Pentesting- General How-To's Tools Practice Sites Scripts Links New Interesting Exploit Code
Scripting Examples Bash Python C Other
Script Repository
What Qualifies to be here?
If there was a script I needed to write during my time in the OFFSEC OSCP course or for some other purpose and the script would otherwise not cross-walk back a specific engagement, then it eligible to end up here. I not the best coder in the world and many of these examples are here to demo how to do something you may be trying to accomplish in your code. All I request is that you provide me attribution if you republish the script, unless you use these scripts for illegal purposes (in that case no attribution please!):
Purpose Summary | Demonstrated Elements | File |
Script loops through a specified network segment and identifies all SNMP listeners, and queries for Users, Ports, and Installed Software | - Displays user prompts - Captures User Input - Creates Temp Files - Users Temp files as inputs - Appends output to a file |
snmpwalker.sh |
Script loops through a list of DNS Servers to determine if a DNS Zone Transfer is possible; if possible it documents the DNS Zone Transfer results | - Displays user prompts - Captures user input - Uses grep to parse output from a "host -t" command - Performs a simple loop - Writes output to a file |
dnszonetrfest.zip |
Script add a feeder list looping
functionality to the enum4linux.pl script in Kali so that you can
loop through a list of target systems to determine smb client
information. Check the enum4linux page for
additional options you can toggle on in this script |
- Displays user prompt for file - Performs simple loop - Performs a cat to grab the next line from an input file - Writes output to a file |
enum4linuxloop.zip |
Script loops through a list of subdomains provided in a text file and checks the SSL cipher strength using the nmap ssl-enum-ciphers script and grep's the output for only weak and broken results | - Prompts for user input file - Creates results file for capturing output - Performs simple loop - GREPs results of script output to filter for only specified results |
testssl.sh |
Queries Internet connected Hash repositories searching for previously cracked responses tro a provided Hash value | - Syntax Examples: Locate a single hash: python findmyhash.py MD5 -h "098f6bcd4621d373cade4e832627b4f6" Locate multiple via file: python findmyhash.py MYSQL -f mysqlhashesfile.txt Locate precomputed hash via google search only: python findmyhash.py MD5 -g "098f6bcd4621d373cade4e832627b4f6" |
FindMyHash.py |