Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2025-09-02 10:08:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:mgeeky/Penetration-Testing-Tools

Browse Source
This commit is contained in:
mb
2020-01-18 18:16:02 +01:00
parent 69a5b33e8e 4b0523da3a
commit cd52536063
14 changed files with 2176 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
linux/README.md
View File

@ -6,6 +6,6 @@ $ ./find-nessus-plugin.sh 62940
/opt/nessus/lib/nessus/plugins/iis_ftp7_ms12-073.nasl
```
- **`openvas-automate.sh`** - OpenVAS automation script. ([gist](https://gist.github.com/mgeeky/a038f809dff4d308db94f5f657908da7))
- **`openvas-automate.sh`** - A simple OpenVAS scanner automation script. If you want to use your custom defined scan type - you'll need to edit script's code, especially `targets` array and `if` decision statement in lines 111-137. [gist](https://gist.github.com/mgeeky/a038f809dff4d308db94f5f657908da7)
- **`prepare-kali.sh`** - A script that supplies fresh Kali installation with set of initial packages, configurations, wordlists (`/root/data`) and a big repository of tools I've found useful (located in `/root/tools`). ([gist](https://gist.github.com/mgeeky/39d1681e44804f089d1553cc7597e628))

111
linux/prepare-kali.sh
View File

@ -1,4 +1,20 @@
#!/bin/bash
#
# This is script intended for provisioning vanilla Kali installation with a bunch
# of additional packages, tools and dictionaries. Basically useful for not-so-quick (+/- 4hours)
# provisioning of Kali distro intended for some heavy pentesting purposes.
#
# Assumptions made:
# - script must be totally non-interactive, capable of provisioning Kali system without any
# further user interaction (especially true for apt-get Y/n prompts)
# - issues with tool installation/setup are acceptable, after all need arise - the pentester
# will have to carry off the setup himself
# - issues with unavailable repositories/packages are NOT acceptable. I need to either take care of
# keeping tools list more or less up-to-date, or to remove tool's pull down entirely from the script
# - only tools that I've found useful at least once are landing in this script.
#
# Mariusz B., '18-'19
#
# Well, entire Kali installation assume that we are normally working as root on our Kali.
# I know that assumption sucks to its root, but I wanted to avoid every "permission denied" issue and I was too lazy
@ -24,11 +40,12 @@ install_dotnet() {
}
install_docker() {
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-
echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list
apt update
apt-get remove -y docker docker-engine docker.io
apt-get install -y docker-ce
#curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-
#echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list
#apt update
#apt-get remove -y docker docker-engine docker.io
#apt-get install -y docker-ce
apt install -y docker docker-compose
docker run hello-world
}
@ -42,11 +59,14 @@ configure_neo4j() {
curl -H "Content-Type: application/json" -X POST -d '{"password":"neo4jj"}' -u neo4j:neo4j http://localhost:7474/user/neo4j/password
}
apt update ; apt upgrade -y
export DEBIAN_FRONTEND=noninteractive
apt install -y git build-essential binutils-dev vim python3 libunwind-dev python unzip python-pip python3-pip python3-venv python3-setuptools libssl-dev autoconf automake libtool python2.7-dev python3.7-dev python3-tk jq awscli npm graphviz golang python-software-properties neo4j libgconf-2-4 bloodhound lftp chromium heimdal-clients python-ldap rdate pcregrep lftp mingw-w64 bluetooth bluez libbluetooth-dev libudev-dev p7zip git ca-certificates build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev perl pkg-config wget libncurses5-dev gcc-arm-none-eabi libstdc++-arm-none-eabi-newlib libqt4-dev libpcap-dev libusb-1.0-0-dev libnetfilter-queue-dev bettercap oscanner tnscmd10g samba samba-common smbclient
apt-get update ; apt upgrade -y
apt-get update --fix-missing
pip3 install virtualenv awscli wheel boto3 botocore btlejack
