Linux pentest tools

This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits.

Port knock script using nmap. Requests multiple ports as variables. Knocks on all three ports in all possible combinations.

Port knock script using hping3. Requests multiple ports as variables. Knocks on all three ports in all possible combinations.

Script to enumerate local information from a Linux host

Easily test the system for the presence of CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187 - also known as Shellshock. The script iterates all the $PATH directories, looking for bash and sh. Some systems, like OS X, also use bash for sh.