A suite of cybersecurity applications to accelerate and automate processes. Some tools have more educational purposes other than increasing productivity. All tools were written by the author of this repository, dependencies have been minimized to make it easier to use.
Most of the scripts are fully functional but they lack documentation and some of them needs TLC. Collaborators are welcome.
There is no installation, just clone the repository and run the scripts. Some scripts have dependencies, but they are all easy to install, if you are using Kali most of them are already available in the system.
Each shell script is a standalone application. They are all written in bash and are compatible with Linux and Mac OS. They are all tested on Kali Linux.
Most of the scripts can be used in two modes: interactive and automated. The interactive mode is the default mode. The automated mode is activated by passing some argument (depends on the script). The automated mode is useful for scripting and chaining multiple tools together.
Useful for scanning a network for live hosts and open ports. It can also scan for vulnerabilities and exploits in automated mode. Based on nmap, nikto, metasploit, smbclient, and other tools.
Can do: [ 1] - Scan Network [ 2] - Scan Host [ 3] - Scan Port [ 4] - Scan All [ 5] - Scan Services
The Scan All will scan the network, hosts, ports, and services. It will also scan for vulnerabilities and exploits, like nmap -A with and addition of using specific tools for more than 20 services, in automated way.
In Http scan it generates a bag of words with all pages found. That bag of words can be used to create a wordlist for bruteforcing.
In SMB scanning it uses five different tools to enumerate the SMB service. Make sure all tools are installed.
Tool to make bruteforce attacks. It can be used to bruteforce passwords, hashes, and logins. It can also be used to bruteforce web forms.
Have predefined functions to:
- Break HASH 3) Mysql Login BF 5) SMTP Login BF 7) HTTP POST Form BF
- SSH Login BF 4) RDP Login BF 6) IMAP Login BF 8) Wordpress
Th HTTP Post Form BF are very didatical in interactive mode because it asks for every parameter and the user can see the request and response. In automated mode it works too.
Guided way to generate paylods in msfvenom and metasploit.
Use bcat to read files with syntax highlight in the terminal, and uses select to allow the user to select the file to read just picking the number. Fastest way to read the log files generated by other tools.
Like LinPeas but more simple and with just the basic. It is useful to run in the target machine to find some low hanging fruits.
Looks for passwd, sudo version, sudo permisisons, crontab, capabilities and SUID/SGID binaries.
Best way to find a word in the log files generated by other tools. But it has more functions. [ 1] - Search Local -> Search for a word in the log files in current dir. [ 2] - Search Command -> Search in bash history and in you notes by linux commands. [ 3] - Search Exploit -> Search for an exploit in searchsploit, metasploit, best 10 of google and duck duck go searches. [ 4] - Search Tool -> Search for tools in kali linux tools website. [ 5] - Search Wordlist -> Search for wordlists by name of dir and file of them, useful to pick up good wordlists for specif purposes. [ 6] - Search Bin -> Search for a binary in GTFOBins (have dependencies)
Useful to share files in the network. It can share files in the network and receive files from the network.
Have some of self-explained functions:
- Python Webserver 3) Ruby Webserver 5) SMB Server 7) Receive File
- Python FTPServer 4) PHP Webserver 6) Send File
Useful for lateral movement, it has a great educational purpose. It can be used to create a reverse shell, a bind shell, use other tools like chisel or just ssh. The interactive mode is very didatical and teaches and ask for every step of the process.
- Local forwarding 4) Dynamic reverse port forwarding 7) Improve Shell
- Reverse local forwarding 5) Listen port 8) Sair
- Dynamic port forwarding 6) Connect remote port
Example of Local forwarding
| att| β> | piv| β> | tar| srv Nesse caso a conxΓ£o Γ© feita do atacante para o pivo agora Γ© o servidor ssh, no reverse ele Γ© cliente.- username@host, O pivo Γ© o servidor ssh que tem acesso a maquina alvo
- socket_de_entrad:porta, Γ© por onde quem quiser acessar o recurso tem q entrar, normalmente o kali e uma porta nao utiliada
- socket_de_saida:porta, Γ© o alvo e sua porta.
Resumindo, ssh usuario@servidor (-L se srv no pivo ) iniciotunel:fimtunel
Like LinPeas but more simple and with just the basic. It is useful to run in the target machine to find vulnerabilities.
Search for unquoted_path, token impersonation and scheduled tasks.
Contain didatical steps to proceed with a buffer overflow attack. It is useful to learn how to do a buffer overflow attack. It is not a tool to automate the process.
- identify_sequence
- test_chars_from_sequence
- pattern_create
- identify_offset
- pattern_offset
- control_eip
- badchars
- nops_jump_esp
- generate_payload
- insert_payload
Generate a pattern to find the offset of a buffer overflow (not exautively tested).
Like KKPeas Powershell but for cmd only.
Useful to disable security like windows defender and firewal using cmd only.