A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. https://mgeeky.tech/
Go to file
Mariusz B. / mgeeky cce4364def Updated SharpWebServer 2023-06-27 21:16:45 +02:00
clouds next 2023-03-07 14:14:37 +01:00
file-formats Updated PackMyPayload and rogue-dot-net 2023-05-24 17:16:11 +02:00
linux updates 2021-10-24 23:11:42 +02:00
networks Handy-BloodHound-Cypher-Queries.md updated. 2022-04-13 16:42:31 +02:00
others updates 2021-10-24 23:11:42 +02:00
phishing Updated decode-spam-headers 2023-06-27 21:16:18 +02:00
red-teaming Updated SharpWebServer 2023-06-27 21:16:45 +02:00
web updated submodules 2022-07-15 14:01:33 +02:00
windows updated submodules 2022-08-26 10:27:08 +02:00
.gitmodules Added msi-shenaningans 2022-12-22 10:20:48 +01:00
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2022-06-17 19:57:12 +02:00
LICENSE Create LICENSE 2022-06-17 19:56:20 +02:00
README.md update 2021-10-27 02:52:17 +02:00

README.md

A collection of my Penetration Testing Tools, Scripts, Cheatsheets

This is a collection of more than a 160+ tools, scripts, cheatsheets and other loots that I've been developing over years for Penetration Testing and IT Security audits purposes. Most of them came handy at least once during my real-world engagements.

Notice: In order to clone this repository properly - use --recurse-submodules switch:

git clone --recurse https://github.com/mgeeky/Penetration-Testing-Tools.git

Most of these files were initially shared on my Gists but eventually got moved into this repository.

Every time I stumbled upon a problem that could be better scripted or resolved programatically - I made effort to do just that and thus improve my technical assurance capabilities or to optimize time spent on repetitive actions during projects I've been delivering.

The collection is divided further onto following sections:

  • clouds - Tools I came up with during my cloud assessments
  • file-formats - file-format related utilities, fuzzers and alike.
  • linux - small bunch of Linux-based scripts and tools.
  • networks - Network devices & protocols Penetration Testing toolery
  • others - Others related somehow to this craftmanship
  • phishing - Scripts and tools used to deliver Phishing Awareness and Red Team simulations
  • red-teaming - Lots of toolings I've been using during my Purple/Red-Teaming engagements
  • web - Web applications security assessment related utilities.
  • windows - Windows goodies, scripts, exploits.

The base of these tools do not contain any customer/client related sensitive information as well as there are no engagement-specific tools developed as PoCs.


Show Support

This and other projects are outcome of sleepless nights and plenty of hard work. If you like what I do and appreciate that I always give back to the community, Consider buying me a coffee (or better a beer) just to say thank you! 💪


Mariusz Banach / mgeeky, (@mariuszbit)
<mb [at] binary-offensive.com>