Skip to content

Some scripts to improve the Quality of Life for a penetration tester when working

License

Notifications You must be signed in to change notification settings

soutzis/Penetration-Testing-Helper-Scripts

Repository files navigation

What is this repo?

It is a collection of simple scripts and tools, to improve the Quality of Life for a penetration tester. VirtualBox users will find some of the fix* tools especially useful.

Instructions

  • fix-vbox-clipboard and fix-vbox-dragndrop are some simple scripts to kill the processes for VirtualBox Guest Additions and reset them, when they start acting funny. If you have been a VirtualBox user, then you know what I am talking about. These scripts are lifesavers when working, or taking an exam. Feel free to suggest improvements, or add fixes for problems that I did not think of/come across.

  • The reverse-shells script will generate various reverse shell one-liners or sequence of commands, fully coloured in the terminal. The IP address of the listener (e.g., your KALI machine's IP), the port number, and the IP address of the client (e.g., the victim's) can all be set through arguments.

    • Running reverse-shells without arguments will attempt to use the IP address from tun0 if it is set (if connected to vpn for example). Otherwise, it highlights with red colour that the IP was not set, so that the penetration tester can notice it and set it with what they want to. The default port is 443 (because that's the one I like to use):

    image

    image image

    • Setting IP address and the port through arguments:

    image

    • When connected through VPN and tun0 interface is set:

    image

  • The stabilize-shell command works just like the reverse-shells command. It provides a few ways for stabilizing your current reverse shell:

image

  • Finally, there are the helper scripts set-target-ip, unset-target-ip and show-target-ip, which do exactly what their name suggests. Instead of setting bash variables every time you open a new terminal, you can set the IP address of your target with set-target-ip and then just call it from any shell you open, because it is written in a file in the /tmp directory.
    • Example: nmap -sSCV -Pn -n -v --top-ports=2000 $(show-target-ip)

Releases

No releases published

Packages

No packages published

Languages