apt install -yq -m git build-essential binutils-dev vim python3 libunwind-dev python unzip python-pip python3-pip python3-venv python3-setuptools libssl-dev autoconf automake libtool python2.7-dev python3.7-dev python3-tk jq awscli npm graphviz golang neo4j libgconf-2-4 bloodhound lftp chromium heimdal-clients python-ldap rdate pcregrep lftp mingw-w64 bluetooth bluez libbluetooth-dev libudev-dev p7zip git ca-certificates build-essential libreadline5 libreadline-dev libusb-0.1-4 libusb-dev perl pkg-config wget libncurses5-dev gcc-arm-none-eabi libstdc++-arm-none-eabi-newlib libqt4-dev libpcap-dev libusb-1.0-0-dev libnetfilter-queue-dev bettercap oscanner tnscmd10g samba samba-common smbclient unrar libnfc-bin autoconf libnfc-dev tox libmariadb-dev python-m2crypto
pip3 install virtualenv awscli wheel boto3 botocore btlejack six
pip2 install virtualenv wheel boto3 botocore pyinstaller lxml pyip ansi2html
install_dotnet
@ -77,12 +97,14 @@ mkdir {bruteforce,clouds,devops,deserialization,exploitdev,windows,redteam,recon
git_clone https://github.com/mgeeky/Penetration-Testing-Tools
# =======================================================================================
pushd bruteforce
git_clone https://github.com/lanjelot/patator.git
git_clone https://github.com/galkan/crowbar.git
git clone --depth=1 --branch=master https://www.github.com/landgrey/pydictor.git && chmod 755 pydictor/pydictor.py
popd
# =======================================================================================
pushd clouds
mkdir {aws,azure,gcp,kubernetes}
@ -99,7 +121,9 @@ cd aws
git_clone https://github.com/RhinoSecurityLabs/pacu.git ; cd pacu ; bash install.sh ; cd ..
git_clone https://github.com/Alfresco/prowler.git
git_clone https://github.com/sa7mon/S3Scanner.git
git_clone https://github.com/percolate/ec2-security-groups-dumper.git
git_clone https://github.com/ankane/s3tk.git
git_clone https://github.com/andresriancho/enumerate-iam
git_clone https://github.com/arkadiyt/aws_public_ips.git
git_clone go get github.com/haccer/subjack.git
git_clone https://github.com/Skyscanner/lambdaguard.git
@ -131,6 +155,7 @@ git_clone https://github.com/carnal0wnage/weirdAAL.git ; cd weirdAAL ; apt-get i
cd ..
popd
# =======================================================================================
pushd deserialization
git_clone https://github.com/matthiaskaiser/jmet.git
git_clone https://github.com/joaomatosf/JavaDeserH2HC.git
@ -141,12 +166,14 @@ git_clone https://github.com/joaomatosf/jexboss.git
wget 'https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar' -O ysoserial/ysoserial.jar
popd
# =======================================================================================
pushd devops
git clone --recurse-submodules -b develop https://github.com/torque59/Garfield.git
git_clone https://github.com/wavestone-cdt/hadoop-attack-library.git
wget https://raw.githubusercontent.com/n0tty/Random-Hacking-Scripts/master/pwnsible.sh ; chmod +x pwnsible.sh
popd
# =======================================================================================
pushd exploitdev
git_clone https://github.com/sashs/Ropper.git
git_clone https://github.com/longld/peda.git
@ -155,6 +182,7 @@ git_clone https://github.com/packz/ropeme.git
git_clone https://github.com/mgeeky/Exploit-Development-Tools.git
popd
# =======================================================================================
pushd hardware
git_clone https://github.com/DrSchottky/mfcuk.git
cd mfcuk
@ -170,10 +198,11 @@ git_clone https://github.com/nfc-tools/miLazyCracker.git
cd miLazyCracker
wget http://crapto1.netgarage.org/craptev1-v1.1.tar.xz
wget http://crapto1.netgarage.org/crapto1-v3.3.tar.xz
sed -ir 's/apt-get install/apt-get install -y/' miLazyCrackerFreshInstall.sh
./miLazyCrackerFreshInstall.sh
cd ..
git_clone https://github.com/RfidResearchGroup/proxmark3.git
apt-get remove modemmanager
apt-get remove -y modemmanager
cd proxmark3
make clean && make -j8 all
cd ..
