A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. https://mgeeky.tech/
Go to file
2019-06-25 16:06:10 +02:00
clouds/aws Error-proofing get-session-creds script. 2019-05-16 11:00:46 +02:00
file-formats First 2018-02-02 22:22:43 +01:00
linux Added find-nessus-plugin 2019-06-25 16:06:10 +02:00
networks README updated. 2019-03-05 04:17:32 -05:00
others readme 2019-06-18 18:08:41 +02:00
red-teaming Readmes 2019-06-21 12:46:20 +02:00
web Updated submodules. 2019-04-10 09:44:53 -04:00
windows Added Simulate-DNSTunnel.ps1 2019-02-19 08:50:44 -05:00
.gitmodules Readme. 2019-01-29 08:04:33 -05:00
README.md Added AWS CloudTrail disruption tool 2019-03-20 17:47:42 +01:00

Penetration Testing Tools, Scripts, CheatSheets

This is a collection of many tools, scripts, cheatsheets and other loots that I've been developing over years for penetration testing and IT Security audits purposes. Many of them actually had been used during real-world assignments, some of them are a collection gathered from various sources (waiting to be used someday).

Notice: In order to clone it properly - use --recurse-submodules option:

bash$ git clone --recurse-submodules https://github.com/mgeeky/Penetration-Testing-Tools

This repository does not contain actual exploits. These I will release under separate repository in some point in future.

Most of these files actually comes straight from my Gists - I've decided to move them into separated repository as managmenet of this number of scripts became tough nut to crack.

This repository is divided further onto following directories:

  • clouds - Cloud-Security related tools
  • file-formats - Contains various file-format related utilities, fuzzers and so on.
  • linux - Contains linux-based scripts for various purposes.
  • networks - Network devices & services Penetration Testing and auditing scripts
  • others - Others related somehow to penetration tests & Audits
  • red-teaming - Powershell, Visual Basic, js, phishings and other alike candys
  • web - Web-Application auditing, pentesting, fuzzing related.
  • windows - Windows utilities, scripts, exploits.

Of course these tools do not contain any customer/client related sensitive informations and there are no assignment-specific tools developed as PoCs.