Home

Awesome

Pentest Scripts

Just a bunch of simple, miscellaneous scripts I've created while pentesting.

The rest of this readme was automatically generated with the following command:

    for f in * ; do echo -en "## $f\n" ; echo -e "\n$(./$f --help | tail -n +2 | sed -E 's/^/    /g')" ; done >> README.md
    

dim

dim - Dim the screen
--------------------
Usage: dim  <= Dim the screen to the lowest setting.
       dim <integer>   <= Dim to a custom level.

enable-forwarding

enable-forwarding
-----------------
A simple script to forward all incoming traffic out
whatever interface is currently connected to the Internet.

Usage: enable-forwarding [Internet-connected interface]

extract-hashes-responder

extract-hashes-responder
------------------------
Extracts one hash per user from a Responder-Session.log file for easy
cracking with hashcat.

Usage: ./extract-hashes-responder </opt/Responder/Responder-Session.log> [Result number]

gnmap2ip

gnmap2ip
--------
Converts a .gnmap file to an list of colon separated IP and TCP port numbers.

Usage: gnmap2ip [GNMAP FILE]

grep-cidr

grep-cidr
---------
Searches a target file for any IP addresses in the given range. Any range
format that is Nmap compatible *should work*, not just CIDR.

Usage: grep-cidr <IP Range> <Target File> [Additional grep options]

grip

grip
----
greps a file for common patterns.

Should accept most standard grep flags.

Example usage - IPv4 addresses only:
   grep for IPv4 addresses only:     grip <filename>
   include CIDR notation:            grip --cidr <filename>
   grep for IP:Port:                 grip --port <filename>

Example usage - IPv6 addresses only:
   grep for IPv6 addresses only:     grip --6 <filename>
   include CIDR notation:            grip --6cidr <filename>

Other supported patterns:
   grep for emails:                  grip --email <filename>
   grep for MAC addresses:           grip --mac <filename>

heartbleed

Usage: heartbleed <IP Address> <Port>

heartbleed-parser

Usage: heartbleed-parser <input file>

ip2dec.py

ip2dec.py
---------
Converts an IP address to its decimal equivalent.

Usage: ip2dec.py [IP Address]

iplist2dirs

iplist2dirs
-----------
Reads an IP:Port list and creates the following directory structure for 
each IP address:

    ./[OUTPUT DIR]/[PORT]/[IP Address]

Usage: iplist2dirs <IP List> [Ports]

Example: iplist2dirs iplist.txt "80 443"

Use "all" in place of port numbers to create a directory for every port listed.

If ports are omitted, the default port list is used.
The defaul port list and output directory name can be changed in the settings
section of this script.

iplist-detect_http.sh

iplist-detect_http
------------------
Retrieves HTTP headers from each server listed in a IP:Port formatted file.

Usage: iplist-detect_http <IP List File> [Maximum Connect Timeout]

Kali_Linux_Extra_Tools2.sh

Kali Linux: Extra tools and customizations script
=================================================
Created by Wh1t3Rh1n0

This script adds a bunch of my favorite tools to Kali Linux.

Usage:
  Install all tools:  ./Kali_Linux_Extra_Tools2.sh install
  Non-GUI tools only: ./Kali_Linux_Extra_Tools2.sh install nogui

live-usb-tweaks.sh

live-usb-tweaks.sh
------------------
Install tweaks to increase performance when running
Kali from a LiveUSB with persistence.

Usage: ./live-usb-tweaks.sh install

merge-hashcat.py

merge-hashcat.py
----------------
Matches passwords cracked with hashcat to their usernames.

Usage: merge-hashcat.py <user:hash file> <hash:password file>

Notes: The "hash:password" file is created by hashcat's -o option.

       The "user:hash" file is easy to create using your original hashdump and
       the "cut" command. An example of creating this file from hashes dumped
       from a Windows domain controller follows:
       
       cat raw_dump.txt | cut -d ':' -f 1,4 > dumped-users_hashes.txt

ms15-034_check.py

Example: %s 'https://example.com:8443/'

mv-screenshots

mv-screenshots
--------------
Moves screenshots from the current directory to a destination directory.
Removes colons from the filename for Windows compatibility.

Usage: mv-screenshots <DESTINATION>

ncsv2ip

ncsv2ip
-------
Converts a Nessus exported CSV file to a colon-separated list of IPs and ports

Usage: ncsv2ip [CSV FILE]

Requires: grep, awk, sort
Limitations: Only outputs TCP ports. UDP ports are ignored.

setup-x-limited.sh

----------------------------------
setup-x-limited.sh | by Wh1t3Rh1n0
----------------------------------
This script creates a script and a menu icon for executing a given program
as a regular, non-root user if you are logged in as root.

The following environment variables need to be set for it to run:

script_name - the filename that the created script will be saved as.
iw_user - the user that will be created for running the target program.
program_description - the name that will show on the icon.
command_line - the path of the target program to be run.
icon - the icon to display on the menu
categories - where the icon is placed within the applications menu.

Example execution:
------------------
script_name=firefox-nonroot iw_user=firefox-user \
program_description="Firefox (Non-Root)" command_line="/opt/firefox/firefox" \
icon="/opt/firefox/browser/icons/mozicon128.png" categories="Network;" \
./setup-x-limited.sh

Alternatively, you can provide a known binary location to accept default
options for that program.

Usage: ./setup-x-limited.sh [full path to binary]

Currently accepted binary paths:
    /opt/firefox/firefox

strip-colors

strip-colors
------------
Removes colors from output for easy grepping.

Usage: cat <some file> | strip-colors

update-firefox.sh

Firefox Updater/Installer
-------------------------
Just a simple script to update or install Firefox on Kali Linux.

Installs to /opt/firefox

Run with no options to install or update.

usb-armory

usb-armory
----------
A simple script to setup a connection to a USB armory with Kali installed.

Usage: usb-armory [Internet-connected interface]

word-mutator

word-mutator 9000
-----------------
Generates a wordlist by running all of hashcat's built-in rules on a
single word (such as a company name) or small list of words.

Primarily intended for targeted, offline password cracking attacks.

Usage: bash ./word-mutator [optional output file] [optional input wordlist]

Because I'm being lazy, you must specify an output file name in order
to specify an input file. :P

*This script has only been tested with the legacy hashcat 2.00 binaries.*