@ -186,6 +215,7 @@ npm install -g gattacker
git_clone https://github.com/virtualabs/btlejack.git
popd
# =======================================================================================
pushd infra
git_clone https://github.com/bonsaiviking/NfSpy.git
git_clone https://github.com/lgandx/Responder.git
@ -194,6 +224,13 @@ git_clone https://github.com/fox-it/mitm6.git
git_clone https://github.com/lgandx/PCredz.git
git_clone https://github.com/DanMcInerney/net-creds.git
git_clone https://github.com/rofl0r/proxychains-ng.git
git_clone https://github.com/cisco-config-analysis-tool/ccat.git
cd ccat
wget https://github.com/cisco-config-analysis-tool/ccat/releases/download/v1.01/ccat_v1.01.rar
mkdir ccat-release
unrar x ccat_v1.01.rar ccat-release
rm ccat_v1.01.rar
cd ..
git_clone https://github.com/brav0hax/smbexec.git
git_clone https://github.com/inquisb/icmpsh.git
git_clone https://github.com/tomac/yersinia.git
@ -204,6 +241,7 @@ git_clone https://github.com/SpiderLabs/ikeforce.git
git_clone https://github.com/EnableSecurity/sipvicious.git
popd
# =======================================================================================
pushd fuzzers
git_clone https://github.com/googleprojectzero/domato.git
wget http://www.immunitysec.com/downloads/SPIKE2.9.tgz ; tar -xvzf SPIKE2.9.tgz ; rm SPIKE2.9.tgz
@ -226,11 +264,13 @@ git_clone https://github.com/OpenRCE/sulley.git
git_clone https://github.com/renatahodovan/grammarinator.git
popd
# =======================================================================================
pushd linux
git_clone https://github.com/Arr0way/linux-local-enumeration-script.git
git_clone https://github.com/CISOfy/lynis.git
popd
# =======================================================================================
pushd misc
git_clone https://github.com/nullsecuritynet/tools.git
git_clone https://github.com/leebaird/discover.git
@ -242,10 +282,12 @@ git_clone https://github.com/wireghoul/graudit.git
git_clone https://github.com/netbiosX/Checklists.git
popd
# =======================================================================================
pushd privesc
git_clone https://github.com/AusJock/Privilege-Escalation.git
popd
# =======================================================================================
pushd recon
git_clone https://github.com/FortyNorthSecurity/EyeWitness.git
git_clone https://github.com/OWASP/Amass.git
@ -253,7 +295,7 @@ git_clone https://github.com/michenriksen/gitrob.git
git_clone https://github.com/kpcyrd/sn0int.git
git_clone https://github.com/darkoperator/dnsrecon.git
git_clone https://github.com/smicallef/spiderfoot.git
git_clone https://bitbucket.org/LaNMaSteR53/recon-ng.git ; cd recon-ng ; pip install -r REQUIREMENTS ; cd ..
git_clone https://github.com/lanmaster53/recon-ng.git ; cd recon-ng ; pip install -r REQUIREMENTS ; cd ..
git_clone https://github.com/infosec-au/altdns.git
git_clone https://github.com/jhaddix/domain.git
mv domain jhaddix-enumall
@ -276,6 +318,7 @@ git_clone https://github.com/michenriksen/aquatone.git
git_clone https://github.com/dxa4481/truffleHog.git
popd
# =======================================================================================
pushd redteam
git_clone https://github.com/jaredhaight/PSAttack.git
cd PSAttack
@ -300,17 +343,24 @@ git_clone https://github.com/sensepost/ruler.git
git_clone https://github.com/Veil-Framework/Veil.git
git_clone https://github.com/Veil-Framework/Veil-Evasion.git
git_clone https://github.com/pentestgeek/phishing-frenzy.git
git_clone https://github.com/byt3bl33d3r/SprayingToolkit.git
git_clone https://github.com/trustedsec/social-engineer-toolkit.git
git_clone https://github.com/bluscreenofjeff/Malleable-C2-Randomizer.git
git_clone https://github.com/sensepost/ruler.git
cd ruler
wget https://github.com/sensepost/ruler/releases/latest/download/ruler-win64.exe
wget https://github.com/sensepost/ruler/releases/latest/download/ruler-linux32.exe
wget https://github.com/sensepost/ruler/releases/latest/download/ruler-linux64.exe
cd ..
