Ted R's repositories
check-smb-signing
Shell script to automate running the Nmap smb-security-mode.nse or RunFinger.py by lgandx and parse results into counts and lists of hosts that have message signing disabled, supported, and required.
ike-trans
A variation of the IKE-SCAN user guide's transforms discovery script, adding a few features. Handshakes can be done in Main or Aggressive Modes. For Aggresive Mode, a custom group ID can be given. Targets can be specified as a single IP, or an input file of multiple IPs.
sslscanalyzer
Shell script for converting an input file containing one or more sslscan results into HTML tables.
find-reused-ntds-hashes
Shell script to check a file containing NTLM hashes for repeated hashes.
cisco-config-check
Shell script to check Cisco config files, such as those downloaded with Smart Install, for sensitive information.
xsltsslscan
XSLT for SSLScan 2.0 XML results
msf-exploit-loop
Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.
range-finder
Shell script to use Nmap host discovery scans to find IANA private ranges in use.
brute-probe
Shell script to loop aireplay-ng probe requests with a dictionary of possible (E)SSIDs.
runas_system
Batch file that uses WinDbg's remote.exe to start a command prompt as SYSTEM.
exchange-find
Shell script to check a list of hostnames or IPs for HTTPS response codes, WWW-Authenticate headers, and 302 redirect Location headers for common Exchange URLs.
login-loop
Metasploit resource script for looping time-delayed login attacks, such as owa_login.
SiteSurvey
Customizable fake Android survey app for in-person social engineering.
smb-anon-shares
Shell script for testing anonymous file share access with Smbclient. Input can be UNC paths, SMB URLs, or Metasploit smb_enumshares results.
soc-eng-batches
Batch files to show dummy activity while gathering system info and trying to create users. Useful during social engineering, if a target will let you use their system, but watches you do so.
list-to-table
Shell script to convert an input list to a bare bones HTML table
metasploit-framework
Metasploit Framework
name-maimer
Shell script for mangling first names, last names, and single strings into one or more common username formats.
nmap-script-parsers
Simple shell scripts for parsing results from Nmap scripts, including ssl-heartbleed and smb-security-mode.
pass-survey
Have a list of passwords you cracked during a pentest or password audit? This shell script will give you analysis of reused passwords, reused password bases (4+ letter combinations), password length, and character type breakdown.
rogue-robin
Rough script for looping through dummy APs with hostapd-wpe, for WIPS evasion.
teradata-login
Quick and dirty Windows batch login scanner for Teradata databases.
tr-github-reconcile
Shell script for reconciling a destination directory with my github repositories. Written so that it could be easily modified for other github users.
user-enum-demo-pages
PHP pages to demonstrate user enumeration via HTTP responses.
wgexifloop
Shell script to read a list of URLs, wget each document, and retrieve name metadata with exifloop while creating CSV output to track what metadata came from what URL.