Penetration-Testing-Helper-Scripts
Sudomy
Penetration-Testing-Helper-Scripts | Sudomy | |
---|---|---|
1 | 3 | |
3 | 1,866 | |
- | - | |
10.0 | 2.2 | |
over 1 year ago | 3 months ago | |
Shell | Shell | |
The Unlicense | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Penetration-Testing-Helper-Scripts
-
which is your reverse shell generator of choice?
For the OSCP exam I used some of the bash scripts from this repository. The one for reverse shells would automatically fetch the vpn IP address and add it to the reverse shell commands, which saved time during the exam
Sudomy
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting
- Non brute-forcing options/strategies to find subdomains
-
Looking for an API like builtwith.com (let's you know what technology is behind website), but one that's opensource, or at least is more startup friendly ....
That said, keep in mind that not everything is going to find its way indexed in Google. If it's subdomains you're after, you can use tools like Sublist3r or Sudomy to pull data from multiple sources (not just DNS).
What are some alternatives?
log4j-scan-turbo - Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
Sublist3r - Fast subdomains enumeration tool for penetration testers
revshellgen - Simple script to generate commands to achieve reverse shells.
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Reverse_Shell_Generator - Bash script to generate reverse shell payloads
Sn1per - Attack Surface Management Platform
Chimera - Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
shells - Script for generating revshells
Dome - Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
pwncat - pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
eReKon - Yet another web recon tool