git_clone https://github.com/rsmudge/Malleable-C2-Profiles.git
git_clone https://github.com/sense-of-security/ADRecon.git
git_clone https://github.com/threatexpress/malleable-c2.git
git_clone https://github.com/ropnop/kerbrute.git
cd kerbrute
wget https://github.com/ropnop/kerbrute/releases/download/v1.0.1/kerbrute_windows_amd64.exe
wget https://github.com/ropnop/kerbrute/releases/download/v1.0.1/kerbrute_windows_386.exe
wget https://github.com/ropnop/kerbrute/releases/download/v1.0.1/kerbrute_linux_amd64
wget https://github.com/ropnop/kerbrute/releases/download/v1.0.1/kerbrute_linux_386
wget https://github.com/ropnop/kerbrute/releases/latest/download/kerbrute_windows_amd64.exe
wget https://github.com/ropnop/kerbrute/releases/latest/download/kerbrute_windows_386.exe
wget https://github.com/ropnop/kerbrute/releases/latest/download/kerbrute_linux_amd64
wget https://github.com/ropnop/kerbrute/releases/latest/download/kerbrute_linux_386
chmod +x kerbrute_*
cd ..
git_clone https://github.com/Raikia/CredNinja.git
@ -354,9 +404,9 @@ wget https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/
cd ..
git_clone https://github.com/BloodHoundAD/BloodHound.git
cd BloodHound
wget https://github.com/BloodHoundAD/BloodHound/releases/download/2.1.0/BloodHound-linux-x64.zip
wget https://github.com/BloodHoundAD/BloodHound/releases/download/2.1.0/BloodHound-win32-x64.zip
wget https://github.com/BloodHoundAD/BloodHound/releases/download/2.1.0/BloodHound-win32-ia32.zip
wget https://github.com/BloodHoundAD/BloodHound/releases/latest/download/BloodHound-linux-x64.zip
wget https://github.com/BloodHoundAD/BloodHound/releases/latest/download/BloodHound-win32-x64.zip
wget https://github.com/BloodHoundAD/BloodHound/releases/latest/download/BloodHound-win32-ia32.zip
for a in *.zip ; do
unzip -d . $a
rm $a
@ -383,18 +433,24 @@ git_clone https://github.com/gentilkiwi/mimikatz.git
git_clone https://github.com/brav0hax/smbexec.git
git_clone https://github.com/SecureAuthCorp/impacket.git
cd impacket ; mkdir binaries ; cd binaries ;
wget https://github.com/ropnop/impacket_static_binaries/releases/download/0.9.19-binaries/impacket_windows_binaries.zip
wget https://github.com/ropnop/impacket_static_binaries/releases/latest/download/impacket_windows_binaries.zip
unzip -d . impacket_windows_binaries.zip
rm impacket_windows_binaries.zip
wget https://github.com/ropnop/impacket_static_binaries/releases/download/0.9.19-binaries/impacket_linux_binaries.tar.gz
wget https://github.com/ropnop/impacket_static_binaries/releases/latest/download/impacket_linux_binaries.tar.gz
tar xzf impacket_linux_binaries.tar.gz
rm impacket_linux_binaries.tar.gz
python setup.py install
cd ../../
git_clone https://github.com/rasta-mouse/Watson.git
git_clone https://github.com/pimps/wsuxploit.git
cd wsuxploit
git_clone https://github.com/ctxis/wsuspect-proxy.git
cd ..
