A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. https://mgeeky.tech/
Go to file
2020-04-15 12:33:57 +02:00
clouds/aws Update find-exposed-resources.sh 2020-04-15 12:33:57 +02:00
file-formats First 2018-02-02 22:22:43 +01:00
linux Added WhatWeb 2020-02-20 16:55:01 +01:00
networks Update IBM-MQ-Pentesting-notes.md 2020-04-08 13:41:46 +02:00
others fixed readme 2020-03-04 16:54:15 +01:00
red-teaming Updated stracciatella 2020-04-10 08:17:52 -04:00
web Updated proxy2 2020-02-20 15:10:57 +01:00
windows Simple reverse-shell added. 2019-06-28 13:22:06 +02:00
.gitmodules Added cobalt-arsenal 2020-04-09 11:26:12 -04:00
README.md Added AWS CloudTrail disruption tool 2019-03-20 17:47:42 +01:00

Penetration Testing Tools, Scripts, CheatSheets

This is a collection of many tools, scripts, cheatsheets and other loots that I've been developing over years for penetration testing and IT Security audits purposes. Many of them actually had been used during real-world assignments, some of them are a collection gathered from various sources (waiting to be used someday).

Notice: In order to clone it properly - use --recurse-submodules option:

bash$ git clone --recurse-submodules https://github.com/mgeeky/Penetration-Testing-Tools

This repository does not contain actual exploits. These I will release under separate repository in some point in future.

Most of these files actually comes straight from my Gists - I've decided to move them into separated repository as managmenet of this number of scripts became tough nut to crack.

This repository is divided further onto following directories:

  • clouds - Cloud-Security related tools
  • file-formats - Contains various file-format related utilities, fuzzers and so on.
  • linux - Contains linux-based scripts for various purposes.
  • networks - Network devices & services Penetration Testing and auditing scripts
  • others - Others related somehow to penetration tests & Audits
  • red-teaming - Powershell, Visual Basic, js, phishings and other alike candys
  • web - Web-Application auditing, pentesting, fuzzing related.
  • windows - Windows utilities, scripts, exploits.

Of course these tools do not contain any customer/client related sensitive informations and there are no assignment-specific tools developed as PoCs.