Pentest Tools
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Pentest Tools | 2,652 | 5 months ago | 1 | Python | ||||||
| A collection of custom security tools for quick needs. | ||||||||||
| Reconspider | 1,488 | 6 months ago | 1 | August 24, 2020 | 17 | gpl-3.0 | Python | |||
| 🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations. | ||||||||||
| Ipban | 1,196 |  | 1 | 11 days ago | 7 | July 03, 2022 | mit | C# | ||
| Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓ | ||||||||||
| Radvpn | 952 | 3 years ago | 2 | mit | Go | |||||
| Decentralized VPN | ||||||||||
| Easy Wg Quick | 835 | 2 months ago | gpl-2.0 | Shell | ||||||
| Creates Wireguard configuration for hub and peers with ease | ||||||||||
| Chromepass | 665 | 2 months ago | 8 | agpl-3.0 | Rust | |||||
| Chromepass - Hacking Chrome Saved Passwords | ||||||||||
| Checkip | 189 | 22 days ago | 161 | December 20, 2022 | 1 | mit | Go | |||
| Get (security) info about IP addresses | ||||||||||
| Ptorx | 166 | 3 years ago | 1 | gpl-3.0 | TypeScript | |||||
| 📩🛡 Email privacy. Anonymously send and receive with alias forwarding. | ||||||||||
| Firewall | 147 | 3 years ago | 9 | December 02, 2020 | 3 | apache-2.0 | C# | |||
| ASP.NET Core middleware for IP address filtering. | ||||||||||
| Terraform Aws Ec2 Instance | 140 | 21 days ago | 19 | apache-2.0 | HCL | |||||
| Terraform module for provisioning a general purpose EC2 host | ||||||||||
pentest-tools
A collection of custom security tools for quick needs.
Important note
‼ A big clean occured in 2022-11 ‼
Some useless/not working scripts have been archived and some others have been moved to their own repository to get more visibility, feel free to check them:
- apk-analyzer
- cloudflare-origin-ip
- csp-analyzer
- detectify-cves
- extract-endpoints
- favicon-hashtrick
- google-search
- graphql-introspection-analyzer
- keyhacks.sh
- related-domains
Install
git clone https://github.com/gwen001/pentest-tools
cd pentest-tools
pip3 install -r requirements.txt
arpa.sh
Converts IP address in arpa format to classical format.
bbhost.sh
Performs host command on a given hosts list using parallel to make it fast.
codeshare.php
Performs a string search on codeshare.io.
cors.py
Test CORS issue on a given list of hosts.
crlf.py
Test CRLF issue on a given list of hosts.
crtsh.php
Grabs subdomains of a given domain from crt.sh.
detect-vnc-rdp.sh
Tests if ports 3389 and 5900 are open on a given IP range using netcat.
dnsenum-brute.sh
Performs brute force through wordlist to find subdomains.
dnsenum-bruten.sh
Performs brute force through numeric variation to find subdomains.
dnsenum-reverse.sh
Apply reverse DNS method on a given IP range to find subdomains.
dnsenum-reverserange.sh
Same thing but IP ranges are read from an input file.
dnsenum-zonetransfer.sh
Tests Zone Transfer of a given domain.
dnsreq-alltypes.sh
Performs all types of DNS requests for a given (sub)domain.
extract-domains.py
Extracts domain of a given URL or a list of URLs.
extract_links.php
Extracts links from a given HTML file.
filterurls.py
Classifies and displays URLs by vulnerability types.
flash-regexp.sh
Performs regexps listed in flash-regexp.txt for Flash apps testing purpose.
gdorks.php
Generates Google dorks for a given domain (searches are not performed).
hashall.php
Uses about 40 algorithms to hash a given string.
ip-converter.php
Converts a given IP address to different format, see Nicolas Grégoire presentation.
ip-listing.php
Generates a list of IPs addresses from the given start to the given end, range and mask supported.
mass_axfr.sh
Mass test zone transfer on a given list of domains.
mass-smtp-user-enum-bruteforce.sh
Performs SMTP user enumeration on a given list of IP address using smtp-user-enum.
mass-smtp-user-enum-check.sh
Tests if SMTP user enumeration is possible on a given list of IP address using smtp-user-enum.
myutils.sh
Just few common Bash functions.
node-uuid.js
Encode/Decode UUID using base36.
nrpe.sh
Test Nagios Remote Plugin Executor Arbitrary Command Execution on a given host using Metasploit.
openredirect.py
Test Open Redirect issue on a given list of hosts.
pass-permut.php
Creates words permutation with different separators and output the hashes using about 40 algorithms.
pastebin.php
Performs a string search on pastebin.com.
phantom-xss.js
See xss.py.
ping-sweep-nc.sh
Determines what IPs are alive in a given range of IPs addresses using netcat.
ping-sweep-nmap.sh
Determines what IPs are alive in a given range of IPs addresses using nmap.
ping-sweep-ping.sh
Determines what IPs are alive in a given range of IPs addresses using ping.
portscan-nc.sh
Determines the open ports of a given IP address using netcat.
quick-hits.php
Tests a given list of path on a given list of hosts.
quickhits.py
Same but the Python version. Tests a given list of path on a given list of hosts.
rce.py
Test RCE issue on a given list of hosts.
resolve.py
Resolves a give list of hosts to check which ones are alive and which ones are dead.
screensite.sh
Takes screenshots of a given url+port using xvfb.
shodan.php
Performs searches on Shodan using their API.
smuggler.py
Test HTTP request smuggling issue on a given list of hosts.
srv_reco.sh
Perform very small tests of a given IP address.
ssh-timing-b4-pass.sh
Tries to guess SSH users using timing attack.
ssrf-generate-ip.php
Generate random IP address:port inside private network range for SSRF scans.
subalt.py
Generates subdomains alterations and permutations.
test-ip-wordlist.sh
Brute force a wordlist on IPs range and ports list.
testhttp.php
Tries to determine if an url (subdomain+port) is a web thing.
testnc.sh
Performs fuzzing on a given IP address+port using netcat.
Utils.php
Just few common PHP functions.
webdav-bruteforce.sh
Perform brute force on a given url that use WebDav using Davtest.
xss.py
Test XSS issue on a given list of hosts using phantomjs.
Feel free to open an issue if you have any problem with the script.
