadata with exifloop while creating CSV output to track what metadata came from what URL.