Top 23 Shell Pentesting Projects

• Sn1per

  2 5,926 6.2 Shell

  Attack Surface Management Platform | Sn1perSecurity LLC

  Project mention: somone please help me improving my log file nom Parser code? | reddit.com/r/rust | 2022-10-20

  Starting PostgreSQL 13 database server: main. [94m[*][0m Loaded configuration file from /usr/share/sniper/sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Loaded configuration file from /root/.sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Saving loot to /usr/share/sniper/loot/workspace/nosva [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Scanning 192.158.1.38 [94m[[0m[92mOK[0m[94m][0m [91m ____ [0m [91m _________ / _/___ ___ _____[0m [91m / ___/ __ \ / // __ \/ _ \/ ___/[0m [91m (__ ) / / // // /_/ / __/ / [0m [91m /____/_/ /_/___/ .___/\___/_/ [0m [91m /_/ [0m [93m + -- --=[ https://sn1persecurity.com[0m [93m + -- --=[ Sn1per v9.0 by u/xer0dayz[0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE WEB VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, CSP Not Enforced, http://192.158.1.38/, P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE NETWORK VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, Interesting Ports Found, 192.158.1.38, 21 8080 9090 7070 [92m====================================================================================[0 m•x[92m[2022-08-22](15:56)[0mx• ==================================================================================== •?((¯°·..• Sc0pe Vulnerability Report by u/xer0dayz •._.·°¯))؟• ==================================================================================== Critical: 0 High: 1 Medium: 0 Low: 1 Info: 2 Score: 8 ==================================================================================== P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38:80/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, ==================================================================================== [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m SCAN COMPLETE! [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx•

• airgeddon

  6 4,744 7.7 Shell

  This is a multi-use bash script for Linux systems to audit wireless networks.

  Project mention: Panda Wireless PAU09 or ALFA AC1200 or ALFA AC1900 | reddit.com/r/Kalilinux | 2022-09-08

• SonarLint

  www.sonarlint.org

  sponsored

  Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  

• lscript

  1 3,434 0.0 Shell

  The LAZY script will make your life easier, and of course faster.

  Project mention: lazy script interface issue | reddit.com/r/linux4noobs | 2022-03-24

  I am using kali Linux with the terminal emulator. I'm in a vm as well and yes the black screen is on the terminal emulator it is just the lazy script from github https://github.com/arismelachroinos/lscript.git after you run ./install.sh you are told to enter your wlan0 and other addresses. I messed up and did not put in the right addresses and now am unable to get back to that screen

• linux-smart-enumeration

  1 2,564 8.0 Shell

  Linux enumeration tool for pentesting and CTFs with verbosity levels

  Project mention: I passed with 100 points on second attempt AMA | reddit.com/r/oscp | 2022-06-14

  Linux privesc is a bunch of manual checks from my notes that I have built over time. I also like https://github.com/diego-treitos/linux-smart-enumeration (lse.sh) which is similar to linpeas but the output is less busy.

• EMBA

  9 1,615 9.6 Shell

  EMBA - The firmware security analyzer

  

  Project mention: Release of EMBA firmware analyzer in version 1.2.0 - aka London Calling | reddit.com/r/netsec | 2022-12-05

• OneListForAll

  1 1,607 8.4 Shell

  Rockyou for web fuzzing

  Project mention: A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters | dev.to | 2022-11-15

• Sudomy

  2 1,558 1.7 Shell

  Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

  Project mention: Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting | reddit.com/r/Zerosecurity | 2022-10-08

• InfluxDB

  www.influxdata.com

  sponsored

  Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.

  

• pwncat

  0 1,545 0.8 Shell

  pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

• GooFuzz

  2 754 8.3 Shell

  GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

  Project mention: GooFuzz - The Power of Google Dorks | reddit.com/r/HackProtectSlo | 2022-09-30

  $ git clone https://github.com/m3n0sd0n4ld/GooFuzz.git $ cd GooFuzz $ chmod +x GooFuzz $ ./GooFuzz -h

• Goohak

  0 623 0.7 Shell

  Automatically Launch Google Hacking Queries Against A Target Domain

• ReverseAPK

  0 606 0.0 Shell

  Quickly analyze and reverse engineer Android packages

• Open-Redirect-Payloads

  1 499 10.0 Shell

  Open Redirect Payloads

  Project mention: A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters | dev.to | 2022-11-15

  payload https://github.com/cujanovic/Open-Redirect-Payloads

• DDexec

  1 476 6.5 Shell

  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

  Project mention: GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process. | reddit.com/r/blueteamsec | 2022-05-06

• archer-t2u-plus-linux

  8 174 0.0 Shell

  TP-Link Archer T2U Plus / AC600 High Gain USB Wifi Adapter Review & Driver installation Guide for various platforms.

  Project mention: Will my wireless USB adapter be compatible with Linux? | reddit.com/r/linux4noobs | 2023-01-05

• arno

  2 115 8.0 Shell

  An automation tool to install the most popular tools for bug bounty or pentesting.

  Project mention: Arno: Una herramienta de automatización para instalar las herramientas más populares de #bugbounty o #pentesting | reddit.com/r/u_esgeeks | 2022-08-01

• wafaray

  2 71 10.0 Shell

  Enhance your malware detection with WAF + YARA (WAFARAY)

  Project mention: Enhance your malware detection with WAF + YARA (WAFARAY) | reddit.com/r/netsec | 2022-09-27

• huntkit

  0 55 0.0 Shell

  Docker - Ubuntu with a bunch of PenTesting tools and wordlists

• webrecon

  0 48 0.6 Shell

  Automated Web Recon Shell Scripts

• Shelly

  0 47 0.0 Shell

  Automatic Reverse Shell Generator

• Hack4Squad

  0 45 0.0 Shell

  :skull: A bash hacking and scanning framework.

• wiresec

  0 29 0.0 Shell

  📦 Wireless Attacks Tools 🕷️

• log4j-scan-turbo

  1 25 0.7 Shell

  Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

  Project mention: Example exploits for MacOS Endpoint Protection assessment | reddit.com/r/macsysadmin | 2022-03-06

• Kali-Linux-Dockerfile

  2 24 2.6 Shell

  A simple Dockerfile to build an image starting from the latest official one of Kali Linux and including some useful tools.

  Project mention: Kali Linux Dockerfile | reddit.com/r/Kalilinux | 2022-04-07

• SaaSHub

  www.saashub.com

  sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Shell Pentesting related posts

• Archer TX20U Plus driver for Linux
  1 project | reddit.com/r/TpLink | 27 Nov 2022
• Enhance your malware detection with WAF + YARA (WAFARAY)
  2 projects | reddit.com/r/netsec | 27 Sep 2022
• Tplink
  1 project | reddit.com/r/Ubuntu | 28 Aug 2022
• Arno: Una herramienta de automatización para instalar las herramientas más populares de #bugbounty o #pentesting
  1 project | reddit.com/r/u_esgeeks | 1 Aug 2022
• How do I install packages offline?
  1 project | reddit.com/r/linux4noobs | 28 Jun 2022
• is this network adapter any good for hocking?
  1 project | reddit.com/r/Hacking_Tutorials | 19 Apr 2022
• Example exploits for MacOS Endpoint Protection assessment
  1 project | reddit.com/r/macsysadmin | 6 Mar 2022
• A note from our sponsor - #<SponsorshipServiceOld:0x00007fea59163aa0>
  www.saashub.com | 1 Feb 2023

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Shell projects with our weekly report!