popd
# =======================================================================================
pushd reversing
wget https://ghidra-sre.org/ghidra_9.0_PUBLIC_20190228.zip -O ghidra.zip ; unzip -d . ghidra.zip ; rm ghidra.zip
git_clone https://github.com/longld/peda.git ; echo "source $ROOT_DIR/tools/reversing/peda/peda.py" >> $ROOT_DIR/.gdbinit ;
@ -402,22 +458,26 @@ git_clone https://github.com/hugsy/gef.git
git_clone https://github.com/radare/radare2.git ; cd radare2 ; sys/install.sh ; r2pm init ; r2pm update ; pip install r2pipe ; cd ..
popd
# =======================================================================================
pushd shells
git_clone https://github.com/BlackArch/webshells.git
git_clone https://github.com/Ne0nd0g/merlin.git
popd
# =======================================================================================
pushd sourceaudit
git_clone https://github.com/presidentbeef/brakeman.git
git_clone https://github.com/wireghoul/graudit.git
popd
# =======================================================================================
pushd ssl
git_clone https://github.com/rbsec/sslscan.git
git clone --depth 1 https://github.com/drwetter/testssl.sh.git
git_clone https://github.com/tomato42/tlsfuzzer.git
popd
# =======================================================================================
pushd web
git_clone https://github.com/mgeeky/tomcatWarDeployer.git
git_clone https://github.com/codingo/NoSQLMap.git
@ -426,10 +486,9 @@ git_clone https://github.com/droope/droopescan.git
git_clone https://github.com/enjoiz/XXEinjector.git
git_clone https://github.com/breenmachine/httpscreenshot.git
git_clone https://github.com/beefproject/beef/ ; pushd beef ; yes | ./install ; popd
git_clone https://github.com/mitmproxy/mitmproxy.git
git_clone https://github.com/sqlmapproject/sqlmap.git
mkdir aquatone ; cd aquatone
wget https://github.com/michenriksen/aquatone/releases/download/v1.6.0/aquatone_linux_amd64_1.6.0.zip
wget https://github.com/michenriksen/aquatone/releases/latest/download/aquatone_linux_amd64_1.6.0.zip
unzip -d . aquatone_linux_amd64_1.6.0.zip
rm aquatone_linux_amd64_1.6.0.zip
chmod +x aquatone
@ -461,6 +520,7 @@ git_clone https://github.com/NickstaDB/BaRMIe.git
git_clone https://github.com/torque59/Nosql-Exploitation-Framework.git
popd
# =======================================================================================
pushd windows
git_clone https://github.com/M4ximuss/Powerless.git
git_clone https://github.com/SecWiki/windows-kernel-exploits.git
@ -477,6 +537,7 @@ pyinstaller --onefile winpwnage.py
cd ..
popd
# =======================================================================================
pushd wireless
git_clone https://github.com/brav0hax/easy-creds.git
git_clone https://github.com/s0lst1c3/eaphammer.git ; cd eaphammer ; yes | ./kali-setup ; cd ..
@ -484,6 +545,7 @@ git_clone https://github.com/derv82/wifite2.git ; cd wifite2 ; python setup.py i
popd
# =======================================================================================
#
# Follow repos, collect 'requirements.txt' files and feed them into `pip install`.
# We avoid the hassle of using virtualenv here and there.
@ -500,6 +562,8 @@ find . -name .git | while read line; do
popd
done
if ! grep -q "function killallbyname() {" $ROOT_DIR/.bashrc ; then
# Append some stuff to bashrc
cat <<'EOF' >> $ROOT_DIR/.bashrc
@ -773,7 +837,10 @@ alias eslintjs='eslint --no-eslintrc -c ~/.eslintrc.js .'
alias unblock_dir='sudo chmod -R 755'
alias block_dir='sudo chmod -R 700'
alias recursivegitpull='find . -mindepth 1 -maxdepth 1 -type d -print -exec git -C {} pull \;'
alias recursivegitpull='find . -name ".git" -type d -exec echo {} \; -exec git -C {}/.. pull \;'
alias gitclone='git clone --recurse-submodules'
EOF
sed -i -r "s:~/:$ROOT_DIR/:" $ROOT_DIR/.bashrc
fi