tasooshi / pentesting-cookbook

A set of recipes useful in pentesting and red teaming scenarios

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

pentesting-cookbook

A set of recipes useful in pentesting and red teaming scenarios

Snippets, code samples and hints used in penetration tests stored in a single repository so it can be quickly accessed and searched during the assessments.

Structure

  • bin Handy utilities to be run locally
  • snippets All things useful to be run remotely, code snippets, examples etc
  • Notes.* All sort of helpers, lists and notes not necessarily related to specific service or stage
  • Target.Host.OS.* - Things that can be done once foothold is established
  • Target.Host.Service.* - Commands useful in enumeration and exploitation of particular service
  • Target.Network.* - Commands related to scanning and moving around networks
  • Target.Recon.* - Typical recon like DNS enumeration, OSINT etc.

Formatting rules

  • If there are more than three levels of hierarchy the file needs to be split.
  • Sources (scripts) are located in the snippets directory (referenced by @).
  • Conventions:
    • ~ commands
    • @ file references
    • - lists
    • -- comments (above the commented line)
    • OS specific commands:
      • ~$ (Linux, defaults to Bash)
      • ~# (Linux - root required)
      • ~> (Windows)
    • Shell specific commands:
      • ~PS> (Powershell)
  • Variables:
    • VAR_ATTACKER_HOST
    • VAR_ATTACKER_PORT
    • VAR_TARGET_DOMAIN
    • VAR_TARGET_HOST
    • VAR_TARGET_PORT
    • VAR_TARGET_CIDR
    • VAR_TARGET_RANGE
    • VAR_TARGET_FILE
    • VAR_USERNAME
    • VAR_PASSWORD
    • VAR_NT_HASH
    • VAR_LM_HASH (blank LM hash: aad3b435b51404eeaad3b435b51404ee)
    • VAR_STRING
    • VAR_INTEGER
    • VAR_HEX
    • VAR_WORDLIST
    • VAR_WORDLIST_* (VAR_WORDLIST_USERNAME, VAR_WORDLIST_PASSWORD etc)
    • VAR_*_HOST (VAR_FTP_HOST, VAR_ZOMBIE_HOST, VAR_PROXY_HOST etc)

About

A set of recipes useful in pentesting and red teaming scenarios


Languages

Language:PowerShell 94.8%Language:Python 1.8%Language:ASP.NET 1.6%Language:Shell 0.4%Language:C# 0.3%Language:C++ 0.2%Language:Batchfile 0.2%Language:C 0.1%Language:Perl 0.1%Language:Java 0.1%Language:Classic ASP 0.1%Language:VBA 0.1%Language:HTML 0.1%Language:VBScript 0.0%Language:JavaScript 0.0%Language:PHP 0.0%Language:XSLT 0.0%Language:Groovy 0.0%