Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

Asset inventory of over 800 public bug bounty programs.

A bash script for recon and DOS attacks

Demonized Shell is an Advanced Tool for persistence in linux.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).

Hacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools

BlueTeam, RedTeam, Bug bounty, CTI, OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumeration, Vulnerability Mapping, Exploitation, Reporting, Darkweb, Deepweb, Research

One-off scripts

Protecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges

The Collective. A repo for a collection of red team and/or pen test projects found mostly on Github. https://github.com/ceramicskate0/TheCollective #infosec #redteaming #pentest

All binaries, tools,wordlists and tutorials you need to pass eCPPTv2 - For Free!

simple script to pwn android phone with physical access

Easy to extend initial access scenario to help with EDR testing on Linux and Mac

Escaner WEB que tiene como objetivo sacar toda la información posible como IP, CMS, Usuarios, posibles correos, rendimiento de la URL, Puertos Abiertos, Subdirectorios ... Etc.